Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Money Pac issues


  • This topic is locked This topic is locked
17 replies to this topic

#1 haplo99

haplo99

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 02 April 2013 - 09:05 PM

Mod edit:Moved to proper forum..

  Virus, Trojan, Spyware, and Malware Removal Logs   ~~boopme

 

 

 

I've been given a computer to fix with this virus on a guest account.  Killing the guest account is apparently not an option.  So, I went to follow the tutorial at when I ran into an issue.

 

the emisoft antimalware will ONLY run on SP1 of windows 7, and this ones not been updated.  I'm loath to update the computer TO SP1 while there's a virus on it which leaves me kinda stuck.

 

I've run the iexplore.exe rkill process and thats as far as I got in the tutorial till I got halted

 

if it matters, it's the 64bit version of win 7 running on a laptop

 

I do have the attach log, but I can't find where to attach it

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 9.0.8112.16470  BrowserJavaVersion: 10.6.2
Run by gabriel at 21:59:40 on 2013-04-02
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.2804.2240 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://darton.edu/
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
mStart Page = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uURLSearchHooks: {9565115d-c7d6-46d3-bd63-b67b481a4368} - <orphaned>
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll
BHO: simppulltoolbar: {5806fa2d-e338-4a24-a20c-5da56ba3b2ad} - C:\Program Files (x86)\simppulltoolbar\w3itemplateX.dll
BHO: PlayBryte BHO: {61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd} -
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20110202150050.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: ShopAtHomeIEHelper Class: {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
BHO: ActiveMail: {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\ProgramData\ActivePath\ActiveMail\ActiveMailBHO.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: ShopAtHome.com Toolbar: {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: ShopAtHome.com Toolbar: {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files (x86)\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
TB: simppulltoolbar: {5806fa2d-e338-4a24-a20c-5da56ba3b2ad} - C:\Program Files (x86)\simppulltoolbar\w3itemplateX.dll
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\gabriel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [PCShowServer] "C:\Users\gabriel\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"
uRun: [InstallIQUpdater] "C:\Program Files (x86)\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [SelectRebates] C:\Program Files (x86)\SelectRebates\SelectRebates.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/swdir8d196a.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
TCP: NameServer = 97.64.209.36 97.64.168.13 192.168.1.1
TCP: Interfaces\{27762DFB-22B5-4CE1-A354-F365689589FC} : DHCPNameServer = 64.39.128.3 64.39.145.83 64.39.128.4
TCP: Interfaces\{27762DFB-22B5-4CE1-A354-F365689589FC}\2377962756732363 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{27762DFB-22B5-4CE1-A354-F365689589FC}\36F6F6075627 : DHCPNameServer = 172.21.1.9 172.21.1.10
TCP: Interfaces\{27762DFB-22B5-4CE1-A354-F365689589FC}\453405C435D274575637470275962756C6563737 : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{27762DFB-22B5-4CE1-A354-F365689589FC}\4586560234F6F607562772370214175716F416B6 : DHCPNameServer = 172.21.1.9 172.21.1.10
TCP: Interfaces\{C874CD5C-9560-4627-B0D0-D0D6E30A71DA} : DHCPNameServer = 97.64.209.36 97.64.168.13 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = hxxp://acer.msn.com
x64-mDefault_Page_URL = hxxp://acer.msn.com
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho64.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\SystemCore\ScriptSn.20110202150050.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: ActiveMail: {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\ProgramData\ActivePath\ActiveMail\ActiveMailBHO64.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - C:\Windows\System32\rundll32.exe C:\Windows\System32\advpack.dll,LaunchINFSectionEx C:\Program Files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-1-5 529128]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2010-1-5 283360]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2010-1-5 75032]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-2-2 355440]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2010-9-27 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2010-9-27 149032]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-10-18 56344]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-6-8 406056]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2010-1-5 441328]
S1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]
S1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
S2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-10-18 321104]
S2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-18 868896]
S2 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-3 48488]
S2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-2-2 355440]
S2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-9-22 517632]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-2-2 355440]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-2-2 355440]
S2 McShield;McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2010-9-27 200056]
S2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-4-26 223088]
S2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
S2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-28 255744]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-4-16 144640]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-18 2320920]
S2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-9-27 243232]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2010-6-10 40448]
S3 BTCFilterService;USB Networking Driver Filter Service;C:\Windows\System32\drivers\motfilt.sys [2009-1-29 6144]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2010-1-5 62800]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-10-18 158976]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-18 271872]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2010-1-5 190136]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2010-1-5 94864]
S3 motccgp;Motorola USB Composite Device Driver;C:\Windows\System32\drivers\motccgp.sys [2011-4-4 21504]
S3 motccgpfl;MotCcgpFlService;C:\Windows\System32\drivers\motccgpfl.sys [2009-1-29 9216]
S3 Motousbnet;Motorola USB Networking Driver Service;C:\Windows\System32\drivers\Motousbnet.sys [2010-4-1 26624]
S3 motusbdevice;Motorola USB Dev Driver;C:\Windows\System32\drivers\motusbdevice.sys [2011-5-12 11776]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-26 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-4-16 50432]
S3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
S3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
S3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
S3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-5-10 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-4 1255736]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-2-2 355440]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-04-03 00:17:04    --------    d-----w-    C:\Users\gabriel\AppData\Local\Programs
2013-04-03 00:02:51    --------    d-----w-    C:\Users\gabriel\AppData\Local\{9AA40BC2-8707-473C-9457-5EFA39DD12C0}
2013-03-28 13:10:13    --------    d-sh--w-    C:\found.000
2013-03-26 12:34:32    19968    ----a-w-    C:\Windows\System32\drivers\usb8023.sys
.
==================== Find3M  ====================
.
2013-03-13 18:44:51    73432    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 18:44:51    693976    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-02 06:57:02    2312704    ----a-w-    C:\Windows\System32\jscript9.dll
2013-02-02 06:47:24    1494528    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-02-02 06:47:19    1392128    ----a-w-    C:\Windows\System32\wininet.dll
2013-02-02 06:42:18    173056    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-02-02 06:41:51    599040    ----a-w-    C:\Windows\System32\vbscript.dll
2013-02-02 06:38:01    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-02-02 03:38:35    1800704    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-02-02 03:30:32    1427968    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-02-02 03:30:21    1129472    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-02-02 03:26:47    142848    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2013-02-02 03:26:21    420864    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2013-02-02 03:23:28    2382848    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-01-05 05:57:43    5500776    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2013-01-05 05:02:17    3957608    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:02:17    3902312    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2013-01-04 05:41:01    1893224    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-01-04 05:40:54    287576    ----a-w-    C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-01-04 05:37:01    362496    ----a-w-    C:\Windows\System32\wow64win.dll
2013-01-04 05:37:00    243200    ----a-w-    C:\Windows\System32\wow64.dll
2013-01-04 05:37:00    13312    ----a-w-    C:\Windows\System32\wow64cpu.dll
2013-01-04 05:36:33    215040    ----a-w-    C:\Windows\System32\winsrv.dll
2013-01-04 05:33:49    16384    ----a-w-    C:\Windows\System32\ntvdm64.dll
2013-01-04 05:30:34    424960    ----a-w-    C:\Windows\System32\KernelBase.dll
2013-01-04 05:27:03    6144    ---ha-w-    C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 05:27:03    3072    ---ha-w-    C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 05:27:03    3072    ---ha-w-    C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-04 05:27:02    4608    ---ha-w-    C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 05:27:02    4096    ---ha-w-    C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 05:27:02    4096    ---ha-w-    C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 05:27:01    3584    ---ha-w-    C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 05:27:01    3072    ---ha-w-    C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-04 05:27:00    4608    ---ha-w-    C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 05:27:00    3584    ---ha-w-    C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 05:27:00    3072    ---ha-w-    C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 04:51:09    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2013-01-04 04:51:08    274944    ----a-w-    C:\Windows\SysWow64\KernelBase.dll
2013-01-04 03:22:49    3150848    ----a-w-    C:\Windows\System32\win32k.sys
2013-01-04 03:19:55    338432    ----a-w-    C:\Windows\System32\conhost.exe
2013-01-04 02:48:37    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2013-01-04 02:48:34    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2013-01-04 02:48:34    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2013-01-04 02:48:33    2048    ----a-w-    C:\Windows\SysWow64\user.exe
2013-01-04 02:43:35    3584    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43:34    6144    ---ha-w-    C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43:34    4608    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43:34    3072    ---ha-w-    C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 22:01:17.34 ===============
 


Edited by boopme, 02 April 2013 - 09:16 PM.


BC AdBot (Login to Remove)

 


#2 satchfan

satchfan

  • Malware Response Team
  • 2,859 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:06:24 PM

Posted 03 April 2013 - 05:58 AM

Hello haplo99 and welcome to Bleeping Computer.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:
 

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested


===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.

  • run AdwCleaner and select Delete
  • when it has finished it will ask to reboot - allow the reboot
  • on reboot a log will be produced; please attach the content of the log to your next reply.

===================================================

Download and run Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • shut down your protection software now to avoid potential conflicts.
  • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
  • the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
  • post the contents of JRT.txt into your next message.

Please copy and paste Attach.txt as you did with the DDS log.

Logs to include in the next post:

AdwCleaner log
JRT.txt
Attach.txt


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#3 haplo99

haplo99
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 03 April 2013 - 11:05 AM

as I said in the first one, there is no attach option on this thread which I'm assuming it's from me posting in the wrong place to begin with, so please forgive the long post

 

attach

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2/2/2011 12:32:16 PM
System Uptime: 4/2/2013 8:10:31 PM (2 hours ago)
.
Motherboard: Acer            |  | Aspire 7741                    
Processor: Intel® Pentium® CPU        P6100  @ 2.00GHz | CPU 1 | 1995/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 142.895 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP168: 2/13/2013 5:17:47 PM - Scheduled Checkpoint
RP169: 2/14/2013 4:20:26 AM - Windows Update
RP170: 2/21/2013 8:04:42 PM - Scheduled Checkpoint
RP171: 3/3/2013 6:05:19 PM - Scheduled Checkpoint
RP172: 3/12/2013 12:54:30 AM - Scheduled Checkpoint
RP173: 3/14/2013 9:19:13 AM - Windows Update
RP174: 3/22/2013 3:13:40 PM - Scheduled Checkpoint
RP175: 3/28/2013 8:45:23 AM - Windows Update
.
==== Installed Programs ======================
.
18 Wheels of Steel - American Long Haul
Acer Backup Manager
Acer Crystal Eye Webcam
Acer ePower Management
Acer eRecovery Management
Acer Games
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
ActiveMail
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.6
Agatha Christie - Death on the Nile
Alcor Micro USB Card Reader
ALPS Touch Pad Driver
Amulet of Time: Shadow of La Rochelle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATT-PRT22
Babylon toolbar on IE
BabylonObjectInstaller
Backup Manager Basic
Barnes & Noble Desktop Reader
Bejeweled 2 Deluxe
Blackhawk Striker 2
Bonjour
Broadcom Gigabit NetLink Controller
Build-a-lot 2
Chuzzle Deluxe
Coupon Printer for Windows
CyberLink PowerDVD 9
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
Dora's Carnival Adventure
eBay Worldwide
eSobi v2
FATE
Funnix Begin Reading 1-40
Funnix Begin Reading 41-120
Funnix Reading Level 2
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Identity Card
InstallIQ Updater
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Components
Intel® Rapid Storage Technology
iTunes
Java 7 Update 6
Java Auto Updater
Jewel Quest - Heritage
Jewel Quest Solitaire 2
John Deere Drive Green
Junk Mail filter update
Launch Manager
McAfee Internet Security Suite
McAfee Security Scan Plus
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MotoHelper 2.0.51 Driver 5.2.0
MotoHelper MergeModules
Motorola Mobile Drivers Installation 5.2.0
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWinLocker
MyWinLocker Suite
Norton Online Backup
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
Penguins!
Plants vs. Zombies
PlayBryte
Polar Bowler
Polar Golfer
QuickTime
Realtek High Definition Audio Driver
Respondus LockDown Browser
RIFT
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
ShopAtHome.com Toolbar
Shredder
Simppull Toolbar
Skype™ 5.10
swMSM
Tearstone
Times Reader
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
Welcome Center
WildTangent Games
WildTangent Games App
WildTangent Games App (Acer Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Yahoo! Install Manager
Yahoo! Software Update
Yahoo! Toolbar
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
4/2/2013 8:15:29 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:15:00 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
4/2/2013 8:14:56 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaSvc with arguments "" in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
4/2/2013 8:11:21 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/2/2013 8:11:21 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/2/2013 8:11:19 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/2/2013 8:11:13 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/2/2013 8:10:59 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  discache mwlPSDFilter mwlPSDNServ mwlPSDVDisk spldr Wanarpv6
4/2/2013 8:10:53 PM, Error: Service Control Manager [7001]  - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:39 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:34 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
4/2/2013 8:04:34 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
4/2/2013 8:04:07 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD DfsC discache mfehidk mfenlfk mwlPSDFilter mwlPSDNServ mwlPSDVDisk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
4/2/2013 8:04:07 PM, Error: Service Control Manager [7001]  - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error:  A device attached to the system is not functioning.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
4/2/2013 8:04:03 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
4/2/2013 2:21:58 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error:  An instance of the service is already running.
4/2/2013 2:21:58 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Remote Access Connection Manager service, but this action failed with the following error:  An instance of the service is already running.
4/2/2013 2:21:58 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error:  An instance of the service is already running.
4/2/2013 2:21:58 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error:  An instance of the service is already running.
4/2/2013 2:21:56 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:  An instance of the service is already running.
4/2/2013 2:19:01 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Shell Hardware Detection service, but this action failed with the following error:  An instance of the service is already running.
4/2/2013 2:19:01 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:  An instance of the service is already running.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The Remote Access Connection Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The Multimedia Class Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The IP Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The Internet Connection Sharing (ICS) service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The Group Policy Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/2/2013 2:18:01 PM, Error: Service Control Manager [7031]  - The Extensible Authentication Protocol service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/2/2013 1:36:18 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
4/2/2013 1:36:18 PM, Error: Service Control Manager [7000]  - The Software Protection service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/2/2013 1:34:21 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004]  - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
4/1/2013 5:15:59 PM, Error: NetBT [4321]  - The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.108. The computer with the IP address 192.168.1.109 did not allow the name to be claimed by this computer.
3/30/2013 5:22:07 PM, Error: BROWSER [8020]  - The browser was unable to promote itself to master browser.  The computer that currently believes it is the master browser is unknown.
3/29/2013 6:43:57 AM, Error: BROWSER [8009]  - The browser was unable to promote itself to master browser.  The computer that currently believes it is the master browser is HEATHER-PC.
.
==== End Of File ===========================
 

 

 

 

 

ADWARE

 

 

# AdwCleaner v2.200 - Logfile created 04/03/2013 at 11:42:25
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium  (64 bits)
# User : gabriel - JAYMELEIGHPC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\gabriel\Desktop\adwcleaner(1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\Playbryte
Folder Deleted : C:\Program Files (x86)\SelectRebates
Folder Deleted : C:\Program Files (x86)\Shop To Win
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\gabriel\AppData\Local\Conduit
Folder Deleted : C:\Users\gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Folder Deleted : C:\Users\gabriel\AppData\Local\PackageAware
Folder Deleted : C:\Users\gabriel\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\gabriel\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\gabriel\AppData\LocalLow\Playbryte
Folder Deleted : C:\Users\gabriel\AppData\Roaming\Babylon
Folder Deleted : C:\Users\gabriel\AppData\Roaming\BabylonToolbar
Folder Deleted : C:\Users\gabriel\AppData\Roaming\iWin
Folder Deleted : C:\Users\gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\pu9e40g2.default\extensions\playbryte@playbryte.com

***** [Registry] *****

Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2418376
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Playbryte
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Playbryte
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B278D9F8-0FA9-465E-9938-0C392605D8E3}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Users\gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\pu9e40g2.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\gabriel\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.13] : homepage = "hxxp://search.babylon.com/?affID=110795&tt=3512_3&babsrc=HP_ss&mntrId=9039f34c000[...]
Deleted [l.17] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/?affID=110795&tt=3512_3&babsrc=H[...]
Deleted [l.64] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Deleted [l.67] : keyword = "babylon.com",
Deleted [l.70] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&affID=110795&tt=3512_3&babsrc=SP_ss&[...]
Deleted [l.1755] : homepage = "hxxp://search.babylon.com/?affID=110795&tt=3512_3&babsrc=HP_ss&mntrId=9039f34c000000[...]
Deleted [l.2206] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/?affID=110795&tt=3512_3&babsrc=HP_s[...]

*************************

AdwCleaner[S1].txt - [12982 octets] - [03/04/2013 11:42:25]

########## EOF - C:\AdwCleaner[S1].txt - [13043 octets] ##########
 

 

 

JRS

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.1 (04.03.2013:1)
OS: Windows 7 Home Premium x64
Ran by gabriel on Wed 04/03/2013 at 11:49:54.39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\windows\currentversion\run\\installiqupdater
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\windows\currentversion\run\\selectrebates
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin
Successfully deleted: [Registry Key] hkey_classes_root\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}



~~~ Files

Successfully deleted: [File] "C:\Windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\regwork"
Successfully deleted: [Folder] "C:\ProgramData\w3i"
Successfully deleted: [Folder] "C:\Users\gabriel\appdata\locallow\simppulltoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\simppulltoolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\w3i"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{00F4B72A-6B58-4B27-AB9E-3FD9F523C5DA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{01A75FB4-436A-4D9C-A8D9-D3DA82DCF5EB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{020C8FDC-455B-4FB9-8C4F-FB8365D21C65}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{03A2B1C9-77E8-431F-906D-9EE1DC83617D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{047B445E-94D8-4A5B-A691-EE36F8ED8B16}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{04A90CA1-3089-470D-963B-38052EA9BEB4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{04D6117E-859E-40C9-BA4C-7E7995912C39}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{050C9557-0BE3-494F-A21E-1B29114D5473}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{055722BC-DAEF-4AE7-A51E-A890A2044322}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{05E86222-C9DF-4CDE-B681-5212A49CAED6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{060E4282-0F1E-46E3-8B33-BB64B274CF8B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0655C122-3508-42F4-B10A-17F144DA65D2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{06A7988B-1646-428F-AAD3-943A051543BB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{06E03BBF-C621-4A49-A81B-647CC34B2C89}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{07550FB4-50CA-4D1A-ACA6-C565AD85492E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{07756CEC-A958-4357-B23F-26D800DCA1EC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{07A70A19-5AEF-4B9F-846D-A02884BB4DFB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{07E3F487-2054-4C94-9ACA-3237904394BC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{07E92400-89F5-4F89-9A23-15C6916448AD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{08AC699D-14B7-4F8F-9DD2-665E27D39516}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{091FCBDD-E1AC-48EA-A8B2-3E66834A783D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{093E13D7-328B-4450-9B22-F4ED61CFA5A3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{097E7BD5-5C02-4342-A8A9-22ABBDE9F325}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0B31FCD3-55D7-433A-8240-05DB6A8CF3C8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0C9F3826-B349-4E8A-AF40-4D135EF3DB85}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0CC0C685-3F4D-46A8-B854-4A709638DC61}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0CE983A2-AAB5-4F34-BE40-84DA8E6CABB2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0D77E7B6-D0F3-4E74-93F0-54C898F4C77F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0DBB31AB-B557-4828-8A93-540571ED6F5F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0DCD5136-98AB-40B8-8926-19D9BBB958A6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0E77EE41-937C-493B-9606-CB181E70510A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0E7CBB1C-6140-4279-BF45-AF92EF916DE8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0EC5269D-34CC-4F80-AEFE-17104EF784ED}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0F09D3C4-F58A-4E0C-BD69-BDDF3D7AEA22}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0F27B9D5-837A-4403-894A-004069264A7A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0F577F56-E3E1-47F1-A60A-CD37ED455866}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0FA2052E-B28D-4D19-ADAE-D4BF237F2073}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{0FBC43A1-75F2-49C2-A9A8-DD137024C4D3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1019D3E3-383B-4125-9457-F4BBD48810F9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1039A4F7-7487-456B-A38F-69764990B229}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{105827D7-743C-4C2C-814E-E41F006F691C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1076647A-A8C2-4ACA-BE2E-3A4CFAFCEA40}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1103BBA6-CCBF-49C4-9098-EFAC0D3FB3AC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{113096F7-93F8-4D98-8E26-F85CD7CB3DCF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1193D738-5DFC-4273-8A00-B8BE4C0CD670}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{11CB60D1-6DB4-4699-B1B0-E99ED704CEE0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1210894B-88C6-4F04-90E6-2A4B208BEFEE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1266F907-4AB7-4092-8E38-88000750C208}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{12F5270C-E3B0-4D2E-AEE7-416A3D331416}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{131C443F-134A-4C3D-A5CC-0C30E18B73C5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{13A41311-037C-4298-A859-FB36ECA1A503}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{13B33899-6125-4084-BAF3-737C6A9DEC02}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{13DC383C-D66B-4156-BB9D-C2FF99FD7AF7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{13FEE4DC-1AEC-4446-8377-C6CB1DECE8BE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{14076E58-F3F8-4087-AAB4-7AE24C92D723}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{141C9FFA-9E1D-4D79-AC08-0D52AAF71813}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{142CCB0C-F975-4208-B6F8-14112406DE41}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{14A79CD7-60A6-4AC4-BDEF-163E6237AF3E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1519A885-69B8-40BA-99E9-618985557323}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1528047C-7C8D-4A13-BD7A-AED1C3922B05}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1535EBF2-1D48-4C29-B7AB-C74945BF9F6C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{15761893-0B8E-4EA4-B40D-409D8D510865}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{15777FED-3FDB-4ECE-B05E-D6C698D55295}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{15B2CD75-3D78-4302-A160-ECB69441BDC0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{17683294-1D6A-4DEB-A81C-90A512D95C0E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{177697C8-925A-4FCB-B56C-284CB3FA0894}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{17E7B447-6F59-4E09-B164-FCE570FC6C4F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1815A078-AE50-46BB-88F5-C72BE99DB0F0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{18AA6264-5BC3-478B-939C-A9682305E90A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1908DBFA-CC5E-4594-AB20-BE9B10B788B7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1944A896-9640-4B12-9E67-953AF9C8A2E9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1987F34D-CA9D-4249-9657-D038599F43B8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{19FCD820-1827-4CF6-947A-A640D5F5F7DD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1A08FE5D-B7FE-4343-906A-54A626895ED4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1A22205C-FD64-4FBF-B5FA-4A61B7BC9E2C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1A66F336-3D38-4095-B21C-5A5708B43837}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1AF6E42B-C235-45B1-9528-59C3268AB932}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1BFC0C97-755C-4E3B-9EC5-80C683B2BC40}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1C8BAEC3-715D-4D03-A59F-DD7C0D02F568}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1D3820BE-25D6-429F-8F4E-82777285A4D0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1D488956-3F55-49C1-80BA-9A87CF9A959A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1D59F9CD-45EE-45B9-962E-F34D971AA680}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1D6169C9-78BE-40A6-A6A3-FF2D36508784}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1DB744DB-9B0F-4B6E-92BE-2B8443C41F3B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1DFD712C-1094-4C30-B2EF-3A9425010E20}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1E09FD94-9A6B-4AA3-B0FB-E635EE938AAD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1EDAA53A-DD98-4DA6-9D3D-39927EF4388E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1EE7ADDB-E2CD-43BE-9D94-C22A304F708D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1F36BB1A-8758-4FC7-857B-75A56B0B95D6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1F40537A-DAED-4BC2-A9B4-AF38CFAF58D6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1F79CBAE-3C32-4F26-ADEF-5B8FD35B8CD1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1F846251-0F17-4522-AA8A-1772F9A15177}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1F8584B1-E106-418C-8F95-B568F4177390}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1F904CC5-6012-4B3F-9963-14B3D352E769}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1F96AEE1-5E74-41BC-AB67-CFCF00119BB7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{1FC16841-8ECC-49F1-8088-CBA6FC82C135}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{202AC990-4FA3-4AD8-8348-BE22D29AA629}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2058D326-EB70-48AF-9432-D10D2D94FA46}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{209EFDE1-23E5-46D6-AA18-0ABF1EDBFB2D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{210C13C6-3E4B-4F30-A590-B3C5107D4C53}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{21C719A6-0180-48E7-A3BB-F9B0815CF8C5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{22A8481E-D6B7-46E5-9046-0A5EBD6EE1EE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{22E10914-D6D8-4C8A-A984-3B6D7B079363}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{234C7FD2-B600-446D-B34D-5E38AED7E351}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{23D3D8A3-1B21-454D-8CD2-7BBF90927271}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{23EC0611-3430-4023-A977-DA03A54A2BC8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2435C1C9-FD83-4A8E-9FB9-36F4072B3390}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{245B4A16-ACFB-4C6A-88C1-05EDCCD5FEEE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2484FD0A-C3C6-4E81-9E68-569F76998614}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{25829FDF-B924-4FA1-91B8-0B44725B1906}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{258C5D11-D4DC-43BD-9D67-BBE6077ABDEB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2609F9A2-C46B-4479-A1FE-38B9B8DF11FB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{264E60B5-C9C9-4EAC-AEA3-EC300F78BB28}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{264FDAC3-59AC-495D-9614-D09F58118FFF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{265C2934-203A-4C13-9AA2-0C194690A50D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2677925E-5DE0-44F2-B62F-1A7A28E9D494}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{26AAB0A5-1EC3-4C69-B1C4-5F129E670170}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{277CB3F0-92AC-4E48-8720-A4065318C62E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{27AD6438-DD1F-4DAF-B6E1-D87AA9CD172A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{27FDF7F3-4CB6-491D-84D0-CE0223895B2C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{289EFA16-658E-4860-B2BB-1769A6DF8346}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{28D8BEBB-445A-4982-A3AF-1CC5F4E230F3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2969E189-3677-4EE8-BC28-CC5C1B733DEF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{29CB7C33-FBBE-4A02-9ACE-9F3DA34C2399}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2ACBBD2E-1D93-4D35-B3EA-1055551A67F4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2AE7C241-F41E-4750-8303-E83A1380E6D2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2B60A482-BAA3-41A3-948C-67E3D26DF52A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2BFDF8AE-690F-4133-83E6-6136115BC551}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2C40E7C3-0E84-435B-AE7B-518680549E34}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2C4176C3-9672-4696-9C97-F4920CB5BB8E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2CAD3305-A44F-4991-8ACB-DCF96A3E9CA0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2CBDD8AA-CE3C-488D-B066-BAE392711EED}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2CCB311B-FA23-4FBA-81F3-66C039B23B66}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2CFEBAD6-E774-4BD7-A60B-5A7CC674067C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2D05D7EC-187A-472F-836A-1BCD6C2039B7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2D487243-FCA0-436E-B9E2-E22143422CF3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2D7631CF-268F-4FD7-9173-A5E3272043B4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2DB81495-5C25-4B15-B21F-78264FC7CA6F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2E3D2AC9-A3F5-44C1-A823-782E8DA46DCD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2E727F85-9DA4-4FE8-AA7C-2594308960A7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2EA42F21-EFC6-424B-82B3-2C1D52A01459}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2F7BB5EC-FD85-437A-BF59-02DFDBED6FB0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2F9B13F0-9001-4277-873C-DB61B4770C45}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2FF16C4D-C1F8-47F0-84E9-C55987997789}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2FFAFCAA-DEF5-4DCC-9D03-91D47211CF95}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{2FFE2C9E-B9FD-4C84-B6E0-DDE1170DF4FD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{302B8C06-5A12-4A10-B3DD-E79AAB26EC2F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3081D0C5-9272-47E1-98B3-1537CC567771}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3086D63F-FB2C-4EAE-95C8-587FF7644EFD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{31213A1E-851D-4F29-93F0-DCCB045C52E4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3143977B-4B8E-40AA-9BFF-A490B6E59DC6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{318B806E-11DC-4CAB-953F-6A4741E3F49E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{318EE4BB-BB4D-4B88-88AE-8C754FD5D681}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{319B4DA8-630C-425B-B478-90FC7856656E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{32973725-BDB8-46BC-A164-1353B402976A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{33A2EC23-E3BE-4B80-8467-044FE0FDB36B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{33F9D605-89FB-4C3E-9A21-17C492FE8623}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{34316EB0-930B-4074-B1A5-E8E6B2958ACB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{34543565-FD19-47BF-B326-943D4DC56A83}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3539CC47-410B-47BB-8C24-A86407611D02}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3593AD35-B7E4-4708-9A20-7B2F9C9A19D9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{35D20649-FC2D-41B3-AD50-6FFD8B3B9EC5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{361328E3-1B73-4D63-9E42-70EC02A714EB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{382E9011-C3E6-4558-9178-C509B9DB0C29}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{385038BE-4538-4970-B2B9-2B0F396F047F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3866E133-99BD-41A5-99D8-10817289196D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{39515050-E602-4FB9-91F8-7856DA5C2573}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{399BC401-08EE-445E-838D-703DB407FF08}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{39DD1618-BCCD-427A-9E2C-75C656006F17}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3A05CD40-B2BF-48AF-9382-8F1F36C0D648}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3A5BFA77-2D39-42C5-B1E3-FA0755DDC12B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3AAF8D2F-3E72-4202-B84D-493B3DE30902}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3B4618A0-30A8-4C1B-9CEA-B293837EE817}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3B6B76A4-1F78-4CA8-900C-7AC62C3C74C0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3B71761C-A476-44E2-A148-8F1A48C9B00B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3B95E6DC-CB53-42A6-B688-444FBA283A80}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3BA9ABA3-4FC7-4FD6-BB07-FF3B619CBCF6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3C256838-360C-4486-9B27-68D4E6954B9E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3EEF5075-45CF-42C4-8F39-3EAAC849059A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3F080750-0160-4203-9DF1-6CD7A3CEB677}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3FB0E90D-8B55-4C7B-AC8F-BA5A6B448745}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3FBF0BAD-2546-4DB4-AF3A-094731AD8F5E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{3FEEDA73-BAE9-4303-8C6F-392E104E7BFC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4003B587-C1C3-48EB-BA53-9A06284B340F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{408EF1B0-130A-47AC-BB3B-EA75C4DDC6BF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4143B303-637D-4132-BBE6-27179CDE36FB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{41465059-9790-4E03-9BEC-A6085200F23E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{416FC6E8-53FD-40F0-8910-AB57BA4AD9D5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{41762F8A-7A2E-48A1-BD15-48AC560DCF73}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{418763E5-FB6E-4C82-8D41-A727AF5559D6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{420ADD6A-DB13-4418-8693-DAAE7B6DF405}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{422E3AAF-2BFF-4D82-A260-C620E6A9A07B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{42A17E3D-DBBF-4E16-A7C4-4A39FFBBC594}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{433EE95D-852D-4FB4-8FD1-BD31B4A6C8F9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4356B7EE-C20E-4D9D-9EC3-CC3270B8EE82}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{43B74584-D18A-4E73-BE4B-58EE2DF0E6B7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{43BCECF5-E2E7-4449-B219-9D5799D5EEB2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{43EF861A-3F58-4A4A-B4E8-15D84883184A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{440FBB87-23F9-4A17-91ED-856BA7469063}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{444592A9-E91D-477F-983B-EDFAEA0569D5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{444E9570-DA2E-457D-A116-E3644913C22E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{446AA1DB-CB78-4E02-A6E1-C13D7439F9AF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4484A9B8-B2FA-425B-ABA6-B06A5E7BE7D2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{452E462B-E393-4DB1-AF1B-DEA6E8701D42}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{45442694-723C-443E-AED0-FDC2B68101BF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{45919E02-61C9-4EE0-A149-CB640AE00C7B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{45EA8C0D-2ADD-4E9F-8679-8DC81844BAC3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{460737D2-6E4D-4012-83E5-BDDFF494725B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4649CC24-1AB1-4340-8DB9-365738530F73}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{46A038E1-6768-4591-A0EE-80B09A3EC21B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{46C21D6C-8D08-432B-949F-E01616485511}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{46F5403B-D93D-456C-9A5D-CAF20E140486}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{470A629A-F859-41B6-8E9E-E0F6BA97152E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{473C60FD-7623-45BA-A969-6DBB58F1A561}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{474543D8-6BA1-4967-BC92-95291BE2B40D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4778D3CB-B26F-4EE8-901D-B8229BFC3534}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{47E4A8C4-6323-463A-B45A-18A4C15AFCDE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{484BFF4F-3C81-4ACB-8985-94C951D21BDD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4873616F-6044-43C4-ADE3-97485117FE62}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{48F9A6B5-B5D0-41FC-BAAE-16724859C94B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{497A1158-390D-49B3-9ABC-772AC7F49024}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{499FE86B-DB8B-4060-A414-3FD6845156F0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{49BFA96A-5CB8-4D60-8F6B-EA2453805DFE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{49D38A2B-7C67-47BE-8FA1-32C076E56685}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4A1A5F7B-81EE-4FFB-9A5A-42674F96EEF8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4B59D40D-8B8A-48D2-A88A-05CC69240E82}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4B70C93C-8F3E-48B6-9B0C-0C61F0EAF177}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4BE66A41-B281-43D0-AF8F-86CA9F7C5100}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4C0509B7-CDF5-450A-9198-EE613966D4BA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4C30D79B-822B-49E1-A921-3D1D591A6E66}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4C45706F-0037-4149-A2C5-DCC3ACD8FDEE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4C8820EA-00B7-4566-84F6-BFB66D9D9E9A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4C8DE927-E7D4-4025-8CA6-552970AB4044}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4D0DBE74-DC07-437C-8805-1C388F8D7EA8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4D3441E6-8DB1-4987-9896-C88E148FCC73}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4D5DE580-A74D-4941-9FF5-1B6118E58F01}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4D7C465A-6474-4CD0-A671-08D313C44BFA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4D8AD17C-3A99-4477-8A0D-499EA440CE7A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4D8C0E52-CB21-40D0-A799-EA86D3BBE41E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4DB886C9-3FCE-4380-9B14-09AA25685FD9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4DDAD771-1D68-4CE4-B69F-348FEA81C17E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4E42D16F-2DC2-4DA2-BAEB-B6CEB404CDB9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4EDA6176-5231-44EB-A46B-DD7EE960C711}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{4FFBE00C-128C-47C1-8EE8-4103666D9B14}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{50D2CE6A-CDFC-4C1C-B233-E54D4FE0FD27}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{50F8FD04-4330-49D8-8319-0A14C7DFCDEB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{51184D33-9B39-4F4E-A5A9-CAA32B2B6AE1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{51CDFA4D-2459-4494-899E-2A3B1A4F178B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5237C2FB-1000-4CF2-906F-C0BCCAB85043}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{52DAF6C6-5904-410E-9844-56473B875B65}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{52DEB2C6-B09E-436A-9902-67588612FD44}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{53159CCB-2C2A-44A6-A834-61E1B686F4F1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{536DA8E0-44A4-4327-B717-56709BB19A9A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5395978E-1D22-40E7-A77E-8B37373AC095}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{53D8E8D8-9761-4C9C-96B3-1B09B6A705C5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{53E80937-F78E-4282-900A-449F080751B4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5423DE1E-5354-4100-B8B9-7C64DC308BC0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{542D679D-E011-4404-8240-D2700C7F6169}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5433E70F-8218-4297-AE97-3D5A17481D74}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{54AF925D-4218-43DF-AC34-65C7525A7B76}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{54DD271F-D38B-4156-AD57-042812DB7E6A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{54ED11ED-A4C2-4444-AAA5-92417EACE0D8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{55144038-FCD2-4B46-A780-49C20AC8D82A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{555CE39B-2DA8-4044-BE20-A9B6DA2E3278}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{55736B1A-87B6-4C23-8A7E-AF5B042004CE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5661C759-E64A-4C74-88D1-F0D9E50A74DB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{568F244D-967D-4F4E-BE13-E822993917B0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{57256FB0-7280-4B23-BD6F-E910BAD328B7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5737D3B9-9AD1-4E18-9F19-07ECDF014D58}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5794BC5B-17E6-418B-A636-7C4F67402D90}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{57C1FF86-26E4-44AB-808F-AE09ADB30ECB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{57C84A9A-3901-4483-A3B9-36C4519DA2AE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{58019E9F-15DD-44E6-AE7F-FD7184CFBC15}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5889C86D-7E49-4E05-8F55-7238A13E64F6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{58D56E2E-FF80-4184-835C-AEB98709B950}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{59156A12-F10E-49D2-8116-9E65576C6487}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5920116D-BE67-4971-B839-82C0EF1AD775}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{596EF774-2BC4-46DA-8DA6-641443796D9D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{59904E3B-3985-423C-941E-8F387FC21ABD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{59B1EA6C-6BF4-4A8D-A182-8A186C4FED1B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5A3053A4-41C3-434C-8E65-33F4516406C3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5A6292A0-E7B9-4725-A43D-3D5C149F4912}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5B1A3AC9-CEE1-43FC-A618-C2C235B58EAC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5B86E75E-B29D-4703-A6A2-B3496372067C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5BE57F2D-40AD-463D-B294-872D0C64BD52}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5C2B4058-25C3-44FA-8D8C-B32BEB05D38A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5CD4FEFD-15FF-4698-A02C-E6EBFEA4946B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5D37E491-DD25-4E0B-BD3A-B1D0A59E9D8F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5D51125A-A9DB-401F-A3E7-2E0D7082E0F9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5DB7111F-FD94-45CA-991B-C0D3F807D4FF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5DCB910B-5968-4A4C-AACD-4EDE9DC5CAC8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5F129954-15AB-4CDD-B85F-971563C5E943}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5F397CFA-0136-4543-981E-5D4AA4C1D355}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5F6B550B-79C0-44E3-BCBA-E212ECD71CA8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5FC356D0-B8D0-4C87-A050-E50B908AEDDA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5FD1EB5A-9467-4F84-BC4F-9FF494DCB64A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{5FF8B621-1560-4F89-9B47-FFA6FBD95052}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6037C4AC-816F-4572-AAA8-0C31A9C75761}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{60FAB558-608D-4B2B-A2FE-72C2F7EB91DF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{615C188E-3D49-4392-96A8-7C07633F6084}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{61A325ED-6092-4F49-A9C2-384E272AE49A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{61E173F8-0A2C-4705-8A48-6C6172BB75B3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6219D4F6-11D1-4321-A02A-C6D8C2A587AF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{624DB86A-E567-4253-AB25-FF3AB75A9EC1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{626A6D0C-526F-4C70-80A6-96732AD12DB3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6274A179-E6F9-42AB-AA24-0119CFE54DF0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{62B07A44-1F8A-40F9-8129-27271A775A22}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{63B1AF0C-40B7-4CA2-B166-B52E880251D4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6418A8E4-8EBA-49E7-9D41-94D2FC852E64}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{641B20D1-FF0F-4441-8C54-4F58D9CF87A6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{646DD860-DCB5-48C0-98BB-EE8AC1DC06F9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{64BDE44A-5EFB-46A3-A1EE-BF096E8BA8D4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{64C8E2CE-A438-42C8-9EC1-B3E6E97C89D9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{64F169C3-26F2-4D71-B1D3-84A2B8DD5669}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{650ED606-3243-45B9-BE5E-090DA24505BB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{651B4482-A74B-4AB0-ABAB-8B1AA9AC8A08}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6562BA45-B441-41C9-9F17-62CD51EE8BF9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{657C0F41-A059-41E6-9BB2-C2DE0AD7B4FA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6604236A-FD9B-45E3-9E2B-CF3F4EB677EA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{661876A1-EC31-48D7-850C-536AFEF41A1D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{661CB2B1-7C8A-49B5-B7A9-CBC061327D3C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{665CB154-9DD8-4573-99A6-35502973E0CB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{666785A8-2C22-4D45-9BC5-C9BB9C82CC36}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{66679310-840D-4D91-9726-0BA54E8EF50A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{66C199E1-2611-4A20-A6EA-269985DBD8A8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{66D91147-C9D2-40F8-9FB8-04BD6070F97C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{67725160-BFD3-4321-9800-075266DFA30D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{687AECB8-F151-4588-A8AE-72A59C6A6AEC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6886CEFB-7281-4550-93FD-E7494EABF170}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6890B310-247F-46A6-B348-AF706B198252}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{69B364D8-AE8C-4B68-A2E9-C6E1CE593AE5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{69F776EF-023C-4672-887A-06738F72AE50}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6A09E0D4-57E2-450C-9222-B868182B716D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6A41A231-3C0F-4236-9AFA-AA6E7D15AB81}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6A7592DD-3527-4C3C-999A-C31D02D782E0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6A837B51-507D-49F1-978C-0F5207570378}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6B98117A-8D11-4861-8FC9-476A6D5026BE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6B9B01B3-FBDC-45A5-A4C7-75ABB27DFA3A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6BB775FC-18B1-4ADC-8C47-138441B7E4D6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6C69BF93-AAA6-4C55-B68D-143BB50C2B23}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6C87AC95-E2FC-47AE-81C3-612858CA9A71}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6CAEAABB-9689-4C92-BF00-8E3DF6046C1F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6D62273E-3012-473A-AC91-B216F3C20999}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6E11A7D3-5652-45F8-9033-9FA26EF28CF9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6E2FBD7D-0AC0-4E0E-A18B-1C6BD6597254}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6E53D161-B159-403A-BE8A-8D7AC85E4BD5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6E77B7D1-21DB-4C9A-B737-851D897F46DE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6EB4F154-EAE3-4D05-94F5-14B9ACE7AC28}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6EBEE4CE-82DB-49F1-B715-00CD6BED441C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6EF2D320-E42B-41B8-A84A-B76C858BBA3B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6EF43123-6FBB-4B06-84B4-70B8BEBEC02C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6F4347D6-666C-4FB4-805C-196E5B894AA3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6F8B90C9-7CA2-400E-88BF-CBE62BC1B1AA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6F8E81AA-3073-44B1-93B5-9050293E4CA7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{6FFA1397-7C9C-4BD6-AF65-4B19047582B5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{701AA47D-7466-41AA-A64E-FF0AAD49129D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7080977B-D6D2-41DD-B525-48FB0982DD85}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{70900EDE-5261-4567-BE92-F2E2DC7291EB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{70DB2041-FD8B-42E8-9762-5664C597BB68}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7169DE8A-5C67-489D-AA1A-E0901C89480A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{71A33C92-D064-4650-934D-6FD5C45DB4BB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7230834C-9377-4231-A4D1-1D7D270B1283}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{723176B2-2D3A-47C1-A1E8-0E0E0E63FA2B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{723D4B3F-BBB2-4C12-9C68-E310395D6B23}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{72B6633D-5299-4034-A3B2-54188F91898D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{72EA17DB-05FF-40FB-9893-0A05E101248A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{73125560-25CB-48FB-B09B-52CB203E2946}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{73665484-D1B3-4150-9D6C-7DC1A85A3762}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{737CCED3-6705-40C4-81B8-27AF74723E41}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{74020DD9-FCDE-41B5-9CA1-022F5FC60149}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7423FAC7-2BE0-42E8-AB4A-32EC9BDD5A2A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{74712E43-92FF-474C-9C54-FC4EF38E869B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{748655A5-1039-46AA-867F-FF0F13881247}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{74946E7A-CE43-4BB0-B026-D4714C490635}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{754D1A95-905F-412F-A399-F526AAFB4BFF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{755D26BD-4435-41AC-BCDD-E6C40030DA08}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{758CB661-2DB3-4484-90BD-6B7722300583}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{75BAAE37-55E4-4643-8A5F-6DFDB9061421}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{769AB6B9-7537-4929-99CB-E5FF9D489916}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{776D9278-997F-40F3-BA2C-80D1D6B96B6D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{77A51EA2-4C4B-4C44-865D-DCED9AA562D4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{781DB1EC-1F23-45BD-997D-23583851529A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{78B42EA4-81DF-4A85-AA1D-700D67767E23}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{78BC7ABD-CA09-4B8E-B9A9-9C330278CC7B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{78E2014D-A6ED-49A2-B92C-DFFBBEA49AEB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{79403931-DAC2-4177-ADAC-3DC68C8C687C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{79FB09BD-89D0-4375-91F8-7B5483E48EC0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7A02B05C-092D-46BF-BF5C-11B500FE234D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7A449168-00C2-497C-9A1B-8B19B2425506}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7A853A78-EB5D-4929-89EE-C8C5C6620BEC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7AE78AA2-5BC2-4334-8704-53356DCCF00F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7B60B9D1-8A5B-4159-BE9E-99D9C844036A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7B6B52EB-0989-4B10-B0F2-E0BA5EB02B1A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7B783A0E-7A28-41AD-82ED-B79E7B9D7139}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7B805F15-64F2-4007-A6F8-79C2363102FF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7BB5202B-FD8D-4775-9D5B-3B1E5DD05142}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7BC33B2D-A2E4-4E8F-9A6B-74F4A37FA14D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7C1DB867-45AF-4441-9620-1453D960E06C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7C27DE50-CFB1-403C-88E8-90193763B63E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7C4C1C49-1FCE-4BA4-B1E4-0B63A6169EE1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7C592E2F-0949-4B3C-A01D-E26DE6837725}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7CABF72D-FFE6-418F-95D2-7C467BC5277E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7CB97B73-FB12-4C05-97AF-6814651931DF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7CD254A2-C249-4019-8A3F-73CC1252A6B3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7CE3D357-91E4-47CD-9F2F-E96E58784A96}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7D01284F-E90C-4635-A644-8B24429592EF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7D47A831-CD94-4CE3-B257-9C816A9EA89F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7E08D62B-5EBE-484E-ABA7-D59E317F42AB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7E31AB40-EC41-4F73-BC26-0C376C40E02F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7E6FEB3F-765A-48FB-A766-D8670A47AF9E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7E8EC6AB-F427-476B-9A56-2188CDC089BC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7F17E665-F799-46AC-86E3-6E7EFBF024A0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7F5E65A5-0287-418A-AD2D-6F696DD687BB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{7FC350AD-91BD-4220-999B-EA1574817CC5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8012BCDB-E245-45E5-A521-E84183CA3F38}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{80210E33-426B-4E56-819B-B3E2FD01C073}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{805510DE-57DB-4BF5-96FA-E086485419BF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8076E362-C96F-4328-A4B7-DC879C12430C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8135A93C-4645-43DF-86DA-5B725037C754}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{81720706-9450-4B2D-AC23-89E20BCC1CDE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{81997E62-EA1C-4EE5-A21F-59575F55D1B3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{81A21302-27E0-4678-9C01-37E13F7D679C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{81A57C94-156E-4A71-8DA9-C63B15E56A10}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{81F3C489-2DA1-4977-B8D7-48C993AC8CEA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8230DC6A-1858-49AC-B7D6-ED78242A764E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{82B14FA3-17E8-417C-A6F6-3E6BACA842A9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{82D08583-B5E1-4C61-A884-2B502FD0C36F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{82F4B611-163B-4192-8164-A06D6D05EDB6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8323F880-DA9F-455E-BA71-CEFFB83679CA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{838CD441-7983-4565-A000-1A1B1CB781B4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{83C7BDA0-43A8-4F80-9813-A0E10FE38648}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{84247938-B4DE-4258-AD77-18CB57572D3D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{84264D31-0E18-4DD6-8567-1DAD76351F97}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{843F6AB3-83BB-4707-B0A4-AF12BD731068}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{84B8EC28-E7FF-43C3-8453-DD33F8662130}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8515344A-DC74-4BA6-A3D5-9F525A7F8DD2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{855F0B04-6F39-4202-8AFF-5CBE669C1BD7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{857635BA-9BD0-4B08-BC46-3EB0BC7356D3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{85A285DC-B30A-49BE-907F-E7B89CEF6247}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8682FC3B-3171-405E-A1E0-EDB7F475B799}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8740CC1D-A3C9-4D09-9FD9-FB154B3D7A56}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8768CDFC-8637-40DB-8B14-3AABCF3E4ED3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{87879F54-1C2D-481B-A9C9-B913C2964F6B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{87A54FF6-B63D-441E-B992-80F34101400F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8894E7A5-80BD-4002-BF54-701DCA7A7AFD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{88F866C6-4356-42E4-B350-73D46AD15CD1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{89012726-E706-4070-81A0-11573D1B04A6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8967483C-8BC6-4A3D-918A-52A46731109D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{89856085-4B2F-4FF2-ACA2-7D90E7265AC9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8987C285-0B24-44BD-A03F-166E7176600E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8A19D836-FE23-4947-BD63-F05E81C1C50B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8AD56B6F-7643-400B-B7AD-A78E9B2863DC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8B592B90-6FCB-48CA-BA13-2A83DD074BDA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8B69737C-E7A7-43BA-8A6D-0FD0B537272C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8B6B1353-38C6-435F-A6C6-B987762B9C1D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8B91E9E4-404C-40A1-8B9B-89BA0CC6B7E8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8BDE1C16-16BD-4230-A0A1-40B57EDA992F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8C707C3B-A9DA-4DA4-9F11-ECE24AF23826}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8D2EE726-6A79-4D45-B6D4-C08911DDC81A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8D462D32-6B02-4033-BFA1-EA8B6D53E20D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8D4A51A7-0167-48F5-81CB-215682A9722A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8D6FDAA2-3C41-4867-8933-1B1F7989F74A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8DE3E47B-2532-4A64-9A10-E84496F2E4AE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8E184561-F31C-4898-AFAE-0474583D49DF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8E7E6F55-C008-4218-9C5E-12CF13D3D9E0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8E88B399-05CE-4F00-8E5C-E8654E1B884D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8EE4822E-0922-4CFA-AFDD-EF61352B6F34}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8F42AAB1-E2A5-4148-9FBB-EE63C05197CB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8FCEA26A-81BD-4839-A9FB-3C96976C2176}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{8FF2EFFC-1E5F-4CC3-8AB8-67FDBD864B9B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9013CA91-DCB6-46DE-AAFA-1F502B485226}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{906BF271-D496-4AE0-B1CC-96BF2BC1B26E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{90F37957-9734-4F16-81A6-E9EFEE8D88CB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{91A0FA40-E570-4DB2-A9D4-68C158FD2DBA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{91EB7396-E9F6-474F-A8D3-DD6452DE7EFD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9213AB21-62CA-4495-8DF8-9ABBB36A23FE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{92E7EBBB-0E44-43AB-AF14-C0A654CD3567}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{92EF4D5B-1338-4C02-B86F-984B7F2E5943}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9306A702-FA5E-415C-B52F-FCCA883EF72A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{932E2A8A-C8E5-49BB-BB80-833E879245F0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{933C2E8A-9A60-4D37-8CC7-D94D5B5D51E4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{933D8E60-FCB5-439B-BCB2-2F9C792936EC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{93DECA7E-C82C-4BB5-92D8-6AFCF19342E5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9419BB4E-C8F3-438F-9F8D-82BD7F2C12AA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{942F3234-CF54-4371-9A06-9F9F5E196F8B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{943A849D-EE97-4576-96D8-55EF3F02D65D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{94BF2AFB-7CDD-4FD2-8AEF-F3F2F036DDB8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{94CB0707-2B97-4D89-8995-70D82E022D1F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9626462A-D5A1-494B-9838-0B8DCDDD36DD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9665B327-09EA-45F8-B964-5F0A0101B558}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{96877FD1-1F9F-4168-9950-E2725A2FF9AE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{96CD14E4-9846-40D0-9DBD-051001A246FB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{97297961-83B0-4B38-8945-B29E00950988}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9757DB37-FBC0-45ED-AEA7-09BE0DE79356}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{97F5D938-02D4-4053-8077-B5A752D8E58F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{989E78B7-2333-4374-8615-1E08992F52A2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{98C6E62C-4058-4630-BF07-2D598F833A3C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{98EA4A37-C80B-45C7-A350-C1A28AFE623D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{991B4A7A-2B6D-4EDA-B976-305FF8961F45}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{99A676E6-FFF6-49F1-A78F-15A22DB7ED1E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{99BEB293-4EB2-4566-AF2B-48568597FFBD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9A0B0A59-B5D7-4C07-90E9-5391F66A0D2B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9A434889-D8F4-40E4-B757-D147DD8906B3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9A4C12BA-4B7A-41EE-85FD-D7C20D085A17}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9A83968A-28B5-4EB3-B8A9-D15A127F1018}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9AA40BC2-8707-473C-9457-5EFA39DD12C0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9AA420B3-354E-4EC6-B655-A854D3E89AEF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9B81492C-BCB3-4421-98A9-B6EA566BCF94}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9BEEBB29-FDDF-4368-9E24-569F8E83B4D5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9BF8A21B-EDDD-4C16-AA59-FD8D96AA721B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9C7ED9C3-2AB7-4530-B9B5-09B1765013C0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9C91EBC9-6A94-4E33-B84F-9EC70E996948}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9CF27CC1-A56A-4070-BD66-D1C31CD6F74B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9CF324CA-FBD7-4DCA-BB8D-37058D7D86B1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9D88F796-E581-4D36-BB1F-D4CE6F6E5106}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9D946502-E51C-46DA-98A1-F10D69E13F77}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9E59682C-BFC2-4EBA-B6E9-219E02B59BA2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9E5D5193-6D1B-40C1-93E8-6FC0432AD4EE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9E89DA5D-3EEC-44AB-AB2B-7106B2307451}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9E8AB71C-928F-47FA-B902-BD3B7AEE6F94}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9E9B0C7D-985B-4364-A208-7F1314907088}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9EA92FFD-116D-4EAD-A0B4-DC2AD4535333}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9F0ABB30-C0FB-464B-8E35-A11E04640152}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9F9AD309-EBDF-4828-9635-38BCA201EC7F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{9FA84B85-3E1F-4AEC-8332-2BA14B797B5C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A0F47456-48B6-461C-8C96-E14092D89071}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A0F9FF71-2D31-46CA-A44C-0516DCCD8DE4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A228E8E4-3058-4281-9BB3-C217333D5874}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A265AE72-9FF1-40EB-A7EA-BB084AF0097A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A268CA33-8798-4407-A2DC-0BA174B4A79F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A3ABF94E-348C-4FDC-8AC0-954352C3962B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A3EEB784-827A-49EC-8DB1-5A3ADA69B88F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A41CBF17-B8C0-4F46-8922-F9CB3F87D7EC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A49895AB-D090-42C6-AB7F-2F89EB73913F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A4AB4B6F-FA6C-4628-939F-5F71D313E9E0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A4C19A5B-90BB-48F2-A29D-895E3A344464}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A52D7AEC-9A3D-41A1-9770-AB06831E6B03}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A553C7D7-328D-4BCE-ADCA-1F74DDFA78AD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A5624AB8-AE14-4C5A-B7E8-2B934E020A44}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A5828622-7967-43D6-ADFC-3F7D4EE9DE2B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A5883AA6-33AD-4E57-BF49-78CFA7760DD0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A5AE38D2-46DA-4AAD-A0DB-B6A677E69867}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A5B08870-36A2-412B-8D0C-67F801BDBAA6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A66515BB-10BE-4CB8-B9EE-8C26302DAE9B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A6C7DB6F-A698-4D03-86AA-3E3C7ABF53C1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A767852F-E46B-4CE1-B6E3-0569D22CDEAB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A7D7DF5E-82AA-44FC-B1EF-17538469AEC5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A8350A35-A45C-4C02-9A75-9ECA532CE36D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A8FF5C3C-9477-420B-B89D-F48D000A0E4E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A99DBDF1-5A1E-462F-BEE7-46BA30682BC8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A9B220FA-1B2C-488D-8F7D-3E9DBE49E1DF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{A9C8E012-9601-4978-98AB-A73D01BE131C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AAD43641-AF05-4845-8D47-B193A581FC70}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AB5FD227-C1D9-48AC-8573-CA23B65D96F5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{ABC8F9A4-42C4-4751-B98A-89FF1862E503}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{ABE11139-B045-40D2-8DAF-4FE856CB1751}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AC414E77-5A79-43D6-8232-E14A5DFCBB7C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{ACA0D8EB-91F6-4B92-9FB4-D2B85036E8F4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{ACAF396D-A9BC-4FA9-8B17-8F7DD65CCB37}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AD77F452-B7A6-4B70-A256-55FD21E47B87}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{ADFF8522-5BB3-4CA0-BA19-DDF95A94680D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AE01DE98-C50E-4375-B33C-E10A7E48F46C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AE126B02-DBAE-4190-9BCE-84FB4F55AD66}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AE48CD4B-4AEF-454A-98BB-5AD77D1F8223}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AEB88C87-81ED-4990-A9F3-7F90278368E3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AECAA22D-0992-441F-ABE5-F2ED26C76BB6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AEEFB883-28FA-4E2B-BA42-11C526DECDF8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AEFDDCA5-1EFE-4BFF-9651-DA3753FD4D1B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AF5609B3-8188-4A62-8D79-1A20CF683A68}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{AF73EB84-2861-46C7-98A5-A0E3A6B67563}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B0026161-F2E2-434A-8BF4-B2C08E16B0EF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B03E73E8-5890-4ED2-B05B-76D1AD460FFD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B152B5C8-5370-4222-BC7F-12631AFADB7F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B189D345-FF28-4C4F-8DAB-52CAE8ACCB8C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B1916919-0BA7-4B9B-BEE2-F4452D1416F7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B1B97F20-435C-443E-ABB1-B4B552C9AE8F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B20ED16B-6EDE-42B7-9FB7-593D18894EE8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B2107B7C-4BED-400A-A17D-2C793C12ABFF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B2E4160B-91B1-4DE6-9A20-F14A58515A63}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B33DF08C-B038-404F-9A6B-3FF3E8080D1A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B34A77D9-E2CF-42F8-AF17-A5E80B10333B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B41F6902-EBFB-41AF-9BCC-FEF4601A8885}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B452AE53-63DF-4879-A967-7F25CDD38D2C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B457B1A8-EDC1-459E-95C7-C9DC5426DDED}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B4EC839A-171D-4AC9-9C58-90930CD327C4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B51AE0D4-705A-431F-9DD5-59A4B0CB4423}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B5816513-4F62-4709-87D5-E12DBFD24E4D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B5EAB63F-A631-41E8-955D-A5F03F05515F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B61FA6C5-94B2-4880-BBC6-78E147F107B6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B658B4B5-3504-4998-A6AB-24DB8045BF5B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B66C0AE6-395B-42C0-A509-8F17F411F12B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B6BB88EE-396C-4B75-AF3F-03EC15BDE8DA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B6C3A67D-14C9-4931-AF77-394C7B60D0E4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B712854C-E2C7-438A-A538-FB062093C746}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B714AB50-3C96-46AC-BF82-CD6A1FFB6C7F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B7B1A5FD-9A45-4969-9985-EA7EADDED686}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B7EC22B5-BE4A-4642-91FE-D30FFF5A6FE2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B7F45BE2-3EA6-4640-ADA1-8A7A91283B3B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B8BC937A-1A21-46D7-B86C-81B552C6EAC0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B8D6594B-6903-4B32-9BF0-615170FA94A4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{B9FB0787-F4C5-49FE-B009-515BD944BABC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BA7C9623-C705-4B47-AFCE-C206DF3C554E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BAC2E045-5F80-4C0D-A1C2-ED8DA4E04670}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BBC6B709-DBA0-469C-BFA8-A358FA6AA3D4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BBF09C94-6AAA-4A4D-8456-1E90FB5E72A6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BBF73DCE-38BC-49E4-BFD1-EA5F3DEC6015}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BBFFC80E-EA51-40E9-BB15-5A6D1FEBC0CD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BC40FC50-EC46-4EA4-98E6-1E53D716B404}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BC5CA35B-2184-456A-A2D6-793B86DFD0CB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BD6B763F-3A6E-4F02-8B71-0315259E0F3B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BD884D94-1B7A-4582-8305-E3D650915CB3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BE2FD5D8-918E-468B-856D-DC8F3876D6D0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BF354C29-FD5A-47F5-9DAD-64F727C36E74}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BF47F61F-FEDA-4C3C-B2C9-744ADDCAB7AD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{BFC4FA6A-FA24-4273-BBDE-EDB31F51C9EF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C04A1452-C7A4-4285-B34B-C912F3CB3970}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C07F329C-78B6-4904-9A9E-E98CEB7CF825}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C0B607A0-17F7-484B-9040-0B73ED772574}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C11D70E0-E1D0-4EB8-9037-606DBA719D69}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C1948658-82E6-4797-9AEE-E4C66C7B8BFD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C1A41952-596C-409D-BEE1-F9D5DD3A7BF2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C1BEC003-2630-4801-BD47-53E3C2728BF7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C1FEA828-36FD-455E-AC09-F58ED60479CD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C22B1766-AF1C-49CB-A4E9-7EA313A13A58}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C25ADCEE-B8F1-4093-BE0A-F3A71604782A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C35D4CA6-F4D1-4F1F-93CB-6C974DAA6BC4}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C3BE044E-E31B-4FB3-8A9A-BCFFFEF0DCD1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C414F76A-3D84-4F84-B571-9C0C9193F89F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C41C255B-5751-4B54-9C46-7C87D2089CE2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C4A9CF2D-8769-4FDC-A5B6-F0371529DBC2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C526B115-E6D2-4ACF-BE6E-5D4ACA5E717A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C555D8C8-C48C-431E-8220-3B6E265F12B6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C5A98923-4C5E-43F1-B3BC-2493FBEEC98A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C61D601A-5BC3-4F5F-A79F-3C6DFC8B320A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C65300CB-C7C8-4AF5-90EB-FC472E317FF9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C65BE3AE-FA34-4B7B-A898-C431A0B4C8DE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C66AB434-F018-484E-BD1F-704D5BAC3A30}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C6BF06C8-00F3-415E-8852-E726AF2AFD87}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C7681EEE-0D77-4ED1-B938-F2EC1956604A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C7A53064-7E60-4906-9CF4-E9D78373E2D2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C7C60756-79CD-4F2C-A9A3-71A7E9C65532}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C823385F-ED80-4996-965C-95679D0CC375}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C8249588-FE29-4894-B4D6-626168BD1307}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C8445D4B-ED72-4B28-9A54-95C3256FA8A1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C8471223-BB7A-4CD3-9B58-7C7AEEDD2914}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C85FA5A2-8D06-46A3-A541-25DF7ED3168E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C9623A4B-FD89-4652-868D-2F9E10068E7D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C990D04F-F813-4F59-95DC-6BBE130111F1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C9A4FD8C-2A88-42D2-8C49-004DC3EA9FB8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C9BCD785-0551-466A-AAC8-AC99DF6FE7EB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C9D3993D-8423-4992-9924-2D94C844D14D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{C9FA463E-6308-496F-90BD-8DE249B937B0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CA4CC4CD-9D98-4C95-A12F-82997A92FC66}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CA901D0F-8EC1-4834-B4E4-46FE594C1328}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CB00C534-26B7-4069-B64C-C442FC8FA152}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CB5C4E0A-D3BE-490B-A42F-971012479522}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CB9CCCD0-37F9-46D0-A3B5-A7126282E33F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CBE69011-B579-4A24-8FFE-C85EB908D975}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CBF49150-B70A-4B02-A053-2E55D1D6AED3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CC54B727-29F2-4132-AF85-98867AC5160C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CC5BA04F-F1AA-4F7F-B96B-1CC752AD93F9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CC7696E0-6C87-493F-97D4-DBC6422C737B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CCAB045D-BF9E-43EE-927D-AF5676904103}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CCE96770-CAF2-4EB8-BDEE-C2FB6F60CA53}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CD0CBBD4-5EDD-4826-BD78-9A4FDE9A1E75}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CD46BB7F-1353-47DB-92E9-63445A57897F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CD6F48C9-4361-4B81-979D-820E9E093958}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CD8375D4-0E9F-4186-B21E-12A83C361436}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CD90A35F-028C-4FEB-B276-97D0AF91879A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CDA935F2-83EB-471C-923D-4D1E9F965095}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CDB5D318-3BEC-459C-A2C0-35FAA06CCB15}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CDE3A0B0-E907-4B45-937F-F997FCEC5A4F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CE0BC0B7-7F31-45B7-BF7E-64247C2722C1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CE25E0E6-2FB8-48EB-8E5B-4961394CE82C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CE3399E9-0EEB-47DA-A81D-F610FF6EE731}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CE7E4CE3-4B0E-4FC2-91C4-ADC2615ED58E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CF7043FF-8482-48F2-B42A-D2DA58E7C444}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CF726923-2943-48DC-97FC-D8184DFC9A33}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CF96D7C6-705D-4A29-B91E-5BD65DA193BF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{CFC1B186-F4C5-4931-906E-B3F598F6388C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D015600D-3D51-4878-B83E-D6F0BEE9F17A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D01E9266-09BB-412F-BC98-C1F28BCBBBD7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D04508BC-8DDC-4999-8E58-ED4E6F6AFAE5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D0D01FFB-CAEC-4CBC-8DD3-6038FEF6A0BD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D0EC55C2-85D8-4DB8-BB6F-ADABD115C0D7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D1574B4B-EC66-4734-BA47-2DE0EC6DAE17}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D18142A4-8046-4EF7-985D-1960F5DD029D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D1965551-940D-4B11-A3F1-89E6870B95E9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D1E409FA-F0E1-4106-9915-A35B1B8A17C3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D1FD6050-0C11-45A5-B68A-EA51B925B23C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D203AE5D-44E4-4E93-AFCD-C4B077919310}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D2088B3D-EFBD-415B-BD68-FFB673B82827}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D23A9DC2-C61D-4B07-BE3F-B12955C96FE8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D24CDA11-D476-4F72-82E0-97B78F59FFF6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D2809FD2-C4C4-431F-A902-5EB468CA215E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D29F1841-EA5B-430B-B111-DF4D8A7CF314}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D2C12369-163A-4B45-81E7-04BBCE0ACB39}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D2D9252F-4750-4DF5-92DF-1FEC3278BB51}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D2E65734-866C-4CE8-80AF-13920D8D35B0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D2FA3C5D-7FE6-4BC2-8D1F-398149CCEA8D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D3371133-6E02-4B85-8ACA-5A6CF8522AC8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D37683B5-021E-4EC1-AA3B-824039EF7E00}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D37B71FC-DBCB-4BAC-98B6-F9C88709C4A5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D38B88E1-4FC6-4EBB-A0DA-C06C697637FF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D39FB130-0545-41F0-9764-3944F97C5A1D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D470A847-7BAB-4BC0-BA29-A313E5EE9C89}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D47478CD-D458-48E5-8A76-8A97FF011842}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D4B29415-DB94-4D6E-BFDC-C548DF771E0A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D4CE538D-55A0-437F-8B3F-8594CEF9B23D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D56B648A-A1B4-4D06-B35E-51CC1CF4C489}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D5A5BB03-5593-44FE-9F32-30B2B62357B5}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D69494A7-3D16-4B61-900E-3F1866B666A3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D6DCFBCD-8F36-44BD-BD6E-AD7943CDA4B7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D74FC080-07AB-42DA-9ECD-44AD75D4D4A7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D846113D-EFE4-4D6B-B541-2FE9E1CE3159}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D9834530-5F33-4DF0-B3B2-8487D44B5DB9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D9DCE416-3D9E-40EE-B229-5CBEC2AF060E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{D9DDDB82-2D80-4366-9547-82FBBF17A68B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DA020088-B4E2-4A3B-B1CA-D070ABEFFA72}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DA25D2BE-CAC4-4CEE-8F53-94EC3D35D634}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DA4F26E9-47B9-42D0-B019-754E1A931CBA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DA7C8F9D-8180-48E9-B051-DC519ABFE049}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DB15BE98-9B30-436B-A9C7-EFF092512D32}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DB92CDF3-631B-4F8E-A4EB-233A24AFFB1A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DC27A131-99ED-4614-94A9-38491EB80AB1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DC3FEBDC-9123-4E0F-A189-F918491ADCBD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DC56F8FA-7615-4DE0-90C7-883F1CB2A6FF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DC659348-1890-488E-937B-383CB6FB3C4F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DC667117-8E42-41C6-BF37-7C064067954C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DCD4DBBB-2F7B-4B1B-9A48-52DE43977979}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DD586CE7-0686-4A1A-956A-5E02F5132299}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DD7307F6-2996-4822-A1E1-5D03CFEE8085}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DD7F9C31-D0C0-448D-9D04-0600D41F93C7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DDBAC0A9-D8ED-476B-A658-42E9F51B5D69}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DDD079FE-A5EB-4838-890E-03718EBDEF0F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DE0C9A33-DBBD-4F12-A7A4-9F8BBEAC2981}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DE0E72EA-980D-4D1A-8358-4B3F0AE95021}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DE3FFA09-01F2-407F-BD28-88BA1867B600}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DE872F0F-CF6F-4A06-AA27-4BF4DECDCBBB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DEDA7B8D-DCE8-4018-BA57-2F8F0F268D1C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DEE0E06B-F0B1-4C84-9183-F9FD9F94C2A0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DF14EC16-AB78-4540-A442-FB96AC7818DE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DF173DBC-CC88-4F63-BD5C-6640D9CD4625}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DFB9376B-E4B5-4902-9F0B-751C77203150}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{DFD76A1D-F1E0-438A-8C06-3E0EE43FCA6E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E0020F50-C07E-426B-912E-596F3A96DF89}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E008F1F6-9467-4E2D-BA77-923AD5D344F6}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E0582330-2878-409A-9D46-C9E27F9D2CAA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E05A5536-4819-4CE8-A794-3678649C17A8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E0630907-0719-4626-871D-30251E8C2B20}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E0814C04-3ABA-4161-89D3-F9999993FFB3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E09A6107-7F43-4B84-989A-65AC22781F36}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E0A98920-1646-489B-AED2-2BA4D311F481}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E0C6FD87-9D36-4264-B703-CFF70534E9CE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E0EFC3F0-7DF7-47E3-80C6-4F9FAC7C16AE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E0F80405-B221-4957-9DA1-5FE8B1436E11}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E102206C-9570-4D25-ACBB-90903EA14C6C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E170C3FA-7091-401D-ABBC-E0EC104629D7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E22650BD-E763-4F8C-8266-FF1B59EC14EC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E28DBCC5-7E15-4AAD-A30F-B3AAB5913AFB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E3156C54-CE8B-4003-B8B6-C36F5BCAA0B0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E33274DA-0E77-4260-A25D-D36050C449ED}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E373AB28-E973-40E1-816A-D2BD2E6C383B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E401BE19-83A4-4F7B-86DE-3C5E784F3F7D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E452825E-7BEB-4B5F-82FD-4CF4CEB8AE8C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E4AEB363-1904-40B0-B864-A9400246C47B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E4EF52F5-8BB9-40A0-A5EF-7CEFE1B9DE82}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E56AAA5F-C517-470E-8D30-02BDDE45814B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E57FFC05-36DC-4219-B624-B8E1DAC0CD67}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E58C83C5-90BE-4075-8C28-F96C2E75967C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E6604ADF-06B6-43DE-93D8-79310C53D968}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E66E7508-1E7C-4297-B3C5-7FAD1A914BF8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E67EB3CF-13A0-47DD-A138-26A68FA49A28}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E812F5AA-C883-495B-B986-946B44198067}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E88EE948-3F11-4620-87F2-746DCFA0190D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E8C467A3-F749-4627-989B-2D5BCDDC3A1C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E8EF27F9-4842-4DCA-9443-6EE8707185CD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E8F61E02-741C-4DD8-AEDB-CB6AE49929B9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E97C5260-5E88-443D-9E07-0E69DA70943A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E9F1D2A0-31F2-42D8-8EF9-0DF8F1566FA1}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{E9FBD5CE-F07C-4A83-A2B7-7DA8F7CD8444}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EAD04612-BA4D-43FC-AFF3-82080A4B7F7A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EB702D6C-A894-42B8-A416-D008103EB70F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EB789D09-BC7B-4AD5-939F-D46803521E3D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EBAC8F30-FB44-4B9A-8633-7732C310E7DB}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EBC8B699-B1FB-4528-BA9B-CF642276EC7D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EBCE3ED1-DF40-4DB2-8D0A-C2C1E55103B0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EC46835D-6EC3-4436-ACDD-919480921711}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EC963EBD-D04A-426E-9246-C4D8C54A3E58}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{ECBB1C42-6E9B-46E6-AB9D-7FFAA350B237}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{ECE3722E-0B13-4629-B1F1-9D8903D93985}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{ED06AC96-BFBC-4019-804B-168CD2849348}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EDB51F32-0715-4CC2-802E-9ED25B2840C0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EDE5792D-3907-44BB-AD14-D49FC4C91CAA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EE1BD201-BE9F-4D2D-8ECA-AD8549E23C8F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EE533723-F597-478B-B67C-EB90E5760C52}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EE67E023-6515-4444-BAAA-3733FC36929C}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EE8EA2A2-A4F5-473C-A71F-0A899B13A14A}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EEF00AE6-40FE-49BE-8433-3EAF20159A89}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EEF6CF0C-A662-4E89-93BF-EC034AFB038D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{EF47E281-4214-4684-8217-285EB47A6262}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F023B315-52EE-4584-9AC5-8E252289FD89}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F034204F-7546-4248-9591-889AC526B9A2}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F09A2474-DCA1-44BA-B4B2-458D83998F7D}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F0BDBC8B-2079-4C22-967D-F394DA94ADC8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F1025E92-8139-480A-8325-690E5B29668E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F1226067-4664-4CBE-B98A-34450FEDF52E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F1483E02-ABAA-4D6B-A5B4-4DB8C28965D9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F19ED125-46FD-4A10-B141-6CF4C4550B04}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F1A509EF-7554-49C6-BF83-0E56B03C53D8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F2005AB7-4718-43A1-8649-9C20E4586B0F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F26A7C28-1840-4A10-BCF6-4CAF9E258747}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F3151109-DB36-448A-8BC8-EBB0258FB5FC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F341BE3D-1C5B-4DE6-B50A-DD4ADA2EB4AD}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F3C37140-7B8A-45FC-8AC9-D902B04DF333}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F43D2F61-DA99-4BF0-AC74-B3550F102D05}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F4899317-09F6-4655-BCEC-4FBF3D383ADE}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F4956E48-4363-4121-9BB4-187AAE0EA1E7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F5F4F13D-6329-4981-ACD6-1AF80A4D529F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F66D0646-935C-440D-B72D-E87AAC906BC0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F6D1F60D-DB46-4D62-8749-2B86D55A1F82}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F6D3903B-B31B-420A-8ED7-59892A8401B0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F6F02944-12C4-4328-BEC7-06BD22516E53}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F7193AE3-8C08-4F7B-B453-F3228BA146C3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F80A2D5D-94DF-46D3-9787-4A938836D496}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F80DC5B9-66FF-4E30-A4BC-FBBBD0F7DB44}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F80E6656-6F2E-434E-AD91-FBEB91CFFFE0}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F86FDE5B-F993-46B0-B898-EA36973DD440}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F8FF0CCB-DF6F-4D87-9D70-17CADA3C8ACF}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F944D079-1C3C-4D88-AD85-0A417CD16C23}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F94E2314-5144-4474-9EDB-00289252678B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F9667345-0DD1-4437-A401-1DBE67AD7921}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F9865748-33FD-4C46-81ED-532B6072548B}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F9B8089C-0990-47C5-9036-DB8D366EC9DA}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{F9C3AE74-3842-4281-9A2F-120437065CDC}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FA3306DE-E7AC-410C-B11E-D755C034BCE8}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FAE4A267-1685-48B3-A00F-2B2663F87A54}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FCB0623D-A13C-41E8-8680-3EA4B5BA9E0F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FDEB2BCC-D908-4C85-A958-A9D2E26B4CA3}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FE7BB084-FC30-4646-B1A6-BE4ACFB8C2ED}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FF0D8902-843C-4CA0-AB26-0B7B86C1A3F9}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FF52DC35-14E2-4D8A-98B0-9425A296C80E}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FF53566C-1552-477C-8289-07102B822E26}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FF837813-C86D-4C7B-969C-15FD87267349}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FF8D65BC-8FD7-4C1A-8027-5723DCFCE2ED}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FFA18E27-555F-4C58-A2E0-B26D5AE349F7}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FFB0AF16-1962-40BE-823D-080D7160341F}
Successfully deleted: [Empty Folder] C:\Users\gabriel\appdata\local\{FFBBA871-E8EE-4B5F-9CC9-5963F78CF90E}



~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\policies\google\chrome\extensioninstallforcelist
Successfully deleted: [Folder] C:\Users\gabriel\appdata\local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 04/03/2013 at 12:01:50.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#4 satchfan

satchfan

  • Malware Response Team
  • 2,859 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:06:24 PM

Posted 03 April 2013 - 11:30 AM

Thanks for the logs. That has cleaned up a lot but now we need to see what is left.

Download and run OTL
 

  • download OTL to your desktop.
  • double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • click Scan all users.
  • under Custom Scan paste this in


    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    services.exe
    /md5stop
    %systemroot%\*. /rp /s
    DRIVES
    CREATERESTOREPOINT

     

  • click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won’t take long.
  • when the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
  • you may need two posts to fit them both in.

===================================================

Run aswMBR
 

  • download aswMBR.exe to your desktop.
  • double click the aswMBR.exe to run it
  • if asked, accept the AVAST virus definition download
  • click the "Scan" button to start scan
  • on completion of the scan click Save log, save it to your desktop and post in your next reply. Note - do NOT attempt any Fix yet.

Logs to include with next post:

OTL.txt
Extras.txt
aswMBR log


Thanks

Satchfan
 


Edited by satchfan, 03 April 2013 - 11:32 AM.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#5 haplo99

haplo99
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 03 April 2013 - 01:27 PM

after a couple of crashes, here are the logs

 

OTL logfile created on: 4/3/2013 12:36:59 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.74 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 58.89% Memory free
5.48 Gb Paging File | 3.86 Gb Available in Paging File | 70.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 219.60 Gb Total Space | 142.98 Gb Free Space | 65.11% Space Free | Partition Type: NTFS
Drive E: | 7.57 Gb Total Space | 7.27 Gb Free Space | 96.04% Space Free | Partition Type: NTFS
 
Computer Name: JAYMELEIGHPC | User Name: gabriel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/04/03 12:32:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/04/26 16:23:02 | 000,223,088 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/04/26 16:22:44 | 000,681,840 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2010/09/03 02:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
PRC - [2010/08/10 21:06:16 | 000,975,952 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/08/10 21:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/06/28 18:23:12 | 000,265,984 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010/06/28 18:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/06/09 21:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/05/26 22:41:24 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/03/11 01:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/03/11 01:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/03/03 17:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 17:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/26 16:22:44 | 000,681,840 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/06/28 18:20:54 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2010/06/09 21:54:22 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/05/20 18:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2010/10/13 23:28:54 | 000,245,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2010/10/13 23:28:54 | 000,200,056 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010/10/13 23:28:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2010/10/07 21:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/11 17:27:26 | 000,868,896 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/03/10 11:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/13 14:44:55 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/04/26 16:23:02 | 000,223,088 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/03 02:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/08/10 21:06:16 | 000,321,104 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/06/28 18:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/06/01 18:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/26 22:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 17:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 17:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/05/12 15:44:26 | 000,011,776 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/04 14:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/03/31 14:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/10/13 23:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010/10/13 23:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010/10/13 23:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010/10/13 23:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010/10/13 23:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010/10/13 23:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010/10/13 23:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010/10/13 23:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010/06/10 16:57:20 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010/06/08 07:36:18 | 000,406,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/05/11 22:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/04/28 18:21:38 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2010/04/28 18:21:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/04/21 15:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/01 14:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/03/03 22:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 20:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/03 10:38:30 | 000,271,872 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009/10/22 00:55:06 | 000,272,432 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/19 22:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/10 16:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 22:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 22:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 22:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2009/08/14 09:45:24 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/08/14 09:45:24 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://darton.edu/
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\..\URLSearchHook: {9565115d-c7d6-46d3-bd63-b67b481a4368} - No CLSID value found
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\..\SearchScopes\{13154E2E-FCA9-426B-9395-B80974C290AE}: "URL" = http://www.flickr.com/search/?q={searchTerms}
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPT_en
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\..\SearchScopes\{7964D62B-4F32-40A8-8902-E711A735AE4E}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie9
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\..\SearchScopes\{EA4C4735-C0F0-40DD-9A4D-050CC599E7E9}: "URL" = http://delicious.com/search?p={searchTerms}
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
 
========== FireFox ==========
 
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: C:\Users\gabriel\AppData\Local\DIRECTV Player\npPCShowPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\gabriel\AppData\Local\DIRECTV Player\npPlayerPlugin.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabriel\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabriel\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/02/07 23:48:38 | 000,000,000 | ---D | M]
 
[2011/10/08 22:31:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabriel\AppData\Roaming\mozilla\Extensions
[2013/04/03 11:42:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabriel\AppData\Roaming\mozilla\Firefox\Profiles\pu9e40g2.default\extensions
[2011/09/03 21:20:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/01/01 04:00:00 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 04:00:00 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2010/01/01 04:00:00 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2010/01/01 04:00:00 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml
 
========== Chrome  ==========
 
CHR - homepage: http://www.google.com/
CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\gabriel\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\gabriel\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\gabriel\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\gabriel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google Search = C:\Users\gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: SiteAdvisor = C:\Users\gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\
CHR - Extension: PlayBryte = C:\Users\gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpgnbolnojgfhepaildflldpcoegmiad\1.1_0\
CHR - Extension: Gmail = C:\Users\gabriel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20110202150050.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (ActiveMail) - {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\ProgramData\ActivePath\ActiveMail\ActiveMailBHO64.dll (ActivePath Ltd.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (simppulltoolbar) - {5806fa2d-e338-4a24-a20c-5da56ba3b2ad} - C:\Program Files (x86)\simppulltoolbar\w3itemplateX.dll File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20110202150050.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ActiveMail) - {EF7AED5F-0C26-4820-A570-7DA8B6D93F4A} - C:\ProgramData\ActivePath\ActiveMail\ActiveMailBHO.dll (ActivePath Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (simppulltoolbar) - {5806fa2d-e338-4a24-a20c-5da56ba3b2ad} - C:\Program Files (x86)\simppulltoolbar\w3itemplateX.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2420626270-41555177-3605695307-1000..\Run: [PCShowServer] "C:\Users\gabriel\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O7 - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2420626270-41555177-3605695307-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/swdir8d196a.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 97.64.209.36 97.64.168.13 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{27762DFB-22B5-4CE1-A354-F365689589FC}: DhcpNameServer = 64.39.128.3 64.39.145.83 64.39.128.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C874CD5C-9560-4627-B0D0-D0D6E30A71DA}: DhcpNameServer = 97.64.209.36 97.64.168.13 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{89431e29-0aab-11e1-a04a-206a8a1b74ad}\Shell - "" = AutoRun
O33 - MountPoints2\{89431e29-0aab-11e1-a04a-206a8a1b74ad}\Shell\AutoRun\command - "" = E:\ToolLauncher-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/04/03 11:49:50 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/04/03 11:49:35 | 000,000,000 | ---D | C] -- C:\JRT
[2013/04/03 11:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/04/02 20:17:04 | 000,000,000 | ---D | C] -- C:\Users\gabriel\AppData\Local\Programs
[2013/04/02 20:15:31 | 000,000,000 | ---D | C] -- C:\Users\gabriel\Desktop\rkill
[2013/03/28 09:10:13 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/03/26 08:34:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013/03/14 09:26:17 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/03/14 09:26:17 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/03/14 09:26:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/03/14 09:26:15 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/03/14 09:26:15 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/03/14 09:26:15 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/03/14 09:26:15 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/03/14 09:26:15 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/03/14 09:26:14 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/03/14 09:26:14 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/03/14 09:26:14 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/03/14 09:26:13 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/03/14 09:26:10 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/03/14 09:26:10 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/03/14 09:26:10 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/03/14 09:25:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/14 09:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/14 09:23:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/04/03 12:38:14 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2420626270-41555177-3605695307-1000Core.job
[2013/04/03 12:35:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/03 12:00:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/03 11:55:03 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2420626270-41555177-3605695307-1000UA.job
[2013/04/03 11:54:54 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/03 11:54:54 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/03 11:51:13 | 000,727,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/03 11:51:13 | 000,625,184 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/03 11:51:13 | 000,107,456 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/03 11:46:32 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/03 11:45:58 | 2205,544,448 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/03 11:38:04 | 000,613,083 | ---- | M] () -- C:\Users\gabriel\Desktop\adwcleaner(1).exe
[2013/04/02 19:57:04 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2013/04/02 16:35:43 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/02 09:25:00 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\ActiveMail Updater.job
[2013/04/01 11:14:28 | 000,000,648 | -H-- | M] () -- C:\Windows\tasks\Norton Product InstallerIdle.job
[2013/03/29 06:23:04 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\Regwork.job
[2013/03/13 14:44:51 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/13 14:44:51 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/04/03 11:42:14 | 000,613,083 | ---- | C] () -- C:\Users\gabriel\Desktop\adwcleaner(1).exe
[2013/04/02 19:57:04 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2011/12/29 09:15:49 | 000,000,632 | RHS- | C] () -- C:\Users\gabriel\ntuser.pol
[2011/12/09 03:05:02 | 000,000,000 | ---- | C] () -- C:\Users\gabriel\AppData\Local\{0C5E450E-4C2C-409C-A79C-8D5C7EC11CB3}
[2011/09/02 09:08:39 | 000,000,000 | ---- | C] () -- C:\Users\gabriel\AppData\Local\{0748B070-16A7-4439-A314-5007DE16EFB9}
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 21:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: EXPLORER.EXE  >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/09/27 11:05:16 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/09/27 11:16:21 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/09/27 11:05:16 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010/09/27 11:16:21 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/09/27 11:05:16 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010/09/27 11:16:21 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/09/27 11:05:16 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010/09/27 11:16:21 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: SERVICES.EXE  >
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 21:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
 
< MD5 for: SVCHOST.EXE  >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 21:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/09/27 11:05:16 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/09/27 11:05:16 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2010/09/27 11:05:16 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< %systemroot%\*. /rp /s >
 
========== Drive Information ==========
 
Physical Drives
---------------
 
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: WDC WD2500BEVT-22A23T0
Partitions: 3
Status: OK
Status Info: 0
 
Drive: \\\\.\\PHYSICALDRIVE1 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: Kingston DataTraveler 2.0 USB Device
Partitions: 1
Status: OK
Status Info: 0
 
Partitions
---------------
 
DeviceID: Disk #0, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 13.00GB
Starting Offset: 1048576
Hidden sectors: 0
 
 
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 100.00MB
Starting Offset: 14156824576
Hidden sectors: 0
 
 
DeviceID: Disk #0, Partition #2
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 220.00GB
Starting Offset: 14261682176
Hidden sectors: 0
 
 
DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 8.00GB
Starting Offset: 32256
Hidden sectors: 0
 

< End of report >
 



#6 haplo99

haplo99
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 03 April 2013 - 01:29 PM

extra's

 

OTL Extras logfile created on: 4/3/2013 12:36:59 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.74 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 58.89% Memory free
5.48 Gb Paging File | 3.86 Gb Available in Paging File | 70.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 219.60 Gb Total Space | 142.98 Gb Free Space | 65.11% Space Free | Partition Type: NTFS
Drive E: | 7.57 Gb Total Space | 7.27 Gb Free Space | 96.04% Space Free | Partition Type: NTFS
 
Computer Name: JAYMELEIGHPC | User Name: gabriel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FA857C9-E62F-4B84-89F7-8DBF4DD4F99B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{12EA50A9-D44E-4C98-A864-A81FE9AA028E}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{19E49E02-A3CF-4D40-A65F-0007F658C647}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{26A19730-1FF5-4F28-82CC-CF8842A0F5D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{36441104-FA09-4347-846A-609EC4F70DD2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3FA45665-8986-453A-A9BC-9A3F05679A13}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{46E3F4DD-1671-4215-8C6B-72C022A7BBDA}" = rport=138 | protocol=17 | dir=out | app=system |
"{4738E9E7-5771-492E-8294-801EA97C6216}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4EB49D09-8D81-43C9-9093-7E68201BCCC5}" = lport=137 | protocol=17 | dir=in | app=system |
"{5DCB30F4-F58E-48B3-BAAA-AB4E14B0634F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{795034BE-0B30-48E9-9DDE-35D09605C63F}" = lport=138 | protocol=17 | dir=in | app=system |
"{7A929574-13FD-49A9-8DB5-7031CB368E61}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7C7484C2-8019-47A4-82BF-742100EB6C31}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{802F33BD-1996-4ADD-B33E-4E343CCA5463}" = lport=445 | protocol=6 | dir=in | app=system |
"{857FC009-8BBE-4E71-9C3E-C6F253970624}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8D6FA650-FF0F-4AE4-9D27-F00D9E654EAC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8F2751A3-529E-4C3E-9F29-F58278C720EC}" = rport=445 | protocol=6 | dir=out | app=system |
"{96ABD58E-65EA-46B4-AC65-7FECD2AC362F}" = rport=2869 | protocol=6 | dir=out | app=system |
"{97CDD32B-7B5A-4D6B-9202-3BB7FA2C9F18}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A56DBDED-1E8E-4FA0-8A74-EA87374C58D7}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A692AB6C-9DC3-412C-9D97-3A0DACDEC104}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B0580929-1DBD-476C-A30D-EBDE9781D35D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B12E0B55-4F03-46B2-B0CB-55F3132AE78B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1B2206B-B23C-4ED2-846F-9E68A7E2BBC4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BC3A27A2-49C3-45B5-82C2-207133CEB522}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C73A2BC1-7D7F-4D0E-A2CD-BEACB8D01BB3}" = rport=139 | protocol=6 | dir=out | app=system |
"{CE67A315-12F5-4368-A911-5470C39672A0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CF7F433E-5EE4-4A0F-8666-4CC0B96D4412}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D0C2F1DC-1D2A-4E5B-86CD-CE6418064F98}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DF749749-4DD6-42C2-A2DA-FDCC8E271AD9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E54CAA4B-61B9-40DB-AD32-BA276E27F4E4}" = lport=139 | protocol=6 | dir=in | app=system |
"{ECA9AE5F-6E61-45C6-97E8-24126B9B4826}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F847BFD9-354B-415C-9043-AD721EBA34D2}" = rport=137 | protocol=17 | dir=out | app=system |
"{FC5CAABE-CB33-42C8-A2EC-A479A3AD5FF8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FD0BD978-5743-4E54-9FD5-1FF6181D60AD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0085AAE5-B9B6-4637-A593-00F78BC1A67A}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{0269B6E5-90A6-420F-A086-223ADF0036EE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{07A06F2B-BF81-4897-886C-8A3D716B59E7}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{0A18A185-BE36-4C28-9021-6C702A6DD5A6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0C3BCE38-8810-495A-8477-43E54DFC7147}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0DB7BC18-45E3-47B9-938C-A107E595D50E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{19FC0C7A-EFE7-41D0-A1DD-37299E943D15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1EFEAA42-6544-4153-85CD-7C0787F6FC8D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{256D3D30-4AE8-4AAC-8817-8940E0CA0824}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{29F6AB0B-ABC2-4D4B-9766-244EFADFCE46}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{30015E66-3A4E-47B2-9F04-49A6AF517EC7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{370B20AF-7B8D-4054-BD33-9F5D9E08BC05}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{38E872C0-8EFE-4A67-9C6C-0022D708666F}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{46A9AF51-B1A3-45C0-B9FE-15DCDA62C255}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4A18F26D-0698-40C8-A619-7F99AA3E64CB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5867F7F7-2F05-414C-BC55-C3955B3EB520}" = protocol=58 | dir=in | app=system |
"{5F761633-F9FB-4015-84BC-6FBAB6D4D686}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{6B872855-F451-47E4-8C04-196B05740712}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{6DBE1385-45F9-4F52-A35A-F8E8FF7F3AE6}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{746CDB84-3E3A-40B8-9AF3-10AFB4E54D55}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8141D8A8-EA7A-4218-8B2A-63652BACBE0E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{843B233B-AD5F-440E-B3F6-2497558BDF68}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{918836A5-11F9-4D45-9D5B-2655C4E8913E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{944D3A5E-B180-4804-A25D-4F766D1F7DC6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9E2013F5-5BE3-41CC-96CA-F0FF7A76869F}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A3D59C8A-A78E-4C84-8A20-DD98D8B72B42}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{A5013262-15D7-4934-9246-2727003EB7D6}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{B127F3F1-B12D-4EFE-81E4-F78BF6D41C01}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B6AE8E11-58ED-4A4E-BE9E-7093D9C12A96}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{CD994C9E-A11F-462A-A547-59693B291A84}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CFDFB3FA-7A07-4073-9835-5691AB197C1C}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{D6C4B71F-9DCF-4F8E-9BF7-0DA3377F8228}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6D5035C-7788-4944-A27E-6637B09AC229}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{DF52FC8E-C51B-4CAD-A2FF-F5C2EA4623D0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E25BA3F3-369B-49ED-BECE-6CD43D8BB35C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E3E66E63-E112-4980-BCA9-F47D0523FED9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EFCD7449-013C-492D-A4C5-6D2879C230D2}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{FB8E10CD-95CD-4622-829E-ED37DF1909EA}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"TCP Query User{F1555E5B-8B64-4A62-906A-9BBBEE2852F4}C:\users\guest2\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\guest2\appdata\local\akamai\netsession_win.exe |
"UDP Query User{7F1C40BA-CA50-400B-A0A0-026B0A3DD597}C:\users\guest2\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\guest2\appdata\local\akamai\netsession_win.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1CCF1727-A817-4FEE-A028-5466FB542934}" = Motorola Mobile Drivers Installation 5.2.0
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{5E11C972-1E76-45FE-8F92-14E0D1140B1B}" = iTunes
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0E42A955-54D0-49CB-9ABA-78B506F88436}" = ActiveMail
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294A2E0E-3A0B-4D1F-8282-11DEF2040227}" = InstallIQ Updater
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{491ADA37-04EE-2ECE-9F86-DDC0106047AC}" = Times Reader
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{C0E5147E-C9F3-4360-9ED0-2E875F11766C}" = Respondus LockDown Browser
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ATT-PRT22" = ATT-PRT22
"BN_DesktopReader" = Barnes & Noble Desktop Reader
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Funnix Begin Reading 1-40" = Funnix Begin Reading 1-40
"Funnix Begin Reading 41-120" = Funnix Begin Reading 41-120
"Funnix Reading Level 2" = Funnix Reading Level 2
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{DD89CE29-BC88-40C6-A845-E2548682C5D6}" = Alcor Micro USB Card Reader
"LManager" = Launch Manager
"McAfee Security Scan" = McAfee Security Scan Plus
"MotoHelper" = MotoHelper 2.0.51 Driver 5.2.0
"MSC" = McAfee Internet Security Suite
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"SelectRebatesUninstall" = ShopAtHome.com Toolbar
"simppulltoolbar" = Simppull Toolbar
"WildTangent acer Master Uninstall" = Acer Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WT088295" = Agatha Christie - Death on the Nile
"WT088300" = Bejeweled 2 Deluxe
"WT088310" = Build-a-lot 2
"WT088312" = Chuzzle Deluxe
"WT088318" = Diner Dash 2 Restaurant Rescue
"WT088350" = Jewel Quest Solitaire 2
"WT088364" = Plants vs. Zombies
"WT088373" = Blackhawk Striker 2
"WT088393" = Dora's Carnival Adventure
"WT088413" = FATE
"WT088445" = John Deere Drive Green
"WT088449" = Penguins!
"WT088453" = Polar Bowler
"WT088457" = Polar Golfer
"WT088517" = Zuma's Revenge
"WT088553" = Virtual Villagers 4 - The Tree of Life
"WT088649" = 18 Wheels of Steel - American Long Haul
"WT088653" = Jewel Quest - Heritage
"WTA-14cdf173-af0c-42e7-b231-fd3c6524652b" = Tearstone
"WTA-6831b4e7-d7ae-4d6a-aa30-4ebaf9c3aaee" = Amulet of Time: Shadow of La Rochelle
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2420626270-41555177-3605695307-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"RIFT" = RIFT
 
========== Last 20 Event Log Errors ==========
 
[ System Events ]
Error - 4/3/2013 12:02:35 PM | Computer Name = JaymeLeighPC | Source = DCOM | ID = 10010
Description =
 
Error - 4/3/2013 12:06:08 PM | Computer Name = JaymeLeighPC | Source = ipnathlp | ID = 31004
Description =
 
Error - 4/3/2013 12:35:13 PM | Computer Name = JaymeLeighPC | Source = ipnathlp | ID = 30013
Description =
 
Error - 4/3/2013 12:35:22 PM | Computer Name = JaymeLeighPC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error - 4/3/2013 12:35:24 PM | Computer Name = JaymeLeighPC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR2.
 
Error - 4/3/2013 12:36:10 PM | Computer Name = JaymeLeighPC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
 
Error - 4/3/2013 12:36:12 PM | Computer Name = JaymeLeighPC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR3.
 
 
< End of report >

 

 

 

 

 

AMBWR

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-04-03 13:59:52
-----------------------------
13:59:52.756    OS Version: Windows x64 6.1.7600
13:59:52.756    Number of processors: 2 586 0x2505
13:59:52.756    ComputerName: JAYMELEIGHPC  UserName: gabriel
13:59:53.708    Initialize success
14:00:04.691    AVAST engine defs: 13040301
14:00:08.248    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:00:08.248    Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
14:00:08.467    Disk 0 MBR read successfully
14:00:08.482    Disk 0 MBR scan
14:00:08.482    Disk 0 Windows VISTA default MBR code
14:00:08.482    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        13500 MB offset 2048
14:00:08.513    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 27650048
14:00:08.529    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       224873 MB offset 27854848
14:00:08.701    Disk 0 scanning C:\Windows\system32\drivers
14:00:28.232    Service scanning
14:01:34.828    Modules scanning
14:01:34.828    Disk 0 trace - called modules:
14:01:34.844    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:01:35.359    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003135060]
14:01:35.359    3 CLASSPNP.SYS[fffff8800107543f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002f07050]
14:01:36.700    AVAST engine scan C:\Windows
14:01:45.000    AVAST engine scan C:\Windows\system32
14:07:20.980    AVAST engine scan C:\Windows\system32\drivers
14:07:34.833    AVAST engine scan C:\Users\gabriel
14:16:40.288    File: C:\Users\gabriel\Downloads\Setup (1).exe  **INFECTED** Win32:Gamevance-CS [Adw]
14:16:40.616    File: C:\Users\gabriel\Downloads\Setup.exe  **INFECTED** Win32:Gamevance-CS [Adw]
14:16:57.729    AVAST engine scan C:\ProgramData
14:26:09.299    Disk 0 MBR has been saved successfully to "E:\MBR.dat"
14:26:09.330    The log file has been saved successfully to "E:\aswMBR.txt"



 



#7 haplo99

haplo99
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 03 April 2013 - 04:07 PM

finally able to finish the scan without it crashing

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-04-03 16:24:22
-----------------------------
16:24:22.870    OS Version: Windows x64 6.1.7600
16:24:22.870    Number of processors: 2 586 0x2505
16:24:22.870    ComputerName: JAYMELEIGHPC  UserName: gabriel
16:24:23.744    Initialize success
16:24:36.302    AVAST engine defs: 13040301
16:24:48.314    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:24:48.314    Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
16:24:48.501    Disk 0 MBR read successfully
16:24:48.501    Disk 0 MBR scan
16:24:48.501    Disk 0 Windows VISTA default MBR code
16:24:48.517    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        13500 MB offset 2048
16:24:48.548    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 27650048
16:24:48.564    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       224873 MB offset 27854848
16:24:48.876    Disk 0 scanning C:\Windows\system32\drivers
16:25:08.111    Service scanning
16:25:48.608    Modules scanning
16:25:48.608    Disk 0 trace - called modules:
16:25:48.624    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
16:25:49.139    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031522d0]
16:25:49.139    3 CLASSPNP.SYS[fffff8800125f43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80021a7050]
16:25:50.059    AVAST engine scan C:\Windows
16:25:55.893    AVAST engine scan C:\Windows\system32
16:32:04.142    AVAST engine scan C:\Windows\system32\drivers
16:32:22.659    AVAST engine scan C:\Users\gabriel
16:41:27.100    File: C:\Users\gabriel\Downloads\Setup (1).exe  **INFECTED** Win32:Gamevance-CS [Adw]
16:41:27.334    File: C:\Users\gabriel\Downloads\Setup.exe  **INFECTED** Win32:Gamevance-CS [Adw]
16:41:45.664    AVAST engine scan C:\ProgramData
17:04:15.099    Scan finished successfully
17:05:30.994    Disk 0 MBR has been saved successfully to "C:\Users\gabriel\Desktop\MBR.dat"
17:05:31.009    The log file has been saved successfully to "C:\Users\gabriel\Desktop\aswMBR.txt"

 



#8 satchfan

satchfan

  • Malware Response Team
  • 2,859 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:06:24 PM

Posted 03 April 2013 - 05:30 PM

Thanks for the logs but there were entries that require a further look.

 

Uninstall Google Chrome

For the time being I would like for you to uninstall Google Chrome and only use Firefox or Internet Explorer. You can reinstall it later if you like. We need to remove some entries and that is the easiest way to do so with Google Chrome.

If asked about user data or settings, don’t check the box that asks to remember settings. We need to remove those also.

====================================================

Please run these in the order requested.

Run TDSSKiller

Please download TDSSKiller.zip

  • extract it to your desktop
  • double click TDSSKiller.exe
  • press Start Scan

    only if Malicious objects are found then ensure Cure is selected. Do not change it to Delete or Quarantine as it may delete infected files that are required for Windows to operate properly.
     

  • click Continue > Reboot now
  • copy and paste the log in your next reply
  • a copy of the log will be saved automatically to the root of the drive (typically C:\) called TDSSKiller_*** (*** denotes version & date)

======================================================

Download and run ComboFix

Download Combofix from either of the links below, and save it to your desktop.  

Link 1
Link 2

**Note:  It MUST be saved directly to your desktop. Choose save as and then make sure you choose Desktop

--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here.

--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.

  • when finished, it will produce a report for you.  
  • please post the C:\ComboFix.txt for further review.

Logs to include with next post:

TDSSKiller log
ComboFix.txt


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#9 haplo99

haplo99
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 03 April 2013 - 07:47 PM

TDSKILLER log

20:22:40.0831 4516  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:22:41.0190 4516  ============================================================
20:22:41.0190 4516  Current date / time: 2013/04/03 20:22:41.0190
20:22:41.0190 4516  SystemInfo:
20:22:41.0190 4516  
20:22:41.0190 4516  OS Version: 6.1.7600 ServicePack: 0.0
20:22:41.0190 4516  Product type: Workstation
20:22:41.0190 4516  ComputerName: JAYMELEIGHPC
20:22:41.0190 4516  UserName: gabriel
20:22:41.0190 4516  Windows directory: C:\Windows
20:22:41.0190 4516  System windows directory: C:\Windows
20:22:41.0190 4516  Running under WOW64
20:22:41.0190 4516  Processor architecture: Intel x64
20:22:41.0190 4516  Number of processors: 2
20:22:41.0190 4516  Page size: 0x1000
20:22:41.0190 4516  Boot type: Normal boot
20:22:41.0190 4516  ============================================================
20:22:41.0782 4516  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:22:41.0845 4516  Drive \Device\Harddisk1\DR2 - Size: 0x1E4700000 (7.57 Gb), SectorSize: 0x200, Cylinders: 0x3DC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:22:41.0876 4516  ============================================================
20:22:41.0876 4516  \Device\Harddisk0\DR0:
20:22:41.0876 4516  MBR partitions:
20:22:41.0876 4516  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A5E800, BlocksNum 0x32000
20:22:41.0876 4516  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A90800, BlocksNum 0x1B734970
20:22:41.0876 4516  \Device\Harddisk1\DR2:
20:22:41.0876 4516  MBR partitions:
20:22:41.0876 4516  \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xF237C1
20:22:41.0876 4516  ============================================================
20:22:41.0892 4516  C: <-> \Device\Harddisk0\DR0\Partition2
20:22:41.0892 4516  ============================================================
20:22:41.0892 4516  Initialize success
20:22:41.0892 4516  ============================================================
20:22:50.0612 4712  ============================================================
20:22:50.0612 4712  Scan started
20:22:50.0612 4712  Mode: Manual;
20:22:50.0612 4712  ============================================================
20:22:50.0815 4712  ================ Scan system memory ========================
20:22:50.0815 4712  System memory - ok
20:22:50.0815 4712  ================ Scan services =============================
20:22:51.0018 4712  [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
20:22:51.0018 4712  1394ohci - ok
20:22:51.0049 4712  [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
20:22:51.0064 4712  ACPI - ok
20:22:51.0096 4712  [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
20:22:51.0096 4712  AcpiPmi - ok
20:22:51.0205 4712  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:22:51.0205 4712  AdobeARMservice - ok
20:22:51.0361 4712  [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:22:51.0361 4712  AdobeFlashPlayerUpdateSvc - ok
20:22:51.0408 4712  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:22:51.0408 4712  adp94xx - ok
20:22:51.0439 4712  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:22:51.0439 4712  adpahci - ok
20:22:51.0470 4712  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:22:51.0470 4712  adpu320 - ok
20:22:51.0501 4712  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:22:51.0501 4712  AeLookupSvc - ok
20:22:51.0548 4712  [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD             C:\Windows\system32\drivers\afd.sys
20:22:51.0564 4712  AFD - ok
20:22:51.0595 4712  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
20:22:51.0595 4712  agp440 - ok
20:22:51.0626 4712  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
20:22:51.0626 4712  ALG - ok
20:22:51.0673 4712  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
20:22:51.0673 4712  aliide - ok
20:22:51.0688 4712  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
20:22:51.0688 4712  amdide - ok
20:22:51.0720 4712  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:22:51.0720 4712  AmdK8 - ok
20:22:51.0735 4712  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:22:51.0735 4712  AmdPPM - ok
20:22:51.0782 4712  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:22:51.0782 4712  amdsata - ok
20:22:51.0798 4712  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:22:51.0798 4712  amdsbs - ok
20:22:51.0813 4712  [ DB27766102C7BF7E95140A2AA81D042E ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:22:51.0813 4712  amdxata - ok
20:22:51.0860 4712  [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
20:22:51.0860 4712  AmUStor - ok
20:22:51.0907 4712  [ FAB590E0FC28CB474B965F8267458E14 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
20:22:51.0907 4712  ApfiltrService - ok
20:22:51.0969 4712  [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID           C:\Windows\system32\drivers\appid.sys
20:22:51.0969 4712  AppID - ok
20:22:51.0985 4712  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:22:51.0985 4712  AppIDSvc - ok
20:22:52.0000 4712  [ D065BE66822847B7F127D1F90158376E ] Appinfo         C:\Windows\System32\appinfo.dll
20:22:52.0016 4712  Appinfo - ok
20:22:52.0078 4712  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:22:52.0078 4712  Apple Mobile Device - ok
20:22:52.0125 4712  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:22:52.0125 4712  arc - ok
20:22:52.0172 4712  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:22:52.0172 4712  arcsas - ok
20:22:52.0203 4712  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:22:52.0203 4712  AsyncMac - ok
20:22:52.0234 4712  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
20:22:52.0234 4712  atapi - ok
20:22:52.0312 4712  [ E642491F64E58CD5BC8FB8B347DCF65F ] athr            C:\Windows\system32\DRIVERS\athrx.sys
20:22:52.0328 4712  athr - ok
20:22:52.0390 4712  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:22:52.0390 4712  AudioEndpointBuilder - ok
20:22:52.0422 4712  [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:22:52.0422 4712  AudioSrv - ok
20:22:52.0468 4712  [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:22:52.0468 4712  AxInstSV - ok
20:22:52.0515 4712  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:22:52.0531 4712  b06bdrv - ok
20:22:52.0546 4712  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:22:52.0562 4712  b57nd60a - ok
20:22:52.0609 4712  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
20:22:52.0624 4712  BCM43XX - ok
20:22:52.0640 4712  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:22:52.0640 4712  BDESVC - ok
20:22:52.0656 4712  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:22:52.0656 4712  Beep - ok
20:22:52.0718 4712  [ 4992C609A6315671463E30F6512BC022 ] BFE             C:\Windows\System32\bfe.dll
20:22:52.0718 4712  BFE - ok
20:22:52.0780 4712  [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS            C:\Windows\System32\qmgr.dll
20:22:52.0780 4712  BITS - ok
20:22:52.0796 4712  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:22:52.0796 4712  blbdrive - ok
20:22:52.0921 4712  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:22:52.0921 4712  Bonjour Service - ok
20:22:52.0968 4712  [ 19D20159708E152267E53B66677A4995 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:22:52.0968 4712  bowser - ok
20:22:52.0999 4712  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:22:52.0999 4712  BrFiltLo - ok
20:22:53.0030 4712  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:22:53.0030 4712  BrFiltUp - ok
20:22:53.0061 4712  [ 6B054C67AAA87843504E8E3C09102009 ] Browser         C:\Windows\System32\browser.dll
20:22:53.0061 4712  Browser - ok
20:22:53.0092 4712  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:22:53.0092 4712  Brserid - ok
20:22:53.0108 4712  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:22:53.0108 4712  BrSerWdm - ok
20:22:53.0108 4712  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:22:53.0108 4712  BrUsbMdm - ok
20:22:53.0124 4712  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:22:53.0124 4712  BrUsbSer - ok
20:22:53.0155 4712  [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
20:22:53.0155 4712  BTCFilterService - ok
20:22:53.0170 4712  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:22:53.0170 4712  BTHMODEM - ok
20:22:53.0202 4712  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
20:22:53.0217 4712  bthserv - ok
20:22:53.0248 4712  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:22:53.0248 4712  cdfs - ok
20:22:53.0264 4712  [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:22:53.0264 4712  cdrom - ok
20:22:53.0295 4712  [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:22:53.0295 4712  CertPropSvc - ok
20:22:53.0326 4712  [ E02C9CDB15F13DE4EB2FF67660E62317 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
20:22:53.0342 4712  cfwids - ok
20:22:53.0389 4712  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:22:53.0389 4712  circlass - ok
20:22:53.0420 4712  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
20:22:53.0420 4712  CLFS - ok
20:22:53.0498 4712  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:22:53.0498 4712  clr_optimization_v2.0.50727_32 - ok
20:22:53.0545 4712  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:22:53.0545 4712  clr_optimization_v2.0.50727_64 - ok
20:22:53.0654 4712  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:22:53.0654 4712  clr_optimization_v4.0.30319_32 - ok
20:22:53.0685 4712  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:22:53.0685 4712  clr_optimization_v4.0.30319_64 - ok
20:22:53.0732 4712  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:22:53.0732 4712  CmBatt - ok
20:22:53.0763 4712  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
20:22:53.0763 4712  cmdide - ok
20:22:53.0810 4712  [ CA7720B73446FDDEC5C69519C1174C98 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:22:53.0826 4712  CNG - ok
20:22:53.0857 4712  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:22:53.0857 4712  Compbatt - ok
20:22:53.0904 4712  [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
20:22:53.0904 4712  CompositeBus - ok
20:22:53.0919 4712  COMSysApp - ok
20:22:53.0935 4712  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:22:53.0935 4712  crcdisk - ok
20:22:53.0982 4712  [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:22:53.0982 4712  CryptSvc - ok
20:22:54.0106 4712  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
20:22:54.0106 4712  cvhsvc - ok
20:22:54.0169 4712  [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:22:54.0169 4712  DcomLaunch - ok
20:22:54.0216 4712  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
20:22:54.0216 4712  defragsvc - ok
20:22:54.0231 4712  [ 9C253CE7311CA60FC11C774692A13208 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:22:54.0247 4712  DfsC - ok
20:22:54.0278 4712  [ CE3B9562D997F69B330D181A8875960F ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:22:54.0278 4712  Dhcp - ok
20:22:54.0309 4712  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
20:22:54.0309 4712  discache - ok
20:22:54.0356 4712  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:22:54.0356 4712  Disk - ok
20:22:54.0418 4712  [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:22:54.0418 4712  Dnscache - ok
20:22:54.0450 4712  [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc         C:\Windows\System32\dot3svc.dll
20:22:54.0450 4712  dot3svc - ok
20:22:54.0465 4712  [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS             C:\Windows\system32\dps.dll
20:22:54.0465 4712  DPS - ok
20:22:54.0512 4712  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:22:54.0512 4712  drmkaud - ok
20:22:54.0559 4712  [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
20:22:54.0574 4712  DsiWMIService - ok
20:22:54.0621 4712  [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:22:54.0637 4712  DXGKrnl - ok
20:22:54.0684 4712  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
20:22:54.0684 4712  EapHost - ok
20:22:54.0777 4712  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:22:54.0793 4712  ebdrv - ok
20:22:54.0840 4712  [ 156F6159457D0AA7E59B62681B56EB90 ] EFS             C:\Windows\System32\lsass.exe
20:22:54.0840 4712  EFS - ok
20:22:54.0902 4712  [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:22:54.0902 4712  ehRecvr - ok
20:22:54.0933 4712  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
20:22:54.0933 4712  ehSched - ok
20:22:54.0980 4712  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:22:54.0996 4712  elxstor - ok
20:22:55.0089 4712  [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
20:22:55.0105 4712  ePowerSvc - ok
20:22:55.0120 4712  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
20:22:55.0120 4712  ErrDev - ok
20:22:55.0167 4712  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
20:22:55.0183 4712  EventSystem - ok
20:22:55.0198 4712  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
20:22:55.0214 4712  exfat - ok
20:22:55.0230 4712  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:22:55.0230 4712  fastfat - ok
20:22:55.0276 4712  [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax             C:\Windows\system32\fxssvc.exe
20:22:55.0292 4712  Fax - ok
20:22:55.0308 4712  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:22:55.0323 4712  fdc - ok
20:22:55.0354 4712  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:22:55.0354 4712  fdPHost - ok
20:22:55.0370 4712  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:22:55.0370 4712  FDResPub - ok
20:22:55.0386 4712  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:22:55.0386 4712  FileInfo - ok
20:22:55.0417 4712  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:22:55.0417 4712  Filetrace - ok
20:22:55.0448 4712  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:22:55.0448 4712  flpydisk - ok
20:22:55.0464 4712  [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:22:55.0464 4712  FltMgr - ok
20:22:55.0526 4712  [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache       C:\Windows\system32\FntCache.dll
20:22:55.0526 4712  FontCache - ok
20:22:55.0604 4712  [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:22:55.0620 4712  FontCache3.0.0.0 - ok
20:22:55.0620 4712  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:22:55.0620 4712  FsDepends - ok
20:22:55.0698 4712  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
20:22:55.0698 4712  fssfltr - ok
20:22:55.0838 4712  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:22:55.0838 4712  fsssvc - ok
20:22:55.0885 4712  [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:22:55.0885 4712  Fs_Rec - ok
20:22:55.0932 4712  [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:22:55.0932 4712  fvevol - ok
20:22:55.0978 4712  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:22:55.0978 4712  gagp30kx - ok
20:22:56.0056 4712  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:22:56.0056 4712  GamesAppService - ok
20:22:56.0119 4712  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:22:56.0119 4712  GEARAspiWDM - ok
20:22:56.0150 4712  [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc           C:\Windows\System32\gpsvc.dll
20:22:56.0150 4712  gpsvc - ok
20:22:56.0228 4712  [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
20:22:56.0228 4712  GREGService - ok
20:22:56.0353 4712  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:22:56.0353 4712  gupdate - ok
20:22:56.0384 4712  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:22:56.0400 4712  gupdatem - ok
20:22:56.0446 4712  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:22:56.0446 4712  gusvc - ok
20:22:56.0478 4712  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:22:56.0493 4712  hcw85cir - ok
20:22:56.0524 4712  [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:22:56.0524 4712  HdAudAddService - ok
20:22:56.0556 4712  [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:22:56.0556 4712  HDAudBus - ok
20:22:56.0602 4712  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
20:22:56.0618 4712  HECIx64 - ok
20:22:56.0649 4712  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:22:56.0649 4712  HidBatt - ok
20:22:56.0649 4712  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:22:56.0649 4712  HidBth - ok
20:22:56.0649 4712  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:22:56.0665 4712  HidIr - ok
20:22:56.0696 4712  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
20:22:56.0696 4712  hidserv - ok
20:22:56.0712 4712  [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:22:56.0712 4712  HidUsb - ok
20:22:56.0743 4712  [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:22:56.0743 4712  hkmsvc - ok
20:22:56.0774 4712  [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:22:56.0774 4712  HomeGroupListener - ok
20:22:56.0821 4712  [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:22:56.0821 4712  HomeGroupProvider - ok
20:22:56.0868 4712  [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
20:22:56.0868 4712  HpSAMD - ok
20:22:56.0914 4712  [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:22:56.0914 4712  HTTP - ok
20:22:56.0930 4712  [ F17766A19145F111856378DF337A5D79 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:22:56.0930 4712  hwpolicy - ok
20:22:56.0961 4712  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:22:56.0961 4712  i8042prt - ok
20:22:56.0992 4712  [ ABBF174CB394F5C437410A788B7E404A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:22:57.0008 4712  iaStor - ok
20:22:57.0024 4712  [ B75E45C564E944A2657167D197AB29DA ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:22:57.0039 4712  iaStorV - ok
20:22:57.0102 4712  [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:22:57.0117 4712  idsvc - ok
20:22:57.0351 4712  [ 2A22AB054F4630D2EF4BAB2853F6D5F6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:22:57.0414 4712  igfx - ok
20:22:57.0460 4712  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:22:57.0460 4712  iirsp - ok
20:22:57.0523 4712  [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT          C:\Windows\System32\ikeext.dll
20:22:57.0523 4712  IKEEXT - ok
20:22:57.0538 4712  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
20:22:57.0538 4712  Impcd - ok
20:22:57.0616 4712  [ E8017F1662D9142F45CEAB694D013C00 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:22:57.0632 4712  IntcAzAudAddService - ok
20:22:57.0694 4712  [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:22:57.0694 4712  IntcDAud - ok
20:22:57.0710 4712  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
20:22:57.0710 4712  intelide - ok
20:22:57.0757 4712  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:22:57.0757 4712  intelppm - ok
20:22:57.0804 4712  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:22:57.0804 4712  IPBusEnum - ok
20:22:57.0819 4712  [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:22:57.0819 4712  IpFilterDriver - ok
20:22:57.0850 4712  [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:22:57.0850 4712  iphlpsvc - ok
20:22:57.0866 4712  [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:22:57.0866 4712  IPMIDRV - ok
20:22:57.0897 4712  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:22:57.0897 4712  IPNAT - ok
20:22:57.0991 4712  [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:22:57.0991 4712  iPod Service - ok
20:22:58.0006 4712  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:22:58.0006 4712  IRENUM - ok
20:22:58.0053 4712  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
20:22:58.0053 4712  isapnp - ok
20:22:58.0084 4712  [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:22:58.0084 4712  iScsiPrt - ok
20:22:58.0116 4712  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
20:22:58.0116 4712  k57nd60a - ok
20:22:58.0147 4712  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:22:58.0147 4712  kbdclass - ok
20:22:58.0194 4712  [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:22:58.0194 4712  kbdhid - ok
20:22:58.0225 4712  [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso          C:\Windows\system32\lsass.exe
20:22:58.0225 4712  KeyIso - ok
20:22:58.0272 4712  [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:22:58.0272 4712  KSecDD - ok
20:22:58.0318 4712  [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:22:58.0318 4712  KSecPkg - ok
20:22:58.0334 4712  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:22:58.0350 4712  ksthunk - ok
20:22:58.0381 4712  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:22:58.0381 4712  KtmRm - ok
20:22:58.0412 4712  [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
20:22:58.0412 4712  L1E - ok
20:22:58.0474 4712  [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:22:58.0474 4712  LanmanServer - ok
20:22:58.0506 4712  [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:22:58.0506 4712  LanmanWorkstation - ok
20:22:58.0552 4712  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:22:58.0552 4712  lltdio - ok
20:22:58.0630 4712  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:22:58.0630 4712  lltdsvc - ok
20:22:58.0646 4712  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:22:58.0646 4712  lmhosts - ok
20:22:58.0724 4712  [ 23DE5B62B0445A6F874BE633C95B483E ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:22:58.0724 4712  LMS - ok
20:22:58.0786 4712  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:22:58.0786 4712  LSI_FC - ok
20:22:58.0802 4712  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:22:58.0802 4712  LSI_SAS - ok
20:22:58.0818 4712  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:22:58.0818 4712  LSI_SAS2 - ok
20:22:58.0849 4712  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:22:58.0849 4712  LSI_SCSI - ok
20:22:58.0880 4712  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:22:58.0880 4712  luafv - ok
20:22:58.0989 4712  [ 458A013DF72EAAB91877FA03533E2C8B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:22:58.0989 4712  McAfee SiteAdvisor Service - ok
20:22:59.0036 4712  [ F8B823414A22DBF3BEC10DCAA5F93CD8 ] McciCMService   C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
20:22:59.0036 4712  McciCMService - ok
20:22:59.0130 4712  [ 859E5A32485178DAECA06B52E2BB44B2 ] McciCMService64 C:\Program Files\Common Files\Motive\McciCMService.exe
20:22:59.0130 4712  McciCMService64 - ok
20:22:59.0239 4712  [ FD3AD5E1ECDAA94A89D6697F5C5465D6 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
20:22:59.0239 4712  McComponentHostService - ok
20:22:59.0270 4712  [ 458A013DF72EAAB91877FA03533E2C8B ] McMPFSvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:22:59.0270 4712  McMPFSvc - ok
20:22:59.0286 4712  [ 458A013DF72EAAB91877FA03533E2C8B ] mcmscsvc        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:22:59.0286 4712  mcmscsvc - ok
20:22:59.0301 4712  [ 458A013DF72EAAB91877FA03533E2C8B ] McNaiAnn        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:22:59.0301 4712  McNaiAnn - ok
20:22:59.0317 4712  [ 458A013DF72EAAB91877FA03533E2C8B ] McNASvc         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:22:59.0317 4712  McNASvc - ok
20:22:59.0426 4712  [ 3809B77EB1734CD5FB317425F188ABC1 ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
20:22:59.0426 4712  McODS - ok
20:22:59.0426 4712  [ 458A013DF72EAAB91877FA03533E2C8B ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:22:59.0442 4712  McOobeSv - ok
20:22:59.0457 4712  [ 458A013DF72EAAB91877FA03533E2C8B ] McProxy         C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
20:22:59.0457 4712  McProxy - ok
20:22:59.0520 4712  [ 461EABB62F1827B965F508092160EDDC ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
20:22:59.0520 4712  McShield - ok
20:22:59.0566 4712  [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:22:59.0566 4712  Mcx2Svc - ok
20:22:59.0598 4712  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:22:59.0598 4712  megasas - ok
20:22:59.0613 4712  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:22:59.0613 4712  MegaSR - ok
20:22:59.0629 4712  [ C1556CA9695FCD6BBD23D75D402FD43D ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
20:22:59.0629 4712  mfeapfk - ok
20:22:59.0676 4712  [ 8857EE8B49F3338FC1FAD476BFCCA146 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
20:22:59.0676 4712  mfeavfk - ok
20:22:59.0722 4712  mfeavfk01 - ok
20:22:59.0738 4712  [ DD92E94E265864306377F091B100D0D0 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
20:22:59.0738 4712  mfefire - ok
20:22:59.0785 4712  [ 19C44295F6BF085C83352D48397F7870 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
20:22:59.0785 4712  mfefirek - ok
20:22:59.0847 4712  [ 5F915E20AB56121C41C6BF9A91A83BDA ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
20:22:59.0847 4712  mfehidk - ok
20:22:59.0863 4712  [ 23AE332E32FF615CA5E5224C8D91AF11 ] mfenlfk         C:\Windows\system32\DRIVERS\mfenlfk.sys
20:22:59.0863 4712  mfenlfk - ok
20:22:59.0910 4712  [ 9C7A9273E345F8D653394B5C542BF86A ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
20:22:59.0910 4712  mferkdet - ok
20:22:59.0956 4712  [ AECD0C9ABDFDC61BE31163B624C4170F ] mfevtp          C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
20:22:59.0956 4712  mfevtp - ok
20:22:59.0988 4712  [ 3140B2C56D7119BA314F68FC785683F0 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
20:23:00.0003 4712  mfewfpk - ok
20:23:00.0019 4712  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
20:23:00.0019 4712  MMCSS - ok
20:23:00.0050 4712  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
20:23:00.0050 4712  Modem - ok
20:23:00.0066 4712  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:23:00.0066 4712  monitor - ok
20:23:00.0128 4712  [ C94A2EA3FDFA5D650884926B710B7DB1 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
20:23:00.0128 4712  motccgp - ok
20:23:00.0144 4712  [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl       C:\Windows\system32\DRIVERS\motccgpfl.sys
20:23:00.0144 4712  motccgpfl - ok
20:23:00.0175 4712  [ 060F0EF84F430802DF3788F3DCFD009C ] motmodem        C:\Windows\system32\DRIVERS\motmodem.sys
20:23:00.0175 4712  motmodem - ok
20:23:00.0268 4712  [ 3BBC6C2402242401F791548AAEBF3D39 ] MotoHelper      C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
20:23:00.0284 4712  MotoHelper - ok
20:23:00.0300 4712  [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
20:23:00.0300 4712  MotoSwitchService - ok
20:23:00.0331 4712  [ 87701078C3F720AC7A028E937994CC49 ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
20:23:00.0331 4712  Motousbnet - ok
20:23:00.0378 4712  [ 4244E427CDA5F6485E74461B5B48A7B6 ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys
20:23:00.0378 4712  motusbdevice - ok
20:23:00.0440 4712  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:23:00.0440 4712  mouclass - ok
20:23:00.0471 4712  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:23:00.0487 4712  mouhid - ok
20:23:00.0502 4712  [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:23:00.0502 4712  mountmgr - ok
20:23:00.0534 4712  [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
20:23:00.0534 4712  mpio - ok
20:23:00.0549 4712  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:23:00.0549 4712  mpsdrv - ok
20:23:00.0596 4712  [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:23:00.0596 4712  MpsSvc - ok
20:23:00.0658 4712  [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50         C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
20:23:00.0658 4712  MREMP50 - ok
20:23:00.0674 4712  MREMP50a64 - ok
20:23:00.0690 4712  MREMPR5 - ok
20:23:00.0690 4712  MRENDIS5 - ok
20:23:00.0705 4712  [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50         C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
20:23:00.0705 4712  MRESP50 - ok
20:23:00.0721 4712  MRESP50a64 - ok
20:23:00.0783 4712  [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:23:00.0783 4712  MRxDAV - ok
20:23:00.0814 4712  [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:23:00.0830 4712  mrxsmb - ok
20:23:00.0861 4712  [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:23:00.0861 4712  mrxsmb10 - ok
20:23:00.0892 4712  [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:23:00.0892 4712  mrxsmb20 - ok
20:23:00.0924 4712  [ 5C37497276E3B3A5488B23A326A754B7 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
20:23:00.0924 4712  msahci - ok
20:23:00.0955 4712  [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
20:23:00.0955 4712  msdsm - ok
20:23:00.0970 4712  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
20:23:00.0970 4712  MSDTC - ok
20:23:00.0986 4712  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:23:00.0986 4712  Msfs - ok
20:23:01.0017 4712  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:23:01.0017 4712  mshidkmdf - ok
20:23:01.0033 4712  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
20:23:01.0033 4712  msisadrv - ok
20:23:01.0064 4712  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:23:01.0080 4712  MSiSCSI - ok
20:23:01.0080 4712  msiserver - ok
20:23:01.0111 4712  [ 458A013DF72EAAB91877FA03533E2C8B ] MSK80Service    C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
20:23:01.0111 4712  MSK80Service - ok
20:23:01.0142 4712  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:23:01.0142 4712  MSKSSRV - ok
20:23:01.0173 4712  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:23:01.0173 4712  MSPCLOCK - ok
20:23:01.0173 4712  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:23:01.0173 4712  MSPQM - ok
20:23:01.0189 4712  [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:23:01.0189 4712  MsRPC - ok
20:23:01.0220 4712  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:23:01.0220 4712  mssmbios - ok
20:23:01.0236 4712  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:23:01.0236 4712  MSTEE - ok
20:23:01.0267 4712  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:23:01.0267 4712  MTConfig - ok
20:23:01.0282 4712  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:23:01.0282 4712  Mup - ok
20:23:01.0314 4712  [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:23:01.0314 4712  mwlPSDFilter - ok
20:23:01.0329 4712  [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:23:01.0329 4712  mwlPSDNServ - ok
20:23:01.0345 4712  [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:23:01.0345 4712  mwlPSDVDisk - ok
20:23:01.0438 4712  [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService      C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
20:23:01.0438 4712  MWLService - ok
20:23:01.0470 4712  [ 4987E079A4530FA737A128BE54B63B12 ] napagent        C:\Windows\system32\qagentRT.dll
20:23:01.0470 4712  napagent - ok
20:23:01.0532 4712  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:23:01.0548 4712  NativeWifiP - ok
20:23:01.0594 4712  [ CAD515DBD07D082BB317D9928CE8962C ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:23:01.0594 4712  NDIS - ok
20:23:01.0626 4712  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:23:01.0626 4712  NdisCap - ok
20:23:01.0672 4712  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:23:01.0672 4712  NdisTapi - ok
20:23:01.0704 4712  [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:23:01.0704 4712  Ndisuio - ok
20:23:01.0719 4712  [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:23:01.0719 4712  NdisWan - ok
20:23:01.0735 4712  [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:23:01.0735 4712  NDProxy - ok
20:23:01.0766 4712  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:23:01.0766 4712  NetBIOS - ok
20:23:01.0782 4712  [ 9162B273A44AB9DCE5B44362731D062A ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:23:01.0782 4712  NetBT - ok
20:23:01.0828 4712  [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon        C:\Windows\system32\lsass.exe
20:23:01.0828 4712  Netlogon - ok
20:23:01.0875 4712  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
20:23:01.0875 4712  Netman - ok
20:23:01.0875 4712  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
20:23:01.0891 4712  netprofm - ok
20:23:01.0906 4712  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:23:01.0906 4712  NetTcpPortSharing - ok
20:23:01.0953 4712  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:23:01.0953 4712  nfrd960 - ok
20:23:01.0969 4712  [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:23:01.0984 4712  NlaSvc - ok
20:23:02.0078 4712  [ 5839A8027D6D324A7CD494051A96628C ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
20:23:02.0109 4712  NOBU - ok
20:23:02.0125 4712  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:23:02.0140 4712  Npfs - ok
20:23:02.0156 4712  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
20:23:02.0156 4712  nsi - ok
20:23:02.0172 4712  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:23:02.0172 4712  nsiproxy - ok
20:23:02.0234 4712  [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:23:02.0250 4712  Ntfs - ok
20:23:02.0343 4712  [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
20:23:02.0343 4712  NTI IScheduleSvc - ok
20:23:02.0406 4712  [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
20:23:02.0406 4712  NTIBackupSvc - ok
20:23:02.0437 4712  [ 710263B44C1D1AEE07525A53401FBE48 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
20:23:02.0437 4712  NTIDrvr - ok
20:23:02.0452 4712  [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
20:23:02.0452 4712  NTISchedulerSvc - ok
20:23:02.0499 4712  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
20:23:02.0499 4712  Null - ok
20:23:02.0546 4712  [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:23:02.0562 4712  nvraid - ok
20:23:02.0577 4712  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:23:02.0577 4712  nvstor - ok
20:23:02.0608 4712  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
20:23:02.0608 4712  nv_agp - ok
20:23:02.0608 4712  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:23:02.0608 4712  ohci1394 - ok
20:23:02.0671 4712  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:23:02.0686 4712  ose - ok
20:23:02.0874 4712  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:23:02.0905 4712  osppsvc - ok
20:23:02.0952 4712  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:23:02.0952 4712  p2pimsvc - ok
20:23:02.0983 4712  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:23:02.0983 4712  p2psvc - ok
20:23:03.0030 4712  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:23:03.0030 4712  Parport - ok
20:23:03.0061 4712  [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:23:03.0061 4712  partmgr - ok
20:23:03.0076 4712  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:23:03.0092 4712  PcaSvc - ok
20:23:03.0108 4712  [ F36F6504009F2FB0DFD1B17A116AD74B ] pci             C:\Windows\system32\DRIVERS\pci.sys
20:23:03.0108 4712  pci - ok
20:23:03.0123 4712  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
20:23:03.0123 4712  pciide - ok
20:23:03.0139 4712  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:23:03.0154 4712  pcmcia - ok
20:23:03.0170 4712  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:23:03.0170 4712  pcw - ok
20:23:03.0201 4712  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:23:03.0201 4712  PEAUTH - ok
20:23:03.0310 4712  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:23:03.0310 4712  PerfHost - ok
20:23:03.0373 4712  [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla             C:\Windows\system32\pla.dll
20:23:03.0373 4712  pla - ok
20:23:03.0435 4712  [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:23:03.0451 4712  PlugPlay - ok
20:23:03.0466 4712  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:23:03.0466 4712  PNRPAutoReg - ok
20:23:03.0482 4712  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:23:03.0482 4712  PNRPsvc - ok
20:23:03.0529 4712  [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:23:03.0529 4712  PolicyAgent - ok
20:23:03.0560 4712  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
20:23:03.0560 4712  Power - ok
20:23:03.0607 4712  [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:23:03.0607 4712  PptpMiniport - ok
20:23:03.0622 4712  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:23:03.0622 4712  Processor - ok
20:23:03.0669 4712  [ 97293447431311C06703368AD0F6C4BE ] ProfSvc         C:\Windows\system32\profsvc.dll
20:23:03.0669 4712  ProfSvc - ok
20:23:03.0685 4712  [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:23:03.0685 4712  ProtectedStorage - ok
20:23:03.0716 4712  [ EE992183BD8EAEFD9973F352E587A299 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:23:03.0716 4712  Psched - ok
20:23:03.0778 4712  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:23:03.0794 4712  ql2300 - ok
20:23:03.0841 4712  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:23:03.0841 4712  ql40xx - ok
20:23:03.0872 4712  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
20:23:03.0872 4712  QWAVE - ok
20:23:03.0888 4712  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:23:03.0888 4712  QWAVEdrv - ok
20:23:03.0903 4712  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:23:03.0903 4712  RasAcd - ok
20:23:03.0950 4712  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:23:03.0950 4712  RasAgileVpn - ok
20:23:03.0966 4712  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
20:23:03.0981 4712  RasAuto - ok
20:23:03.0981 4712  [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:23:03.0981 4712  Rasl2tp - ok
20:23:04.0028 4712  [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan          C:\Windows\System32\rasmans.dll
20:23:04.0028 4712  RasMan - ok
20:23:04.0044 4712  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:23:04.0044 4712  RasPppoe - ok
20:23:04.0075 4712  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:23:04.0075 4712  RasSstp - ok
20:23:04.0122 4712  [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:23:04.0122 4712  rdbss - ok
20:23:04.0137 4712  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:23:04.0137 4712  rdpbus - ok
20:23:04.0168 4712  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:23:04.0168 4712  RDPCDD - ok
20:23:04.0184 4712  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:23:04.0200 4712  RDPENCDD - ok
20:23:04.0200 4712  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:23:04.0200 4712  RDPREFMP - ok
20:23:04.0246 4712  [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:23:04.0246 4712  RDPWD - ok
20:23:04.0309 4712  [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:23:04.0309 4712  rdyboost - ok
20:23:04.0356 4712  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:23:04.0356 4712  RemoteAccess - ok
20:23:04.0387 4712  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:23:04.0387 4712  RemoteRegistry - ok
20:23:04.0418 4712  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:23:04.0418 4712  RpcEptMapper - ok
20:23:04.0449 4712  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
20:23:04.0449 4712  RpcLocator - ok
20:23:04.0480 4712  [ 7266972E86890E2B30C0C322E906B027 ] RpcSs           C:\Windows\system32\rpcss.dll
20:23:04.0480 4712  RpcSs - ok
20:23:04.0512 4712  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:23:04.0527 4712  rspndr - ok
20:23:04.0527 4712  [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs           C:\Windows\system32\lsass.exe
20:23:04.0527 4712  SamSs - ok
20:23:04.0558 4712  [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
20:23:04.0558 4712  sbp2port - ok
20:23:04.0621 4712  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:23:04.0621 4712  SCardSvr - ok
20:23:04.0636 4712  [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:23:04.0636 4712  scfilter - ok
20:23:04.0699 4712  [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule        C:\Windows\system32\schedsvc.dll
20:23:04.0699 4712  Schedule - ok
20:23:04.0730 4712  [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:23:04.0730 4712  SCPolicySvc - ok
20:23:04.0746 4712  [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:23:04.0746 4712  SDRSVC - ok
20:23:04.0792 4712  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:23:04.0792 4712  secdrv - ok
20:23:04.0792 4712  [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon        C:\Windows\system32\seclogon.dll
20:23:04.0808 4712  seclogon - ok
20:23:04.0839 4712  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
20:23:04.0839 4712  SENS - ok
20:23:04.0855 4712  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:23:04.0855 4712  SensrSvc - ok
20:23:04.0870 4712  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:23:04.0870 4712  Serenum - ok
20:23:04.0902 4712  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:23:04.0902 4712  Serial - ok
20:23:04.0933 4712  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:23:04.0933 4712  sermouse - ok
20:23:04.0964 4712  [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv      C:\Windows\system32\sessenv.dll
20:23:04.0964 4712  SessionEnv - ok
20:23:04.0980 4712  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
20:23:04.0980 4712  sffdisk - ok
20:23:04.0995 4712  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
20:23:04.0995 4712  sffp_mmc - ok
20:23:05.0026 4712  [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
20:23:05.0026 4712  sffp_sd - ok
20:23:05.0026 4712  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:23:05.0026 4712  sfloppy - ok
20:23:05.0089 4712  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
20:23:05.0104 4712  Sftfs - ok
20:23:05.0167 4712  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
20:23:05.0182 4712  sftlist - ok
20:23:05.0214 4712  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:23:05.0214 4712  Sftplay - ok
20:23:05.0229 4712  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:23:05.0229 4712  Sftredir - ok
20:23:05.0245 4712  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
20:23:05.0245 4712  Sftvol - ok
20:23:05.0292 4712  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
20:23:05.0292 4712  sftvsa - ok
20:23:05.0354 4712  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:23:05.0354 4712  SharedAccess - ok
20:23:05.0385 4712  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:23:05.0385 4712  ShellHWDetection - ok
20:23:05.0416 4712  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:23:05.0416 4712  SiSRaid2 - ok
20:23:05.0448 4712  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:23:05.0463 4712  SiSRaid4 - ok
20:23:05.0541 4712  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:23:05.0557 4712  SkypeUpdate - ok
20:23:05.0572 4712  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:23:05.0572 4712  Smb - ok
20:23:05.0635 4712  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:23:05.0635 4712  SNMPTRAP - ok
20:23:05.0666 4712  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:23:05.0666 4712  spldr - ok
20:23:05.0728 4712  [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler         C:\Windows\System32\spoolsv.exe
20:23:05.0728 4712  Spooler - ok
20:23:05.0806 4712  [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:23:05.0838 4712  sppsvc - ok
20:23:05.0853 4712  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:23:05.0853 4712  sppuinotify - ok
20:23:05.0900 4712  [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:23:05.0900 4712  srv - ok
20:23:05.0947 4712  [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:23:05.0947 4712  srv2 - ok
20:23:05.0994 4712  [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:23:05.0994 4712  srvnet - ok
20:23:06.0040 4712  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:23:06.0040 4712  SSDPSRV - ok
20:23:06.0056 4712  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:23:06.0056 4712  SstpSvc - ok
20:23:06.0087 4712  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:23:06.0087 4712  stexstor - ok
20:23:06.0118 4712  [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc          C:\Windows\System32\wiaservc.dll
20:23:06.0118 4712  stisvc - ok
20:23:06.0134 4712  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:23:06.0134 4712  swenum - ok
20:23:06.0165 4712  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
20:23:06.0165 4712  swprv - ok
20:23:06.0212 4712  [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain         C:\Windows\system32\sysmain.dll
20:23:06.0259 4712  SysMain - ok
20:23:06.0274 4712  [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:23:06.0274 4712  TabletInputService - ok
20:23:06.0290 4712  [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:23:06.0290 4712  TapiSrv - ok
20:23:06.0306 4712  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
20:23:06.0306 4712  TBS - ok
20:23:06.0384 4712  [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:23:06.0399 4712  Tcpip - ok
20:23:06.0493 4712  [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:23:06.0493 4712  TCPIP6 - ok
20:23:06.0555 4712  [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:23:06.0571 4712  tcpipreg - ok
20:23:06.0586 4712  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:23:06.0586 4712  TDPIPE - ok
20:23:06.0602 4712  [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:23:06.0602 4712  TDTCP - ok
20:23:06.0618 4712  [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:23:06.0618 4712  tdx - ok
20:23:06.0633 4712  [ C448651339196C0E869A355171875522 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:23:06.0633 4712  TermDD - ok
20:23:06.0680 4712  [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService     C:\Windows\System32\termsrv.dll
20:23:06.0680 4712  TermService - ok
20:23:06.0696 4712  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
20:23:06.0696 4712  Themes - ok
20:23:06.0727 4712  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
20:23:06.0727 4712  THREADORDER - ok
20:23:06.0742 4712  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
20:23:06.0742 4712  TrkWks - ok
20:23:06.0805 4712  [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:23:06.0820 4712  TrustedInstaller - ok
20:23:06.0836 4712  [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:23:06.0836 4712  tssecsrv - ok
20:23:06.0867 4712  [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:23:06.0867 4712  tunnel - ok
20:23:06.0867 4712  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:23:06.0867 4712  uagp35 - ok
20:23:06.0914 4712  [ 40079B0B801C5432BA435B5AD61CE6E3 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
20:23:06.0914 4712  UBHelper - ok
20:23:06.0930 4712  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:23:06.0930 4712  udfs - ok
20:23:06.0976 4712  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:23:06.0976 4712  UI0Detect - ok
20:23:07.0008 4712  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
20:23:07.0008 4712  uliagpkx - ok
20:23:07.0023 4712  [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:23:07.0023 4712  umbus - ok
20:23:07.0023 4712  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:23:07.0023 4712  UmPass - ok
20:23:07.0164 4712  [ CC3775100ABA633984F73DFAE1F55CAE ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:23:07.0179 4712  UNS - ok
20:23:07.0273 4712  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:23:07.0273 4712  Updater Service - ok
20:23:07.0304 4712  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
20:23:07.0304 4712  upnphost - ok
20:23:07.0351 4712  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:23:07.0351 4712  USBAAPL64 - ok
20:23:07.0382 4712  [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:23:07.0398 4712  usbccgp - ok
20:23:07.0413 4712  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
20:23:07.0413 4712  usbcir - ok
20:23:07.0460 4712  [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:23:07.0460 4712  usbehci - ok
20:23:07.0476 4712  [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:23:07.0476 4712  usbhub - ok
20:23:07.0507 4712  [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:23:07.0522 4712  usbohci - ok
20:23:07.0554 4712  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:23:07.0554 4712  usbprint - ok
20:23:07.0585 4712  [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:23:07.0585 4712  USBSTOR - ok
20:23:07.0616 4712  [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:23:07.0616 4712  usbuhci - ok
20:23:07.0663 4712  [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:23:07.0663 4712  usbvideo - ok
20:23:07.0710 4712  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
20:23:07.0710 4712  usb_rndisx - ok
20:23:07.0741 4712  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
20:23:07.0741 4712  UxSms - ok
20:23:07.0756 4712  [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc        C:\Windows\system32\lsass.exe
20:23:07.0756 4712  VaultSvc - ok
20:23:07.0788 4712  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
20:23:07.0788 4712  vdrvroot - ok
20:23:07.0819 4712  [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds             C:\Windows\System32\vds.exe
20:23:07.0819 4712  vds - ok
20:23:07.0850 4712  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:23:07.0850 4712  vga - ok
20:23:07.0881 4712  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:23:07.0881 4712  VgaSave - ok
20:23:07.0897 4712  [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
20:23:07.0897 4712  vhdmp - ok
20:23:07.0912 4712  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
20:23:07.0912 4712  viaide - ok
20:23:07.0944 4712  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
20:23:07.0944 4712  volmgr - ok
20:23:07.0959 4712  [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:23:07.0959 4712  volmgrx - ok
20:23:07.0990 4712  [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:23:07.0990 4712  volsnap - ok
20:23:08.0022 4712  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:23:08.0022 4712  vsmraid - ok
20:23:08.0068 4712  [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS             C:\Windows\system32\vssvc.exe
20:23:08.0084 4712  VSS - ok
20:23:08.0115 4712  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:23:08.0115 4712  vwifibus - ok
20:23:08.0131 4712  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:23:08.0146 4712  vwififlt - ok
20:23:08.0162 4712  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:23:08.0162 4712  vwifimp - ok
20:23:08.0178 4712  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
20:23:08.0178 4712  W32Time - ok
20:23:08.0193 4712  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:23:08.0193 4712  WacomPen - ok
20:23:08.0224 4712  [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:23:08.0224 4712  WANARP - ok
20:23:08.0224 4712  [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:23:08.0224 4712  Wanarpv6 - ok
20:23:08.0318 4712  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:23:08.0318 4712  WatAdminSvc - ok
20:23:08.0380 4712  [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine        C:\Windows\system32\wbengine.exe
20:23:08.0396 4712  wbengine - ok
20:23:08.0412 4712  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:23:08.0412 4712  WbioSrvc - ok
20:23:08.0458 4712  [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:23:08.0458 4712  wcncsvc - ok
20:23:08.0474 4712  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:23:08.0490 4712  WcsPlugInService - ok
20:23:08.0521 4712  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:23:08.0521 4712  Wd - ok
20:23:08.0583 4712  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:23:08.0583 4712  Wdf01000 - ok
20:23:08.0599 4712  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:23:08.0599 4712  WdiServiceHost - ok
20:23:08.0599 4712  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:23:08.0599 4712  WdiSystemHost - ok
20:23:08.0646 4712  [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient       C:\Windows\System32\webclnt.dll
20:23:08.0646 4712  WebClient - ok
20:23:08.0692 4712  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:23:08.0692 4712  Wecsvc - ok
20:23:08.0708 4712  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:23:08.0708 4712  wercplsupport - ok
20:23:08.0739 4712  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:23:08.0739 4712  WerSvc - ok
20:23:08.0770 4712  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:23:08.0770 4712  WfpLwf - ok
20:23:08.0786 4712  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:23:08.0786 4712  WIMMount - ok
20:23:08.0802 4712  WinDefend - ok
20:23:08.0817 4712  WinHttpAutoProxySvc - ok
20:23:08.0880 4712  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:23:08.0880 4712  Winmgmt - ok
20:23:08.0942 4712  [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:23:08.0958 4712  WinRM - ok
20:23:09.0051 4712  [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:23:09.0067 4712  WinUsb - ok
20:23:09.0098 4712  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:23:09.0114 4712  Wlansvc - ok
20:23:09.0176 4712  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:23:09.0192 4712  wlcrasvc - ok
20:23:09.0316 4712  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:23:09.0332 4712  wlidsvc - ok
20:23:09.0379 4712  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:23:09.0379 4712  WmiAcpi - ok
20:23:09.0410 4712  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:23:09.0410 4712  wmiApSrv - ok
20:23:09.0457 4712  WMPNetworkSvc - ok
20:23:09.0488 4712  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:23:09.0488 4712  WPCSvc - ok
20:23:09.0504 4712  [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:23:09.0519 4712  WPDBusEnum - ok
20:23:09.0535 4712  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:23:09.0535 4712  ws2ifsl - ok
20:23:09.0582 4712  [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc          C:\Windows\System32\wscsvc.dll
20:23:09.0582 4712  wscsvc - ok
20:23:09.0582 4712  WSearch - ok
20:23:09.0675 4712  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:23:09.0691 4712  wuauserv - ok
20:23:09.0738 4712  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:23:09.0738 4712  WudfPf - ok
20:23:09.0769 4712  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:23:09.0769 4712  WUDFRd - ok
20:23:09.0800 4712  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:23:09.0800 4712  wudfsvc - ok
20:23:09.0847 4712  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:23:09.0847 4712  WwanSvc - ok
20:23:09.0940 4712  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
20:23:09.0956 4712  YahooAUService - ok
20:23:09.0972 4712  ================ Scan global ===============================
20:23:10.0003 4712  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:23:10.0050 4712  [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
20:23:10.0050 4712  [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
20:23:10.0081 4712  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:23:10.0112 4712  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:23:10.0112 4712  [Global] - ok
20:23:10.0112 4712  ================ Scan MBR ==================================
20:23:10.0143 4712  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:23:10.0502 4712  \Device\Harddisk0\DR0 - ok
20:23:10.0502 4712  [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk1\DR2
20:23:10.0564 4712  \Device\Harddisk1\DR2 - ok
20:23:10.0564 4712  ================ Scan VBR ==================================
20:23:10.0564 4712  [ 4CB8841357117CB4BE35C30A1B0D3251 ] \Device\Harddisk0\DR0\Partition1
20:23:10.0564 4712  \Device\Harddisk0\DR0\Partition1 - ok
20:23:10.0580 4712  [ F7729459E443C24F826A0CCB4F95EFA7 ] \Device\Harddisk0\DR0\Partition2
20:23:10.0580 4712  \Device\Harddisk0\DR0\Partition2 - ok
20:23:10.0580 4712  [ 792ED4563B24CF4C17FE6A4432A5EEF8 ] \Device\Harddisk1\DR2\Partition1
20:23:10.0596 4712  \Device\Harddisk1\DR2\Partition1 - ok
20:23:10.0596 4712  ============================================================
20:23:10.0596 4712  Scan finished
20:23:10.0596 4712  ============================================================
20:23:10.0596 0516  Detected object count: 0
20:23:10.0596 0516  Actual detected object count: 0
 



Combo Fix Log

 

ComboFix 13-04-02.01 - gabriel 04/03/2013  20:29:40.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.1.1033.18.2804.1467 [GMT -4:00]
Running from: c:\users\gabriel\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Resident AV is active
.
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Guest2\AppData\Roaming\mshons.dll
c:\users\Guest2\AppData\Roaming\pltpt.dll
c:\users\Guest2\AppData\Roaming\top1.exe
c:\users\Guest2\Documents\~WRL0003.tmp
c:\users\Guest2\Documents\~WRL2123.tmp
c:\users\Guest2\Documents\~WRL2135.tmp
c:\users\Guest2\Documents\~WRL2239.tmp
c:\users\Guest2\Documents\~WRL3292.tmp
c:\users\Guest2\Documents\~WRL3999.tmp
c:\windows\Temp\log.txt
.
.
(((((((((((((((((((((((((   Files Created from 2013-03-04 to 2013-04-04  )))))))))))))))))))))))))))))))
.
.
2013-04-04 00:41 . 2013-04-04 00:41    --------    d-----w-    c:\users\Guest2\AppData\Local\temp
2013-04-04 00:41 . 2013-04-04 00:41    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-04-03 15:49 . 2013-04-03 15:49    --------    d-----w-    c:\windows\ERUNT
2013-04-03 15:49 . 2013-04-03 15:49    --------    d-----w-    C:\JRT
2013-04-03 00:17 . 2013-04-03 00:17    --------    d-----w-    c:\users\gabriel\AppData\Local\Programs
2013-03-28 13:10 . 2013-03-28 13:10    --------    d-----w-    C:\found.000
2013-03-26 12:34 . 2013-02-12 14:02    19968    ----a-w-    c:\windows\system32\drivers\usb8023.sys
2013-03-14 13:23 . 2013-03-14 13:23    --------    d-----w-    c:\program files\Microsoft Silverlight
2013-03-14 13:23 . 2013-03-14 13:23    --------    d-----w-    c:\program files (x86)\Microsoft Silverlight
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-24 01:56 . 2011-07-05 22:00    539984    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-03-14 13:30 . 2011-02-17 05:13    72013344    ----a-w-    c:\windows\system32\MRT.exe
2013-03-13 18:44 . 2013-01-30 01:18    73432    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-13 18:44 . 2013-01-30 01:18    693976    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-11 04:45 . 2011-07-08 21:58    737072    ----a-w-    c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2013-03-11 04:44 . 2011-07-05 22:01    2876528    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-03-11 04:44 . 2011-07-05 22:00    42776    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-02-10 14:51 . 2011-07-05 22:01    737072    ----a-w-    c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-02-10 14:50 . 2011-07-08 21:58    2876528    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-02-10 14:50 . 2011-07-08 21:57    42776    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-02-10 14:50 . 2011-07-11 21:30    539984    ----a-w-    c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-01-05 05:57 . 2013-02-13 13:49    5500776    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-01-05 05:02 . 2013-02-13 13:49    3957608    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:02 . 2013-02-13 13:49    3902312    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 05:41 . 2013-02-13 13:49    1893224    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2013-01-04 05:40 . 2013-02-13 13:49    287576    ----a-w-    c:\windows\system32\drivers\FWPKCLNT.SYS
2013-01-04 05:37 . 2013-02-13 13:49    362496    ----a-w-    c:\windows\system32\wow64win.dll
2013-01-04 05:37 . 2013-02-13 13:49    243200    ----a-w-    c:\windows\system32\wow64.dll
2013-01-04 05:37 . 2013-02-13 13:49    13312    ----a-w-    c:\windows\system32\wow64cpu.dll
2013-01-04 05:36 . 2013-02-13 13:49    215040    ----a-w-    c:\windows\system32\winsrv.dll
2013-01-04 05:33 . 2013-02-13 13:49    16384    ----a-w-    c:\windows\system32\ntvdm64.dll
2013-01-04 05:30 . 2013-02-13 13:49    424960    ----a-w-    c:\windows\system32\KernelBase.dll
2013-01-04 05:30 . 2013-02-13 13:49    1161216    ----a-w-    c:\windows\system32\kernel32.dll
2013-01-04 05:27 . 2013-02-13 13:49    6144    ---ha-w-    c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 13:49    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 13:49    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 13:49    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 13:49    4608    ---ha-w-    c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 05:27 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    5120    ---ha-w-    c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    4096    ---ha-w-    c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-04 05:26 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-04 04:51 . 2013-02-13 13:49    5120    ----a-w-    c:\windows\SysWow64\wow32.dll
2013-01-04 04:51 . 2013-02-13 13:49    274944    ----a-w-    c:\windows\SysWow64\KernelBase.dll
2013-01-04 04:43 . 2013-02-13 13:49    4608    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    4096    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    5120    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-01-04 04:43 . 2013-02-13 13:49    44032    ----a-w-    c:\windows\apppatch\acwow64.dll
2013-01-04 03:22 . 2013-02-13 13:49    3150848    ----a-w-    c:\windows\system32\win32k.sys
2013-01-04 03:19 . 2013-02-13 13:49    338432    ----a-w-    c:\windows\system32\conhost.exe
2013-01-04 02:48 . 2013-02-13 13:49    25600    ----a-w-    c:\windows\SysWow64\setup16.exe
2013-01-04 02:48 . 2013-02-13 13:49    7680    ----a-w-    c:\windows\SysWow64\instnm.exe
2013-01-04 02:48 . 2013-02-13 13:49    14336    ----a-w-    c:\windows\SysWow64\ntvdm64.dll
2013-01-04 02:48 . 2013-02-13 13:49    2048    ----a-w-    c:\windows\SysWow64\user.exe
2013-01-04 02:43 . 2013-02-13 13:49    3584    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43 . 2013-02-13 13:49    6144    ---ha-w-    c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43 . 2013-02-13 13:49    4608    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43 . 2013-02-13 13:49    3072    ---ha-w-    c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40    120176    ----a-w-    c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-02-12 39408]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-11-22 1484856]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-11 975952]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-3 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-06-10 40448]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-29 6144]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-09-03 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-10-14 94864]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2011-04-04 21504]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-29 9216]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 26624]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [2011-05-12 11776]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-04 1255736]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-10-14 283360]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2010-10-14 75032]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-11 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2009-08-14 517632]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-10-14 149032]
S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-04-26 223088]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-10-14 62800]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-10-14 441328]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 74663240
*NewlyCreated* - 80580222
*Deregistered* - 74663240
*Deregistered* - 80580222
*Deregistered* - aswMBR
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-02 c:\windows\Tasks\ActiveMail Updater.job
- c:\programdata\ActivePath\ActiveMail\UpdateClient.exe [2012-08-21 19:57]
.
2013-04-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-30 18:44]
.
2013-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-12 03:14]
.
2013-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-12 03:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42    137584    ----a-w-    c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-06-10 324608]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-05-07 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-05-07 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-05-07 413208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-29 11101800]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-10 206208]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-10-22 325120]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://darton.edu/
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;192.168.*.*
TCP: DhcpNameServer = 97.64.209.36 97.64.168.13 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{9565115d-c7d6-46d3-bd63-b67b481a4368} - (no file)
BHO-{5806fa2d-e338-4a24-a20c-5da56ba3b2ad} - c:\program files (x86)\simppulltoolbar\w3itemplateX.dll
Toolbar-Locked - (no file)
Toolbar-{5806fa2d-e338-4a24-a20c-5da56ba3b2ad} - c:\program files (x86)\simppulltoolbar\w3itemplateX.dll
Wow6432Node-HKCU-Run-PCShowServer - c:\users\gabriel\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe
Toolbar-Locked - (no file)
WebBrowser-{9565115D-C7D6-46D3-BD63-B67B481A4368} - (no file)
AddRemove-Coupon Printer for Windows5.0.0.0 - c:\program files (x86)\Coupons\uninstall.exe
AddRemove-SelectRebatesUninstall - c:\program files (x86)\SelectRebates\SelectRebatesUninstall.exe
AddRemove-simppulltoolbar - c:\program files (x86)\simppulltoolbar\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2420626270-41555177-3605695307-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2420626270-41555177-3605695307-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-03  20:45:32
ComboFix-quarantined-files.txt  2013-04-04 00:45
.
Pre-Run: 153,123,221,504 bytes free
Post-Run: 154,190,499,840 bytes free
.
- - End Of File - - 492E8E435ECE808E1C459BBC4E714831
 



#10 satchfan

satchfan

  • Malware Response Team
  • 2,859 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:06:24 PM

Posted 04 April 2013 - 03:32 AM

Download Malwarebytes-Anti-Malware

Click here.

  • double-click mbam-setup.exe and follow the prompts to install the program
  • at the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware. and Launch Malwarebytes' Anti-Malware, then click Finish.
  • if an update is found, it will download and install the latest version
  • once the program has loaded, select Perform quick scan, then click Scan
  • when the scan is complete, click OK, then Show Results to view the results
  • be sure that everything is checked, and click Remove Selected
  • when removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • the log is automatically saved and can be viewed by clicking the Logs tab in MBAM
  • copy and paste the contents of that report in your next reply and exit MBAM.

NOTE: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Satchfan
 

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#11 haplo99

haplo99
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 04 April 2013 - 08:58 AM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.04.04.04

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
gabriel :: JAYMELEIGHPC [administrator]

4/4/2013 9:41:50 AM
mbam-log-2013-04-04 (09-41-50).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237663
Time elapsed: 5 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|playbrytetoolbar_Playbryte (PUP.PlayBryte) -> Data:  -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\gabriel\Downloads\PDFReaderSetup_V3.exe (PUP.Adware.InstallCore) -> Quarantined and deleted successfully.
C:\Users\gabriel\Downloads\Setup (1).exe (Adware.GameVance) -> Quarantined and deleted successfully.
C:\Users\gabriel\Downloads\Setup.exe (Adware.GameVance) -> Quarantined and deleted successfully.

(end)
 



#12 satchfan

satchfan

  • Malware Response Team
  • 2,859 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:06:24 PM

Posted 04 April 2013 - 10:52 AM

Excellent.

 

Please run aswMBR again and send the new log.


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#13 haplo99

haplo99
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 04 April 2013 - 11:34 AM

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-04-03 16:24:22
-----------------------------
16:24:22.870    OS Version: Windows x64 6.1.7600
16:24:22.870    Number of processors: 2 586 0x2505
16:24:22.870    ComputerName: JAYMELEIGHPC  UserName: gabriel
16:24:23.744    Initialize success
16:24:36.302    AVAST engine defs: 13040301
16:24:48.314    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:24:48.314    Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
16:24:48.501    Disk 0 MBR read successfully
16:24:48.501    Disk 0 MBR scan
16:24:48.501    Disk 0 Windows VISTA default MBR code
16:24:48.517    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        13500 MB offset 2048
16:24:48.548    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 27650048
16:24:48.564    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       224873 MB offset 27854848
16:24:48.876    Disk 0 scanning C:\Windows\system32\drivers
16:25:08.111    Service scanning
16:25:48.608    Modules scanning
16:25:48.608    Disk 0 trace - called modules:
16:25:48.624    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
16:25:49.139    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031522d0]
16:25:49.139    3 CLASSPNP.SYS[fffff8800125f43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80021a7050]
16:25:50.059    AVAST engine scan C:\Windows
16:25:55.893    AVAST engine scan C:\Windows\system32
16:32:04.142    AVAST engine scan C:\Windows\system32\drivers
16:32:22.659    AVAST engine scan C:\Users\gabriel
16:41:27.100    File: C:\Users\gabriel\Downloads\Setup (1).exe  **INFECTED** Win32:Gamevance-CS [Adw]
16:41:27.334    File: C:\Users\gabriel\Downloads\Setup.exe  **INFECTED** Win32:Gamevance-CS [Adw]
16:41:45.664    AVAST engine scan C:\ProgramData
17:04:15.099    Scan finished successfully
17:05:30.994    Disk 0 MBR has been saved successfully to "C:\Users\gabriel\Desktop\MBR.dat"
17:05:31.009    The log file has been saved successfully to "C:\Users\gabriel\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-04-04 11:54:33
-----------------------------
11:54:33.335    OS Version: Windows x64 6.1.7600
11:54:33.335    Number of processors: 2 586 0x2505
11:54:33.335    ComputerName: JAYMELEIGHPC  UserName: gabriel
11:54:37.968    Initialize success
11:57:48.490    AVAST engine defs: 13040400
11:57:52.047    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:57:52.047    Disk 0 Vendor: WDC_WD25 01.0 Size: 238475MB BusType: 3
11:57:52.203    Disk 0 MBR read successfully
11:57:52.203    Disk 0 MBR scan
11:57:52.218    Disk 0 Windows VISTA default MBR code
11:57:52.234    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        13500 MB offset 2048
11:57:52.265    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 27650048
11:57:52.281    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       224873 MB offset 27854848
11:57:52.421    Disk 0 scanning C:\Windows\system32\drivers
11:58:09.020    Service scanning
11:59:07.395    Modules scanning
11:59:07.395    Disk 0 trace - called modules:
11:59:07.504    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
11:59:07.504    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8003155610]
11:59:07.520    3 CLASSPNP.SYS[fffff88001ba943f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8002f54050]
11:59:08.783    AVAST engine scan C:\Windows
11:59:24.929    AVAST engine scan C:\Windows\system32
12:04:34.326    AVAST engine scan C:\Windows\system32\drivers
12:04:48.256    AVAST engine scan C:\Users\gabriel
12:11:48.334    AVAST engine scan C:\ProgramData
12:32:51.733    Scan finished successfully
12:33:36.946    Disk 0 MBR has been saved successfully to "E:\MBR.dat"
12:33:36.977    The log file has been saved successfully to "E:\aswMBR.txt"

 



#14 satchfan

satchfan

  • Malware Response Team
  • 2,859 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:06:24 PM

Posted 04 April 2013 - 02:48 PM

That looks fine now.

I’d like a couple of scans to make sure that your security isn’t doubled up and an online scan to be sure that there is nothing else lurking.

Run Security Check

Download Security Check by screen317 from here or here.

  • save it to your Desktop.
  • double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • a Notepad document should open automatically called checkup.txt; please post the contents of that document.

================================================

Run ESET Online Scan

This can take several hours to run depending on the size of your hard drive and amount of data on it.

IMPORTANT Please make sure you uncheck the box next to Remove found threats. Eset will detect anything that looks even slightly suspicious, which could include legitimate program files. If you do not uncheck the box, Eset will automatically remove all suspicious files which could leave some of your software inoperable.

Note: You can use either Internet Explorer or Mozilla Firefox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Hold down Control and click on the following link to open ESET OnlineScan in a new window.

ESET OnlineScan

  • click the Eset online Scanner button.
  • for alternate browsers only: (Microsoft Internet Explorer users can skip these steps)


    click on esetinstaller.exe to download the ESET Smart Installer. Save it to your desktop.
    double click on the Eset installer icon on your desktop.
     

  • check Yes, I accept the Terms of Use
  • click the Start button.
  • accept any security warnings from your browser.
  • check Scan archives
  • click Advanced settings and select the following:

scan potentially unwanted applications
scan for potentially unsafe applications
enable Anti-Stealth technology

  • click the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take quite a long time.
  • when the scan completes, push List of found threats
  • click on Export to Text file and save the file to your desktop using a unique name, such as ESETScan. Note - if ESET doesn't find any threats, no report will be created.
  • click on the back button.
  • click on Finish

If a log has been produced post it in your next reply.

Satchfan
 

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#15 haplo99

haplo99
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:24 PM

Posted 05 April 2013 - 08:33 AM

thank you for your help, after a couple of crashes mid scan, everything came back clean






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users