Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with multiple unknown viruses


  • This topic is locked This topic is locked
24 replies to this topic

#1 Ansem

Ansem

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 17 May 2013 - 06:23 PM

I've been having random pop ups, warnings of backups, and being told I need to run virus scans. Any help is appreciated.

 

Also, just to clarify -- this is not my computer. I have experienced a few of these problems but not all of them. I am being told what the problem is and hoping to fix it with your help.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576  BrowserJavaVersion: 10.21.2
Run by Owner at 16:12:22 on 2013-05-17
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3839.1549 [GMT -7:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Owner\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\Strongvault Online Backup\BackupAgent.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Users\Owner\AppData\Local\Strongvault\StrongVaultApp.exe
C:\Users\Owner\AppData\Local\Strongvault Online Backup\SMessaging.exe
C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Users\Owner\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_202_ActiveX.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3294791&octid=CT3294791&SearchSource=61&CUI=UN30348722038923202&UM=2&UP=SP4A5EBE13-6BE8-4010-830C-E129253308DE
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uURLSearchHooks: Game Master 2.2 Toolbar: {d8215d9c-81ed-4e53-b420-bfcdbac4734d} - C:\Program Files (x86)\Game_Master_2.2\prxtbGame.dll
uURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
mURLSearchHooks: Game Master 2.2 Toolbar: {d8215d9c-81ed-4e53-b420-bfcdbac4734d} - C:\Program Files (x86)\Game_Master_2.2\prxtbGame.dll
mURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll
BHO: LessTabs: {3178A392-8963-471E-B7A2-969CB58D6496} - C:\Program Files (x86)\LessTabs\IE32\LessTabsClientIE.dll
BHO: Lyrics Finder: {398C01F1-E584-46AD-A649-4F78B435DCFE} - C:\Program Files (x86)\LyricsFinder\lfind.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Sing Along: {6492E171-2427-4932-B414-33574A089F5E} - C:\Program Files (x86)\SingAlong\singalng.dll
BHO: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121023222108.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Owner\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: IEHlprObj Class: {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\Pogo Games\iWinGamesHookIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Fast Free Converter 4.1: {B422F1BC-9ADB-48A7-8B13-00C176039DC5} - C:\Program Files (x86)\Fast Free Converter\FastFreeConverter\FastFreeConverter.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll
BHO: Game Master 2.2 Toolbar: {d8215d9c-81ed-4e53-b420-bfcdbac4734d} - C:\Program Files (x86)\Game_Master_2.2\prxtbGame.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Game Master 2.2 Toolbar: {D8215D9C-81ED-4E53-B420-BFCDBAC4734D} - C:\Program Files (x86)\Game_Master_2.2\prxtbGame.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: WhiteSmoke New Toolbar: {739DF940-C5EE-4BAB-9D7E-270894AE687A} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
TB: Game Master 2.2 Toolbar: {d8215d9c-81ed-4e53-b420-bfcdbac4734d} - C:\Program Files (x86)\Game_Master_2.2\prxtbGame.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll
TB: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
uRun: [Yontoo Desktop] "C:\Users\Owner\AppData\Roaming\Yontoo\YontooDesktop.exe"
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [SearchProtect] C:\Users\Owner\AppData\Roaming\SearchProtect\bin\cltmng.exe
uRun: [BackupAgent] C:\Program Files (x86)\Strongvault Online Backup\BackupAgent.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" UNATTENDED
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
mRun: [SMessaging] "C:\Users\Owner\AppData\Local\Strongvault Online Backup\SMessaging.exe"
dRun: [SearchProtect] \SearchProtect\bin\cltmng.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STRONG~1.LNK - C:\Users\Owner\AppData\Local\Strongvault\StrongVaultApp.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: mcafee.com
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} - hxxp://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
TCP: NameServer = 68.105.28.12 68.105.29.12 68.105.28.11
TCP: Interfaces\{9B16435A-CC07-479A-872A-CF028A845925} : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll
SSODL: WebCheck - <orphaned>
x64-BHO: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} -
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121023222108.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2011-10-15 771536]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-1-8 340216]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-4 39768]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2012-1-8 70112]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-1-8 309840]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-1-8 515968]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-11-28 196440]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2012-1-8 106552]
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms [2010-1-19 23536]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-10-31 59392]
.
=============== Created Last 30 ================
.
2013-05-17 21:33:54 -------- d-----w- C:\Users\Owner\AppData\Roaming\Fenomen Games
2013-05-17 15:23:14 -------- d-----w- C:\Users\Owner\AppData\Local\{5C298D51-2A72-45E1-8615-6E7120DBEBBC}
2013-05-16 15:34:03 -------- d-----w- C:\Users\Owner\AppData\Local\{712D6172-9D08-4A94-9262-48B15FD005ED}
2013-05-16 03:17:50 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-05-16 03:17:50 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-05-16 03:17:50 144384 ----a-w- C:\Windows\System32\cdd.dll
2013-05-16 03:17:26 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-05-16 03:17:25 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-16 03:17:25 111448 ----a-w- C:\Windows\System32\consent.exe
2013-05-16 03:17:24 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-05-16 03:16:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-05-16 03:16:58 230400 ----a-w- C:\Windows\System32\wwansvc.dll
2013-05-16 03:16:55 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-05-16 03:13:22 -------- d-----w- C:\Users\Owner\AppData\Local\{FA9ECA3D-6ABD-4FE5-ADEC-2356260E1229}
2013-05-15 06:59:07 -------- d-----w- C:\Program Files (x86)\MyPC Backup
2013-05-15 06:59:07 -------- d-----w- C:\Program Files (x86)\File Type Helper
2013-05-15 06:59:02 -------- d-----w- C:\Program Files (x86)\Fast Free Converter
2013-05-15 06:13:28 -------- d-----w- C:\Users\Owner\AppData\Local\{3C2BB57F-91E6-4434-99B4-3C7CF5E25297}
2013-05-14 20:36:44 -------- d-----w- C:\Users\Owner\AppData\Roaming\ParetoLogic
2013-05-14 20:36:44 -------- d-----w- C:\Users\Owner\AppData\Roaming\DriverCure
2013-05-14 20:36:17 -------- d-----w- C:\Program Files (x86)\Common Files\ParetoLogic
2013-05-14 20:36:15 -------- d-----w- C:\ProgramData\ParetoLogic
2013-05-14 20:36:15 -------- d-----w- C:\Program Files (x86)\ParetoLogic
2013-05-14 17:08:28 -------- d-----w- C:\Users\Owner\AppData\Local\{6023A20E-39C0-49E3-92FB-E26B775DA125}
2013-05-14 03:50:14 -------- d-----w- C:\Users\Owner\AppData\Local\{9605F91A-0A5B-4B23-9D02-6985A6F49ED1}
2013-05-13 14:57:43 -------- d-----w- C:\SearchProtect
2013-05-13 14:52:03 -------- d-----w- C:\Users\Owner\AppData\Local\{4A8908C4-1B9D-48DB-AE9F-FF05F3F36BB7}
2013-05-12 21:06:13 -------- d-----w- C:\Users\Owner\AppData\Local\{56DE00EE-3C64-4ED5-9AC0-D1A6C16B689E}
2013-05-12 03:55:29 -------- d-----w- C:\Users\Owner\AppData\Local\{9DB09337-C66C-4D2D-9FD4-9E1EA3A0B9B5}
2013-05-11 15:21:33 -------- d-----w- C:\ProgramData\Playrix Entertainment
2013-05-11 14:32:39 -------- d-----w- C:\Users\Owner\AppData\Local\{C0909E14-41AA-429B-9B73-61AB42094D2B}
2013-05-10 16:28:24 -------- d-----w- C:\Users\Owner\AppData\Local\{38E7C3CC-59B0-48A4-A0E6-2267E954E299}
2013-05-10 15:06:08 -------- d-----w- C:\Program Files (x86)\Common Files\MSSoap
2013-05-10 15:04:35 -------- d-----w- C:\Users\Owner\AppData\Local\Strongvault Online Backup
2013-05-10 15:04:34 -------- d-----w- C:\Users\Owner\AppData\Local\Strongvault
2013-05-10 15:04:26 -------- d-----w- C:\Program Files (x86)\Strongvault Online Backup
2013-05-10 15:04:04 -------- d-----w- C:\Users\Owner\AppData\Roaming\Uniblue
2013-05-10 15:04:04 -------- d-----w- C:\Program Files (x86)\Uniblue
2013-05-10 15:03:53 -------- d-----w- C:\Program Files (x86)\SingAlong
2013-05-10 15:03:41 -------- d-----w- C:\Program Files (x86)\LyricsTube
2013-05-10 05:21:26 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-10 04:37:15 -------- d-----w- C:\Program Files\DomaIQ Uninstaller
2013-05-10 04:36:29 -------- d-----w- C:\Users\Owner\AppData\Roaming\player
2013-05-10 04:33:28 -------- d-----w- C:\Users\Owner\AppData\Roaming\Strongvault
2013-05-10 04:32:59 -------- d-----w- C:\Users\Owner\AppData\Local\SwvUpdater
2013-05-10 04:32:23 -------- d-----w- C:\Program Files (x86)\LessTabs
2013-05-10 04:32:13 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2013-05-10 04:32:09 -------- d-----w- C:\ProgramData\Strongvault Online Backup
2013-05-10 04:32:06 -------- d-----w- C:\Program Files (x86)\WhiteSmoke_New
2013-05-10 04:31:42 -------- d-----w- C:\Users\Owner\AppData\Roaming\Optimizer Pro
2013-05-10 04:31:40 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-05-10 04:31:39 -------- d-----w- C:\Program Files (x86)\DefaultTab
2013-05-10 04:31:30 -------- d-----w- C:\Users\Owner\AppData\Roaming\SearchProtect
2013-05-10 04:31:29 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
2013-05-10 04:31:27 -------- d-----w- C:\Users\Owner\AppData\Roaming\DefaultTab
2013-05-10 04:31:26 -------- d-----w- C:\Users\Owner\AppData\Local\CRE
2013-05-10 04:31:25 -------- d-sh--w- C:\AI_RecycleBin
2013-05-10 04:02:56 -------- d-----w- C:\Users\Owner\AppData\Local\{185BC41A-8F3C-4CD7-910F-5EF467C440AB}
2013-05-09 04:53:57 -------- d-----w- C:\Users\Owner\AppData\Local\{B9B9D42B-EC60-427B-85FE-0A5B4067FC21}
2013-05-08 15:41:54 -------- d-----w- C:\Users\Owner\AppData\Local\{33688084-0E69-4EF7-A48B-2CE969D9B893}
2013-05-07 18:50:34 -------- d-----w- C:\Users\Owner\AppData\Roaming\STAHKM
2013-05-07 18:17:04 -------- d-----w- C:\Users\Owner\AppData\Local\{02C9607B-4EBD-4025-9921-A89DFCA2B5A1}
2013-05-07 06:03:04 -------- d-----w- C:\Users\Owner\AppData\Local\{BDF7C3B2-0DFF-4DA4-8512-4A6C20D1A90E}
2013-05-06 16:14:04 -------- d-----w- C:\Users\Owner\AppData\Local\{DBC6E49E-CE5A-4012-82DC-E1127B8366C0}
2013-05-06 03:15:09 -------- d-----w- C:\Users\Owner\AppData\Local\{B2C7EEA4-D6CC-49A6-82EC-F6CA27CC372F}
2013-05-05 14:26:43 -------- d-----w- C:\Users\Owner\AppData\Local\{121A73CF-D958-460E-9194-4D59B6D9062C}
2013-05-04 18:18:14 -------- d-----w- C:\Users\Owner\AppData\Local\{FF27E592-9708-4734-A9FE-546E7E99F594}
2013-05-04 05:05:22 -------- d-----w- C:\Users\Owner\AppData\Local\{A15FD27C-0579-47EB-B9C2-6801568CE12D}
2013-05-03 16:05:58 -------- d-----w- C:\Users\Owner\AppData\Local\{427B7B33-86CB-4B3C-BF2C-3C5A3A31E4C6}
2013-05-03 03:11:26 -------- d-----w- C:\Users\Owner\AppData\Local\{0A273B7F-A8F0-4395-9637-DF7B31E1AB2F}
2013-05-02 12:54:59 -------- d-----w- C:\Users\Owner\AppData\Local\{46B313FA-37AB-4BCC-A0D6-1907EA1BABF4}
2013-05-01 19:33:50 -------- d-----w- C:\Users\Owner\AppData\Local\{7C282425-2AE0-44B5-A861-CF29D3788F12}
2013-05-01 04:09:54 -------- d-----w- C:\Users\Owner\AppData\Local\{AAC6556C-3681-4837-84D2-5B07CF6F6803}
2013-04-30 10:03:22 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-30 08:22:15 -------- d-----w- C:\Users\Owner\AppData\Local\{001337F5-5F39-421A-97F6-6E68CD2797A7}
2013-04-29 14:13:55 -------- d-----w- C:\Users\Owner\AppData\Local\{137AEA32-6FBE-4731-B6DF-2B8902382ABD}
2013-04-28 13:26:15 -------- d-----w- C:\Users\Owner\AppData\Local\{252749E4-C8EB-4D87-AA17-F1F3FA01FAC7}
2013-04-28 03:37:38 -------- d-----w- C:\Users\Owner\AppData\Local\{41E47AF6-9910-4A65-B178-05A7196F2DCB}
2013-04-27 21:58:04 -------- d-----w- C:\Users\Owner\AppData\Local\{1C93A989-C5B6-4E83-B54E-F9769759BB28}
2013-04-27 05:20:59 -------- d-----w- C:\Users\Owner\AppData\Local\{C5B0E28B-6F44-4EE0-8178-E90BB0C39E41}
2013-04-26 04:26:05 -------- d-----w- C:\Users\Owner\AppData\Local\{59A2DC1F-CB7A-4F74-81E7-15E11B699D3A}
2013-04-26 04:22:15 -------- d-----w- C:\Users\Owner\AppData\Local\{7F40DF61-E33E-4F87-92E7-BA5727861117}
2013-04-25 15:38:16 -------- d-----w- C:\ProgramData\McAfee Security Scan
2013-04-25 15:38:14 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2013-04-25 04:18:12 -------- d-----w- C:\Users\Owner\AppData\Local\{C928BFF4-9E01-4CFA-BCDB-BDED8E14A087}
2013-04-24 13:46:09 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-24 13:43:39 -------- d-----w- C:\Users\Owner\AppData\Local\{B6646445-8E39-41C2-AA05-D1449499A767}
2013-04-23 15:25:18 -------- d-----w- C:\Users\Owner\AppData\Local\{A91F4051-ED0E-4F70-BA51-53608D3A84FB}
2013-04-22 19:26:05 -------- d-----w- C:\Users\Owner\AppData\Local\{CEF0DF52-EE63-4CA5-B2F0-59A2B18041B5}
2013-04-22 02:42:16 -------- d-----w- C:\Users\Owner\AppData\Local\{83DE16EB-934E-4DDD-95A1-5339C698995D}
2013-04-21 13:35:54 -------- d-----w- C:\Users\Owner\AppData\Local\{6CBA2B0A-DFAD-4AC1-A693-C88AF64F8BD6}
2013-04-20 14:42:00 -------- d-----w- C:\Users\Owner\AppData\Local\{03616AE5-C673-4622-A8EF-9C0FF4CC97E5}
2013-04-19 19:08:13 -------- d-----w- C:\Users\Owner\AppData\Local\{555FE82F-1557-477F-824D-6D3FB44DB691}
2013-04-19 03:50:12 -------- d-----w- C:\Users\Owner\AppData\Roaming\FarmMystery
2013-04-19 03:36:38 -------- d-----w- C:\Users\Owner\AppData\Local\{47045A94-9633-40B2-BAA4-0E00D8A75D90}
2013-04-18 07:18:27 -------- d-----w- C:\Users\Owner\AppData\Local\{070ABA97-9AC5-4C19-88F1-38DEAD007365}
.
==================== Find3M  ====================
.
2013-05-15 06:59:45 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 06:59:45 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-10 05:21:21 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-05-10 05:21:21 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-04-30 10:03:22 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll
2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe
2013-03-06 22:09:41 175616 ----a-w- C:\Windows\System32\msclmd.dll
2013-03-06 22:09:41 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2013-02-19 20:59:06 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2013-02-19 20:56:26 340216 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2013-02-19 20:56:14 182752 ----a-w- C:\Windows\System32\mfevtps.exe
2013-02-19 20:55:26 10728 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2013-02-19 20:55:14 106552 ----a-w- C:\Windows\System32\drivers\mferkdet.sys
2013-02-19 20:54:32 771536 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2013-02-19 20:53:42 515968 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2013-02-19 20:53:02 309840 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2013-02-19 20:52:44 179280 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2013-02-18 17:26:31 39768 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
.
============= FINISH: 16:14:26.51 ===============
 

Attached Files


Edited by Ansem, 17 May 2013 - 06:33 PM.


BC AdBot (Login to Remove)

 


#2 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:47 AM

Posted 21 May 2013 - 06:41 AM

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
  • Please be sure to subscribe to this topic so that you can see when there are new responses.
  • IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.
 
Having said that.... vegeta_zps7f4345cf.gifLet's get going!!
----------

aswmbr-1-1.jpg Please download aswMBR to your desktop.
  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
aswmbrscan.jpg
Click the image to enlarge it
----------

adwcleaner.jpgAdwCleaner
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#3 Ansem

Ansem
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 21 May 2013 - 08:01 PM

Hey Jeff, thanks for the response. Before we begin I'd like to tell you that the owner of the computer has been using it since I ran the dds scan. Would you like me to re-run the scan? After your response I will tell the owner not to touch the computer until the process is done.

 

Thanks again Jeff.



#4 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:47 AM

Posted 22 May 2013 - 06:36 AM

Hi,

Yes that would be great if possible...if not, just post what you have and we should be able to manage. :)

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#5 Ansem

Ansem
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 22 May 2013 - 09:09 PM

Here are the results from the aswMBR and AdwCleaner scans.

 

 

aswMBR

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-05-22 16:16:51
-----------------------------
16:16:51.141    OS Version: Windows x64 6.1.7601 Service Pack 1
16:16:51.141    Number of processors: 2 586 0x603
16:16:51.141    ComputerName: OWNER-HP  UserName: Owner
16:16:52.997    Initialize success
16:17:20.547    AVAST engine defs: 13052200
16:18:23.493    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005a
16:18:23.493    Disk 0 Vendor: WDC_WD50 06.0 Size: 476940MB BusType: 3
16:18:23.852    Disk 0 MBR read successfully
16:18:23.867    Disk 0 MBR scan
16:18:23.867    Disk 0 unknown MBR code
16:18:23.914    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
16:18:23.930    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       464986 MB offset 206848
16:18:23.992    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        11852 MB offset 952498176
16:18:24.351    Disk 0 scanning C:\Windows\system32\drivers
16:18:57.142    Service scanning
16:19:21.322    Modules scanning
16:19:21.322    Disk 0 trace - called modules:
16:19:21.353    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
16:19:21.353    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004634420]
16:19:21.369    3 CLASSPNP.SYS[fffff8800127343f] -> nt!IofCallDriver -> [0xfffffa80036f3c00]
16:19:21.369    5 ACPI.sys[fffff88000f837a1] -> nt!IofCallDriver -> \Device\0000005a[0xfffffa800400c060]
16:19:23.194    AVAST engine scan C:\Windows
16:19:52.974    AVAST engine scan C:\Windows\system32
16:30:12.903    AVAST engine scan C:\Windows\system32\drivers
16:30:57.051    AVAST engine scan C:\Users\Owner
17:26:25.670    File: C:\Users\Owner\AppData\Local\Temp\LyricsTube.exe  **INFECTED** Win32:Adware-gen [Adw]
17:55:59.358    AVAST engine scan C:\ProgramData
18:01:12.092    Scan finished successfully
18:57:29.476    Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\MBR.dat"
18:57:29.476    The log file has been saved successfully to "C:\Users\Owner\Desktop\aswMBR.txt"

 

AdwCleaner

 

# AdwCleaner v2.301 - Logfile created 05/22/2013 at 18:59:59
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Owner - OWNER-HP
# Boot Mode : Normal
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : BrowserProtect
Stopped & Deleted : CltMngSvc
Stopped & Deleted : DefaultTabSearch
Stopped & Deleted : DefaultTabUpdate
Stopped & Deleted : WajamUpdater
Stopped & Deleted : Yontoo Desktop Updater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted on reboot : C:\ProgramData\BrowserProtect
Deleted on reboot : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
Deleted on reboot : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
Deleted on reboot : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
Deleted on reboot : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
File Deleted : C:\END
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\Tasks\SpeedUpMyPC.job
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\Delta
Folder Deleted : C:\Program Files (x86)\Game_Master_2.2
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\ParetoLogic
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\SingAlong
Folder Deleted : C:\Program Files (x86)\Wajam
Folder Deleted : C:\Program Files (x86)\WhiteSmoke_New
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Owner\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Owner\AppData\Local\Conduit
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Folder Deleted : C:\Users\Owner\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Owner\AppData\Local\Temp\avg@toolbar
Folder Deleted : C:\Users\Owner\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Owner\AppData\Local\Wajam
Folder Deleted : C:\Users\Owner\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Owner\AppData\LocalLow\Game_Master_2.2
Folder Deleted : C:\Users\Owner\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Owner\AppData\LocalLow\WhiteSmoke_New
Folder Deleted : C:\Users\Owner\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Owner\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Owner\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Owner\AppData\Roaming\Delta
Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Deleted : C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\Owner\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Owner\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Owner\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\Owner\AppData\Roaming\Yontoo

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\Game_Master_2.2
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_New
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\Google\Chrome\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6492E171-2427-4932-B414-33574A089F5E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D8215D9C-81ED-4E53-B420-BFCDBAC4734D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6492E171-2427-4932-B414-33574A089F5E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7E11CC5-F3BA-480C-892A-23709B266319}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D8215D9C-81ED-4E53-B420-BFCDBAC4734D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\f6dfd8bc3db944
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176986
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3294791
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298570
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Game_Master_2.2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A7E11CC5-F3BA-480C-892A-23709B266319}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\Software\WhiteSmoke_New
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6492E171-2427-4932-B414-33574A089F5E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7E11CC5-F3BA-480C-892A-23709B266319}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8215D9C-81ED-4E53-B420-BFCDBAC4734D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\f6dfd8bc3db944
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kldbiondcoemmofebkcgcnbigliglcnl
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{320C2E91-594D-4B0E-9D3E-9452408A04C6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{397B1EB6-979F-4F22-92EE-48C56ACAE9FF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5BD1647A-1F53-4588-A2D4-4EF8AF743929}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC61051A-B1E9-4479-A883-FBE75319B813}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6492E171-2427-4932-B414-33574A089F5E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D8215D9C-81ED-4E53-B420-BFCDBAC4734D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Game_Master_2.2 Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_New Toolbar
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKU\S-1-5-21-764278769-3739453996-1365601850-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D8215D9C-81ED-4E53-B420-BFCDBAC4734D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8215D9C-81ED-4E53-B420-BFCDBAC4734D}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [singalong@xenophesoft.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D8215D9C-81ED-4E53-B420-BFCDBAC4734D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D8215D9C-81ED-4E53-B420-BFCDBAC4734D}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com/?ctid=CT3294791&octid=CT3294791&SearchSource=61&CUI=UN30348722038923202&UM=2&UP=SP4A5EBE13-6BE8-4010-830C-E129253308DE --> hxxp://www.google.com

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.1] : icon_url ={"apps_promo_counter":11,"backup":null,"browser":{"last_known_google_url":"hxxps://www.google.com/",[...]

*************************

AdwCleaner[S1].txt - [29882 octets] - [22/05/2013 18:59:59]

########## EOF - C:\AdwCleaner[S1].txt - [29943 octets] ##########

 

 

 

Thanks Jeff.



#6 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:47 AM

Posted 23 May 2013 - 06:27 AM

Good job! Let's keep going. :)

ComboFix

Download Combofix from either of the links below, and save it to your desktop.
Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.



--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#7 Ansem

Ansem
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 23 May 2013 - 03:09 PM

Alright Jeff, here's my ComboFix log.

 

ComboFix 13-05-23.02 - Owner 05/23/2013  12:34:32.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3839.2773 [GMT -7:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LyricsFinder\lfINd.dll
c:\program files (x86)\Pogo Games\iWINgameshookie.dll
c:\users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SMART_HDD.lnk
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SMART HDD\SMART HDD.lnk
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SMART HDD\Uninstall SMART HDD.lnk
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-23 to 2013-05-23  )))))))))))))))))))))))))))))))
.
.
2013-05-23 19:43 . 2013-05-23 19:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-23 02:00 . 2013-05-23 02:00 646 ----a-w- c:\windows\DeleteOnReboot.bat
2013-05-22 20:27 . 2013-05-22 20:27 -------- d-----w- c:\users\Owner\AppData\Roaming\Color Brush
2013-05-22 20:27 . 2013-05-22 20:27 -------- d-----w- c:\programdata\Color Brush
2013-05-20 09:33 . 2013-05-20 09:33 -------- d-----w- c:\program files (x86)\Microsoft XNA
2013-05-19 03:14 . 2013-05-19 03:14 -------- d-----w- c:\users\Owner\AppData\Roaming\GhostElisaCameron
2013-05-17 21:33 . 2013-05-17 21:33 -------- d-----w- c:\users\Owner\AppData\Roaming\Fenomen Games
2013-05-16 03:17 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-16 03:17 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 03:17 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-16 03:17 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-16 03:17 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-16 03:17 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-16 03:17 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-16 03:17 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-16 03:17 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-16 03:16 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-16 03:16 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-16 03:16 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 06:59 . 2013-05-17 22:50 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-05-15 06:59 . 2013-05-15 06:59 -------- d-----w- c:\program files (x86)\File Type Helper
2013-05-15 06:59 . 2013-05-15 06:59 -------- d-----w- c:\program files (x86)\Fast Free Converter
2013-05-14 20:36 . 2013-05-14 20:36 -------- d-----w- c:\users\Owner\AppData\Roaming\DriverCure
2013-05-13 14:57 . 2013-05-13 14:57 -------- d-----w- C:\SearchProtect
2013-05-11 15:21 . 2013-05-11 15:21 -------- d-----w- c:\programdata\Playrix Entertainment
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\windows\SysWow64\searchplugins
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\windows\SysWow64\Extensions
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\users\Owner\AppData\Roaming\Mipony Download Manager Packages
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\programdata\BrowserProtect
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\users\Owner\AppData\Roaming\DSite
2013-05-09 17:16 . 2013-05-23 19:43 -------- d-----w- c:\program files (x86)\LyricsFinder
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\program files (x86)\MiPony
2013-05-07 18:50 . 2013-05-07 18:50 -------- d-----w- c:\users\Owner\AppData\Roaming\STAHKM
2013-04-30 10:03 . 2013-04-30 10:03 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-25 15:38 . 2013-04-25 15:38 -------- d-----w- c:\programdata\McAfee Security Scan
2013-04-25 15:38 . 2013-04-25 16:09 -------- d-----w- c:\program files (x86)\McAfee Security Scan
2013-04-24 13:46 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-21 04:45 . 2012-09-04 15:08 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-05-16 10:06 . 2011-10-30 21:30 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-15 06:59 . 2012-04-21 01:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 06:59 . 2012-04-21 01:56 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-10 05:21 . 2012-09-08 13:54 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-05-10 05:21 . 2011-10-31 05:57 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-13 05:49 . 2013-05-16 03:17 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 03:17 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 03:17 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 03:17 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 03:17 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 03:17 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-03-19 06:04 . 2013-04-11 04:54 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-11 04:54 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-11 04:54 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-11 04:54 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-11 04:54 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-11 04:54 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-06 22:09 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-03-06 22:09 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B422F1BC-9ADB-48A7-8B13-00C176039DC5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"BackupAgent"="c:\program files (x86)\Strongvault Online Backup\BackupAgent.exe" [2013-03-19 197448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-03-14 1532992]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" [2009-12-03 3331944]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"SMessaging"="c:\users\Owner\AppData\Local\Strongvault Online Backup\SMessaging.exe" [2012-04-05 31664]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
StrongVaultApp.lnk - c:\users\Owner\AppData\Local\Strongvault\StrongVaultApp.exe [2013-3-19 400712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2009-6-3 430080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ    autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 FastFreeConverterUpdt;FastFreeConverterUpdt;c:\program files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe [2012-11-26 687104]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2013-02-19 106552]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2010-01-19 23536]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-30 1255736]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2013-02-19 340216]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-05-21 45856]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-02-26 127984]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-02-19 218760]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2013-02-19 182752]
S2 PGMTrusted;PGMTrusted;c:\program files (x86)\Pogo Games\PGMTrusted.exe [2012-01-04 519888]
S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-05-21 1015984]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2013-02-19 70112]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-02-19 515968]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 06:59]
.
2013-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 15:02]
.
2013-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 15:02]
.
2013-05-23 c:\windows\Tasks\Lyrics Finder Update.job
- c:\program files (x86)\LyricsFinder\LyricsFinderUpdater.exe [2013-02-27 19:59]
.
2013-05-23 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2013-05-01 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2010-02-01 23:02]
.
2013-05-23 c:\windows\Tasks\SpeedUpMyPC.job
- c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2013-05-10 18:51]
.
2013-05-23 c:\windows\Tasks\spmonitor.job
- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2013-05-10 18:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{398C01F1-E584-46AD-A649-4F78B435DCFE} - c:\program files (x86)\LyricsFinder\lfind.dll
BHO-{8CA5ED52-F3FB-4414-A105-2E3491156990} - c:\program files (x86)\Pogo Games\iWinGamesHookIE.dll
Wow6432Node-HKCU-Run-HPAdvisorDock - c:\program files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
Wow6432Node-HKU-Default-Run-SearchProtect - \SearchProtect\bin\cltmng.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-singalong@xenophesoft.com - c:\program files (x86)\SingAlong\uninstall.exe
AddRemove-{495A8A3C-8FD0-4C46-9979-95C26181A1AB} - c:\program files (x86)\InstallShield Installation Information\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}\setup.exe
AddRemove-{C547F361-5750-4CD1-9FB6-BC93827CB6C1} - c:\program files (x86)\ParetoLogic\RegCure Pro\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-23  13:03:45
ComboFix-quarantined-files.txt  2013-05-23 20:03
.
Pre-Run: 378,271,449,088 bytes free
Post-Run: 380,311,941,120 bytes free
.
- - End Of File - - C3688D84600C44D002F8F30F8C1DAB19
 



#8 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:47 AM

Posted 24 May 2013 - 07:02 AM

Hi,

ComboFix
  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    ClearJavaCache::

    File::
    c:\program files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
    c:\program files (x86)\Pogo Games\PGMTrusted.exe

    Folder::
    C:\SearchProtect
    c:\programdata\BrowserProtect

    Driver::
    FastFreeConverterUpdt
    PGMTrusted

  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

    CFScriptB-4.gif
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix may request an update; please allow it.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------

Post the new ComboFix log and let me know how your system is running now. :)

Edited by jeffce, 24 May 2013 - 07:02 AM.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#9 Ansem

Ansem
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 24 May 2013 - 03:45 PM

Alright, I ran it. When the computer restarted a program called Uniblue that the owner has installed auto ran and began scanning the computer. I stopped the scan and exited the program and let ComboFix do its thing.

The computer seemed to be doing a lot better until I tried to launch Internet Explorer. I get an error message that says "Illegal operation attempted on a registry key that has been marked for deletion."

I tried to install Firefox on this computer but it won't launch the installer and I get the same error message.

Actually, it seems to be doing that to everything that I try to run.

I'm posting this from my phone since I can't run anything. I put the ComboFix log on my flash drive and I'll post that in a few minutes.

Thanks again Jeff.

 

EDIT: I restarted the computer and everything seems to be running fine. Well, as fine as it was before.

 

There are still constant pop ups, and on Google, under the search bar, there is an advertisement that obviously doesn't belong there. Also, when hovering over random, blue, underlined, words it results in a pop up advertisement. For instance, hovering over "Windows 7" results in a pop up ad to smartshopper.com. Following Google results also results in a new window for "hotstartsearch.com.".

 

There's also an orange icon in the system tray that, when hovered over, says "Backup your personal files." It constantly launches new windows advertising random stuff.

 

The speed of the computer seems to have increased quite a bit though, so that's good.

 

Anyways, here's the log:

 

ComboFix 13-05-24.01 - Owner 05/24/2013  13:05:45.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3839.2766 [GMT -7:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
Command switches used :: c:\users\Owner\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe"
"c:\program files (x86)\Pogo Games\PGMTrusted.exe"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
c:\program files (x86)\Pogo Games\PGMTrusted.exe
c:\programdata\BrowserProtect
c:\programdata\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl
c:\programdata\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
c:\programdata\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm
c:\programdata\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js
c:\programdata\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe
C:\SearchProtect
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_FastFreeConverterUpdt
-------\Service_PGMTrusted
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-24 to 2013-05-24  )))))))))))))))))))))))))))))))
.
.
2013-05-24 20:12 . 2013-05-24 20:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-23 02:00 . 2013-05-23 02:00 646 ----a-w- c:\windows\DeleteOnReboot.bat
2013-05-22 20:27 . 2013-05-22 20:27 -------- d-----w- c:\users\Owner\AppData\Roaming\Color Brush
2013-05-22 20:27 . 2013-05-22 20:27 -------- d-----w- c:\programdata\Color Brush
2013-05-20 09:33 . 2013-05-20 09:33 -------- d-----w- c:\program files (x86)\Microsoft XNA
2013-05-19 03:14 . 2013-05-19 03:14 -------- d-----w- c:\users\Owner\AppData\Roaming\GhostElisaCameron
2013-05-17 21:33 . 2013-05-17 21:33 -------- d-----w- c:\users\Owner\AppData\Roaming\Fenomen Games
2013-05-16 03:17 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-16 03:17 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 03:17 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-16 03:17 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-16 03:17 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-16 03:17 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-16 03:17 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-16 03:17 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-16 03:17 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-16 03:16 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-16 03:16 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-16 03:16 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 06:59 . 2013-05-17 22:50 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-05-15 06:59 . 2013-05-15 06:59 -------- d-----w- c:\program files (x86)\File Type Helper
2013-05-15 06:59 . 2013-05-24 20:12 -------- d-----w- c:\program files (x86)\Fast Free Converter
2013-05-14 20:36 . 2013-05-14 20:36 -------- d-----w- c:\users\Owner\AppData\Roaming\DriverCure
2013-05-11 15:21 . 2013-05-11 15:21 -------- d-----w- c:\programdata\Playrix Entertainment
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\windows\SysWow64\searchplugins
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\windows\SysWow64\Extensions
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\users\Owner\AppData\Roaming\Mipony Download Manager Packages
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\users\Owner\AppData\Roaming\DSite
2013-05-09 17:16 . 2013-05-23 19:43 -------- d-----w- c:\program files (x86)\LyricsFinder
2013-05-09 17:16 . 2013-05-09 17:16 -------- d-----w- c:\program files (x86)\MiPony
2013-05-07 18:50 . 2013-05-07 18:50 -------- d-----w- c:\users\Owner\AppData\Roaming\STAHKM
2013-04-30 10:03 . 2013-04-30 10:03 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-25 15:38 . 2013-04-25 15:38 -------- d-----w- c:\programdata\McAfee Security Scan
2013-04-25 15:38 . 2013-04-25 16:09 -------- d-----w- c:\program files (x86)\McAfee Security Scan
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-21 04:45 . 2012-09-04 15:08 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-05-16 10:06 . 2011-10-30 21:30 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-15 06:59 . 2012-04-21 01:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 06:59 . 2012-04-21 01:56 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-10 05:21 . 2012-09-08 13:54 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-05-10 05:21 . 2011-10-31 05:57 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-13 05:49 . 2013-05-16 03:17 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 03:17 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 03:17 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 03:17 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 03:17 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 03:17 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 13:46 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-19 06:04 . 2013-04-11 04:54 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-11 04:54 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-11 04:54 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-11 04:54 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-11 04:54 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-11 04:54 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-06 22:09 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-03-06 22:09 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{398C01F1-E584-46AD-A649-4F78B435DCFE}]
c:\program files (x86)\LyricsFinder\lfind.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{8CA5ED52-F3FB-4414-A105-2E3491156990}]
c:\program files (x86)\Pogo Games\iWinGamesHookIE.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B422F1BC-9ADB-48A7-8B13-00C176039DC5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"BackupAgent"="c:\program files (x86)\Strongvault Online Backup\BackupAgent.exe" [2013-03-19 197448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-03-14 1532992]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" [2009-12-03 3331944]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"SMessaging"="c:\users\Owner\AppData\Local\Strongvault Online Backup\SMessaging.exe" [2012-04-05 31664]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
StrongVaultApp.lnk - c:\users\Owner\AppData\Local\Strongvault\StrongVaultApp.exe [2013-3-19 400712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2009-6-3 430080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ    autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2013-02-19 106552]
R3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0;PCDSRVC{F36B3A4C-F95654BD-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [2010-01-19 23536]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-30 1255736]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2013-02-19 340216]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-05-21 45856]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-02-26 127984]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-02-19 218760]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2013-02-19 182752]
S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-05-21 1015984]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2013-02-19 70112]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-02-19 515968]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 06:59]
.
2013-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 15:02]
.
2013-05-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-14 15:02]
.
2013-05-24 c:\windows\Tasks\Lyrics Finder Update.job
- c:\program files (x86)\LyricsFinder\LyricsFinderUpdater.exe [2013-02-27 19:59]
.
2013-05-23 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2013-05-01 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2010-02-01 23:02]
.
2013-05-24 c:\windows\Tasks\SpeedUpMyPC.job
- c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2013-05-10 18:51]
.
2013-05-24 c:\windows\Tasks\spmonitor.job
- c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2013-05-10 18:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-singalong@xenophesoft.com - c:\program files (x86)\SingAlong\uninstall.exe
AddRemove-{495A8A3C-8FD0-4C46-9979-95C26181A1AB} - c:\program files (x86)\InstallShield Installation Information\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}\setup.exe
AddRemove-{C547F361-5750-4CD1-9FB6-BC93827CB6C1} - c:\program files (x86)\ParetoLogic\RegCure Pro\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{F36B3A4C-F95654BD-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2013-05-24  13:19:55 - machine was rebooted
ComboFix-quarantined-files.txt  2013-05-24 20:19
ComboFix2.txt  2013-05-23 20:03
.
Pre-Run: 380,384,743,424 bytes free
Post-Run: 381,525,839,872 bytes free
.
- - End Of File - - 554A1027FD3AB19AE4F6DB83EB3A54FF
 


Edited by Ansem, 24 May 2013 - 04:20 PM.


#10 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:47 AM

Posted 24 May 2013 - 10:04 PM

Hi,
 

I get an error message that says "Illegal operation attempted on a registry key that has been marked for deletion."

Yes that is something that happens occasionally with ComboFix but you did exactly what I would have advised you to do...restart your system.

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#11 Ansem

Ansem
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 25 May 2013 - 03:13 PM

For whatever reason I wasn't able to download JRT on this computer. When I tried Internet Explorer said there was a problem. I put JRT on a flash drive and was finally able to run it though. Oh, and just so you know, I forgot to right click and run as admin and instead just double clicked it. If you need me to re run it I can. Anyways, here's the log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Owner on Sat 05/25/2013 at 13:03:18.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\smessaging

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\stronghold online backup
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0F804941-6E3C-4BB9-93BF-C8E529D97238}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5CDF4530-808F-4424-AD33-0E39913D3AD1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C500EC1A-534C-459D-AF1B-6F152446F4C3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F4DDCD2E-BA4B-44F1-A53A-701531C3D75B}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{F4DDCD2E-BA4B-44F1-A53A-701531C3D75B}

 

~~~ Files

Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\strongvault"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\strongvault"
Failed to delete: [Folder] "C:\Users\Owner\appdata\local\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\fast free converter"
Successfully deleted: [Folder] "C:\Program Files (x86)\fast free converter"
Failed to delete: [Folder] "C:\Program Files (x86)\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\microsoft\windows\start menu\programs\strongvault online backup"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{001337F5-5F39-421A-97F6-6E68CD2797A7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{001C5A01-9EA7-4302-9E37-5592CBF3B406}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0023A130-A9FF-40C1-BBFA-8E850B99AE19}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{00425739-6392-4890-9457-9F7B2879AAC4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{015708AA-88BD-4A80-83C3-DFED6CA56DEA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{01829CE9-A74A-439A-9E70-0B3080BD02D3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0187D1D3-6A4F-4916-84D7-BC340E0AF1B9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{01899FD8-279C-4ACB-9B28-1151343653FD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0216C2C0-FC59-4D90-B298-FCDB383FD416}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{024A4BCC-4D50-43A9-99A8-2F62D8932851}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{02AA5047-862B-4538-88B8-A59AAD1FF0E8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{02C9607B-4EBD-4025-9921-A89DFCA2B5A1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{03191F2E-8EF4-4A04-996B-5A743CAE3178}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{034AD53E-E1EC-4964-B140-4C00A3BDD354}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{03616AE5-C673-4622-A8EF-9C0FF4CC97E5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{036AC6D7-A924-4762-8354-ACAF39B5E7F8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0466B52D-75AA-4610-9C9E-8C63810A8851}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{055E3E51-F6DA-4975-A1BE-61FB43ED8EB7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{05BB2FBE-5ACA-4852-BADD-8FB1392D0CE2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0654985D-7B79-417D-AA06-E64A389B30EB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{06DA8968-06C0-4615-BA97-29B7119FB35B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{070ABA97-9AC5-4C19-88F1-38DEAD007365}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{074629CD-59A7-44BD-AF07-B27E0C704E88}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{07A8C925-6CBC-4933-AB37-AD41EA15D19E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{087332BC-E61F-4F1F-9B2E-71750510D965}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{087E0B5B-C948-499A-A922-2CAFA4FC20C3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{08861984-78BC-4B77-ABB3-6C813DA77C87}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{08B4C5E6-69AB-453D-9F88-E20DBA4FC407}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{08BBF9C3-8987-42DE-A6DC-DFEE8EB5BD7B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{08EB96FD-5AB3-45EE-A7BC-081772C7474A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{093DA1D1-48F7-440B-9536-2D2E38277C14}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{09D336A2-59DB-4195-AFE2-C8BF4FD666C9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0A273B7F-A8F0-4395-9637-DF7B31E1AB2F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0A98DB75-9415-4AA5-B2AE-F06DFE2AC6C3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0B53EB64-1D7E-4BE1-B148-589797831294}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0BD0B30F-9EC8-428B-8351-4785D85F09AB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0C7120CE-13BF-4B85-A68B-44D867AFF52F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0D72BB77-FC97-43A9-B7CD-1EA71C48689C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0FB6FB67-DBFF-4736-A6FA-8B87B945320E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0FBCB835-FEAB-40D3-BAC4-483341557C73}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0FF9AF3D-CE55-456D-99DA-F5CFBF55D5FC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1099600B-DAE8-4A82-8EB5-D8D12D4231C3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{10BF558B-F2CE-48D7-AF3C-9667F7E7D036}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{10E4869A-D1EB-4F43-9DE7-9E79503CF2B8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{10E64FD4-F776-4811-BFC8-A00CB42F6E67}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{110A9A01-7B97-42C2-9BCD-C5C6878F576A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{114BAB77-9270-434B-9737-3717767CB70F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1168E609-D3CB-45FF-91AB-220A9C86B11A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{11F53D18-DFF7-4781-86FA-ABE77023A797}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{121A73CF-D958-460E-9194-4D59B6D9062C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{121C55C3-54D1-47D8-A300-F5371698C7C8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{125C5C9D-7F53-4313-9CAA-BC226BA5306E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1284C139-B8F5-486F-A6DC-55E7EF438AD7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{12AD56C6-6F45-48FA-B8E0-4D7FEB78DBDA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{12E38133-3DD9-454C-B6C5-A8C608162EA4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{12F49F3C-8386-4A43-B491-AF9B41CAA453}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{12F98BBE-5EB6-40C2-88D4-DF9770CDC310}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{130930A9-8C03-4071-A2E5-B75F12605732}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1326F382-EF2B-4E05-B946-A128F7370E1A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{137AEA32-6FBE-4731-B6DF-2B8902382ABD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{13C338C5-2DDF-4F36-BEC7-5C44F789B6EA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1479D3F2-16FA-4453-8D4A-C42A604C6F30}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{147AB039-5552-4AB9-9C98-306ED583E6D9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{149FD1CC-CB8D-4FED-B3B3-1B1EDBDF5907}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{151BE050-1EAB-4955-8395-F2663EE4CC4C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1715D452-DE5D-4037-8D3B-CC14AF87724C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{17438B87-00EA-48FC-AF4E-C4C92A37DE42}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{17604BF3-CDFE-4577-AC00-BCAF2BA358ED}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{17D79C5A-CC7E-4438-AA43-A096AE171600}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1858115D-0D57-4D05-9AB7-F282351596D3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{185BC41A-8F3C-4CD7-910F-5EF467C440AB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{18A0DEB7-5ED7-40C6-A61A-47A6D950F125}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{195BCCA8-E22F-451B-A247-98DDFD65488C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{199553CA-5A74-46EA-99A1-C1D02A2DC35E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1B2281DD-F732-4D6E-93FB-F5D246CABEED}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1B72749E-11ED-4EFB-8747-DC4D2F0A416E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1B8F3E15-FC58-4468-9ACB-A53CEBF14ED3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1BBD251A-2B77-469B-B3F1-B3548924933D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1BBDA68F-0197-471D-91E5-A7164650ADBC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1C66D98D-E0AF-4556-BBF4-CD10AB43E2FE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1C7FDFC0-7880-4728-983E-5AE58B853BAA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1C93A989-C5B6-4E83-B54E-F9769759BB28}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1D3F85B9-BEBF-4B54-A6BA-3B09A0E6DE7B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1D6E33A0-F428-45D5-B98F-F4F360D0AA4F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1D9F19AD-D75B-4389-B8C0-D36A8F9CAE20}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1DCF6141-DF5C-46DF-BF54-24B20B6FA914}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1DD31E5A-78EF-4D5E-91CA-7490C42733F9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1DD33FC8-2EA0-4CEC-909F-3FC6E6F3377F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1DD7A669-B9F4-4330-8ED7-939F87797D6B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1F2FB6AE-AC8F-4022-AA9D-E23AB8BE8CE5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{1FCD23FA-9DED-45FC-B2B8-AED9AB952C2E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{202C0852-315F-4B75-9DAC-EA15969CCE38}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{203963B3-4C28-4063-A1A8-735B86616553}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{20BE1FDF-A465-4725-8A81-3978CB8FE16B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{21018BB5-7921-4BDF-83FA-2AB0CE2B8D2D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{21633B0C-D3EA-4D38-9371-9036D645E34A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2172A9A8-34F2-4EB9-9488-3F045682E811}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{21B65006-B2A0-4046-8A85-23331E018F51}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{21E29FA6-900F-4973-9841-253B9411D52F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{21E7B2B6-8F09-42A0-B01C-24CA49AF48C1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{22C7F9A7-BF94-4CD1-96AF-3FB67D99F5C0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{22EAA8DB-8D6C-4446-B72C-595DDC65C667}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2376B7A5-8ED7-4A43-A866-1F316C78A7AA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{239CA722-4615-445A-B06C-F5EA4BC31B4C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{240B1B10-49AB-4E01-A2D8-E567FF6101BB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{240F7FBC-9F99-4601-B59D-76152F346931}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{244B6BE6-5869-4339-ACD5-351F80A1209E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{24D6D42F-6BAA-410B-AF1A-93E0ACE20AD0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{24E1C535-135C-4627-BA93-D18E380732B3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{252749E4-C8EB-4D87-AA17-F1F3FA01FAC7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{254C2DAF-C6ED-4DC8-89F2-96644C5DF74B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2592CD94-34B9-43BB-8F00-9E09FC77CB69}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{25C51D39-4425-4511-8F88-F5FE6BD2F9E2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{264D4CC1-0A14-47A4-B856-A17981BADA8D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{26F73B61-0B1E-4DEE-9757-DC8C454F7D7E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{26FE9F53-2460-419B-A059-5B845198FD3A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2718379A-9E77-4028-B0C5-8A3D59600B03}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{27C74151-A1C9-4D06-8BC0-B5DABE10F638}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{27C912E3-8193-4BCE-84F8-E7B5CE0F1F73}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{27F9E02F-C7A9-4C86-9F8A-5F1F26D311B5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{28608A54-F77F-4E1A-8017-7D133BAE6476}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{297FEB5F-43DA-4517-9B89-38DBE0458FAC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2A788251-F2E5-418E-BBE0-60262716DCB3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2B671A0E-DB12-4F61-BB8D-5769038EC371}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2B8E476D-2C80-4ADB-A70A-AB38B3F3321F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2BDAA402-65D6-4EC3-B677-19B0C789A903}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2C40F240-9653-4F85-8C66-1630AC93CC0C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2C41D903-8C82-44E1-8F5D-D5D09A4B1C13}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2C6A398B-7C9A-49BD-8CAB-865279F61747}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2C7F42E8-A49E-4242-98BD-FE90A1D8B388}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2CA0AE94-5005-4ABE-B7BA-BA5622F549F6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2CC748C2-70E5-44AF-ACF8-0E63893652C0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2CFC9C2B-2A0E-42E3-8729-13486A6F617D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2D52FD8E-259F-435A-AF2C-CE5B693B9F36}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2D7B95E6-2778-41E6-8C06-38F958BC520B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2DD18A4B-F6AE-4BAD-9DB1-C201C2F78AE8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2E107C6B-7D43-426A-8A56-6FA1E850247A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2E12824D-E58A-4582-82C6-EB4F068C107C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2E3C2F40-19F0-482C-A0A7-B62AE32CFB5F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{2EC9F82B-BF40-4C4C-BCF5-3E98E3E747AD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3044B71E-30F8-4A28-A032-742EF48EE302}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{30E56F69-18B7-4D78-8C42-E9152FC3DAB4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{30FF9AE8-04C2-4BE0-8B02-30F7F49CC8F0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{321EBA43-5015-4A42-9BA3-3BA3B80992C7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{32405C07-9922-40BC-A4EC-4F110EFC9B9C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3268EC9C-E540-4C67-BE02-8A27E1689673}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{328FC1E7-8917-46A9-BF4D-938711B0E25F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{32A183F4-3189-4499-B30F-05C618DE2A6A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{33688084-0E69-4EF7-A48B-2CE969D9B893}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{33BEC8E3-5802-4FAB-BC42-DE500F61EC61}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{33DD29D1-792D-48B8-B7B9-35A26C3D252B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{33FE0276-2A68-429A-8BA3-B61BEF532AA1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{347D5585-B443-4FE7-B94C-DE10B5F037C2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3496B455-25DC-4A08-ADD9-EB6D9FBBF9EE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{349FC055-A804-45C2-A7B7-558FF854E015}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{35F38AC2-70FB-4EF5-8D33-0EA2ACA191C1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{363EF51E-72D4-48B0-938B-72B61AC898F4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{36CFBB81-1C21-4BE8-96EF-2A10E8AFD4C4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{379F0507-04AC-46F0-86E9-4FEE54E3BCA3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{37B20825-6B5A-42C4-B3DD-4268F8594880}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{37FC2012-AB2A-4FB5-8A44-56665A516D98}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{38E7C3CC-59B0-48A4-A0E6-2267E954E299}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{39041CC0-DB9A-4DDF-A6B9-4FBF959A49CD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3931BB94-FA54-4823-9A76-E340C1912ED5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3959B0BB-E329-448D-A0E6-F28C41630F67}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3A1C0741-82EA-4350-AB20-9797D60EA06B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3A3C6B6A-7F96-4412-BD1A-8092D3513807}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3A6B25D2-71EC-43E7-8BA1-435D53137548}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3A72D7EA-9919-4330-9974-5F2931AF6621}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3AA595DF-9565-4791-A2F5-9EA45EF8574D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3AC91E5F-CF5F-4947-9E7C-A05B1F953F34}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3B9F2796-0C7E-4DE3-9288-A623685F5D88}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3BA2D1F5-FC66-43BB-8375-090E8FB726EB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3C2BB57F-91E6-4434-99B4-3C7CF5E25297}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3C4749A5-FC63-4974-B687-BF4CC318093F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3C4F9150-60E4-41EC-9C7F-0C6E3857FF4C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3CF83693-AE26-4078-90CB-E125D2FEEDDB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3D42B33E-2770-4D13-9722-A101E130BC98}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3DF36734-2467-495F-AEAF-3339E7B05749}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3E08DE8E-4908-4581-A0A2-62B84E6F7299}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3EAD44D6-6B89-4A2F-8742-19FDDE512162}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3EF758CE-C447-4C6D-A39B-707625F7EB77}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{3F6B416F-961C-4EDD-8694-9933215D4465}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{40996DB7-720D-421F-8CF5-42AA6F504FFA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{40C747DD-A370-43A3-BB12-E587F782FE33}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{40F54D02-8E87-4E4A-9D7E-5F1A0AAF268D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{41E47AF6-9910-4A65-B178-05A7196F2DCB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{41E90493-702C-4D9B-878A-7A197D01C780}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{41F5C6E3-98BD-4739-9912-F1574A16BDEA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4259770F-5E1D-4FF4-A9FE-664B7DED7165}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{427B7B33-86CB-4B3C-BF2C-3C5A3A31E4C6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4393CF46-B139-47B7-AB98-DA3A9109346D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{43C93FDC-9A27-4A62-9CC7-66273FAFD27B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4518F2F7-30B0-46A9-AF5C-9A9536978B2B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{46B313FA-37AB-4BCC-A0D6-1907EA1BABF4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{46DC73AA-39B0-48BE-8459-D92DE5BB84EB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{47045A94-9633-40B2-BAA4-0E00D8A75D90}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4720BE88-7D3E-4202-8997-81BF4D1F36BB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4732594F-89BB-4D6E-9AF7-E76ADA7B9785}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{47850156-DBBD-4C94-BA75-66F50B16CC4D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{482A3142-0D29-40A0-B83A-CB699ED06457}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{496A96C9-B10D-46EC-B563-4BE57457FAEA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{498A7330-7E31-430C-A6F0-E62EF01D9E35}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4A5C375F-842F-4B6E-AD83-E02304401F2B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4A8908C4-1B9D-48DB-AE9F-FF05F3F36BB7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4AA730C9-4A46-4733-ADDA-667C27159E80}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4B20DD89-5BEF-45AC-B5F2-DB5319C60D1C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4B2BB9E8-FF70-4174-92BD-300B20E05496}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4B4DF390-36F3-4AFD-9662-20CDF343D307}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4C223E63-9143-4713-9C40-49F633B5DE44}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4CAB645B-9625-4133-B96B-49A75CC7DEB3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4D510412-F3FE-4F28-920E-BE9118E38B9B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4DC21F6D-6DB5-4F85-AC0D-6759D213D284}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4E234A60-8D36-489E-9610-117ACE214C6A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4E5D3DA1-BA5D-4FA9-8EC9-10219C944FD8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4E8BDAA9-A18A-4F68-9949-7F63A13D906D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4EB571B3-3AA4-4C89-8EC6-BAC17354972B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{4FB7311D-25ED-440D-8CB6-CBF605DDD262}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5032CB2E-1AF3-493E-89AE-C5911405DD2E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5065C3AC-EF54-4425-BE15-C03CB13534B0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{50CCE53C-800F-42B7-8E30-2A1E8230D822}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5137EFF7-5B78-48C9-984F-70F043A0612A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{51B796C5-5047-4D87-929F-BDDCA2B768E5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{51D64F91-8F21-48DD-897E-3F75935036AD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{51E67335-3D7A-4A4E-BA69-06BA7B5BDE7A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{524B6CD9-4D5F-4FEB-89C5-A422A7B399FE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{525738A2-F057-40D2-AA59-98C62592BB29}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5300A11D-E37A-44F5-85EA-168C866F8AC9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{536EBD8A-68AB-487D-A3AB-D29A4A7676E4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{53F3175B-140E-4269-9CEC-82788D91BA3E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{555B0585-2A74-4577-8B5F-7FC93695DFE4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{555FE82F-1557-477F-824D-6D3FB44DB691}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5653B3FA-6A86-44DB-98C8-902E27C8C300}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{565FBA95-3BED-4723-9112-7BE8CB2C8B3E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{566AB06B-6A6A-4BC8-8FB2-832D806FB803}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{56C9477A-1F87-4EDB-B56B-B62BE3DAF626}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{56DE00EE-3C64-4ED5-9AC0-D1A6C16B689E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{56EB1008-A701-4542-9DE9-E340ACE3F7D5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5762740B-EA2C-4064-AC13-640DE7CB5A48}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{582CB3AA-1D9A-49D6-A8B0-D02CE805AFC1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{58927CF5-97DE-452A-A265-65C44135D93D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{59A03F95-4EF5-4D9F-BEBA-42B306B47530}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{59A2DC1F-CB7A-4F74-81E7-15E11B699D3A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5A00679D-BFAC-4D80-9D95-7F9EFD485C7C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5ACD7BA0-59A2-467E-938D-06AEF45EC77F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5AF80575-55DE-46F9-98FC-B0B969E05B38}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5B0EC8C9-E40F-4CF4-9F74-D6E83CDC8FB9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5B1365A5-0808-4380-AD25-71850FBCD5C1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5BBA44F4-563E-4967-B0FC-B486EFA817FE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5C1F081A-B536-49CB-A834-86E94E326804}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5C26C4D6-0572-4C09-B16F-B8914FDB08BC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5C298D51-2A72-45E1-8615-6E7120DBEBBC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5CCA21EB-B76E-4F52-9802-472BD4ADCE89}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5D44AFBD-F581-435B-A594-CB639BD7D4A9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5F630F7A-A63A-469E-91DE-BBF53C191E85}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5F7AB82D-8CFB-4291-AD73-0CAEEC2F3BD4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5F7E4886-CCAC-4CED-AD33-6355F1FFB9D9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5F8A3FA6-BC7A-4271-9424-581457E59255}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6023A20E-39C0-49E3-92FB-E26B775DA125}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{60ACE9CE-349C-473C-9D7B-DFB2929B473F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6137127D-6C63-421D-BCC3-E0AB837422D9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{61979838-FFE6-4766-8F46-DB0523123657}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{631DEF5A-A2BA-4E9C-9502-30E2F50EB580}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{632ED27F-07E9-489D-8E42-8D8C0F7F1FC3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{63426E24-B74E-4F93-BEFF-501EF6BDE9BF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6397AB93-051C-4A38-A840-DD832BBD3B61}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{63C4B19A-D7DD-4606-8FE3-70802524250F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6471ED12-FB14-404A-BA33-ED614D11F81B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{647F2E43-4BEB-49FD-A193-38DE6905B283}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6491431B-C2DC-4C98-AE3E-C5947EA53FA5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{65D424FB-2E72-43F3-8ABA-DC80643E7E02}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{664F3BEA-C971-417E-BE6C-68B1B2F6B50A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{66967416-2775-4B5F-BCDA-DEB16358DE2A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{66CC42B2-7794-4D5E-A712-EF240C99D6D5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{675C954C-8344-4217-BC67-FC6EA32E1150}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{67E43785-C44C-409B-B08B-329F94AEAE0A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{67E8E006-3B6C-4584-8EEE-0551D33AE58A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6868F3CA-039C-4327-BEDA-CCF464EBE201}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{68D1B84F-3791-4123-9531-471D199DF411}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{690498C2-8D3A-4A39-AAD5-AB2966B21DDF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{69248794-6125-44F7-B849-CB8B93FA90ED}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6947C99F-578A-4368-BB93-63A447877810}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6978135B-A9AA-439D-BBB9-92197E01EF35}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{69B0DD73-B5D6-4A95-AB99-2DB612A3888F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6A55B753-8BF2-4E6E-B6C1-BD0A07D49513}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6A5F7588-5E03-4891-81AA-A3B02277CB3C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6A811137-78A0-435A-B855-7BC2B39B1C52}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6B433780-42F0-4CCF-A18C-BE58961E9C33}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6B5792D7-CACE-4E44-A76A-D98238FEC0DB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6C0A231D-0D7C-4DEF-9848-122F74D4AB6B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6C193338-F349-43B3-A1FF-FC52F82FF3EB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6C6F75C9-8DCA-47CF-B3B3-EE69E22DC664}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6C728DC7-B1ED-4540-8F04-387CF55A6C74}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6C8D5193-98AF-454B-935C-7312B54CB10C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6CBA2B0A-DFAD-4AC1-A693-C88AF64F8BD6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6D1E8DD3-6909-43B7-A58A-FDEC2C95CDB6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6D70973B-8EAC-4701-9DA2-C0CD0040588B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6DBEDECA-3472-4661-B2C8-433DD3C4253C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6DDF2E89-6310-4A4F-AEE6-733754322900}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6DEC081B-BFA8-4BAD-BE1F-7F8E62F1B442}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6E4F4534-D2C8-4FBF-AD66-3488670A7F4C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6E5DE8D6-6310-4316-87BE-73EB79FC6FC1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6E761BEA-18AC-4E93-A0C2-761F6E346205}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6ED9DC5A-2A28-4E4D-BB28-4F9ADC4D1215}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6F013A64-AACF-4499-BAAA-827169F68236}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6FA02FB7-3BDB-4C3E-A9A2-7D69411080A7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{705BA5AC-291F-4309-92AB-18DC27FC3190}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{70DCB3B7-B11E-43F8-9B68-4DCC4B6E17B6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{710E6385-D86B-4A31-B80F-B15F36EBAD73}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{712D6172-9D08-4A94-9262-48B15FD005ED}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{713023B7-A64D-4BB7-BB8B-1EA5EEE10607}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{71599C1E-3868-4B09-B00C-527BB3CAEF5F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7173A932-C06E-4CAE-84A6-2788D67B9A44}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{72357324-4E50-4162-B4A3-1FFD8419B7A9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{74218933-E335-4089-9442-2F640B55A86F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7425A91B-DCBF-4076-9E64-05B6E8014D5B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7431290D-8E5F-48B0-A088-9F590C168F01}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{74596047-7D1A-4D37-A184-8D1E8910DAFB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{750713A2-9C31-4F1B-BBD9-5EC7E4241474}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{75293B53-CDB8-4B55-974E-ABD7C9C92AC8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{76140785-F464-4C26-A605-13BD4143B805}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{767A6CE8-B15A-488A-AA39-F04B453CD0E1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{76D84916-4DB0-482D-AF4F-CC3D35ACEF3F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7706DC1B-9FDF-4304-AA66-826173C72ED8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{771EE763-F57C-4DF9-AE9B-8531F5F98EB3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{77349807-AD4A-45E3-909E-C9018E73A077}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{78251E53-0BD1-4758-9597-6E7EA4D5D802}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{78321D8B-48B7-4149-993D-EA7BE8B34FA9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7895A40F-FF77-4707-B0D8-21544A7B6B19}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{78F4560E-B842-459F-AB8E-E7B92EB90219}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7951BB9C-CBE2-4207-BFAC-B1763A8A2291}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7A6E35F6-CA84-444D-B4F6-17693B831AB0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7ABD3FA6-65BA-4DC5-8099-A2EF3892075B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7B39A5B8-5C92-4B58-8B27-CCB437EFC672}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7BDFAE51-34BE-4783-90D6-F6435803B47A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7BEDB85B-C98F-483D-B763-5EFC16D6D887}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7C282425-2AE0-44B5-A861-CF29D3788F12}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7CB00E69-8058-4C26-9C3E-58018178B6B9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7DDBB488-12BA-4FD4-A0B1-A1435D3DA184}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7E1DD05B-8E8B-4409-B157-F7E5A072E21F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7EC41B39-E142-4FFC-A5E3-9BC03C64AB51}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7ECD492B-4FCB-42F5-9B21-278113E9232D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7EEADAFC-3D92-467A-981C-026F3C5C1F9E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7F40DF61-E33E-4F87-92E7-BA5727861117}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7F428385-00C8-445D-B47F-A4A5D5C16C19}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{7F8E8A3C-6207-4727-8D82-7BB4C5912FFE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{812D3B76-4A2D-4BDB-B708-D620D6DA31A0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{818FF67D-2D31-445E-9175-291F217EBE6D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{825D4996-2272-4EFF-9D1C-D8EA257F39D7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{82927D50-241B-43AB-AAA9-E667FDD6BC12}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8292D832-F892-45FD-AAD4-F7AEF36E35B9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{83AC8A20-CA9A-4192-807F-DF68F76B8CAE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{83DE16EB-934E-4DDD-95A1-5339C698995D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{845B4A6B-446A-4C73-B893-8CF58CA45ECD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{846E655B-AAB2-4B17-AA2A-2D8BEF89C881}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8476DDC0-91AE-4532-83EB-808536754960}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{84CF351F-E399-4320-97EC-B0CE64D6A7DA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8534D642-4DCC-4472-AFEA-99A0021B9DEF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{854FDAAD-91E4-48FF-B5CA-2DEA813A0AFB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{857313CE-2C9B-4598-B4B1-797AA722C91D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{85FA7C0E-F532-496A-A822-A0E4ECCC9886}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{86086156-D0EB-4DEA-8D80-018681A4C6CC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8609A859-C53B-42C5-9538-19A074502670}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{860F397F-CB33-473D-A024-1B470148B468}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{86890279-B2F7-420F-90B3-7FBA636205AE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{86D75C85-95A4-46E1-8142-4425CB5D768F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{873E01C9-96AB-4803-9D29-024B320754F7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8745205C-DBBD-44C1-AF4C-AFC3843BDE1D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{87D90724-DE47-4AA3-8207-196EABE26F38}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{87E82EA6-4DD2-48AD-ACB7-9C434980C5A8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8819A7B7-294F-40D6-A429-47F53BE60A71}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{88E76EA9-2BEB-455E-B875-FC0A03E3E0F1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{88EB9FB0-E665-427D-9845-FDA622149A34}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8910C0CD-F66A-422B-85E9-5C7521E3D563}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8979A604-86E1-44E7-AB80-7DDA5E1EFCC9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{89BE1BD5-0447-4814-BFE5-65426AE24664}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8AF0B326-E393-43F6-AD15-AE6559BD8B64}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8BDC3170-4BDA-4E06-B047-9FA1499B0F29}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8C2D2CB1-44B3-4F43-ABAF-A6D4A9CB3CED}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8C4CC5EC-B7D2-49DD-9B7B-306D484477F0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8CFD437A-7530-44DA-BB94-E4F5EEA6B2E1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8D2AB1B1-BF76-47D1-86B2-79756154D50E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8E263D15-7656-4AA4-8997-90484457EA84}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8E66CF0C-1018-492A-90A4-EFE0699A0406}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8ED55BB4-D9A4-4724-AA9A-3B7AF0EA682F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8EDCB672-2690-47E9-BB48-82D6114E4ECE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8EF4914C-9921-4E06-AE96-903D0B8BBA33}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8F0104DB-21FD-43FB-A95F-52CF16B70244}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8F1837E8-887C-4388-8950-36D7F8676D9D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8F669471-5642-4C58-A575-D305B03D1357}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{8F6F044C-35E3-4FC7-8453-68E51F2F5692}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{900530A9-CE94-44A0-9211-5A027D13B882}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{90DF0B66-EB04-408B-9760-C76A5DF1C3FC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{910B217A-E293-49BE-A819-C017FC50865F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{910C0CF0-2B6C-4CBF-AB89-4AEA74FF8FF5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9112B8F1-448B-4069-B72A-B59EB7647752}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{916DADD0-28D4-4A5C-927D-AC6A377C3E12}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{91A122AE-E899-4603-B16C-EB7D45EC3A95}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9263B61B-C8FC-4205-B279-593980D4359A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{92816F14-0A36-4201-8544-3C98E55F8364}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{92BC7030-5322-46E4-ABBA-A7D0E7A1450B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{92C76CDE-DE0A-48E8-9FB9-1C248F51E969}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{92EC9E1F-3A6C-440B-BD61-80957CCBEFF0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{939BE788-3CE6-4131-AFEE-9805E54D0CFA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{948DFA8E-2E70-4B8D-913E-8A7A05476E34}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{94D491C8-65BC-4527-AE97-5DC6F9B8E9C8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{94E7F9BA-841A-4EF7-8EF7-4CE1B8BED190}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{95B2E3D6-6E41-48A7-B2D2-BC4C2BD50139}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{95E39BC4-3483-49F0-B8F7-2EEF6E0D9C74}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9605F91A-0A5B-4B23-9D02-6985A6F49ED1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{965645D3-9664-472C-87B4-9AB5DE3EF931}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{968452EF-9077-44D1-8950-E25E306A1E04}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{968D4106-CDEC-4B9C-96B4-CF1D66D5245F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9751781C-9BF8-4A7E-BD06-36D9CE9C93A4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9754914F-262A-43FB-BD6F-B2FFB682F6FF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{97E6B32A-6167-4FC0-83AD-C939306A13FD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9829564A-143F-43ED-9C44-6741B7D8A788}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9892F71D-7530-4042-9A57-0689AA550F31}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{990E8CD8-A005-4EFD-882F-6C077BE3D1E5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9917711E-0055-4AD7-8D36-A160E21F2686}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{995D2919-9DA0-4375-B2A7-C2594B732A23}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9A8653E0-2D74-40AA-A92E-2428AE32D4A8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9AA54D31-42CA-49F0-8602-CAA2B4F2D53A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9AE7EB2A-8F55-44C5-8C63-5410E4735663}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9BA384A9-C0AA-4B64-A308-A84DC0577980}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9BD63EE0-00EA-4251-9B70-A2A41658C996}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9C614029-C6EC-4DBA-B710-EB5F85A68C14}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9CED4ABA-EB1E-4CD6-8C27-27874D739DC5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9D26EFC7-1163-4B79-8E57-49483652CE7C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9D3963B3-D82A-401C-97DE-14605A698EEC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9DB09337-C66C-4D2D-9FD4-9E1EA3A0B9B5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9DE21942-6C7B-4A67-9310-F2908A871E02}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9DF770EC-8BA5-4CA7-8734-147B0C872A4B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9DF99DB3-CBF7-4153-80BC-232630B5B333}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9EFA2BAC-1D9A-48AF-A6B8-6FFC06FA6AF8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9F3FC723-C0A9-4091-89F1-DD7E65CD33E7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9F7CE545-A576-4959-8284-1C5323A6F7C7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A02495D7-0F01-4298-9A5F-D6C4B20CBE95}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A15FD27C-0579-47EB-B9C2-6801568CE12D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A173C297-CAFC-4A73-9CA6-C1A5368AC42B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A19D5809-E1DF-4803-B07C-E7BB0E2D383D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A1DD3415-5C8D-454D-9ADD-920796A055E2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A227745A-A40D-432D-9CCF-DAC4F3846D40}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A25FD2A7-E715-4DB9-952C-D33E7BED2397}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A2B22AC6-62AF-4C7D-BB3C-2412ED586FF1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A32CD06F-B0D7-47FE-80F4-2D4EE23BFFEA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A38F6EB3-B0B9-4DBA-A9B4-414C14BB6A25}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A44E665B-6BD2-4C85-B903-E5B72C06DBA9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A57C22FE-8BFC-4B47-A447-3D495D39EF7D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A5DE9E9E-3D50-4C71-BFC4-90D29484ADE7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A5FD1722-358C-4F5D-ACC2-98F3A6AF789C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A61881E4-67E5-4BCF-B5CD-DD5628BFDDC9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A68D6FAE-A959-4407-8D48-2151764A02D6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A6D10BD6-2C60-4E3A-947C-7951110F8BDC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A73C8084-BE40-478F-96AB-59B1F4162F79}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A7406B71-C112-4015-9403-2DD0397BD9FE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A7533327-A641-45D2-945E-B2A9278C554E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A77578F6-EDD1-4243-8750-625382B30D73}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A78F65A5-948B-4CCF-96F4-34837983C949}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A8342AE1-0909-4128-8DDF-43FBF01BE0C2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A91F4051-ED0E-4F70-BA51-53608D3A84FB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A9255B0F-00B6-4C27-8987-ABB9923415B9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AA9EE5A1-2748-49BE-A677-FD4A0259D475}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AAC6556C-3681-4837-84D2-5B07CF6F6803}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AB008658-1130-4DCE-91FF-5FF3A6F333A9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AB206F3A-B66C-4CAC-9144-E495A1519039}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AB4A274F-F5C8-495F-AF8A-4F4714EE6143}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AB859594-9E00-4A7C-88CF-3511F79E4ABA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AC0AAA4F-5F18-4649-86BF-6B0E03651114}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AC439FA6-5B5D-45D7-B77D-6AB7B2D89691}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{ACF9E113-B35B-49C2-B983-1A41820881A4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AD1273F4-2676-4E27-865C-76D861E0D04E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AD8E07CD-672E-4727-927E-2288B430B48D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AE46DA58-F104-4626-B3CA-04111D22C2BE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AE68C86F-FE06-4622-8624-8A9E80FA2FBF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AEB82A4A-CDAC-4656-BB46-870D7955B34E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AF336A70-8FBF-452F-B148-21F060190F2F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{AF66E868-E769-437C-97FA-2EC9E7C4F10C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B0171B33-B408-49F2-8659-0C016A78BDF6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B073247D-DFD0-4C7D-925A-5C16FD92E3E0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B07F7BCD-46E8-49BA-BDA6-FC9334634399}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B0F2AF6A-9A14-479F-BAC4-FB4344641E13}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B13E376B-1956-429D-AAFD-35B3ADEA20E4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B1C646DB-5F19-40C3-A054-11F5EFF877A5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B272070F-6708-4F79-8F1C-83E448C39E88}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B2C7EEA4-D6CC-49A6-82EC-F6CA27CC372F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B38E14FF-758D-43B2-B45D-0BF14AE00774}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B3FA1669-6984-41EA-A373-F7D7BB08E376}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B4AFBED4-D000-449C-8FB9-E3FCB14B5871}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B51B1D10-9A0F-4FB5-AA6B-E82AC71C54AB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B51BE0F1-CDE4-4EA9-8327-B38844B5CF8A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B5A71A72-1836-4069-BA49-526DC29E634E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B5C2890B-836A-4591-85B6-BFE736DC4AA8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B6646445-8E39-41C2-AA05-D1449499A767}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B71457E0-73BA-4740-9866-327B725402B8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B73956B5-444B-4ACF-808F-5C0F2D39A102}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B7C77197-BA32-418B-8374-3FC944AE3EF2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B7DFF258-80E2-4BE0-9A7A-18FF05E782C5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B8A4601B-EBCA-4C22-B1EF-8AB353EBC6B7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B95D5719-1530-4190-A669-1D313409A56A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B9B9D42B-EC60-427B-85FE-0A5B4067FC21}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{B9C0601B-1764-4FA6-AB7F-E424E2C52A93}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BA08BBEB-BCCD-4AA9-80B1-59ADA96B49EB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BA28B973-4AAA-4797-934C-8DBF8425A2D4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BA8B5834-2211-4E35-917C-671B4786640B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BA9E9A36-6BCB-45E0-9B92-45D3C0597C46}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BB129E94-ABB6-4E9F-B07D-C5BF92BA9F7B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BB133230-BA22-4C38-B98A-8E7C0B3A1B2D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BB1D5AEA-23A5-4F04-870A-9461BD5E333A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BBCC0AD9-6E75-4932-B226-09C0ABD1CE02}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BBDA5A3E-47E4-4283-B306-9522B094F6BE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BC121B28-3566-4D37-8AD8-5DC46C026D8D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BCB374E3-3B26-44DA-9670-230A801CFC74}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BCB3A861-D3AB-4B2D-ACC8-1B0C768E337C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BCDDADF1-2BCA-44B1-B788-3B6CDA0683B1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BD96668B-8584-4E67-9916-91E44E9EE627}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BDF7C3B2-0DFF-4DA4-8512-4A6C20D1A90E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BF38AFAE-F05B-415F-B743-4FB522ED5D48}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BF654EE0-BD55-4370-8D1C-5583904F1958}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BF7A18DF-145F-46CF-905E-8F80A6196E99}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BF7D93A4-5F4B-4D9D-9516-497A62F2F845}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{BFC53221-8EAD-452A-87F3-7FC9C3336CAD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C02AFBE2-84E2-44F2-A850-2261CA242B42}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C033F299-6AE3-4F1E-8481-1C9384760C6E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C049C02D-1145-4773-ADF0-181F12F4E43E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C0909E14-41AA-429B-9B73-61AB42094D2B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C102998A-53B5-4EA4-9F7B-9D9425C4CC81}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C1C0B962-622C-4B17-947E-1F3ED1A4798C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C1DAB67E-3E3D-42E2-B509-4B1EE3BBF0B1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C270D5A4-5270-49C1-AF6F-039F79EB2F20}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C2C88873-FBB6-4CA9-9CCE-35A72C9F429D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C2D4C36E-FF66-46AA-956E-B68FB07B5776}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C2E5A494-AD56-42B9-AB67-DBA133C1CB4B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C33B2214-372F-419D-BB09-5BEA9F3819E8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C3D468B7-93F5-4F5C-A9B5-52FA3344188E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C4B54C14-E3A9-44DB-AB73-EB7180EC20D3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C5008077-7B7D-4212-9311-C02A79283819}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C581358A-8167-4D00-9850-5382A6E00EB9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C5B0E28B-6F44-4EE0-8178-E90BB0C39E41}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C5B4E728-B336-44B9-A00B-2F22EA46FF4D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C6BB26DD-4898-4049-8249-5DAACCDBEBCE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C76A085A-E030-435E-AE38-719CE85074BB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C817F5B3-ECDC-4FF1-BB3A-5B0329A2FA32}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C84B488E-ED75-4034-8C84-14803BDBBB60}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C928BFF4-9E01-4CFA-BCDB-BDED8E14A087}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{C9E2ABB0-E9FA-4B46-85DD-0FFAF340EECF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CA0BEA08-74C9-456F-9C06-3150D8489692}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CA0FDD60-636B-4D96-BD70-1B27C2B6E824}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CAA6608D-68DA-46C6-9051-6BFA34669C49}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CB5EC332-F512-48C7-A56B-20E12D0CA844}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CB73D0F3-3960-4147-A9B6-CAB9ACA9921D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CBB03D71-43A7-42D1-A6E3-B066EC8B6099}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CBD91918-9E22-47D2-9CC5-BAE9E98FE8B0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CC508F82-7F19-448B-AB04-8372018ECFC8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CC898E89-0DA9-4E46-9673-07B0D84BB851}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CCD514F3-BA08-417E-934C-A824AE27BB55}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CD341865-874D-4E46-93FB-9CF2687AEF1F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CD68520E-5866-4A04-8CEE-E4EF4B92C18B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CD919C57-91B1-40BB-9451-2D8C93BFE6AB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CE01E149-E662-4143-A5B8-FEA3FA03E31B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CE4A50F3-9C68-4D9E-8516-E4AF86A17CF6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CE928AD9-CD5D-4ABF-B4AC-90569F938656}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CEF0DF52-EE63-4CA5-B2F0-59A2B18041B5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CF3CAF3A-BAEA-46F4-8019-B83902817B75}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{CF60688B-5CA0-474C-A9E5-59C1CE0EB6B0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D0522E61-6B9F-4DE0-9820-6DA78479E180}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D07A015A-72E8-45D6-8930-A1853117677F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D0F1B587-0D04-47ED-BE9C-FAAA847661BA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D1178BC5-D740-44CE-8C55-21F56BB0C853}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D15C0593-F661-4053-9B96-8485568A254E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D20FA42C-7E19-4EBF-BA9E-6AAAB393C40F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D350DE31-2253-4E93-86B9-9344349E1813}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D358D89B-E30C-4D5C-8386-BB48043FA04E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D392C47F-0269-4DA1-93D8-A85B3A3B1983}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D3C89A12-86FC-4A20-B65A-B792D6BB0367}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D3E0B99B-9DED-40F7-922B-CA878318B896}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D40E4C71-4547-4109-B550-7777228129C6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D43B3889-E66A-4742-9DE3-6AABC2392121}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D447821F-A5F3-40E7-9AB0-9F0CDDA7D043}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D45A8561-340C-443F-B869-DC811AA44299}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D47887B8-A184-4925-8B2E-4C3479B84783}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D4F55E23-3E27-47F5-B796-C7329C14742B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D5A73DD5-FD1B-4B50-8E52-A485AE61CF76}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D60CCC7A-2AD9-4205-AA4A-5AD6D73166B8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D654BE55-8697-436D-925F-DD96B5161582}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D6A63573-4975-47D8-A4E4-D3D7D822AF6D}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D6BFC4C2-6B76-4364-8E23-8567912DF12E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D86B3E2E-943F-406E-8882-D29C15296405}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D8CB4947-75F4-48AD-A417-6839551DA416}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D8FAF157-425A-44CA-AFFC-9453D0D4BB50}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D90E255F-19AE-43ED-B4C7-ECC68EA41596}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D94C34D5-CC26-4FB6-831D-AE09BBEF6345}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D956480D-BC66-470E-BCA3-4C0BF2234D57}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D9A79CA0-0492-4FAB-BE80-B7830033AD0C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D9AFE561-6D4F-4638-91B9-4B4DC46F40D0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DB0D654D-A82F-4590-A936-C10506B93722}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DBC6E49E-CE5A-4012-82DC-E1127B8366C0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DBC6F2F3-94F3-4AA6-985E-05BF857DB04B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DBD8FABD-9238-4224-AFC6-1350B98CD149}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DCA8830F-D7D8-4693-8CEA-B91F5506A80C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DCD0C82C-B9E3-47F8-A10E-5BFEB6152AF2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DCEF81E0-9611-4629-B2A2-02BEF596F127}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DD418E4E-4597-417E-8AF4-BD24A9FA4BC7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DD75013A-C8F2-4FB8-BA3F-1473A089815C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DE045319-B8EA-46F8-97CE-08F53EAA1DD6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DE3040BE-EC61-42B1-AF85-9BF5FCD1A4BC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DE5D76F1-F4F7-4A12-BC0F-C4E193D80A49}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DE71C679-CB2C-42E4-B1BF-083B86F278C8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DEADC002-247E-473D-BBC4-870B30A29903}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{DF138E53-8CA3-4F28-880F-EF77CF75E38B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E02EAFE0-380F-458C-B3D2-C36EB8BD69B3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E08072BA-7171-4B43-919E-31717FF58F3F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E08DAECA-72F1-45C9-B382-E60C0FB15E6A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E1BF6B18-4118-40E2-9B04-FA2D86ED7E7B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E23B9C6C-D50B-440C-8DB2-70C298A3E7A6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E2907F15-A8C8-4FA2-827A-E125F2913483}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E2B24B02-65F8-4A17-A996-782B77725603}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E355678E-41C6-4561-A6AC-CA7535C7E1D2}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E3E31D64-5715-4529-BF9B-4FAC1E76D860}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E40A3453-78F3-4F7B-AB06-6DC68C6CDBDC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E423B104-0708-4E8C-955C-CC2F558D99D5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E435F56A-02F4-4B75-8691-EE4360A498F4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E4E37280-06AB-44D6-A87A-10746EFF8426}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E56B24E3-E7F3-4980-9457-4DD333E26CEB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E6138A57-D83A-442E-8B6F-D8019943BB0B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E65C368B-EAA5-42A5-B111-E3E9B416CA47}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E6643C4E-BDCD-4409-9082-AF589BA9F217}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E68C7A09-EA22-40CC-BA17-38CF32D234D4}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E7097472-812C-4D66-82A8-4604F5D6E945}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E77A5D6F-D3E0-465E-9621-9DF573A7F531}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E7A720F4-03CF-451D-8EF8-735918A89DC7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E7DF37F6-80D3-4C74-8DEF-1474104F6DEF}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E87C748D-C765-4D78-A340-4E7E02655F82}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E8A2D0A9-1A34-4BF4-BFAA-665E6781CEBB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{E8EA6AF7-3D7B-4FEE-881A-1EBB73FEA9BD}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EA1ACE14-4FC1-4C86-B963-D8F0BF837DF0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EA82C454-8B7C-459F-8425-6EA4C247B800}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EAA61A76-A73B-40BD-998E-55F94328FFEE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EB2912DA-BD5D-4312-851F-4E3B0DC13ADE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EB2B3C75-408C-40A1-B5B3-5547DE8A5810}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EBBCA556-132F-4C2E-B80F-CD9C3C61571A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EBDFED50-4821-4203-9ABF-B4D21BC87A78}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EBEB2270-86D9-4C80-ADD5-44BA33575D47}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EC4555AE-A266-496C-A2FA-E04E488D1DB9}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{ECDC42FB-32EA-47B9-9C6D-DA19805399F8}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{ED7D2927-30B3-46EB-8062-B07058BBCEBE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EDCAC9DD-DF87-4201-AEBD-A1F698D90ACB}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EDE41789-CBC6-4484-8CD5-02345EACAA6B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EE5EE451-FEEA-4D67-9C54-2A1D83DA9CC6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EE6902C3-B741-4907-9319-6CCB19D81550}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F0857BA2-EE6D-4595-81DF-CF746C94C5EC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F0941641-E291-42F0-8F20-2B4E66DC80A7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F13A1140-0683-49F7-9633-036CBFD0ECCE}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F1BD828A-4A32-4C8B-97CC-9C741188D754}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F2126706-5434-42E3-AA67-2BCAF4C46A00}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F26585BE-103E-4DC5-91A2-C2BA2433F5EC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F2BD4CEA-A84A-4FCB-90E3-18E6066D4580}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F392FBE0-2703-4D15-B431-EF36E5921888}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F3C4463D-7983-4EB2-82AA-EB85B86A581E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F3F09DA9-DEDD-43C6-8521-5C25FCD6C4D3}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F43F7C59-EF6D-4F4D-9537-29025CE7E54C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F4F9282D-30A4-4CD6-B4D2-D38EF9891E19}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F66E43FA-D658-4F21-8022-D31CB8F8343F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F66F1A36-66D7-42D6-9DDB-751FCE262CCA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F74300BE-1068-4413-814B-751733FA7F82}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F8461512-50B3-4095-B8D7-F76E858D10A6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F854DDC0-E1F2-4376-A55B-36052B451762}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F8615016-2DAD-4A0D-A849-B720EC2A8D9B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F8B91076-DB6A-4296-AE55-6F4F98C935B1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F8F9BE91-3532-4B42-BB9C-DBA8B612B1C1}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F91FA894-E5DE-4625-BAE4-E84B71D36D13}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F93A83CC-FA74-495D-9494-27EBB9543C89}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F94D9738-B840-4178-8924-6F6C36449500}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FA0B6709-9B87-4588-BAD0-55ECB275F069}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FA65A455-465A-4286-AA1A-8F2AEEFC3BFC}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FA9ECA3D-6ABD-4FE5-ADEC-2356260E1229}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FB2BDEF9-8ABD-4752-9056-83D9F3A30FC7}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FBFDDA88-C5C9-43BB-AE14-46F3DF174C6F}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FC6CF18C-356B-4366-A442-C49870F6CC61}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FCCE3675-2EB6-465C-86E6-6AF629B5E210}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FCD188BA-ABB3-4F0A-8D1C-0AA3A17749F0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FDF23798-1DAC-4206-81BA-2BF2C105F9BA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FE41DC0F-9395-4191-9ED6-0E92FD398923}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FE80582E-6D62-4FD8-8F6D-053A72B4D7BA}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FF1EA959-2441-4EAA-B917-5BE1A1506CB5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FF27E592-9708-4734-A9FE-546E7E99F594}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FF7F61C6-3DFC-42B8-B3BF-022B57099D5C}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FF8DEB56-1EB6-45D9-BD75-A3F62573D68B}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FFCD52B0-E406-4EEB-B5BE-DDC6E588F0F0}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FFE85F7E-3E00-4F5D-A64A-0940D5A1D978}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 05/25/2013 at 13:07:28.73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#12 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:47 AM

Posted 25 May 2013 - 07:46 PM

Ok good job getting that ran. How is your system running? Still getting the popups and other problems?

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#13 Ansem

Ansem
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 25 May 2013 - 10:42 PM

Yeah. It seems to be a lot quicker since we started but the other problems seem to be the same.

#14 jeffce

jeffce

    Bleepin' Super Saiyan


  • Malware Response Team
  • 3,442 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:47 AM

Posted 26 May 2013 - 11:02 AM

Ok let's get a different look at this...

OTL.jpg
  • Download OTL to your desktop.
  • Right-click and Run as Administrator on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
      Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

WFxJwA4.png
 
mvp_horizontal_fullcolor-(copy2).jpeg
 


#15 Ansem

Ansem
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:04:47 AM

Posted 26 May 2013 - 01:24 PM

Alright Jeff, here are the OTL and Extras logs.

 

OTL

 

OTL logfile created on: 5/26/2013 11:13:13 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.82 Gb Available Physical Memory | 75.13% Memory free
7.50 Gb Paging File | 5.90 Gb Available in Paging File | 78.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.09 Gb Total Space | 353.67 Gb Free Space | 77.89% Space Free | Partition Type: NTFS
Drive D: | 11.57 Gb Total Space | 1.41 Gb Free Space | 12.19% Space Free | Partition Type: NTFS
 
Computer Name: OWNER-HP | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe (Uniblue Systems Ltd)
PRC - C:\Program Files (x86)\Strongvault Online Backup\BackupAgent.exe (Strongvault LLC)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
PRC - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
PRC - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\990123c5701a26f1d724150839811bce\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\f790ac5c52534a143d43ac48e25423ea\System.ComponentModel.DataAnnotations.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\USERS\OWNER\APPDATA\LOCAL\STRONGVAULT ONLINE BACKUP\SERVICES\TEMP\SUPPORT.BACKUPAGENT.SYSTEMNOTIFICATION.dll ()
MOD - C:\USERS\OWNER\APPDATA\LOCAL\STRONGVAULT ONLINE BACKUP\SERVICES\TEMP\SUPPORT.BACKUPAGENT.CLIENTMESSAGING.dll ()
MOD - C:\USERS\OWNER\APPDATA\LOCAL\STRONGVAULT ONLINE BACKUP\SERVICES\TEMP\SUPPORT.BACKUPAGENT.BACKUP.dll ()
MOD - C:\USERS\OWNER\APPDATA\LOCAL\STRONGVAULT ONLINE BACKUP\SERVICES\TEMP\SUPPORT.BACKUPAGENT.DELAY.dll ()
MOD - C:\USERS\OWNER\APPDATA\LOCAL\STRONGVAULT ONLINE BACKUP\SERVICES\TEMP\SUPPORT.BACKUPAGENT.SCHEDULERPLUGINUPDATE.dll ()
MOD - C:\USERS\OWNER\APPDATA\LOCAL\STRONGVAULT ONLINE BACKUP\SERVICES\TEMP\SUPPORT.BACKUPAGENT.APPLICATIONUPDATE.dll ()
MOD - C:\Program Files (x86)\Strongvault Online Backup\Infrastructure.Metrics.dll ()
MOD - C:\Program Files (x86)\Strongvault Online Backup\Infrastructure.Metadata.dll ()
MOD - C:\USERS\OWNER\APPDATA\LOCAL\STRONGVAULT ONLINE BACKUP\SERVICES\TEMP\SUPPORT.BACKUPAGENT.NOTIFICATIONUPDATE.dll ()
MOD - C:\Program Files (x86)\Strongvault Online Backup\Infrastructure.Models.dll ()
MOD - C:\Program Files (x86)\Strongvault Online Backup\Infrastructure.Helpers.dll ()
MOD - C:\Program Files (x86)\Strongvault Online Backup\Metrics.Dispatching.dll ()
MOD - C:\Program Files (x86)\Strongvault Online Backup\BBV.Framework.dll ()
MOD - C:\Program Files (x86)\Strongvault Online Backup\System.ComponentModel.Composition.dll ()
MOD - C:\Program Files (x86)\Strongvault Online Backup\Environment.Identification.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\Users\Owner\AppData\Roaming\PictureMover\EN-US\Presentation.dll ()
MOD - C:\Users\Owner\AppData\Roaming\PictureMover\Bin\Core.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe ()
SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV:64bit: - (ForceWare Intelligent Application Manager (IAM) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (vToolbarUpdater15.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe (AVG Secure Search)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (CinemaNow Service) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) -- c:\Program Files\PC-Doctor for Windows\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{68DC6C41-65CB-45F8-AC9B-C72EFD92C221}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{F4DDCD2E-BA4B-44F1-A53A-701531C3D75B}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{68DC6C41-65CB-45F8-AC9B-C72EFD92C221}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{68DC6C41-65CB-45F8-AC9B-C72EFD92C221}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\23\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\npHDPlg.dll ()
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/02/13 17:05:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013/03/07 00:34:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2012/11/28 21:20:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\YTKaraoke@DacSoft.org: C:\Program Files (x86)\YTKaraoke\FF\ [2013/05/24 13:48:23 | 000,000,000 | ---D | M]
 
[2013/05/09 10:16:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj\1.112_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekmkdkefndbeciggfanobcemjnppbbb\1.7.1.0_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\
CHR - Extension: No name found = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/05/24 13:14:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121023222108.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (LessTabs) - {3178A392-8963-471E-B7A2-969CB58D6496} - C:\Program Files (x86)\LessTabs\IE32\LessTabsClientIE.dll (LessTabs)
O2 - BHO: (Lyrics Finder) - {398C01F1-E584-46AD-A649-4F78B435DCFE} - C:\Program Files (x86)\LyricsFinder\lfind.dll File not found
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121023222108.dll (McAfee, Inc.)
O2 - BHO: (IEHlprObj Class) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\Program Files (x86)\Pogo Games\iWinGamesHookIE.dll File not found
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Fast Free Converter 4.1) - {B422F1BC-9ADB-48A7-8B13-00C176039DC5} - C:\PROGRA~2\FASTFR~1\FASTFR~1\FASTFR~1.DLL File not found
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Tube Karaoke) - {F351B686-F6AF-45F1-9EB9-684C805B25B1} - C:\Program Files (x86)\YTKaraoke\ytkaraoke.dll (Dacotta SoftEngineering)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
O4 - HKCU..\Run: [BackupAgent] C:\Program Files (x86)\Strongvault Online Backup\BackupAgent.exe (Strongvault LLC)
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} http://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab (MysteryPI Control)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B16435A-CC07-479A-872A-CF028A845925}: DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/05/26 11:12:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2013/05/25 13:03:17 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/05/25 13:02:46 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Owner\Desktop\JRT.exe
[2013/05/25 13:01:53 | 000,000,000 | ---D | C] -- C:\JRT
[2013/05/24 13:52:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013/05/24 13:48:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YTKaraoke
[2013/05/24 13:19:57 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/24 13:14:30 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/05/23 12:32:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/05/23 12:32:20 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/05/23 12:32:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/05/23 12:32:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/23 12:32:00 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/05/23 12:28:23 | 005,070,409 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2013/05/22 14:49:17 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2013/05/22 13:27:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Color Brush
[2013/05/22 13:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Color Brush
[2013/05/20 02:33:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2013/05/20 02:30:24 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/05/18 20:14:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\GhostElisaCameron
[2013/05/17 14:33:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Fenomen Games
[2013/05/16 03:01:57 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/05/16 03:01:57 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/05/16 03:01:56 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013/05/16 03:01:56 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013/05/16 03:01:56 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013/05/16 03:01:56 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/05/16 03:01:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/05/16 03:01:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013/05/16 03:01:56 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/05/16 03:01:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/05/16 03:01:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013/05/16 03:01:55 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/05/16 03:01:54 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/05/16 03:01:54 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/05/16 03:01:53 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/05/15 20:17:50 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013/05/15 20:17:50 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013/05/15 20:17:26 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013/05/15 20:17:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013/05/15 20:17:25 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013/05/15 20:17:25 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013/05/15 20:16:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013/05/14 23:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPC Backup
[2013/05/14 23:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Type Helper
[2013/05/11 08:21:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Playrix Entertainment
[2013/05/10 08:06:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MSSoap
[2013/05/10 08:04:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Strongvault Online Backup
[2013/05/10 08:04:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Strongvault Online Backup
[2013/05/10 08:04:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Web Backups
[2013/05/10 08:04:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2013/05/10 08:04:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Uniblue
[2013/05/10 08:04:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2013/05/10 08:03:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsTube
[2013/05/09 22:21:26 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/05/09 21:36:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\player
[2013/05/09 21:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LessTabs
[2013/05/09 21:31:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\CRE
[2013/05/09 10:16:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2013/05/09 10:16:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2013/05/09 10:16:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Mipony Download Manager Packages
[2013/05/09 10:16:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/05/09 10:16:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\DSite
[2013/05/09 10:16:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
[2013/05/09 10:16:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiPony
[2013/05/09 10:16:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiPony
[2013/05/09 10:16:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsFinder
[2013/05/07 11:50:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\STAHKM
[2013/04/30 03:24:01 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/04/30 03:24:00 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/04/30 03:24:00 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/04/30 03:24:00 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/04/30 03:24:00 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/04/30 03:24:00 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/04/30 03:24:00 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/04/30 03:24:00 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/04/30 03:24:00 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/04/30 03:24:00 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/04/30 03:24:00 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/04/30 03:24:00 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/04/30 03:24:00 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/04/30 03:24:00 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/04/30 03:24:00 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/04/30 03:24:00 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/04/30 03:24:00 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/04/30 03:24:00 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/04/30 03:24:00 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/04/30 03:24:00 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/04/30 03:24:00 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/04/30 03:24:00 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/04/30 03:24:00 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/04/30 03:24:00 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/04/30 03:24:00 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/04/30 03:24:00 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/04/30 03:24:00 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/04/30 03:24:00 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/04/30 03:24:00 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/04/30 03:24:00 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/04/30 03:24:00 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/04/30 03:24:00 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/04/30 03:24:00 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/04/30 03:24:00 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/04/30 03:24:00 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/04/30 03:24:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/04/30 03:24:00 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/04/30 03:24:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/04/30 03:24:00 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/04/30 03:24:00 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/04/30 03:24:00 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/04/30 03:24:00 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/04/30 03:24:00 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/04/30 03:24:00 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/04/30 03:24:00 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/04/30 03:24:00 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/04/30 03:24:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/04/30 03:24:00 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/04/30 03:24:00 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/04/30 03:24:00 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/04/30 03:24:00 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/04/30 03:24:00 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/04/30 03:24:00 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/04/30 03:03:22 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/04/30 03:03:22 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/04/30 03:03:22 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/04/30 03:03:22 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/04/30 03:03:22 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/04/30 03:03:22 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/04/30 03:03:22 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/04/30 03:03:22 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/04/30 03:03:22 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/04/30 03:03:22 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/04/30 03:03:22 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/04/30 03:03:22 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/04/30 03:03:22 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/04/30 03:03:22 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/04/30 03:03:22 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/04/30 03:03:22 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/04/30 03:03:22 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/04/30 03:03:22 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/04/30 03:03:22 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/04/30 03:03:22 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/04/30 03:03:22 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/04/30 03:03:22 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/04/30 03:03:22 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/04/30 03:03:22 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/30 03:03:22 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/30 03:03:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/30 03:03:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/30 03:03:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/30 03:03:22 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/30 03:03:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/30 03:03:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/30 03:03:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/30 03:03:22 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013/05/26 11:12:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2013/05/26 11:10:02 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/26 11:09:48 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013/05/26 11:09:36 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/26 11:09:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/25 12:56:56 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Owner\Desktop\JRT.exe
[2013/05/25 11:04:14 | 000,015,792 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/25 11:04:14 | 000,015,792 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 13:49:39 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2013/05/24 13:47:51 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/24 13:47:50 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\spmonitor.job
[2013/05/24 13:47:40 | 3019,350,016 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/24 13:34:36 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/05/24 13:34:36 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/05/24 13:34:36 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/05/24 13:14:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/05/24 13:04:00 | 005,070,409 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2013/05/22 19:00:38 | 000,000,646 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/22 18:59:11 | 000,632,031 | ---- | M] () -- C:\Users\Owner\Desktop\AdwCleaner.exe
[2013/05/22 18:57:29 | 000,000,512 | ---- | M] () -- C:\Users\Owner\Desktop\MBR.dat
[2013/05/22 18:00:02 | 000,000,468 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2013/05/22 14:50:45 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2013/05/20 21:45:46 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013/05/16 03:35:33 | 000,330,672 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/05/14 23:59:45 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/05/14 23:59:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/05/11 03:06:22 | 000,772,214 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/10 08:04:37 | 000,002,105 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.lnk
[2013/05/10 08:04:09 | 000,001,176 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2013/05/09 22:21:21 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/05/09 22:21:21 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/05/09 22:21:21 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/05/09 22:21:21 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/05/09 22:21:21 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/05/09 22:21:21 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/05/09 21:31:34 | 000,000,258 | RHS- | M] () -- C:\Users\Owner\ntuser.pol
[2013/05/09 10:16:07 | 000,001,005 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
[2013/05/03 19:11:50 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/04/30 21:25:54 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2013/04/30 03:24:01 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013/04/30 03:24:00 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/04/30 03:24:00 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/04/30 03:24:00 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013/04/30 03:24:00 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013/04/30 03:24:00 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013/04/30 03:24:00 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/04/30 03:24:00 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013/04/30 03:24:00 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/04/30 03:24:00 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013/04/30 03:24:00 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013/04/30 03:24:00 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013/04/30 03:24:00 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013/04/30 03:24:00 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013/04/30 03:24:00 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013/04/30 03:24:00 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013/04/30 03:24:00 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013/04/30 03:24:00 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013/04/30 03:24:00 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013/04/30 03:24:00 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013/04/30 03:24:00 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/04/30 03:24:00 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013/04/30 03:24:00 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013/04/30 03:24:00 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013/04/30 03:24:00 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013/04/30 03:24:00 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013/04/30 03:24:00 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013/04/30 03:24:00 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013/04/30 03:24:00 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013/04/30 03:24:00 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013/04/30 03:24:00 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013/04/30 03:24:00 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013/04/30 03:24:00 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013/04/30 03:24:00 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013/04/30 03:24:00 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013/04/30 03:24:00 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013/04/30 03:24:00 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013/04/30 03:24:00 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013/04/30 03:24:00 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013/04/30 03:24:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013/04/30 03:24:00 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/04/30 03:24:00 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013/04/30 03:24:00 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013/04/30 03:24:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013/04/30 03:24:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013/04/30 03:24:00 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013/04/30 03:24:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013/04/30 03:24:00 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013/04/30 03:24:00 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013/04/30 03:24:00 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/30 03:24:00 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/04/30 03:24:00 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013/04/30 03:24:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013/04/30 03:24:00 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013/04/30 03:24:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013/04/30 03:03:22 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013/04/30 03:03:22 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013/04/30 03:03:22 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013/04/30 03:03:22 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013/04/30 03:03:22 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013/04/30 03:03:22 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013/04/30 03:03:22 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/04/30 03:03:22 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013/04/30 03:03:22 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013/04/30 03:03:22 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013/04/30 03:03:22 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013/04/30 03:03:22 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013/04/30 03:03:22 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/04/30 03:03:22 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/04/30 03:03:22 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/04/30 03:03:22 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/04/30 03:03:22 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013/04/30 03:03:22 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013/04/30 03:03:22 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013/04/30 03:03:22 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013/04/30 03:03:22 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013/04/30 03:03:22 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013/04/30 03:03:22 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013/04/30 03:03:22 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/30 03:03:22 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/04/30 03:03:22 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/30 03:03:22 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/04/30 03:03:22 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/30 03:03:22 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/04/30 03:03:22 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/30 03:03:22 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/04/30 03:03:22 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/04/30 03:03:22 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/04/30 03:03:22 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
 
========== Files Created - No Company Name ==========
 
[2013/05/24 13:48:23 | 000,000,374 | ---- | C] () -- C:\Windows\tasks\Tube Karaoke Update.job
[2013/05/23 12:39:36 | 000,001,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk
[2013/05/23 12:39:31 | 000,001,919 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PictureMover.lnk
[2013/05/23 12:39:31 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2013/05/23 12:39:31 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2013/05/23 12:39:31 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2013/05/23 12:39:31 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2013/05/23 12:39:31 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/05/23 12:39:31 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2013/05/23 12:39:31 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2013/05/23 12:39:31 | 000,001,196 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapfish Photos - First 30 Prints Free.lnk
[2013/05/23 12:39:30 | 000,002,557 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
[2013/05/23 12:39:30 | 000,002,304 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Download Store.lnk
[2013/05/23 12:39:30 | 000,002,272 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Trials for QuickBooks, Quicken and TurboTax.lnk
[2013/05/23 12:39:30 | 000,002,272 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2013/05/23 12:39:30 | 000,002,258 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Barnes & Noble Desktop eReader.lnk
[2013/05/23 12:39:30 | 000,002,124 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Virtual Technician.lnk
[2013/05/23 12:39:30 | 000,002,114 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2013/05/23 12:39:30 | 000,002,021 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2013/05/23 12:39:30 | 000,001,562 | ---- | C] () -- C:\Users\Public\Desktop\Try Microsoft Office for 60 days.lnk
[2013/05/23 12:39:30 | 000,001,429 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk
[2013/05/23 12:39:30 | 000,001,380 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
[2013/05/23 12:39:30 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/05/23 12:39:30 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2013/05/23 12:32:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/05/23 12:32:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/05/23 12:32:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/05/23 12:32:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/05/23 12:32:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/05/22 19:02:26 | 000,000,258 | ---- | C] () -- C:\Windows\tasks\SpeedUpMyPC.job
[2013/05/22 19:00:12 | 000,000,646 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013/05/22 18:59:03 | 000,632,031 | ---- | C] () -- C:\Users\Owner\Desktop\AdwCleaner.exe
[2013/05/22 18:57:29 | 000,000,512 | ---- | C] () -- C:\Users\Owner\Desktop\MBR.dat
[2013/05/14 13:36:54 | 000,000,468 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2013/05/10 08:04:37 | 000,002,105 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.lnk
[2013/05/10 08:04:23 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\spmonitor.job
[2013/05/10 08:04:09 | 000,001,176 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2013/05/09 21:34:49 | 000,772,214 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/05/09 21:31:34 | 000,000,258 | RHS- | C] () -- C:\Users\Owner\ntuser.pol
[2013/05/09 10:16:07 | 000,001,005 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk
[2013/05/03 19:11:50 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/04/30 03:24:00 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/04/30 03:24:00 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/20 15:20:29 | 000,000,000 | ---- | C] () -- C:\ProgramData\-gVQFXIupvuGzMt
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/26 22:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/26 21:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/04/07 11:07:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\8floor
[2013/01/13 12:01:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Absolutist
[2012/03/24 12:30:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Alawar
[2011/12/24 18:00:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Alawar Entertainment
[2012/10/01 13:06:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Alawar Stargaze
[2013/04/29 11:25:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AlawarEntertainment
[2012/10/15 11:28:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Amaranth Games
[2012/07/08 20:21:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Anarchy
[2013/04/26 14:02:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Artifex Mundi
[2012/08/27 13:17:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Atlantis
[2012/03/30 18:27:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG2012
[2013/04/23 12:03:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Awem
[2012/03/17 10:46:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Big Finish
[2013/03/19 02:31:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Boomzap
[2011/12/22 07:58:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Casual Arts
[2013/04/13 14:34:09 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\casualArts
[2012/01/29 14:56:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\cerasus.media
[2013/05/22 13:27:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Color Brush
[2012/01/27 13:27:27 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Deep Shadows
[2012/01/21 12:58:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DGform
[2012/01/21 13:11:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DieselPuppet
[2013/04/16 11:11:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DominiGames
[2012/10/03 10:38:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DragonsEye Studios
[2013/05/09 10:16:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DSite
[2012/12/06 12:16:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\EntwinedSoD
[2012/03/12 11:13:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FamilyVacationCalifornia
[2013/04/18 20:50:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FarmMystery
[2013/05/17 14:33:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Fenomen Games
[2012/03/13 03:23:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Freeze Tag
[2011/11/11 10:18:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Funlinker
[2011/11/06 17:50:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Funswitch
[2011/11/26 14:02:16 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GameHouse
[2013/05/18 20:14:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GhostElisaCameron
[2011/11/10 09:56:15 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GO Games
[2012/03/24 12:51:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Gogii
[2013/04/06 12:58:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Gogii Games
[2012/03/05 11:49:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Happy Artist Studio
[2012/12/11 13:24:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Hidden Objects Petrodollars
[2012/11/27 12:38:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Inertia Game Studios
[2012/05/29 09:24:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\iWinv1002
[2012/07/14 13:03:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\kingdom
[2013/03/27 08:49:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Legacy Games
[2012/06/16 10:58:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LegacyInteractive
[2012/03/30 18:08:12 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MagicIndie
[2013/01/08 13:11:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Meridian93
[2013/05/09 10:16:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mipony Download Manager Packages
[2013/04/15 12:00:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MumboJumbo
[2011/10/31 13:41:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mystery of Mortlake Mansion
[2011/10/30 13:50:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PictureMover
[2013/05/09 22:11:03 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\player
[2012/11/20 08:34:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayFirst
[2012/10/09 08:02:33 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayWay
[2012/08/11 11:27:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PopCap Games
[2012/01/14 14:18:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Rainbow
[2012/03/25 13:17:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Silverback Productions
[2012/07/28 13:11:16 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SMIGames
[2012/06/24 13:34:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SpinTop Games
[2013/05/07 11:50:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\STAHKM
[2013/01/04 13:20:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\The Curse of the Werewolves
[2012/10/29 10:53:34 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TOSST
[2013/05/10 08:04:04 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Uniblue
[2012/09/02 13:48:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Virtual Prophecy
[2012/03/28 22:03:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WeatherBug
[2012/07/28 12:17:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2012/06/23 21:25:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Windows Live Writer
[2012/04/30 08:30:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Winv1002
[2012/08/04 20:00:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\YoudaGames
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:5799421C
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:5FACFF6A

< End of report >

 

Extras

 

OTL Extras logfile created on: 5/26/2013 11:13:13 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.75 Gb Total Physical Memory | 2.82 Gb Available Physical Memory | 75.13% Memory free
7.50 Gb Paging File | 5.90 Gb Available in Paging File | 78.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.09 Gb Total Space | 353.67 Gb Free Space | 77.89% Space Free | Partition Type: NTFS
Drive D: | 11.57 Gb Total Space | 1.41 Gb Free Space | 12.19% Space Free | Partition Type: NTFS
 
Computer Name: OWNER-HP | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0655F48F-9E41-4DFE-BB2F-386EACF51106}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3DEEBE7F-1834-4A12-91F8-A320C2468C9C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{567A7DB8-6D5E-4E6A-A607-57FA2AED2B57}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6B466D92-299B-49FA-A717-5138746CBFD2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04B0FB29-A767-41F2-88BA-B9EB3ABFE163}" = protocol=58 | dir=in | app=system |
"{1DACC508-5651-4D40-A23A-666E0B380D62}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{20EAAAF6-E3E4-4B8A-971D-129C14093CBF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{39DAAC20-5986-4A9F-851D-842421898E0D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{56554373-DE57-4FF3-9924-74A207F684DD}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{65BDF23B-47E8-453A-B79C-D520D8DB3AE5}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{6620E16E-AEB8-42A8-A3F0-6D4DF0163633}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{69DB46AA-37B3-40DB-A17D-57026384F3F1}" = protocol=6 | dir=in | app=c:\program files (x86)\pogo games\webupdater.exe |
"{6C6227D8-CA66-4CD4-B3E6-6F67729897C5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{6F5E4659-BEE7-4CD5-A4EE-6A8DDE9E0B4B}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{7B5FA487-2EF0-44B2-889F-243D28DE8B1A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7DCE78CA-BA8B-4A82-A9E3-3E4D2D170BBB}" = protocol=17 | dir=in | app=c:\program files (x86)\pogo games\pogodgc.exe |
"{8BD5ECEE-D6C8-4610-83D2-01297F91256E}" = protocol=17 | dir=in | app=c:\program files (x86)\pogo games\webupdater.exe |
"{8CE0238A-7200-47EB-97D8-AE4A941B9758}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{946BA5A0-A44E-4E5E-9B6E-4A44BCDF8671}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{967BD820-44C6-4051-9528-4F2AC2EE8A7F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{A7871F9D-2F44-441E-ACD4-005756C416D2}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{B47094BE-658D-4F88-BC68-0A20B462692B}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{CE11A4C1-9679-46ED-8044-03154A198118}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{CEECB7CF-CDF8-4003-8AD7-E708335ED654}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{D3B98719-CA02-4F69-AFBD-F391005555A9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{E23AA224-1BF9-48E8-B3DB-FB089E87509F}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{FA393E60-A562-4D41-BF66-0FDE5332E278}" = protocol=6 | dir=in | app=c:\program files (x86)\pogo games\pogodgc.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E3EC7FC4-B4BF-4911-9A43-F7C753CE03F5}" = AVG 2012
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = Hardware Diagnostic Tools
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}" = WeatherBug
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{495A8A3C-8FD0-4C46-9979-95C26181A1AB}" = HP Support Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59DB31A9-BCB0-4985-ACA6-F6477C7BE367}" = Strongvault Online Backup
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C547F361-5750-4CD1-9FB6-BC93827CB6C1}" = RegCure Pro
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5C7FD70-2C0A-401E-95E9-916363567DDA}" = HP Setup
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"American Pickers: The Road Less Traveled" = American Pickers: The Road Less Traveled
"Bejeweled 3" = Bejeweled 3 (remove only)
"Escape Rosecliff Island" = Escape Rosecliff Island (remove only)
"Fast Free Converter" = Fast Free Converter
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"LessTabs" = LessTabs
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"McAfee Security Scan" = McAfee Security Scan Plus
"McAfee Virtual Technician" = McAfee Virtual Technician
"Midnight Mysteries Haunted Houdini" = Midnight Mysteries Haunted Houdini (remove only)
"MiPony" = MiPony 2.0.2
"MSC" = McAfee SecurityCenter
"Mystery P.I. -- Stolen in San Francisco" = Mystery P.I. -- Stolen in San Francisco (remove only)
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"PogoDGC" = Pogo Games (remove only)
"singalong@xenophesoft.com" = Sing Along
"WildTangent hp Master Uninstall" = HP Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"WT082122" = Blackhawk Striker 2
"WT082124" = Blasterball 3
"WT082133" = Dora's Carnival Adventure
"WT082141" = FATE
"WT082168" = Penguins!
"WT082170" = Plants vs. Zombies
"WT082171" = Poker Superstars III
"WT082172" = Polar Bowler
"WT082173" = Polar Golfer
"WT082188" = Virtual Families
"WT082189" = Wheel of Fortune 2
"WT082192" = Bejeweled 2 Deluxe
"WT082200" = Chuzzle Deluxe
"WT082241" = Virtual Villagers - The Secret City
"WT082396" = Diner Dash 2 Restaurant Rescue
"WT082438" = Build-a-lot 2
"WT082442" = Faerie Solitaire
"WT082443" = Jewel Quest 3
"WT082456" = Mystery P.I. - The New York Fortune
"WT082463" = Zuma's Revenge
"WT082468" = Jewel Quest Solitaire 2
"WT083477" = Cake Mania
"WT083484" = Escape Rosecliff Island
"WT083491" = TextTwist 2
"WTA-00a2025c-2a58-4e88-9a43-290b29083c6b" = Mystery of Mortlake Mansion
"WTA-060ba286-94bb-4f03-b804-a307683e594f" = BloodTies
"WTA-072c2597-2c4a-403a-85b7-28da36245456" = The Curse of the Werewolves
"WTA-08d7b9a4-d8b0-41c8-9be0-e78690a0796b" = Unsolved Mystery Club®: Ancient Astronauts® Collector's Edition
"WTA-09494cbf-60c7-4e2e-b3f8-a57bf22cafc7" = Sphera
"WTA-09d55229-a53a-4627-b29d-0496ca834681" = Vegas Penny Slots Pack 2
"WTA-0c9d04dd-70ef-4940-8cd1-1e0c453c44e2" = Rita James and the Race to Shangri La
"WTA-0dcfaf95-fd22-48eb-81b6-1a4463a506b2" = Haunted Past: Realm of Ghosts
"WTA-1049f3b7-097f-439c-a0d2-113ea8a2f791" = Campfire Legends - The Last Act Premium Edition
"WTA-15b03958-b0d6-48e5-875c-bff31d808db2" = Red Crow Mysteries: Legion
"WTA-162d6ef0-4360-424a-82a5-99e8881b78f1" = Hawaiian Explorer - Pearl Harbor
"WTA-17c999f5-2020-458f-a2a0-73b9ff202c5e" = Margrave: The Blacksmith's Daughter
"WTA-1c1b0082-da75-4962-86d5-6e5589e09563" = Hoyle Enchanted Puzzles
"WTA-1e6307ec-8a26-4b49-87a4-665cedfd690c" = Cruel Games: Red Riding Hood
"WTA-1edfbb84-a6af-4940-8d48-22e917c1916f" = Shadows: Price for Our Sins
"WTA-227ccf0f-5378-42df-ae73-a609a4f9bdec" = Weird Park: Broken Tune
"WTA-23726bfb-8c49-4afe-af58-59c640e8bcc3" = Empress of the Deep II : Song of the Blue Whale
"WTA-24193143-4143-4adc-8fc8-2f4842737b23" = 3 Cards to Dead Time
"WTA-26c511ff-12a5-400b-8d54-9193260624fb" = G.H.O.S.T. Hunters The Haunting of Majesty Manor
"WTA-2a0a954e-98d9-43a7-8cc8-02ac2ee3439f" = Kingdom of Seven Seals
"WTA-2abcf7c9-6a0b-44e9-b3b8-7eef17ca7d94" = City of Fools
"WTA-2c52cd4f-d034-4411-b354-cceccf91407c" = The World's Legends: Kashchey the Immortal
"WTA-2c88eba1-c311-4880-bce9-cc9e1324ee5d" = Youda Legend - The Curse of the Amsterdam Diamond
"WTA-2fe0effb-6a31-411b-8eb8-0a65460420c6" = Easter Eggztravaganza 2
"WTA-320c1a42-e46d-4f8d-a103-2a78999f38fe" = Nightmares from the Deep: The Cursed Heart Collector's Edition
"WTA-35025f09-a2ea-4213-9142-11d9f6b643f4" = Titanic's Keys to the Past
"WTA-3592fe7f-7f4c-4f8e-8fa5-49e9a4a3795a" = Mystery Valley
"WTA-368a031b-0aae-4c5f-9b72-8faf70b32e98" = Oddly Enough: Pied Piper
"WTA-3b1d7c7e-9c13-42d5-a693-d95ef985cb77" = Mystery P.I. - Curious Case of Counterfeit Cove
"WTA-3eed8504-2a6c-4563-83cd-c7f89ab34dd4" = The Lost Cases of Sherlock Holmes 2
"WTA-435aa18c-ad59-4ade-bf56-7215a6cea799" = Criminal Investigation Agents Petrodollars
"WTA-4516593b-c558-4d68-8928-28e15ca546dc" = Halloween: The Pirates Curse
"WTA-458be549-34a7-42c3-913d-a9ee51ecd0d0" = House of 1000 Doors: The Palm of Zoroaster
"WTA-46fa9867-04c2-4215-9c02-b82620cdb389" = Motor Town: Soul of the Machine
"WTA-4b8c0133-0907-4ddb-84f8-6d5f6863b7fe" = Tearstone
"WTA-4f04ee12-01d2-460e-86b2-d61adc51d911" = Escape from Thunder Island!
"WTA-4f43712c-2170-42e5-adb7-d0b12edfad22" = Dark Lore Mysteries: The Hunt For Truth
"WTA-522d24a9-759c-4365-9cef-9b6a7a306475" = Elisa Cameron: Ghost
"WTA-52f687c9-6e29-4435-945c-8d6f6409f0b3" = Lost Lagoon 2: Cursed and Forgotten
"WTA-5351e399-ff66-4191-a636-26f7b3b84d18" = Scarytales All Hail King Mongo
"WTA-53639465-fbc5-44f3-99d5-c0cdcab8b7eb" = Vampires: Todd and Jessica's Story
"WTA-5477f0ad-64c3-4a9c-8b94-23c4592cc60e" = Celtic Lore: Sidhe Hills
"WTA-580b8277-37fc-4c3a-b8d6-d5bd784b95d1" = The Secret of Hildegards
"WTA-599326f7-8aee-42d8-84e6-93555f7bb9cc" = Hide and Secret 4
"WTA-5b501eae-0c17-4343-97b0-9dee64ffe3d6" = Farm Mystery
"WTA-5b95cf84-5fdd-45dd-bbee-79d0a2b9720d" = Entwined: Strings of Deception
"WTA-5ef86cb2-3070-474c-86d3-999e0ab5eee6" = Hidden Path of Faery
"WTA-5f1de273-63e0-48fd-b91e-486e1030589c" = Mystery Agency: Secrets of the Orient
"WTA-5fd35403-6b51-4a6c-907a-6543f6404c3b" = Private Eye
"WTA-605ea60f-29db-4882-b2a0-34c79465b25f" = Echoes Bundle
"WTA-6164515d-247b-4306-b54d-f31d95180ecb" = Easter Eggztravaganza
"WTA-666fc147-2959-4b9d-880c-d76d1f8abbbe" = Mysteriez: Hidden Numbers
"WTA-678354f1-3bd6-459c-b97d-2f2b03f3b33e" = Voodoo Whisperer: Curse of a Legend - Collector's Edition
"WTA-67c0496a-2656-4abc-9440-bec9a514243b" = Behind The Reflection 2: Witch's Revenge
"WTA-69a3adfc-7b01-4d73-8fd5-13c366cca3c3" = The Book of Desires
"WTA-7030c01f-9627-4eaa-a2ef-478faa7a1ca0" = Odysseus: Long Way From Home
"WTA-720468a2-9f46-4105-a14b-592c1f0f954f" = Infected: The Twin Vaccine Collector's Edition
"WTA-725319de-273b-49c1-bdac-cb014d8db9de" = Weird Park: Scary Tales
"WTA-7817d502-f8b9-4e00-ba76-aad481455e03" = Film Fatale: Lights, Camera, Madness
"WTA-7a6cb632-97f7-4c94-ad1e-fe78493aa139" = Mortimer Beckett and the Crimson Thief Premium Edition
"WTA-7f4df549-b490-4b40-a667-93da53a9f234" = Fairy Tale Mysteries: The Puppet Thief Collector's Edition
"WTA-80633fa3-89bb-4dc5-b790-0889e2d3637e" = Temple of Life Collector's Edition
"WTA-8165eb5d-52c6-4939-b747-c1b171b50e82" = Angelica Weaver: Catch Me When You Can Collector's Edition
"WTA-82b1c455-4bb2-47aa-b4ba-26f3abd3b85e" = The Saint: Abyss of Despair
"WTA-8af61641-08e1-4e97-8ffd-6c8683895d36" = Christmas Wonderland 2
"WTA-95fca521-ba0a-4b18-9acc-242fe81d84b1" = Letters from Nowhere 2
"WTA-96ac398e-303a-48c5-aaa5-e518bd0e72c9" = Sacra Terra: Angelic Night
"WTA-9a9b1a1c-13a8-4367-925c-069020d52d5e" = Escape - Special Edition Bundle
"WTA-9b48a2c5-9b7b-4a41-b685-ae3fdb041f88" = Amazing Adventures Special Edition Bundle
"WTA-9d333ce1-7850-4f1f-9017-cc14d917eb62" = SCRABBLE
"WTA-a30600c1-68a8-47a2-a20b-7b8ee757b9d7" = Midnight Mysteries: Devil on the Mississippi
"WTA-a64bf65d-e79e-4ef3-8b77-b9bd57268db7" = Golden Trails 3: The Guardian's Creed Premium Edition
"WTA-a9afe6df-0f36-4d80-9248-841e133d087a" = Three Musketeers Secrets: Constance's Mission
"WTA-ad28f27b-5098-4990-a4ea-f1137af3ddba" = Big City Adventure: London Story
"WTA-aefbfbf1-9d1e-41ff-8ff2-ffef5c710403" = The Lake House: Children of Silence
"WTA-af9a43ca-3633-4978-8dbb-8142a43b4a56" = Vacation Quest™ - Australia
"WTA-b0c0f7ae-146f-48f3-8bb1-068a0fcec6d4" = Pickers: Adventures in Rust
"WTA-b4d04ac3-c9e2-470f-b370-1e4632a5270b" = Escape the Emerald Star
"WTA-b5365eda-1130-4809-9c2c-45818dd8e94f" = Christmas Wonderland
"WTA-b9cfcdc6-972f-4017-b876-0f6e55743a89" = Big City Adventures Paris
"WTA-bad4c55c-b9c1-4113-b29d-95ce6ff256da" = Amazing Adventures: Riddle of The Two Knights™
"WTA-baff32ce-a3e4-48e0-a1f8-7e564b76b6ee" = Amulet of Time: Shadow of La Rochelle
"WTA-bd4c74d9-4c42-4476-8056-454121954ba6" = Cursed Fates: The Headless Horseman Collector's Edition
"WTA-bdb6cc6e-bf21-445f-a80b-1dc2ec964c31" = Mystery Novel
"WTA-c034a8e5-4cb0-4a48-89f7-b908dae28c11" = Twisted Lands: Origin
"WTA-c24dea7e-ceb8-4f2d-a1f1-028cf178f138" = Tales of Sorrow: Strawsbrough Town
"WTA-ca5b518e-5788-49ed-b380-60845f410c3d" = Voodoo Chronicles: The First Sign Collector's Edition
"WTA-ca6feafb-c37f-4887-99c8-a7eb70eef9da" = Committed: The Mystery at Shady Pines Premium Edition
"WTA-cab92cfd-da5b-4aa9-98a5-25989c06ec5c" = Sisters Secrecy: Arcanum Bloodlines Premium Edition
"WTA-cb5f2589-3c70-40bd-8b46-af0a5d297746" = Lost Souls 2: Enchanted Paintings Collector's Edition
"WTA-ce7521d9-4a9f-4e67-bb7a-93ce82daebb3" = Farmington Tales
"WTA-d291fc7e-a54f-41c9-8e06-444019007290" = Bedtime Stories: The Lost Dreams
"WTA-d3044466-287e-4434-a2b8-cbf1b49d3aef" = Halloween: Trick or Treat
"WTA-d66cddd1-d47a-4155-a3b3-19e4f3ac8d5c" = Murder She Wrote 2
"WTA-d77f57c9-b0e6-4f81-8654-1b8e93822c6c" = Family Vacation: California
"WTA-d840d937-8792-4f3c-9792-440f120207f0" = Treasure Hunters
"WTA-db218ed7-b268-4a7b-8d41-8944d94f6768" = Girls With Secrets
"WTA-dedb7a67-f0c7-4056-9e16-21164dc84b37" = Curse at Twilight
"WTA-e370a0c5-6d9e-4d97-ab71-35cd670a0275" = Brink of Consciousness: Dorian Gray Syndrome Collector's Edtion
"WTA-e378f09b-ebeb-4cdf-949f-b7696b06c20e" = Aspectus: Rinascimento Chronicles
"WTA-e3bec9d5-d672-4ded-8e4e-766af01bcb03" = Dark Arcana: The Carnival Collector's Edition
"WTA-e526631c-580d-4e4f-950a-6d31443f1a7d" = House of 1000 Doors: Family Secret
"WTA-e77e7b5c-5414-410b-8ac0-fde083ddc95b" = Mountain Trap: The Manor of Memories
"WTA-ea863d8a-ed1a-4dae-bbbd-a3fe18fba4be" = In Search of the Lost Temple
"WTA-ec8b649f-8812-455d-8da6-84df4983f872" = Hoyle Wacky Makeovers
"WTA-ed1898f1-c7f5-436b-a639-abc78925cfce" = Inspector Magnusson - Murder on the Titanic
"WTA-f13f3918-f0b3-44b5-b6db-6f38dca22cf8" = Mysteries of Ancient Inventors
"WTA-f1491c8e-1bdb-4961-830a-34a76ee6d593" = Exorcist 2
"WTA-f23e8d38-9659-4d23-a9e0-d5684161f32a" = Aquascapes Collector's Edition
"WTA-f9c7e90d-4ad2-4956-a0b8-e7bbb3895eb5" = Mystery Stories: Mountains of Madness
"WTA-fb7b3c33-cc31-48fb-986d-473592a4dd20" = Ghost Encounters: Deadwood
"YTKaraoke@DacSoft.org" = Tube Karaoke
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DSite" = Update for Mipony Download Manager
"HuluDesktop" = Hulu Desktop
"Mipony Download Manager Packages" = Mipony Download Manager Packages
 
========== Last 20 Event Log Errors ==========
 
[ Hewlett-Packard Events ]
Error - 1/5/2013 2:04:53 PM | Computer Name = Owner-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
 msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
 mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

   at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)

   at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
 A_0, EventArgs A_1)
 
Error - 1/12/2013 1:22:29 PM | Computer Name = Owner-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
 msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
 mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

   at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)

   at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
 A_0, EventArgs A_1)
 
Error - 1/12/2013 1:22:30 PM | Computer Name = Owner-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
 msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
 mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

   at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)

   at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
 A_0, EventArgs A_1)
 
Error - 2/23/2013 1:49:37 PM | Computer Name = Owner-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
 msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
 mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

   at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)

   at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
 A_0, EventArgs A_1)
 
Error - 2/23/2013 1:49:38 PM | Computer Name = Owner-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
 msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
 mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

   at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)

   at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
 A_0, EventArgs A_1)
 
Error - 4/27/2013 1:14:15 PM | Computer Name = Owner-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
 msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
 mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

   at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)

   at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
 A_0, EventArgs A_1)
 
Error - 4/27/2013 1:14:16 PM | Computer Name = Owner-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
 msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
 mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

   at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)

   at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
 A_0, EventArgs A_1)
 
Error - 4/27/2013 1:14:18 PM | Computer Name = Owner-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
 msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
 mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

   at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)

   at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
 A_0, EventArgs A_1)
 
Error - 4/27/2013 1:14:18 PM | Computer Name = Owner-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
 msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
 mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

   at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)

   at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
 A_0, EventArgs A_1)
 
Error - 5/4/2013 1:49:33 PM | Computer Name = Owner-HP | Source = Hewlett-Packard | ID = 0
Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\Logs\SystemInfoAA.xml'. mscorlib    at System.IO.__Error.WinIOError(Int32
 errorCode, String maybeFullPath)     at System.IO.FileStream.Init(String path, FileMode
 mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32
 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath,
Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode mode,
FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String
 msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String path, FileMode
 mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)

   at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,
 Int32 bufferSize)     at System.IO.StreamReader..ctor(String path, Encoding encoding)

   at System.IO.File.ReadAllText(String path, Encoding encoding)     at n.a(Object
 A_0, EventArgs A_1)
 
[ System Events ]
Error - 5/26/2013 2:09:27 PM | Computer Name = Owner-HP | Source = DCOM | ID = 10010
Description =
 
 
< End of report >






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users