Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Firewall Error, Possible Windows 7 antivirus 2012 infection


  • Please log in to reply
11 replies to this topic

#1 simunic

simunic

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 31 July 2013 - 08:44 PM

I can't enable Windows' firewall. An error message pops up. The laptop freezes after minutes of use, and a BSOD has appeared a few times with the error 0x0000007A.

 

I can't install Windows Security Essentials--an error message always comes up. I can install programs like Malwarebytes, but they hang during the scan. I'd appreciate any help.

 

 

 

 

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by admin at 21:22:55 on 2013-07-31
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.6060.4579 [GMT -4:00]
.
AV: Kaspersky Anti-Virus *Enabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint\Apoint.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESGfxMgr.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe
C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\System32\vds.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://sony.msn.com
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [PCTD Service Activation] "C:\Program Files (x86)\OakTree\PCTDServiceActivation\PCTDServiceActivation.exe" -checkcounter
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{0E52592C-790A-4286-AEBF-FFE297F25288} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{1AEE6368-BBB5-45F4-99F5-090F7378DC31} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{1AEE6368-BBB5-45F4-99F5-090F7378DC31}\0516474797E45647D27657563747 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.33.1
TCP: Interfaces\{1AEE6368-BBB5-45F4-99F5-090F7378DC31}\34963736F63363937323 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{1AEE6368-BBB5-45F4-99F5-090F7378DC31}\F627F6A736F6026616D696C697 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-7-19 204288]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-6-14 498688]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-8-12 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-8-12 2375168]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-3-15 428384]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2010-9-17 1251840]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-7-22 259512]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-4-15 3289208]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-12 2656536]
R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-8-12 552584]
R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-4-13 84088]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-8-12 969352]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-6-14 986112]
R3 bpenum;Intel® Centrino® WiMAX Enumerator;C:\Windows\System32\drivers\bpenum.sys [2011-5-19 84480]
R3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2011-5-19 182272]
R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;C:\Windows\System32\drivers\bpusb.sys [2011-5-19 83968]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-8-12 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-8-12 39464]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-7-19 317440]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2011-7-19 12230912]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-6-21 25496]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-14 87552]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-14 207872]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-12 425064]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-1 12032]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-7-24 53176]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-6-30 1380480]
R3 wdkmd;Intel WiDi KMD;C:\Windows\System32\drivers\WDKMD.sys [2011-6-21 42392]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/08/12 00:16:05;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2011-6-24 248304]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-6-21 34200]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
S3 NisSrv;Microsoft Network Inspection;"c:\Program Files\Microsoft Security Client\NisSrv.exe" --> c:\Program Files\Microsoft Security Client\NisSrv.exe [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-8-12 337512]
S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-2-21 113824]
S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-2-21 67232]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-1-20 286936]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-1-20 887000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-5-19 549616]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-2-19 385336]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-2-19 99104]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-9 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-08-01 01:07:40 -------- d-----w- C:\Users\admin\Doctor Web
2013-08-01 00:47:36 -------- d-----w- C:\76a09b4f6b1664a13ac07fda2b6a63
2013-07-31 23:46:15 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-31 23:46:05 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-31 20:44:15 -------- d-----w- C:\5a1c36dde4e28fe254a553
2013-07-31 20:13:23 -------- d-----w- C:\8212058551bf679817b788
2013-07-31 18:37:42 -------- d-----w- C:\ProgramData\HitmanPro
2013-07-31 17:22:24 -------- d-----w- C:\Users\admin\AppData\Roaming\Malwarebytes
2013-07-31 17:22:10 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-31 16:55:31 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-31 16:55:31 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-31 16:55:28 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-31 16:55:28 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-31 16:55:05 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-31 16:55:05 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-31 16:55:05 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-31 16:55:05 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-31 16:55:05 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-31 16:55:05 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-31 16:55:05 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-31 16:54:41 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-31 16:54:32 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-31 16:54:31 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-31 16:54:31 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-31 16:54:31 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-31 16:54:31 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-31 16:54:01 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-31 16:54:01 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
.
==================== Find3M  ====================
.
2013-07-31 23:45:55 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-20 04:25:04 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-20 04:25:04 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-19 01:50:08 247216 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-28 05:54:00 0 ----a-w- C:\Windows\SysWow64\sho25D9.tmp
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 21:23:28.59 ===============
 

 

 

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:07 AM

Posted 05 August 2013 - 01:17 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Search and delete the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete tab follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).
===

thisisujrt.gif Please download
Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.
===

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: Turorial
Link 1
Link 2

IMPORTANT !!! Save ComboFix.exe to your Desktop

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe and follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note: Do not mouse click ComboFix's window while it's running. That may cause it to stall

Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Note: If after running ComboFix you get this error message "Illegal operation attempted on a registry key that has been marked for deletion." when attempting to run a program all you need to do is restart the computer to reset the registry.
===

Third party programs if not up to date can be the cause of infiltration an infection.

Please restart the computer before running this security check.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.
===

Please paste the logs in your next reply DO NOT ATTACH THEM.
Let me know what problem persists.

#3 simunic

simunic
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 05 August 2013 - 04:32 PM

Thanks for your help. After following the instructions, Windows firewall can now be turned on.

 

The other main issue was the computer freezing or crashing when running a security program, like a virus scan. I haven't tried doing that yet.

 

Here are the logs.

 

 

AdwCleaner:

 

 

# AdwCleaner v2.306 - Logfile created 08/05/2013 at 15:57:13
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : admin - ADMIN-VAIO
# Boot Mode : Normal
# Running from : C:\Users\admin\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [2499 octets] - [05/08/2013 15:57:13]

########## EOF - C:\AdwCleaner[S2].txt - [2559 octets] ##########
 

 

 

 

 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.3.3 (08.04.2013:1)
OS: Windows 7 Ultimate x64
Ran by admin on Mon 08/05/2013 at 16:05:41.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-2207809109-2405147113-1023817257-1000\software\web assistant"
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\sho225F.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho23D5.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho25D9.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3A2.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho48F2.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho68B1.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6F30.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho86E7.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8B75.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8EFA.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC03.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD791.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF15F.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"
Successfully deleted: [Folder] "C:\Users\admin\AppData\Roaming\strongvault"
Successfully deleted: [Folder] "C:\Users\admin\appdata\local\best buy pc app"
Successfully deleted: [Folder] "C:\ai_recyclebin"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{001F8159-F09A-413A-8B75-D4B662F85E5D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{004EA2CB-AA33-421C-AC19-2F0E9882A5E4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{00BCE5FA-5C88-4C7C-96C1-AB1E519972B6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{010DD910-04CC-45BB-A542-2B050E22E0CF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0192CF78-8ED7-4D32-B113-56217BDC4190}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{01D3E8E0-D47F-4A90-BA35-4A71F7E386C2}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{01DA33DC-1323-46D4-825F-ED7A29A3B6B3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{02B6E8F2-0D4D-4839-B900-57FC5E8446D5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{02CA09A3-C4F0-4F78-BDC4-DE55B119A0EF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{035EB9FE-3D87-4DDB-8744-B994D9DCBF3F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{037BB238-F5DA-4F8B-9F53-E33EFD5331D8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{04A6733D-D575-43E9-8C50-F7610EAC7663}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{04E3F078-986B-4772-BD15-724A9CECA39F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{067D7B41-5DBC-46BF-8234-74DA96E439A8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{06B13A09-4A9F-4ACC-8B4A-9A10919F7A63}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{06CCC9D1-2AF4-4269-9807-87A521A63C0E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{076A8FE4-009D-4DCC-900F-9A3A6B7AC57E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{07BD13DB-DA70-4A26-8A7A-95A8F203267D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{07D488C0-85A3-42F4-AB7D-F3DBEB9DAA70}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{081CA460-1F1D-453E-A82F-31FFC22267F8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{08862DAE-E7BD-4BC0-8614-70EBE6E667AB}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{08AEE72B-4DDD-4754-8188-076617DDE3E4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{08E315DA-83D1-4EE6-AE82-72DB511D9889}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0940963E-DFC1-4ADC-A90D-CE96818DB637}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0967949D-855F-4C6A-BE10-9565C35863E6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0A6A9DE5-3F3A-47F8-A778-93D0AD728C68}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0A90DB6B-7904-4819-9B46-49FE94512A91}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0AA1092D-9143-4083-A48C-18B28DAAF2F1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0AEA4430-F0BD-4FC7-A48D-A0B1D2531F72}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0B128BBE-67D5-4ABB-81BE-68E3FFB8C38F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0B1CB772-B78B-4F8E-A464-751B800E58A5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0B889F63-F92D-4C6A-946A-2E812E8EB725}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0D28DEC5-92DD-4B77-A500-56ECD677816B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0D2BCC1B-AC19-4F90-85ED-9334D61C543F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0D748022-82D9-4BD1-ADB7-C323CF1811D6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0D837417-07DA-4634-9CE4-787B5303EBEC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0D8577E9-1E63-400C-A640-A1BF72BF0175}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0F10E255-38C4-4602-962C-1F08288150CE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0F774A7A-024D-45DB-A225-2A48AE3CE238}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0F96D86A-094C-410F-AAE6-837D51772EA6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{0FF51C3F-0283-4794-BDF3-65C4FED68038}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1000996E-196D-4311-AB5E-901EAC304D06}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{10E992A4-0B65-4B17-A867-7EB043B6974A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{12E9C745-5758-4D23-B126-F5AAFBB2BED9}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{137846F8-CF64-4E15-9983-97D935DC25B9}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1465A33F-A3D5-48CA-BA97-2E6727EB2953}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{14C92952-3362-49F2-B39B-4EA4EE084137}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{151B65C0-3526-4A2B-8B3F-BFBA902D4EF7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{15A91F50-6394-4081-9294-C4F392174A70}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{15D4AF4C-E126-46EC-8989-BC16733FC630}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{15F2B6AB-4DFA-4045-A8C5-6E5EE5777EE4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{16755F8C-1C56-46F5-8DF0-B07BB60F993F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1813954D-4093-4A7D-8F5B-488CF30A2585}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1873C029-7ED6-42FC-A3C3-5C4E59D270E4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{19AF0099-AD70-4A7E-9EF8-BB811A242AAC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{19E43983-5B32-4655-B25C-27053452773E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1AAEAEE3-EB49-4488-B941-A70196B87244}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1B1D8EA4-4E6F-422E-ABAA-CFF8F876976F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1CABF294-0137-4D16-8FE5-96391DAFDDDC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1D10F540-61FA-45DA-8458-B72DF2FEB827}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1D5359BF-FD37-47BF-A5F0-C590BF3F305B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1D56FBE0-1B8B-4FB3-93EC-37DABF61F60E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1D8FD09B-C6FF-49F9-AB0D-661CEE3D3BFB}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1DE00739-A7A1-406C-B309-478B4298CB0F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1E75A7AD-ED61-4A9C-9029-DF5A116B3F02}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1ECC3CDF-855D-4206-8593-F8D92C643BDD}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1F0DC39E-E94A-4A90-BF84-C075E2489E12}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1F1EE107-6224-4A94-A671-28145F7861CB}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1F87AFBC-4609-4C2A-A318-14E71C822CF4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{1F8FB330-46F4-4684-B65D-D44ED214AF8E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{20596369-230F-4AAF-8B5D-95466581F6C0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{20950092-A9D7-46FA-BF4A-ACC33583CA7E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2191690B-438B-4BF2-8CBA-82CA1EF045FF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{21C6199F-A3C3-4B0D-8804-E6993ADE21D2}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{22746BEC-6648-404B-B6EE-0B7903948136}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{236E95AC-3385-4C2C-8FA7-BEE69F749902}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2431937F-4F5E-4035-93C8-A7D26DF19B7C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{244E8499-B498-472D-BD61-8986B5A23BE8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2462FBE3-780C-4B13-ACC4-6CFDB7DB3C53}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{247DA874-7DE5-47E1-842B-B1CF7DAD7EC9}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{247E935A-585A-4205-9B76-B30F506F2FA7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2498F97B-F0A5-4144-80DC-A885118C9D48}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{250FC9C1-BA3B-45E0-9641-07F97EA57748}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{25670900-129C-4E3B-9D3A-D84201A04F40}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2582850A-B3CF-4C1C-BA22-DB6534545F64}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{259688C6-19C4-4BBB-8653-EF1605C88D5D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{25E9C967-9CD1-41A9-B2B1-B3E34CD0F1CD}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{25F7EBAF-CB3E-4B3D-9CDA-356C2B9F263D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{261AC6DD-8A37-4630-8E89-95EAE3CCE93E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{26FA6750-3A90-4472-B869-8A90B200F049}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2795B0A4-F3C8-4BA7-A17E-DD75EED89945}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{27D91BF0-E242-4F68-9AF6-0C7D0327FEB0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{27DFFF43-31FE-4E86-B1DA-519D01B5F53D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{284BCECD-918E-4DA0-A716-952F3B9566DF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{297E3A36-5645-44E0-9B13-F917FFDA9DE6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{29A105A9-3668-42C7-B53C-81579A6D3B61}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{29E0E882-56F0-4A5B-8B78-6C6C36D25413}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2A0DEF46-966C-4A98-9FDC-591C9919A227}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2A1E097A-A569-4941-A8A0-09645D94746D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2A6AB274-217E-4FF1-86C2-A591ACBC6A27}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2A82AAD2-330C-4238-848A-386D34F762D4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2C0CD155-E1F1-412A-8EE6-003953DA6FDF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2CA45FE0-C7DB-4B77-BC53-0026104D479C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2DEC107F-1553-4058-8EBA-1941A6F33166}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2E8808A9-FE86-408C-B23D-E535F1AC8464}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2E984FE3-58DC-4CD0-B510-A5E79B008B25}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2ED9C956-EE9A-49A4-AB53-5AD2ECA18D50}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{2F2FFA73-E725-4EEE-8BBA-9EA52F59EE05}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{30939F71-F5CE-4A82-A37A-D68BBBFE4169}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{318ED09B-3CEF-4DD8-A66F-695293E62EFD}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3190BAAC-BAE5-42E0-8061-EB4E8A4E984A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{31A2D547-2D85-4CEA-B553-47516F763D28}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{31B450CB-C510-41E8-A46F-7C2D5322BFBA}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3213927F-9DE6-42B1-90A4-7F44C3ECEF80}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{33A87E82-6528-45C2-AA38-F7369708DB8D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{340D4DF0-FC83-4431-ACDA-10A436EF0E42}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{340F297D-1CEC-4C4F-A370-B18BACD01192}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{35FF342D-12D9-42D0-8AF2-515136F7DF6D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{362485DB-67A2-4059-A4D7-F6C4B9AFCF1A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{36C8F2B5-B18E-4C37-9AF3-36AED72B28CF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3774ED98-EC77-491E-960A-B27F12E93481}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{379843D8-96E8-4475-AD1C-3CCA09E64449}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{37C5DAEE-EA87-4F4D-B820-5C86E18C6ACA}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{383456B7-7F00-487B-BA66-D54280F6840F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{385831D0-3241-4128-861D-CBF365F0C6EB}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{39797396-79DE-47C1-96C8-9299143B9118}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3A53353D-F6A5-45D3-AB0A-C6CBF258434C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3B98303D-7874-459E-91FA-FC97432F760C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3BDFE571-BB73-468F-88B8-717251B6C777}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3CF55F1B-7987-4087-A6EA-3B717F2AACC3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3D2AE739-4FA6-448E-AC72-2FEFE155D48F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3E536981-6B60-4E94-B0E4-97EC77BE722F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3E5B2F20-A2B7-4BD9-A86D-4319FECF7CCC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3E62D9DF-8E98-4986-B6FB-BADA6813E3B7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{3E9A3439-A857-48D8-8B1E-88762DC13030}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{40490DA0-4EB6-463A-996B-3FA495D75975}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{40C3A4FA-210B-4A12-A95C-E418C7279B32}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{41C98CE3-5CB0-449B-82C0-B4F6EFF8ADAA}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{42C51E64-9051-4202-A348-75AEAA980836}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{43626B14-B21E-4969-9113-97BA7061D1C8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{45733951-1372-4961-8A8A-1F1EA45F8E88}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{45AADF99-36B6-4B17-894C-994E43AED40F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{461DBBCF-1B83-4E16-BB65-3045C8781B7D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{461F5516-6F0E-4783-99B5-F5882F4BF919}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{463C33FA-F175-410D-BA9D-F5F71C8E5720}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{46D4C2A2-EFE4-4FBB-AFFA-E1CDF79F807E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{47A1259F-019B-40DA-B4F8-1C11D48A0DC0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{48CF7322-7F36-4968-8B60-CE5930AFCEF7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4900E885-2C23-42F0-BB83-443AC8231CBE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4A89BE52-9236-4121-9EBD-53419184311D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4C2BBEF9-2233-4ACA-AC03-C4B1108FA8C3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4D176845-F497-44D6-8BB9-143394643772}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4D368224-2B91-41B6-B124-60153CFEC451}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4D71785A-B6D3-4600-96BA-9E40816B09CB}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4D9BE3BB-1FCF-401B-9AC1-136988DD9DAA}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4DA02448-D49F-4D61-BE02-AED0D71CC4DF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4E8D7B8C-C237-4FBB-9CC0-C9CB3E391019}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4F5F48B7-2C4C-4DB7-9B43-AE5784FE1EB2}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4FA2C1D6-7C58-4DF1-BF88-A0F4CF73D15B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{4FA94FDD-E52C-4284-88C3-69CD96234CF3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{50293324-3F08-4009-A01C-40A883FD85FC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{509EB9CA-E445-4C45-9925-D47CB29F2EAD}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{518E4E0A-F373-4CDA-BF2F-DF85821470FD}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{51F0CAA4-B422-4011-BE60-AEA445823D85}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5205D833-FDD7-4384-BC86-8773BD175F31}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{52C85839-D0EE-4B2B-9CDE-8704F7E1ED7F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{531B7784-E8D8-49C2-BBA2-702A4065F50E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5584C713-BBE2-4E1B-BF6C-B0DBA2B41C89}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{56180D2B-D559-4EE2-B299-5FD7527E0C4A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{563ED807-598F-4EFB-8E77-372638358D12}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{56959263-223C-4FF4-A07F-DE6900C473F8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{56CEF6EB-CE5E-4116-9271-EB8728FC1F5E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{583145E7-A5B2-4314-B981-23D3C7CB2115}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{584ACC6F-C8AB-49FE-85FE-AA0BCB17AA8F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{58EEC589-0CAE-4DF6-B58A-A7F88644FBC8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{59DD3914-6A54-400B-97FE-61EFE3D742E4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5A1B4467-646E-476E-B160-2B299819E5B7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5A90B9BD-5609-4DC8-992A-B85CE6551F47}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5AC3EEE5-D9AA-4D81-BCCA-DC7D1E047994}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5ADB835B-6E0A-48FB-961E-0937D9F33AB6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5B385989-E98D-401B-836E-765CE19070BF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5BCE30D9-A9EF-4122-8F71-3951967DC049}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5E925481-2D86-4E2E-AC26-C8B219A4A9F4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5ECB9D24-0633-4084-8C1E-8EE161268883}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5ED5D43F-C833-45A9-A92A-A94C2252F209}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5F48E57E-3DA3-4074-9B51-A34BB319E44A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5FBAC813-7397-4EC5-B5F2-4BD90DDC07E0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{5FD9DE6B-1D57-40EA-A21C-8BED157940D7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{618E8F84-8060-4C9B-A9F2-9D770CC8A069}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6195791E-D27B-4C73-8060-D1CDC1D90D1E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{61AE2A40-8C9A-4032-ABFD-4D9F01F22B4C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{61DA7129-EE70-4D4D-86AB-FF6F7E75E712}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{61EB9791-AEEF-4450-8F27-DE38FFBD0176}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6256D05A-074F-4279-AAFA-CB446A352770}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{62630EE9-23A8-434A-9D9E-7AC6044465B6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{62958D5C-A679-41FE-AB9D-5F33F9DD95DC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{63A47E58-B570-4DB0-9B34-CAA09D313813}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{63FE4A43-0202-40EF-8898-342DC1BC8076}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{644B74C9-028F-4ACA-957F-918DD1220542}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{64B14B00-38E3-47B8-AEFF-A928236869BC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{64C73DC3-237B-433E-941C-120789324761}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{661E12EC-7F13-452C-A935-55C7A01BF42E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{670FEB40-33F3-4499-B7B6-CF84C3CF411B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6874F913-BDF2-4273-8BAE-6E8C0A79EE80}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6A4ABBBE-D646-49CE-926A-23CC42BC3019}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6A67D4AD-0ADD-4CA4-8CE4-CE08D05FB925}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6A7FF087-6634-415A-B6EE-764A64B62E18}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6AFEBC84-842E-40C9-9E74-B4D59357B3F7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6B0254C9-71C3-42BF-B514-F007F33516AC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6C814C32-D69A-4258-AD8B-7A5A7EA630A6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6CAF4606-79CE-45C1-98F4-18D34196C9DE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6CC014D0-C5A5-4A4C-BCF2-08E2BACD5A62}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6D2F51B3-D623-4987-8227-416665832B16}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6D5B19A2-503A-4A38-AFE2-3BD34988742E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6D7923AF-3AF8-4BAB-8E06-3F65375FEE15}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6D960062-76B4-41B6-A208-8EE46F3FD5B4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6E225AB4-3A02-4BE0-9D9A-1801EAD70C4B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6E2CC9ED-FD7B-4441-8E63-944F94BE5E36}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{6F243C6E-EB09-45BC-A7A1-1AB56318FB0E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{70C295FA-9789-439A-97C3-25BB8F4E2A7F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{71430FA4-221E-4CC9-B66B-AE94405A2A0D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{720D003B-EAD6-4741-8182-1C2A763AD9F5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{72A97327-7AD1-44DE-BFA9-1839FBAD0B35}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{72EA7770-FD3A-4BCB-8871-993E3ADB7811}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{734578E6-DE9B-4EC6-A60A-D6596DAB8A9D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{73958AAD-BFAB-4158-BCCC-272536BF49EF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{73B8E649-818A-4E30-8932-73BDD749563F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{73C32878-275D-47C4-97E9-0F8E89674DDD}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{73EFFC85-CE7D-4F03-AD08-092D2BE8B52B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7537A7B6-F271-4BA5-B29E-EA4B1D3CFE52}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{75711F6D-9F62-43EF-AC0F-586A7EAC8D14}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7588073A-01E2-4931-A323-4948D48A7EAA}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7617AD4A-1C23-4069-A93F-97E4DCD909D2}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{76A1C67C-20C6-4861-9C7A-8A858E5707BD}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{76E6D9B9-0AB6-4A0B-AB6D-8313ECCD73A5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{76F02450-FDAB-40AC-9FD3-3C71258853A1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{773A14E7-E39B-4169-BD4F-CFEC49BEB101}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{774409B4-A107-4211-B7F7-0554C46DE2EB}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{781C4855-0052-46F3-A288-7D008C685AEE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{782BA772-FD2B-429C-B9B5-F0D02E382088}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{79709E49-450D-4E63-AF46-6282C03B3378}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{79BD9A33-C1BF-4CA3-8060-DD3689AFB89E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7B1656CD-8277-4D13-938A-29C845FED8C0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7C656202-42E5-4974-B18D-F5CD7E556C93}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7C7A84D9-AA25-40B5-A830-250F3389BFCE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7CC9D122-B23A-4E2B-9A66-632EF1D1B0C1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7D1D10CC-69A6-4D8B-B504-29A0642AD9B1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7D99AE50-9DE7-4DD7-A8FF-10CFECF8F4D5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7DBB3CCE-103C-49F4-8463-ED376DE87F73}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7DE9C2BD-C492-46A4-A3F4-3BE91E21719F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7E8FD30E-D05B-44A2-892E-24764A19A9F3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7EE9317D-8900-465B-B584-F55A93CCA780}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7EEA0673-A8EA-48A9-993F-CF034969E5FF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{7F8FB0F4-D38B-4491-AF78-BA16BD5B1655}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{8134374E-C061-4203-B102-76D9D1BE42D4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{817BD185-4988-4104-97C5-4BE91431BBC2}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{81A564AA-2805-412D-B02C-924C4A5F3ED1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{81BB1650-9023-42FA-9F89-91006DB1A7BE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{81C0A22D-B5DF-4693-A298-5F8D3AEE72CC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{823D6D90-2B57-462A-88D6-D132E6B5008F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{82C5A76E-D9B6-4B25-9276-5226237AC3A1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{844AA5D3-2B7A-49AA-BA30-478524C755C4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{84A4A40F-1143-47A1-AAE5-EFBCBE2B6B5A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{84DCF489-B6C0-46FC-B5C6-9A85CD7E0FB7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{8540B100-DE3B-48E7-A76A-FC229B6C1D6B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{85D48140-7A2B-4DF4-9AA3-C48CEF0DD759}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{85DB1A43-D925-4821-A8CE-5E2D43342BED}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{87C10E16-A6B2-4AD4-845F-C6B34465489F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{888514BE-FCB6-4476-91DF-88F56B28B7F3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{897D04A6-1A44-473D-A937-D7915E88106F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{89F330F6-4BFD-4221-A1AB-37F3E3F81A44}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{8A670864-71B3-4430-AA09-A96D5F4CAB4C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{8ABACC0B-24AF-4CA6-9D07-A6AB51DA3932}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{8B645B56-7132-43B7-AAE3-6F3844B37B92}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{8D2CD252-EA5E-466B-9A10-1C2B5816E0E9}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{8E56C03E-8841-4182-B5D6-C2598290330F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{8EB8C2EA-E553-4D58-8219-B98D058974B5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{908A948E-E8F7-4626-A2B8-BC39A823C3D0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9194B8BF-B60E-476A-A408-90EA41B04BDF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{91BB4214-91AD-4CF3-AF26-6DBDF54DBAA9}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{91D4C590-2080-4267-96C5-300DFBBB9B4E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{91E03C78-AAA1-43A5-9140-19D70AC40B76}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{934B65A8-EF67-4364-B85E-1F4EFD8A4C61}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{93F71CD7-670D-43F2-8D40-C1C3A53488C0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{94B97073-8972-499C-91C4-15C5D4A913B3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9531E7B2-D644-46D0-9558-F5A5406BA6FF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{95928E7B-28C3-4ABD-A3CF-D4AC1409471F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{95BF61CB-0446-4F96-9725-35ABE34E5FE5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{960A4217-DFAA-4A2E-B428-30A8064682E0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{96481284-8C7F-47BD-B000-2305542FADEC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9662D86B-9DE1-4D66-92D6-CD42AF94F64C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{96E27F68-5CF1-485A-B9D0-8B82AA4A4E5A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{970E9482-FF23-46BE-8560-B06F2A2E796D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{973E335C-C5FF-487F-8D4A-CF4CB47A8A66}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{97776AB5-231C-4F33-AD3F-3C7A5588DE79}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{97AAD0CF-A0CD-4973-BD79-D381C566EFB9}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{99049194-5AC1-48DF-BF4A-1C34462AC7B1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9932CCEB-2C87-4EEE-A133-F9BF9D973477}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{998D5423-0EA9-4055-8458-0674CEAC6DC0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9A594FDC-BF1B-43B0-A764-FBD7B997CC6E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9C01B42F-9BD8-4DB0-848D-83BEFA0235D8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9C176E1F-F0CF-4420-BA9D-126BAA19462F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9C3CFCD2-5DA0-45E0-834A-D2BC4B407B85}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9C8245CB-0FBF-4038-8AF6-606CDB5C86C8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9E3633D2-A86A-4761-96A2-220E014C2939}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9E84006C-D484-43A9-82A8-4142AB72E226}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9E93BD1A-B2F1-4093-B8A1-809BD6A32E8A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9ECFB6FD-9A9D-4BDD-881F-0A8A8213D9BE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9EEE911F-509B-4D7F-8D04-B3A588F95C71}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{9FF46DBF-DDD3-465C-A811-FE3A06AC1DED}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A09DE514-65ED-46A8-933E-50F86D287EA9}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A1DA19E1-ED3D-498B-89D5-6EF73A08548E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A27D848F-6E55-40D2-9BE5-188C1885D944}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A2A27E34-17C6-4AF2-8311-2F1527085D3D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A2A515FA-9356-42BD-AE3E-AF3258821CF7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A3EDC2A3-3566-49AE-B7D9-EFA4947A15F5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A43BF629-BA29-4DE5-92BF-F10B4E607FC6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A7282B1B-6867-4F97-A1F3-027C0D3A78A0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A755AAD0-8A72-4A2D-BD3F-ED33CD263E6F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A7740CF3-9E81-4972-A4BC-9F30D0A27EDB}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A79EEF1A-EE49-485F-85AE-08561164B07A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A7D2A230-8630-48F2-84E5-A15E4878277F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A865B064-FD5C-4ECF-A8F0-F4589FBFF809}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A867AB58-DBE1-4635-B78A-1054B9044F04}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A89ADCF4-4C2D-43E4-9CA2-512CDE6A8939}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A8BD4EE6-2389-438B-8017-A2EECB04A12B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A8C090F6-4B32-4ECB-A713-096D6A10E9E7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A8D8DED0-412E-4060-89F4-AA28D44645CC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A8DDD381-B1FE-4B70-A3A6-810B80C436EF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A95E575F-DDC3-499B-AD1E-BE8A5E5DB3C1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{A9E6C6D4-5875-44C6-B321-82547811B627}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AA20CC16-72F5-414F-BEA7-E8BBFB7B24E4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AA4A218B-4B8D-40B0-A8FA-09AC76B88CF1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AB6DCE2E-D771-41FB-BB4C-58BD67F2136D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{ABB48B47-753F-4809-B399-5A841C145190}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{ABF07A63-331B-4E89-ABAD-A46E21079959}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AD7EDC59-94E9-4FDB-B760-435224016083}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{ADA712ED-34C6-4676-8615-1F83FA4208B8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{ADBF9625-5843-474A-8DE1-A30312B079EF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AE55BB43-F248-42F8-A184-28D653246636}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AEA4EEEA-5E89-4B50-9CF1-FBE7D54DDC08}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AEAB41B8-0D6F-4554-B355-16A2C036A15D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AF25B609-1A02-47DE-8EC8-9A0840927FC3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AF289B66-3168-4973-BCE7-C6E805DEDF79}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AF689631-D00B-4989-AB79-22D21867B3A5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AF809B41-CDE0-45DB-B887-E7CBD44D3409}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{AFC9298D-3617-4A8B-BF45-E67AF9B1400A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B0B22B8D-9580-4609-9D0D-D6063D4890C0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B1FC4F62-E706-4DD8-9388-6B1BFDB446B2}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B1FD5A53-05CF-4A12-A29A-5B413656D1F9}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B27C58C3-2634-43AE-90CC-4D2BA5E20168}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B2CA3498-82ED-4CE8-A93E-28D00540E537}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B2D03416-4766-4E99-8241-F4313545DC0C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B3A38D7D-7B98-4ABA-8CE0-F4AC46E2FE08}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B40FB748-730E-44BB-A456-F35FC4BE214A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B4113281-DC07-443F-9F6A-362655D6834C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B463755A-41E9-4676-97E4-FB0C5A0FB26A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B4649765-EEF5-4CA4-8BAD-AE28A3BCA8FE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B488722C-DE79-4967-8971-05C98290897B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B50C49EC-9F50-4A61-95C2-2E12A14440A5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B50EC73A-0130-43EC-9D26-55990D0F3BAA}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B557EBCC-47F6-45F2-9A6A-5D92F8200B64}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B60BBAF1-B4AB-4042-B9F0-A60F7829E724}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B60EE950-6ADA-4A75-BA4B-3C3251D11494}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B69A58A3-DC09-4371-A394-722A3B5794EA}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B708337F-AAAA-4549-BD1C-6AAA0D98C228}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B7444147-0290-44EB-AC85-DC970E11067B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B774B0AB-0389-4F76-983B-3F348D240A1E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B7B28022-1A47-4EE3-8489-FD53F6C3CCAF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B7B4A50F-B8A7-4CC4-A2CF-EED595A26A39}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B8881FF1-214A-4F8F-B849-2AAD7472274F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B97B1740-1FBE-4370-BAC3-B09CD812BB42}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{B9E33CD0-EFD4-4B42-838D-D1DF67274932}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BAAAED99-C5BD-430B-B263-B9BE57E7A596}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BAC9EC54-3118-4EF1-BBF7-C0C283C7FA6E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BAF39C6F-7F41-475B-98A0-0DD61CB17746}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BCB8833C-09B3-4810-B678-1C76F5248FE2}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BCEA1850-1B7F-4685-A7F3-5A156D26FD57}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BDBFA750-F10A-44E2-A8BA-872B66E516E0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BEAA8265-EC0A-400D-ABB5-8DD2D9BB20CC}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BF1EEF59-A96B-4D16-96F2-460DA304161E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BF4C83EC-26F5-4670-B40C-BE8B73D1A34B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BFD2CB03-5909-49BD-A962-771664967FA5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{BFF207F7-B89D-47F7-B71D-89D4FC7A2CB1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C0F2EFFA-B9C3-4DDA-8FD7-8B6C077C7582}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C26D958A-9B94-40A7-BE7C-6C125978F457}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C2877DEC-4129-4F8C-94C6-5DAF2A914640}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C2942853-01CA-4C8F-8A3A-62FA5721FE12}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C2B5500C-7829-4018-8E61-EBBDA92F7C26}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C35F5CAA-F029-48EB-BA66-DC49A1661459}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C388192B-EEA5-4B2D-9BBD-D404CB4FBC52}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C3DD8EE0-1D1D-4819-BA68-23370C79E87C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C444E5DB-4231-46DA-92E3-F1E9AC73E46A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C46FB679-1459-4CD1-8F3B-F47A60A5D447}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C4A605D1-0582-4A52-B732-A02E179FA099}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C4C940B8-054E-41D3-A97C-057FE31B601D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C4CF83B2-A797-4112-A1DF-C5C316ACBFC3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C50369E8-5E5A-4B8C-B5EF-AA7E9BCB2ED5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C59F43F8-C55D-4E4E-A923-8FF5E6CDCD7B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C5B4FB55-85E7-49F6-A9A7-9338FCD28723}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C6810010-5934-47DD-888D-B9898207178A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C8AB3744-8365-4B5A-BCEF-3D345F83D211}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C8E4FA8A-DF1E-4C5B-9E59-62A33651F251}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C92F33D5-AF4F-41C1-B054-39E03E313FA0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C942B3D4-5913-4572-8533-B473CC30887A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{C958F9CC-C11B-43D5-AA68-87CB4A6FAA88}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{CA114873-87E3-4E06-8F6B-1862D3B3DFE2}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{CA9DE348-18BD-4EF5-A9C3-8C45648B054D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{CABF0A59-DA80-434B-B14C-F3120169411D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{CAC7420D-CC6B-4702-BC22-347CDBB25B9B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{CBAC6800-CF1A-4AC5-ABC2-35C8B41E2AE0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{CD2549F2-6230-41BA-9F20-0B0565C42A9B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{CD671257-41E6-4339-8792-60CFA63074F7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{CEE2D7C4-6BD2-4B8A-94F5-D38A9C914C7D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{CF6CAE6A-2DD3-4794-9E51-098625FC6D2B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{CFDF9BB5-41E3-467E-A09B-B776092E5B72}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D01D5271-EB8B-4E6B-8FDF-A12CFF135AE0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D130B649-E43A-46EE-92DC-1757720A997B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D158AB2E-028D-43F8-8C10-FEF2BFC8ED4E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D16C77AC-8787-4CCA-82C7-A791654BE351}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D1A68035-89A3-4853-BDE4-4AD2B122140E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D205C871-0175-41FA-A133-F666532247FE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D2565A6C-6324-45BB-91A5-AEFA49E89CEE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D311BB19-4B54-489E-BB0C-79CC14D7BF86}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D316262D-0C05-42E7-8569-E99A3344EF78}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D4AF6DC9-66E1-4B5E-8B25-0A61B821597F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D52A17F3-2E78-4D02-B20D-7E0A0C4601D5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D5FD642C-DA18-471B-BB10-7EF34CBE4448}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D7A4E747-362E-4670-BCD7-C0F36ADAB23A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D83E5AE5-AFBA-4B2B-BE11-9D57B95E657E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D8F907E7-070E-46AD-8E13-09CD1F7A5754}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D937EB1B-0E48-4E05-A0D9-A20AB119F313}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D944F097-3CC3-46E5-AA2C-4FE1388868A0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D962DDB2-05F9-41A5-BE7F-13899C7569DA}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D99B7B2C-8DE3-492D-9565-F0B9631064E5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D9D83398-02BB-411C-82B4-197EAA4AAF2A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D9E35AC9-EDF2-491D-8C88-5F72B4AD7AA5}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{D9E45356-90A4-42D6-A246-1A92EB4A9577}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DA6D122B-4C73-4DD7-8068-4C803637DD56}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DA7984CE-B772-42D4-A53B-CE3C339C7E94}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DAE93BA4-A93A-4BCD-B5FB-6BB40F7F9947}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DAEF2D38-7E34-4A1B-A2BB-C84FC42877AF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DB0E4D10-FE07-4AC7-B89D-A90D369CC076}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DB27278C-5529-4A83-92B5-A6B2809578B2}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DB2F896A-A413-4D13-B1BF-F8E6079DA1FF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DBD60C91-B7F1-4B2B-BEC5-E83062FAE2E6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DC3EAEA7-2E7D-4608-A311-72EA69262B58}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DC55F37A-292F-421A-A720-311C66646355}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DCEECCE0-EE73-4C06-AC8C-7EB568A90E0B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DD457B05-E549-44BA-A3F3-0C4FD207FFA3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DD7198A7-2EC5-4F9A-8A45-B63067E66282}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DE3E0FAD-8997-46E4-B116-C49E41FAD7F1}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DEAB911D-233D-47CD-AEBE-C9B3EE3941EF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{DF59B5A8-17B1-45A3-BF72-C5ACA4DCFE2A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E0184981-9B00-4BF6-887E-FC7BDA02C1AB}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E110A4A5-FF66-4ABF-9D26-19A95CE12515}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E181069F-5832-4088-9D89-95C2A2005925}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E1B0356E-6678-4AB6-BFC4-8614A2009F43}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E1F48D41-2B47-46B8-86B0-F113328F8298}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E297232B-107B-4001-84CB-15F7AB2E0D6D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E311C704-C2B5-4352-8CCD-99A87634FCAB}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E4707ACB-412B-4983-80B3-06B09582B02D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E4A45DCA-450B-43A5-9423-D7E672BEFA28}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E4BA1828-891F-4070-A00C-873FE04BEA03}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E4CAAF1C-CD3F-4335-8D94-3657388BA5FE}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E526234E-88EC-4EF8-B709-55CAE530E373}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E55A282E-48D6-4646-8DAF-7537E3800BF3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E55BF31C-E3B8-4375-B13F-F67060773EB4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E5783E67-2ACA-4963-94CC-904C840DF5B8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E64D4874-1391-4534-909D-6CBDE2528A3A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E6735CE8-3A43-42E5-83C4-91D20C634918}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E6C46476-55F0-4C8F-9DE0-4EBA0CEFE7A6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E748BC5B-DECC-4BFD-9905-5F9B9F82C7D3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E787CFB5-CA7B-4C31-964A-3ED96C13153E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E7BAE45F-EF79-44FD-8EE3-0E1FB6A1B8A7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E7D6BF2E-D555-4B9A-9371-617953F62269}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E8A085A4-5FBD-4A00-91BA-4DD08B690271}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E8E4B697-5911-4C06-ACB0-745E30D1C65C}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{E9C3125C-E3EC-4F9C-90CE-6484849FE6D8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EA3F835B-7C17-45D9-90EE-85CA2046D11D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EB8DEA0E-9054-4DD7-BD74-062BFF71E2B8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EBA68EAB-274A-4066-9287-BA11A212B628}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EDB6CA7E-E064-4889-B643-56613E75BB62}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EDC331B8-E832-451C-A9C5-5FDC15F701A8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EE9DCC53-9B02-4D47-9F02-9E11DBB56865}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EEBE3B3C-4F53-4C64-A0D9-8D9CDAC4CE4A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EED6161F-79CC-44DC-BF14-CE0A7D1D404B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EEDAC135-7DA3-444E-9BC6-0C6FD535314D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EEE5BE8A-9585-4C39-A6DB-EF235B266EA0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EF0A0B72-AAAB-4D0E-9344-E4D9B7034CBB}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EF0F9565-F2A5-432E-9DC5-3863CB9DE470}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{EFA9672C-2F99-4C91-B548-2023E70349CF}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F04E1CF2-4577-4A4D-9E9E-061ADAD85973}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F067DDC6-384F-4ADB-A147-2E76DB6E3C9F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F086CFEA-56EB-4BDA-96D8-616C522CCDB8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F0889C43-0FA5-461E-9AB5-E2383E8026E3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F1BD1F35-535F-4E2B-9038-89B0A54D4F46}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F204C2A5-E457-457B-906E-3098C351C95A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F26DCB8D-4A89-4444-9D2B-71F4256B6F6F}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F27E8C46-A9FD-47A8-B998-299B414BED26}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F2E9B206-7F1E-441A-BC19-66DE311C0AC6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F336F448-0FC2-4C64-B3E8-5D0A5341C87A}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F369FC4F-7CFB-4975-B35E-D5954DA920B0}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F38EF1E5-E30B-43A2-A5C6-BE08BBF7EB7D}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F3C17EF3-2E75-4FC3-8CCC-B33BE67D4678}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F3EFF8D5-C559-4E1F-BC26-8924E4A0AEE6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F3F9D4B2-4D72-4BFD-B6B6-59AB91A3A667}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F45B5CCD-62D5-4142-9D0E-48BE1993BCE3}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F5AD89B5-C118-4220-A2E7-22D4770B31F6}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F5AFE175-1C10-4673-8EB4-073FD8A0A89E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F5C07B2D-2F0D-40E9-95BD-D9B4DAE59566}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F65FB2B6-9E34-453D-A168-60DFB99A7C50}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F67A859E-5FB8-4E94-8272-F656D8D04B81}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F6B0EFA4-DB1E-4477-B811-6CCA797A8B81}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F7737E17-9073-47D4-B4CA-4F1B6E584BD8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F7B30D7E-8D2C-442A-8584-C597D8348E18}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F844C181-83D0-4D75-B16F-29FA1F331E64}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F8608115-BBE4-41BF-AC08-34B856D46806}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F8968B02-F3C5-45DB-9285-C8CB71C5503B}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{F9C78D51-F68A-4537-AF6B-5113AA1F9830}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FABDEF2D-8068-49D9-8777-A3BFDB4FF743}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FAE4145D-4223-4B9A-8F2A-73D443C82CB8}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FB39B36C-AA9A-4F58-A3F1-F993A3F821AA}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FB530208-C3B2-4A3C-8CD7-C75CDD3308B9}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FC84BF78-706A-458D-8F36-C9BE5D2CF6F7}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FCA44744-87A3-4800-A1F2-EEC8241198AA}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FCAEEDA9-D92C-40D7-A02F-D58F223E642E}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FD1F1169-0285-4127-AAB9-2E6B95330328}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FD257F8D-2CC1-4FFA-BC2D-8B21CFF3FD65}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FDBD5BC7-6DE1-4587-B583-F6EE7FA112E4}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FDF206CB-1623-4118-BAD5-C180D8902C64}
Successfully deleted: [Empty Folder] C:\Users\admin\appdata\local\{FFE34AD5-4E7F-4B59-844E-8241E73C27FB}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 08/05/2013 at 16:24:19.21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

ComboFix:

 

 

ComboFix 13-08-05.03 - admin 08/05/2013  16:33:30.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.6060.4000 [GMT -4:00]
Running from: c:\users\admin\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
(((((((((((((((((((((((((   Files Created from 2013-07-05 to 2013-08-05  )))))))))))))))))))))))))))))))
.
.
2013-08-05 20:44 . 2013-07-15 07:34    9460976    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{25C14705-E85E-4F0A-80F4-DED5C14714DE}\mpengine.dll
2013-08-05 20:43 . 2013-08-05 20:43    --------    d-----w-    c:\users\Guest\AppData\Local\temp
2013-08-05 20:43 . 2013-08-05 20:43    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-08-05 20:03 . 2013-08-05 20:03    --------    d-----w-    c:\windows\ERUNT
2013-08-03 22:43 . 2013-08-03 22:45    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-08-03 22:43 . 2013-08-03 22:43    162008    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2013-08-03 22:42 . 2013-08-03 22:42    36680    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2013-08-01 21:13 . 2013-08-03 22:19    378944    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2013-08-01 21:13 . 2013-05-09 08:59    33400    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2013-08-01 20:51 . 2013-08-01 20:51    --------    d-----w-    c:\program files (x86)\Check Point Software Technologies LTD
2013-08-01 20:51 . 2013-08-01 20:51    --------    d-----w-    c:\users\admin\AppData\Roaming\Check Point Software Technologies LTD
2013-08-01 20:51 . 2013-08-01 20:55    --------    d-----w-    c:\program files (x86)\CheckPoint
2013-08-01 20:51 . 2013-08-01 20:51    --------    d-----w-    c:\programdata\CheckPoint
2013-08-01 20:46 . 2013-08-01 20:46    --------    d-----w-    c:\users\admin\AppData\Local\ElevatedDiagnostics
2013-08-01 01:07 . 2013-08-01 01:07    --------    d-----w-    c:\users\admin\Doctor Web
2013-07-31 23:46 . 2013-07-31 23:46    --------    d-----w-    c:\program files (x86)\Common Files\Java
2013-07-31 23:46 . 2013-07-31 23:45    867240    ----a-w-    c:\windows\SysWow64\npDeployJava1.dll
2013-07-31 23:46 . 2013-07-31 23:45    96168    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-31 23:45 . 2013-07-31 23:45    --------    d-----w-    c:\program files (x86)\Java
2013-07-31 23:44 . 2013-07-31 23:44    --------    d-----w-    c:\programdata\McAfee
2013-07-31 20:44 . 2013-07-31 20:44    --------    d-----w-    C:\5a1c36dde4e28fe254a553
2013-07-31 20:13 . 2013-07-31 20:13    --------    d-----w-    C:\8212058551bf679817b788
2013-07-31 19:54 . 2013-07-31 19:54    --------    d-----w-    c:\program files (x86)\Common Files\Adobe
2013-07-31 18:37 . 2013-07-31 19:44    --------    d-----w-    c:\programdata\HitmanPro
2013-07-31 17:22 . 2013-07-31 17:22    --------    d-----w-    c:\users\admin\AppData\Roaming\Malwarebytes
2013-07-31 17:22 . 2013-07-31 17:22    --------    d-----w-    c:\programdata\Malwarebytes
2013-07-31 16:55 . 2013-06-04 06:00    624128    ----a-w-    c:\windows\system32\qedit.dll
2013-07-31 16:55 . 2013-06-04 04:53    509440    ----a-w-    c:\windows\SysWow64\qedit.dll
2013-07-31 16:55 . 2013-05-06 06:03    1887744    ----a-w-    c:\windows\system32\WMVDECOD.DLL
2013-07-31 16:55 . 2013-05-06 04:56    1620480    ----a-w-    c:\windows\SysWow64\WMVDECOD.DLL
2013-07-31 16:55 . 2013-05-27 05:50    1011712    ----a-w-    c:\program files\Windows Defender\MpSvc.dll
2013-07-31 16:55 . 2013-05-27 05:50    571904    ----a-w-    c:\program files\Windows Defender\MpClient.dll
2013-07-31 16:55 . 2013-05-27 05:50    314880    ----a-w-    c:\program files\Windows Defender\MpCommu.dll
2013-07-31 16:55 . 2013-05-27 04:57    4608    ----a-w-    c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-31 16:55 . 2013-05-27 04:57    54784    ----a-w-    c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-31 16:55 . 2013-05-27 04:57    392704    ----a-w-    c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-31 16:55 . 2013-05-27 03:15    9216    ----a-w-    c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-31 16:54 . 2013-06-05 03:34    3153920    ----a-w-    c:\windows\system32\win32k.sys
2013-07-31 16:54 . 2013-04-10 05:48    1732608    ----a-w-    c:\program files\Windows Journal\NBDoc.DLL
2013-07-31 16:54 . 2013-04-10 05:46    1402880    ----a-w-    c:\program files\Windows Journal\JNWDRV.dll
2013-07-31 16:54 . 2013-04-10 05:46    1393152    ----a-w-    c:\program files\Windows Journal\JNTFiltr.dll
2013-07-31 16:54 . 2013-04-10 05:46    1367040    ----a-w-    c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-31 16:54 . 2013-04-10 05:03    936448    ----a-w-    c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-31 16:54 . 2013-04-09 23:34    1247744    ----a-w-    c:\windows\SysWow64\DWrite.dll
2013-07-31 16:54 . 2013-04-02 22:51    1643520    ----a-w-    c:\windows\system32\DWrite.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-31 23:45 . 2011-08-12 06:39    789416    ----a-w-    c:\windows\SysWow64\deployJava1.dll
2013-07-31 20:38 . 2011-12-06 22:24    78185248    ----a-w-    c:\windows\system32\MRT.exe
2013-06-20 04:25 . 2012-12-22 00:04    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-20 04:25 . 2011-08-12 07:12    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-19 01:50 . 2013-06-19 01:50    247216    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
2013-06-13 20:34 . 2013-06-13 20:34    451096    ----a-w-    c:\windows\system32\drivers\vsdatant.sys
2013-05-25 07:23 . 2013-05-25 07:23    226304    ----a-w-    c:\windows\system32\elshyph.dll
2013-05-25 07:23 . 2013-05-25 07:23    185344    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-05-25 07:23 . 2013-05-25 07:23    1054720    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-25 07:23 . 2013-05-25 07:23    158720    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-05-25 07:23 . 2013-05-25 07:23    73728    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-25 07:23 . 2013-05-25 07:23    719360    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-05-25 07:23 . 2013-05-25 07:23    61952    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-05-25 07:23 . 2013-05-25 07:23    523264    ----a-w-    c:\windows\SysWow64\vbscript.dll
2013-05-25 07:23 . 2013-05-25 07:23    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-05-25 07:23 . 2013-05-25 07:23    38400    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-05-25 07:23 . 2013-05-25 07:23    361984    ----a-w-    c:\windows\SysWow64\html.iec
2013-05-25 07:23 . 2013-05-25 07:23    23040    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-05-25 07:23 . 2013-05-25 07:23    150528    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-05-25 07:23 . 2013-05-25 07:23    1441280    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2013-05-25 07:23 . 2013-05-25 07:23    138752    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-05-25 07:23 . 2013-05-25 07:23    137216    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2013-05-25 07:23 . 2013-05-25 07:23    12800    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-05-25 07:23 . 2013-05-25 07:23    110592    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-05-25 07:23 . 2013-05-25 07:23    97280    ----a-w-    c:\windows\system32\mshtmled.dll
2013-05-25 07:23 . 2013-05-25 07:23    905728    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-05-25 07:23 . 2013-05-25 07:23    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-05-25 07:23 . 2013-05-25 07:23    762368    ----a-w-    c:\windows\system32\ieapfltr.dll
2013-05-25 07:23 . 2013-05-25 07:23    599552    ----a-w-    c:\windows\system32\vbscript.dll
2013-05-25 07:23 . 2013-05-25 07:23    452096    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-05-25 07:23 . 2013-05-25 07:23    441856    ----a-w-    c:\windows\system32\html.iec
2013-05-25 07:23 . 2013-05-25 07:23    281600    ----a-w-    c:\windows\system32\dxtrans.dll
2013-05-25 07:23 . 2013-05-25 07:23    27648    ----a-w-    c:\windows\system32\licmgr10.dll
2013-05-25 07:23 . 2013-05-25 07:23    270848    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-05-25 07:23 . 2013-05-25 07:23    247296    ----a-w-    c:\windows\system32\webcheck.dll
2013-05-25 07:23 . 2013-05-25 07:23    235008    ----a-w-    c:\windows\system32\url.dll
2013-05-25 07:23 . 2013-05-25 07:23    216064    ----a-w-    c:\windows\system32\msls31.dll
2013-05-25 07:23 . 2013-05-25 07:23    197120    ----a-w-    c:\windows\system32\msrating.dll
2013-05-25 07:23 . 2013-05-25 07:23    173568    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-05-25 07:23 . 2013-05-25 07:23    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-05-25 07:23 . 2013-05-25 07:23    1509376    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-05-25 07:23 . 2013-05-25 07:23    144896    ----a-w-    c:\windows\system32\wextract.exe
2013-05-25 07:23 . 2013-05-25 07:23    1400416    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-05-25 07:23 . 2013-05-25 07:23    102912    ----a-w-    c:\windows\system32\inseng.dll
2013-05-25 07:23 . 2013-05-25 07:23    92160    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-05-25 07:23 . 2013-05-25 07:23    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-05-25 07:23 . 2013-05-25 07:23    62976    ----a-w-    c:\windows\system32\pngfilt.dll
2013-05-25 07:23 . 2013-05-25 07:23    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-05-25 07:23 . 2013-05-25 07:23    51200    ----a-w-    c:\windows\system32\imgutil.dll
2013-05-25 07:23 . 2013-05-25 07:23    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-05-25 07:23 . 2013-05-25 07:23    149504    ----a-w-    c:\windows\system32\occache.dll
2013-05-25 07:23 . 2013-05-25 07:23    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-05-25 07:23 . 2013-05-25 07:23    136192    ----a-w-    c:\windows\system32\iepeers.dll
2013-05-25 07:23 . 2013-05-25 07:23    135680    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-05-25 07:23 . 2013-05-25 07:23    12800    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-05-14 03:43 . 2012-06-19 14:49    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 05:51 . 2013-06-15 20:47    184320    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-15 20:47    1464320    ----a-w-    c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-15 20:47    139776    ----a-w-    c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-15 20:47    52224    ----a-w-    c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-15 20:47    140288    ----a-w-    c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-15 20:47    1160192    ----a-w-    c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-15 20:47    103936    ----a-w-    c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-15 20:47    1192448    ----a-w-    c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-15 20:47    903168    ----a-w-    c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-15 20:47    43008    ----a-w-    c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-16 03:13    30720    ----a-w-    c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-16 03:13    24576    ----a-w-    c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-16 03:14    1910632    ----a-w-    c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-02 336384]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-06-01 2801288]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-07-14 75048]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2011-03-15 650080]
"PCTD Service Activation"="c:\program files (x86)\OakTree\PCTDServiceActivation\PCTDServiceActivation.exe" [2010-12-02 28597760]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-07 421736]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-09-30 2215768]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-06-20 73832]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]
Intuit Data Protect.lnk - c:\program files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe /Startup [2010-9-17 6034296]
QuickBooks Update Agent.lnk - c:\program files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2012-5-14 1156968]
QuickBooks_Standard_21.lnk - c:\program files (x86)\Intuit\QuickBooks 2011\QBW32.EXE -silent [2012-5-14 1178984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/08/12 00:16;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 mbamswissarmy;mbamswissarmy;c:\windows\system32\drivers\mbamswissarmy.sys;c:\windows\SYSNATIVE\drivers\mbamswissarmy.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys;c:\windows\SYSNATIVE\drivers\aswNdis2.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswFW;avast! TDI Firewall Driver;c:\windows\system32\drivers\aswFW.sys;c:\windows\SYSNATIVE\drivers\aswFW.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;c:\program files\Intel\WiMAX\Bin\DMAgent.exe;c:\program files\Intel\WiMAX\Bin\DMAgent.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;c:\program files\Intel\WiMAX\Bin\AppSrv.exe;c:\program files\Intel\WiMAX\Bin\AppSrv.exe [x]
S2 ZAPrivacyService;ZoneAlarm Privacy Service;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe;c:\program files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [x]
S3 bpenum;Intel® Centrino® WiMAX Enumerator;c:\windows\system32\DRIVERS\bpenum.sys;c:\windows\SYSNATIVE\DRIVERS\bpenum.sys [x]
S3 bpmp;Intel® Centrino® WiMAX 6050 Series;c:\windows\system32\DRIVERS\bpmp.sys;c:\windows\SYSNATIVE\DRIVERS\bpmp.sys [x]
S3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver;c:\windows\system32\Drivers\bpusb.sys;c:\windows\SYSNATIVE\Drivers\bpusb.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe;c:\program files\Sony\VAIO Update Common\VUAgent.exe [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windows\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_9EC60124
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-01 20:45    1173456    ----a-w-    c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-01 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-01 08:58]
.
2013-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-22 00:04]
.
2013-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-22 00:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58    133840    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-16 11490408]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-06-16 2179688]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-19 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-19 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-19 416024]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{F897EB0E-A3A4-46C3-80EB-2729699D8892} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-48e4cff94f039634 - c:\programdata\Best Buy pc app\ClickOnceUninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
c:\program files (x86)\DDNi\Oasis\VAIO Messenger.exe
.
**************************************************************************
.
Completion time: 2013-08-05  16:50:30 - machine was rebooted
ComboFix-quarantined-files.txt  2013-08-05 20:50
.
Pre-Run: 417,893,134,336 bytes free
Post-Run: 417,356,345,344 bytes free
.
- - End Of File - - CA476BA322B129BC75F725E676564F9B
D41D8CD98F00B204E9800998ECF8427E

 

 

 

Security Checkup:

 

 

Results of screen317's Security Check version 0.99.71  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Internet Security   
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 25  
 Adobe Flash Player 11.7.700.224  
 Adobe Reader XI  
 Google Chrome 28.0.1500.72  
 Google Chrome 28.0.1500.95  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 CheckPoint ZoneAlarm vsmon.exe  
 CheckPoint ZoneAlarm ZAPrivacyService.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 4%
````````````````````End of Log``````````````````````
 

 

 

 

 

 

 

 

 



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:07 AM

Posted 06 August 2013 - 09:06 AM

Looking Good.

Any remaining issues?

#5 simunic

simunic
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 06 August 2013 - 02:19 PM

Windows firewall is working now. But the laptop continues to BSOD after a few minutes. Also, Windows explorer crashed twice and this error message pops up: Instructions at 0x0000000076F751B9 reference memory at 0x000000007701C4E0. The required data was not placed into memory because of I/O error status of 0x000000e.

#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:07 AM

Posted 07 August 2013 - 06:47 AM


If the BSOD is caused by a file we should be able to identify the culprit.

If not it may be some damaged RAM.

Please download the free home edition of WhoCrashed to your Desktop from here whocra10.png and install it by double-clicking "whocrashedSetup.exe".
At the end, it will open automatically. Click the "Analyze" button.

Please scroll down the Information window to copy and paste the results in your next reply.

whocra11.png



#7 simunic

simunic
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 07 August 2013 - 12:28 PM

Crash Dump Analysis

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

No valid crash dumps have been found on your computer

Conclusion

Crash dumps are enabled but no valid crash dumps have been found. It may be that there are problems which prevent crash dumps from being written out. Check out the following article for possible causes: If crash dumps are not written out.

In case your computer does experience sudden reboots it is likely these are caused by malfunctioning hardware, power failure or a thermal issue. To troubleshoot a thermal issue, check the temperature using your BIOS setup program, check for dust in CPU and motherboard fans and if your computer is portable make sure it's located on a hard surface. Otherwise it's suggested you contact the support department of the manufacturer of your system or test your system with a memory test utility for further investigation.

Check out the following articles for more information: Troubleshooting sudden resets and shut downs.

Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further. 



#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:07 AM

Posted 07 August 2013 - 12:44 PM

Is the Crash dump setting ok.

http://support.microsoft.com/kb/315263#method2

#9 simunic

simunic
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 07 August 2013 - 12:58 PM

I believe so. Kernel memory dump.



#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:07 AM

Posted 08 August 2013 - 07:30 AM

There are other fixes suggested on the log.

If all fails then run this to see if some 3rd party drivers are out of date.

Secunia Personal Software Inspector (PSI)
http://secunia.com/vulnerability_scanning/personal/
Secunia PSI is a security scanner which identifies programs that are insecure and need updates.
If interested in security I would download the tool and run it.
<<<>>>

#11 simunic

simunic
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:03:07 AM

Posted 09 August 2013 - 03:29 PM

No luck. Drivers are up to date. I tried the suggestions on the log as well. The laptop freezes or crashes after around 10 or 15 minutes. Any other ideas?

#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,888 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:07 AM

Posted 10 August 2013 - 07:47 AM

Could be caused by heat or some other hardware problems.

check your RAM.
http://technet.microsoft.com/en-us/magazine/ff700221.aspx

===

Check your hard disk for errors
http://windows.microsoft.com/en-ca/windows-vista/check-your-hard-disk-for-errors

Keep me posted.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users