Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MalwareBytes found 6 PUPs: 5 files, 1 registry key


  • This topic is locked This topic is locked
25 replies to this topic

#1 Kayjay4860

Kayjay4860

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 18 February 2014 - 12:23 AM

Hello, everyone,

 

First of all, thanks in advance for all of your help! I am posting today because my girlfriend's computer has a malware infection. She thinks it happened today because she noticed the following problems:

  1. Browser would spontaneously crash.
  2. Computer screen would flicker and the lower taskbar kept disappearing.
  3. The computer kept having errors when she attempted to turn it off.

I am trying to help her fix these issues, and although I am good at NOT getting my computer infected, I am not knowledgeable enough to fix infected computers. I followed all of the guidlines in the preparation guide and here are the results. One thing to note: I removed her utorrent program after the malware scan finished; I would have uninstalled it before, but I didn't even know she had it.

 

----------------------

DDS Log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.45.2
Run by Katherine at 0:04:00 on 2014-02-18
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2935.1478 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\System32\rundll32.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Katherine\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Users\Katherine\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - 
uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: <No Name>: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Google Update] "C:\Users\Katherine\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
StartupFolder: C:\Users\KATHER~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{481D3EF7-3681-473D-9C98-8C05FB99D70B} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{481D3EF7-3681-473D-9C98-8C05FB99D70B}\458656D2C4F62746D2441627B61647861627D215575637F6D23557072756D656 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{481D3EF7-3681-473D-9C98-8C05FB99D70B}\4656661657C647 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{481D3EF7-3681-473D-9C98-8C05FB99D70B}\5487368616E6765602055726C69636 : DHCPNameServer = 10.128.128.128
TCP: Interfaces\{481D3EF7-3681-473D-9C98-8C05FB99D70B}\84F4D454D254435383 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{481D3EF7-3681-473D-9C98-8C05FB99D70B}\84F6D656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{481D3EF7-3681-473D-9C98-8C05FB99D70B}\A405F47343 : DHCPNameServer = 192.168.1.1 71.242.0.12
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1	www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Katherine\AppData\Roaming\Mozilla\Firefox\Profiles\7chlrh8u.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Katherine\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\Katherine\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Katherine\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\Katherine\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-1 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-1 189936]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-5-16 55280]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-12-15 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-12-15 378944]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-4-25 89600]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-12-15 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-12-15 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-2-17 46808]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-25 13336]
R2 MSSQL$QSRNVIVO9;SQL Server (QSRNVIVO9);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\sqlservr.exe [2011-6-17 43040096]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 134944]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-6-5 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-6-5 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-6-5 171928]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-4-25 53800]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-4-25 35104]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-4-25 172704]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-4-25 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-4-25 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-25 289280]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-17 7680512]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2010-11-16 141192]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-25 2320920]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-13 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-4-25 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-25 325152]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;C:\Windows\System32\drivers\silabenm.sys [2011-1-27 27336]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;C:\Windows\System32\drivers\silabser.sys [2011-1-27 69120]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-5-14 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 44896]
S4 SQLAgent$QSRNVIVO9;SQL Server Agent (QSRNVIVO9);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\SQLAGENT.EXE [2011-6-17 370016]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\iexplore.exe="C:\Program Files\Internet Explorer\iexplore.exe" %1 [UserChoice]
.
=============== Created Last 30 ================
.
2014-02-18 03:05:46	--------	d-----w-	C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-18 03:04:51	91352	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2014-02-17 06:46:09	10315576	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AFBF04CB-F2B2-410A-A3DB-C2A6985970E9}\mpengine.dll
2014-02-16 04:39:32	10315576	----a-w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-14 03:48:22	548864	----a-w-	C:\Windows\System32\vbscript.dll
2014-02-14 03:48:22	454656	----a-w-	C:\Windows\SysWow64\vbscript.dll
2014-02-13 20:21:36	1882112	----a-w-	C:\Windows\System32\msxml3.dll
2014-02-13 20:20:58	428032	----a-w-	C:\Windows\SysWow64\secproc.dll
2014-02-13 20:20:57	390144	----a-w-	C:\Windows\SysWow64\msdrm.dll
2014-02-13 20:20:57	123392	----a-w-	C:\Windows\System32\secproc_ssp.dll
2014-02-13 20:20:56	87040	----a-w-	C:\Windows\SysWow64\secproc_ssp_isv.dll
2014-02-13 20:20:56	87040	----a-w-	C:\Windows\SysWow64\secproc_ssp.dll
2014-02-13 20:20:56	123392	----a-w-	C:\Windows\System32\secproc_ssp_isv.dll
2014-02-13 20:20:50	1987584	----a-w-	C:\Windows\SysWow64\d3d10warp.dll
2014-02-13 20:20:49	2565120	----a-w-	C:\Windows\System32\d3d10warp.dll
2014-02-13 20:20:47	3928064	----a-w-	C:\Windows\System32\d2d1.dll
2014-02-13 20:20:47	3419136	----a-w-	C:\Windows\SysWow64\d2d1.dll
2014-02-05 21:46:10	5556104	----a-w-	C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-01-24 02:02:34	965000	------w-	C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{93B3F6A0-774E-4640-89DD-E31659C84750}\gapaengine.dll
2014-01-20 23:44:13	--------	d-----w-	C:\Program Files\iPod
2014-01-20 23:44:09	--------	d-----w-	C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-20 23:44:09	--------	d-----w-	C:\Program Files\iTunes
2014-01-20 23:44:09	--------	d-----w-	C:\Program Files (x86)\iTunes
.
==================== Find3M  ====================
.
2014-02-06 11:30:46	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39	66048	----a-w-	C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47	48640	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03	139264	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45	111616	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11	708608	----a-w-	C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26	2724864	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37	5768704	----a-w-	C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36	61952	----a-w-	C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46	51200	----a-w-	C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32	2041856	----a-w-	C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22	112128	----a-w-	C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27	553472	----a-w-	C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36	4244480	----a-w-	C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52	2334208	----a-w-	C:\Windows\System32\wininet.dll
2014-02-06 09:09:30	1964032	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35	1820160	----a-w-	C:\Windows\SysWow64\wininet.dll
2014-02-05 21:46:17	71048	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 21:46:17	692616	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-22 14:52:21	72016	----a-w-	C:\Windows\System32\drivers\aswRdr2.sys
2014-01-22 14:52:21	65336	----a-w-	C:\Windows\System32\drivers\aswRvrt.sys
2014-01-22 14:52:21	189936	----a-w-	C:\Windows\System32\drivers\aswVmm.sys
2014-01-22 14:52:21	1030952	----a-w-	C:\Windows\System32\drivers\aswSnx.sys
2014-01-22 14:52:19	80816	----a-w-	C:\Windows\System32\drivers\aswMonFlt.sys
2014-01-22 14:51:40	41664	----a-w-	C:\Windows\avastSS.scr
2014-01-19 07:33:29	270496	------w-	C:\Windows\System32\MpSigStub.exe
2013-12-06 02:30:08	2048	----a-w-	C:\Windows\System32\msxml3r.dll
2013-12-06 02:02:08	2048	----a-w-	C:\Windows\SysWow64\msxml3r.dll
2013-12-06 02:02:08	1237504	----a-w-	C:\Windows\SysWow64\msxml3.dll
2013-12-04 02:27:33	485888	----a-w-	C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:16	488448	----a-w-	C:\Windows\System32\secproc.dll
2013-12-04 02:26:32	528384	----a-w-	C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51	658432	----a-w-	C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51	626176	----a-w-	C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50	552960	----a-w-	C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48	553984	----a-w-	C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20	423936	----a-w-	C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 01:54:14	510976	----a-w-	C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10	594944	----a-w-	C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09	572416	----a-w-	C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06	508928	----a-w-	C:\Windows\SysWow64\RMActivate_ssp_isv.exe
2013-11-27 01:41:37	343040	----a-w-	C:\Windows\System32\drivers\usbhub.sys
2013-11-27 01:41:15	99840	----a-w-	C:\Windows\System32\drivers\usbccgp.sys
2013-11-27 01:41:11	53248	----a-w-	C:\Windows\System32\drivers\usbehci.sys
2013-11-27 01:41:11	325120	----a-w-	C:\Windows\System32\drivers\usbport.sys
2013-11-27 01:41:09	25600	----a-w-	C:\Windows\System32\drivers\usbohci.sys
2013-11-27 01:41:06	30720	----a-w-	C:\Windows\System32\drivers\usbuhci.sys
2013-11-27 01:41:03	7808	----a-w-	C:\Windows\System32\drivers\usbd.sys
2013-11-26 11:40:00	376768	----a-w-	C:\Windows\System32\drivers\netio.sys
2013-11-26 10:32:56	3156480	----a-w-	C:\Windows\System32\win32k.sys
2013-11-23 18:26:20	417792	----a-w-	C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34	465920	----a-w-	C:\Windows\System32\WMPhoto.dll
.
============= FINISH:  0:06:01.74 ===============

----------------------

MalwareBytes Log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.17.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Katherine :: KATHERINE-PC [administrator]

2/17/2014 10:29:13 PM
mbam-log-2014-02-17 (22-29-13).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 372191
Time elapsed: 1 hour(s), 15 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Program Files (x86)\Conduit\Community Alerts\Alert0.dll (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\Users\Katherine\AppData\LocalLow\uTorrentBar\hk64tbuTo0.dll (PUP.Optional.Conduit) -> Delete on reboot.
C:\Users\Katherine\AppData\LocalLow\uTorrentBar\hktbuTo0.dll (PUP.Optional.Conduit) -> Delete on reboot.
C:\Users\Katherine\AppData\LocalLow\uTorrentBar\ldrtbuTo0.dll (PUP.Optional.Conduit) -> Delete on reboot.
C:\Users\Katherine\AppData\LocalLow\uTorrentBar\tbuTo0.dll (PUP.Optional.Conduit) -> Delete on reboot.

(end)

---

 

I rebooted the computer after the malware scan. I have attached the attach dds counterpart.

 

Thanks for all your help!

 

Attached File  attach.zip   4KB   0 downloads



BC AdBot (Login to Remove)

 


#2 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 18 February 2014 - 09:08 AM

**In any case where you happen to be busy or unable to give us a reply, we would be grateful if you keep us informed in advance and we will be more than happy to wait. Failure to do so we will have your thread closed in THREE(3) days.

:)


Hello there, Kayjay4860

:welcome:

I'm Conspire, I'll be glad to help you with your computer problems.

Please observe these rules while we work:
  • Read the entire procedure
  • It is important to perform ALL actions in sequence.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with me till you're given the all clear.
  • Remember, absence of symptoms does not mean the infection is all gone.
  • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.
IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#3 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 18 February 2014 - 09:08 AM

Hello,

Please download aswMBR.exe and save it to your desktop.
  • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
  • Allow it to update where necessary
  • Click Scan
    • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
    • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
===================================================

Download TDSSKiller.exe and save it to your desktop

Execute TDSSKiller.exe by doubleclicking on it.
Press Start Scan
If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

===================================================

On your next reply please post :
aswMBR log
MBR.dat (attached)
TDSS Killer log



Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#4 Kayjay4860

Kayjay4860
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 18 February 2014 - 06:40 PM

Hi, Conspire!

 

Thanks for the help. Per your instructions, I ran the two files without doing anything except saving/zipping logs. Here are the results.

 

aswMBR Log:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-02-18 18:14:49
-----------------------------
18:14:49.969    OS Version: Windows x64 6.1.7601 Service Pack 1
18:14:49.969    Number of processors: 4 586 0x2505
18:14:49.969    ComputerName: KATHERINE-PC  UserName: Katherine
18:14:57.250    Initialize success
18:15:06.542    AVAST engine defs: 14021701
18:15:15.134    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:15:15.134    Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
18:15:15.284    Disk 0 MBR read successfully
18:15:15.284    Disk 0 MBR scan
18:15:15.304    Disk 0 Windows 7 default MBR code
18:15:15.304    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      100 MB offset 2048
18:15:15.324    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 206848
18:15:15.344    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       290143 MB offset 30926848
18:15:15.364    Disk 0 scanning C:\Windows\system32\drivers
18:15:34.469    Service scanning
18:16:02.177    Modules scanning
18:16:02.187    Disk 0 trace - called modules:
18:16:02.207    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
18:16:02.217    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80033b2060]
18:16:02.227    3 CLASSPNP.SYS[fffff88001bcb43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800313c050]
18:16:06.218    AVAST engine scan C:\Windows
18:16:11.318    AVAST engine scan C:\Windows\system32
18:20:13.324    AVAST engine scan C:\Windows\system32\drivers
18:20:26.902    AVAST engine scan C:\Users\Katherine
18:26:00.221    AVAST engine scan C:\ProgramData
18:29:46.760    Scan finished successfully
18:30:58.979    Disk 0 MBR has been saved successfully to "C:\Users\Katherine\Desktop\MBR.dat"
18:30:59.016    The log file has been saved successfully to "C:\Users\Katherine\Desktop\aswMBR.txt"


TDSSKiller Log:

 

18:34:22.0829 0x1084  TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
18:34:50.0403 0x1084  ============================================================
18:34:50.0403 0x1084  Current date / time: 2014/02/18 18:34:50.0403
18:34:50.0403 0x1084  SystemInfo:
18:34:50.0403 0x1084  
18:34:50.0403 0x1084  OS Version: 6.1.7601 ServicePack: 1.0
18:34:50.0403 0x1084  Product type: Workstation
18:34:50.0403 0x1084  ComputerName: KATHERINE-PC
18:34:50.0403 0x1084  UserName: Katherine
18:34:50.0403 0x1084  Windows directory: C:\Windows
18:34:50.0403 0x1084  System windows directory: C:\Windows
18:34:50.0404 0x1084  Running under WOW64
18:34:50.0404 0x1084  Processor architecture: Intel x64
18:34:50.0404 0x1084  Number of processors: 4
18:34:50.0404 0x1084  Page size: 0x1000
18:34:50.0404 0x1084  Boot type: Normal boot
18:34:50.0404 0x1084  ============================================================
18:34:50.0704 0x1084  KLMD registered as C:\Windows\system32\drivers\61759756.sys
18:34:51.0428 0x1084  System UUID: {B41BE1AB-0766-CE0F-E313-C14EB2E3B6C2}
18:34:53.0104 0x1084  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:34:53.0129 0x1084  ============================================================
18:34:53.0129 0x1084  \Device\Harddisk0\DR0:
18:34:53.0138 0x1084  MBR partitions:
18:34:53.0138 0x1084  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
18:34:53.0138 0x1084  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x236AFAB0
18:34:53.0138 0x1084  ============================================================
18:34:53.0149 0x1084  C: <-> \Device\Harddisk0\DR0\Partition2
18:34:53.0149 0x1084  ============================================================
18:34:53.0149 0x1084  Initialize success
18:34:53.0149 0x1084  ============================================================
18:35:04.0220 0x0d6c  ============================================================
18:35:04.0220 0x0d6c  Scan started
18:35:04.0220 0x0d6c  Mode: Manual;
18:35:04.0220 0x0d6c  ============================================================
18:35:04.0220 0x0d6c  KSN ping started
18:35:06.0856 0x0d6c  KSN ping finished: true
18:35:07.0236 0x0d6c  ================ Scan system memory ========================
18:35:07.0236 0x0d6c  System memory - ok
18:35:07.0237 0x0d6c  ================ Scan services =============================
18:35:07.0315 0x0d6c  [ 581D88B25C4D4121824FED2CA38E562F, 838FFC4270ED32858A4AC14B389DEA1ECCCAAFC94BEAF683F8976B5F5A91DD15 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:35:07.0325 0x0d6c  !SASCORE - ok
18:35:07.0568 0x0d6c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:35:07.0579 0x0d6c  1394ohci - ok
18:35:07.0630 0x0d6c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:35:07.0648 0x0d6c  ACPI - ok
18:35:07.0695 0x0d6c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:35:07.0698 0x0d6c  AcpiPmi - ok
18:35:07.0811 0x0d6c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:35:07.0816 0x0d6c  AdobeARMservice - ok
18:35:08.0061 0x0d6c  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:35:08.0082 0x0d6c  AdobeFlashPlayerUpdateSvc - ok
18:35:08.0171 0x0d6c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:35:08.0250 0x0d6c  adp94xx - ok
18:35:08.0282 0x0d6c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:35:08.0291 0x0d6c  adpahci - ok
18:35:08.0311 0x0d6c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:35:08.0316 0x0d6c  adpu320 - ok
18:35:08.0350 0x0d6c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:35:08.0353 0x0d6c  AeLookupSvc - ok
18:35:08.0420 0x0d6c  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
18:35:08.0427 0x0d6c  AESTFilters - ok
18:35:08.0497 0x0d6c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
18:35:08.0517 0x0d6c  AFD - ok
18:35:08.0548 0x0d6c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:35:08.0553 0x0d6c  agp440 - ok
18:35:08.0574 0x0d6c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:35:08.0579 0x0d6c  ALG - ok
18:35:08.0620 0x0d6c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:35:08.0623 0x0d6c  aliide - ok
18:35:08.0650 0x0d6c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:35:08.0653 0x0d6c  amdide - ok
18:35:08.0677 0x0d6c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:35:08.0683 0x0d6c  AmdK8 - ok
18:35:08.0702 0x0d6c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:35:08.0705 0x0d6c  AmdPPM - ok
18:35:08.0735 0x0d6c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:35:08.0740 0x0d6c  amdsata - ok
18:35:08.0765 0x0d6c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:35:08.0774 0x0d6c  amdsbs - ok
18:35:08.0817 0x0d6c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:35:08.0819 0x0d6c  amdxata - ok
18:35:08.0857 0x0d6c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
18:35:08.0862 0x0d6c  AppID - ok
18:35:08.0880 0x0d6c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:35:08.0883 0x0d6c  AppIDSvc - ok
18:35:08.0912 0x0d6c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:35:08.0915 0x0d6c  Appinfo - ok
18:35:09.0006 0x0d6c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:35:09.0011 0x0d6c  Apple Mobile Device - ok
18:35:09.0031 0x0d6c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:35:09.0037 0x0d6c  arc - ok
18:35:09.0057 0x0d6c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:35:09.0061 0x0d6c  arcsas - ok
18:35:09.0111 0x0d6c  [ 49497EB7AF992C01AFC535F30B0B0385, EAFCB805B35B0D14BAB1D9EF34EC0ADD043759ED46778EE4F2E33D2BBE355E1F ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
18:35:09.0115 0x0d6c  aswFsBlk - ok
18:35:09.0169 0x0d6c  [ 104B022CA8245FB93CD7BBFA5D0D70C4, D03B7197D32ED9DAE79626075222839B90B9394BFDC97DDC91ECF095863859D5 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:35:09.0175 0x0d6c  aswMonFlt - ok
18:35:09.0204 0x0d6c  [ B82250774942C411C9B0E3E21C8B3750, 2BDEE7F11D77D126AFE6E4EE04E05DB6F1F32A3118D7DCBBA6CA60744E7A2CDD ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
18:35:09.0208 0x0d6c  aswRdr - ok
18:35:09.0272 0x0d6c  [ DC80CB69042C790E3EACD38942C680D4, 8E0333C67F0A7881F3FEC10CE927C31004447BAAABF3AD86CB4DEB6A5C42741E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:35:09.0277 0x0d6c  aswRvrt - ok
18:35:09.0352 0x0d6c  [ 2A07C1A6D9773F4DFC7C307CE9005004, EF810D14D64373AE5AF7E8EAE2CB1FC70F78A6C5B021A11764561A7648EBB6C6 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:35:09.0377 0x0d6c  aswSnx - ok
18:35:09.0433 0x0d6c  [ C641FE56B85807683CA2F4DCD44F6776, D08F154377E3996DAB900497FF5CE8C5F6D601A44EDB0CF76E257AFD098F1B98 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:35:09.0456 0x0d6c  aswSP - ok
18:35:09.0474 0x0d6c  [ 367CF04C38DFF33368FCDBBF71C96297, B533833A9592FCE2B665B7E98AACC8D699845B14B7473710A333FC1E0AC0BB2F ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
18:35:09.0477 0x0d6c  aswTdi - ok
18:35:09.0523 0x0d6c  [ 43E5B51F295E09D51D64FF1C66757DAA, BF542EDD3279946F1E70A4B071FE351974DC850FE7A34D52C005BCB1642B094E ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:35:09.0532 0x0d6c  aswVmm - ok
18:35:09.0550 0x0d6c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:35:09.0552 0x0d6c  AsyncMac - ok
18:35:09.0591 0x0d6c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:35:09.0595 0x0d6c  atapi - ok
18:35:09.0662 0x0d6c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:35:09.0697 0x0d6c  AudioEndpointBuilder - ok
18:35:09.0723 0x0d6c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:35:09.0736 0x0d6c  AudioSrv - ok
18:35:09.0842 0x0d6c  [ E3BE7DAC6E46C2F1461996F29A09B6FA, 322469F33E508FDE6F20F1B3F2D4078A0FA47246D3CBADCCA5B1B926BAB057BF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:35:09.0845 0x0d6c  avast! Antivirus - ok
18:35:09.0897 0x0d6c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:35:09.0905 0x0d6c  AxInstSV - ok
18:35:09.0959 0x0d6c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:35:09.0981 0x0d6c  b06bdrv - ok
18:35:10.0013 0x0d6c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:35:10.0024 0x0d6c  b57nd60a - ok
18:35:10.0051 0x0d6c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:35:10.0055 0x0d6c  BDESVC - ok
18:35:10.0069 0x0d6c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:35:10.0070 0x0d6c  Beep - ok
18:35:10.0157 0x0d6c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:35:10.0203 0x0d6c  BFE - ok
18:35:10.0251 0x0d6c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:35:10.0304 0x0d6c  BITS - ok
18:35:10.0329 0x0d6c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:35:10.0332 0x0d6c  blbdrive - ok
18:35:10.0418 0x0d6c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:35:10.0438 0x0d6c  Bonjour Service - ok
18:35:10.0491 0x0d6c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:35:10.0498 0x0d6c  bowser - ok
18:35:10.0521 0x0d6c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:35:10.0523 0x0d6c  BrFiltLo - ok
18:35:10.0530 0x0d6c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:35:10.0532 0x0d6c  BrFiltUp - ok
18:35:10.0558 0x0d6c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:35:10.0565 0x0d6c  Browser - ok
18:35:10.0597 0x0d6c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:35:10.0608 0x0d6c  Brserid - ok
18:35:10.0616 0x0d6c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:35:10.0619 0x0d6c  BrSerWdm - ok
18:35:10.0641 0x0d6c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:35:10.0643 0x0d6c  BrUsbMdm - ok
18:35:10.0648 0x0d6c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:35:10.0650 0x0d6c  BrUsbSer - ok
18:35:10.0681 0x0d6c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
18:35:10.0683 0x0d6c  BthEnum - ok
18:35:10.0690 0x0d6c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:35:10.0693 0x0d6c  BTHMODEM - ok
18:35:10.0754 0x0d6c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:35:10.0763 0x0d6c  BthPan - ok
18:35:10.0820 0x0d6c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:35:10.0855 0x0d6c  BTHPORT - ok
18:35:10.0904 0x0d6c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:35:10.0910 0x0d6c  bthserv - ok
18:35:10.0929 0x0d6c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:35:10.0934 0x0d6c  BTHUSB - ok
18:35:10.0962 0x0d6c  [ D3466F77C2C49C6E393BA5FBA963A33E, FD5E48A29E153BBAB095AB2E3B86F592B1FC1F790978911093B5F8A2CD6C5652 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
18:35:10.0967 0x0d6c  btusbflt - ok
18:35:10.0992 0x0d6c  [ AF838D8029AE7C27470862D63FA54D24, 96247094D2446CEE594AD765B98DE8583762A96FE83223CB18B4CDB3A4958376 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
18:35:10.0998 0x0d6c  btwaudio - ok
18:35:11.0015 0x0d6c  [ 5C849BD7C78791C5CEE9F4651D7FE38D, BC93A1B911FB4A44EC4DB64AF9AFC6F2013CD76BFB6FA9E4834CFDAAAF4BCD9F ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
18:35:11.0022 0x0d6c  btwavdt - ok
18:35:11.0140 0x0d6c  [ 10FFB5FA51D5713D872B41A59DFC2213, E0C0EA99C862E3FCE4D121BB34DEC00E74A371DF4093A44055E70E9F4CFA3DC6 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:35:11.0200 0x0d6c  btwdins - ok
18:35:11.0214 0x0d6c  [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
18:35:11.0216 0x0d6c  btwl2cap - ok
18:35:11.0227 0x0d6c  [ 3E1991AFA851A36DC978B0A1B0535C8B, F55F7FDDD2A71532F163E4F14B26A09DCDB7C970E806D803418D4CE0DFF09FB6 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
18:35:11.0229 0x0d6c  btwrchid - ok
18:35:11.0236 0x0d6c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:35:11.0240 0x0d6c  cdfs - ok
18:35:11.0273 0x0d6c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:35:11.0278 0x0d6c  cdrom - ok
18:35:11.0322 0x0d6c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:35:11.0328 0x0d6c  CertPropSvc - ok
18:35:11.0349 0x0d6c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:35:11.0353 0x0d6c  circlass - ok
18:35:11.0385 0x0d6c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:35:11.0396 0x0d6c  CLFS - ok
18:35:11.0475 0x0d6c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:35:11.0482 0x0d6c  clr_optimization_v2.0.50727_32 - ok
18:35:11.0524 0x0d6c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:35:11.0528 0x0d6c  clr_optimization_v2.0.50727_64 - ok
18:35:11.0616 0x0d6c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:35:11.0642 0x0d6c  clr_optimization_v4.0.30319_32 - ok
18:35:11.0684 0x0d6c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:35:11.0691 0x0d6c  clr_optimization_v4.0.30319_64 - ok
18:35:11.0707 0x0d6c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:35:11.0709 0x0d6c  CmBatt - ok
18:35:11.0749 0x0d6c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:35:11.0752 0x0d6c  cmdide - ok
18:35:11.0891 0x0d6c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
18:35:11.0906 0x0d6c  CNG - ok
18:35:11.0968 0x0d6c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:35:11.0971 0x0d6c  Compbatt - ok
18:35:12.0056 0x0d6c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:35:12.0060 0x0d6c  CompositeBus - ok
18:35:12.0067 0x0d6c  COMSysApp - ok
18:35:12.0091 0x0d6c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:35:12.0093 0x0d6c  crcdisk - ok
18:35:12.0150 0x0d6c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:35:12.0163 0x0d6c  CryptSvc - ok
18:35:12.0238 0x0d6c  [ ED5CF92396A62F4C15110DCDB5E854D9, CD26216B8B3F558A0466843C8161E86EEDB78E6031E1AC0A00DCDE700A2B6EE2 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
18:35:12.0250 0x0d6c  CtClsFlt - ok
18:35:12.0347 0x0d6c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:35:12.0363 0x0d6c  DcomLaunch - ok
18:35:12.0422 0x0d6c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:35:12.0458 0x0d6c  defragsvc - ok
18:35:12.0578 0x0d6c  [ D0B49F6615960BEB1B6FBE20604194E4, FA5C4BD46AEA5021DF8E6F8CCF13B5130D91C18A92CB15C4C735A8869671AFC3 ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
18:35:12.0588 0x0d6c  DellDigitalDelivery - ok
18:35:12.0630 0x0d6c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:35:12.0634 0x0d6c  DfsC - ok
18:35:12.0674 0x0d6c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:35:12.0722 0x0d6c  Dhcp - ok
18:35:12.0762 0x0d6c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:35:12.0764 0x0d6c  discache - ok
18:35:12.0775 0x0d6c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:35:12.0778 0x0d6c  Disk - ok
18:35:12.0817 0x0d6c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:35:12.0826 0x0d6c  Dnscache - ok
18:35:12.0875 0x0d6c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:35:12.0887 0x0d6c  dot3svc - ok
18:35:12.0914 0x0d6c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:35:12.0923 0x0d6c  DPS - ok
18:35:12.0958 0x0d6c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:35:12.0960 0x0d6c  drmkaud - ok
18:35:13.0034 0x0d6c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:35:13.0085 0x0d6c  DXGKrnl - ok
18:35:13.0116 0x0d6c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:35:13.0120 0x0d6c  EapHost - ok
18:35:13.0257 0x0d6c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:35:13.0381 0x0d6c  ebdrv - ok
18:35:13.0417 0x0d6c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
18:35:13.0420 0x0d6c  EFS - ok
18:35:13.0512 0x0d6c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:35:13.0560 0x0d6c  ehRecvr - ok
18:35:13.0596 0x0d6c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:35:13.0600 0x0d6c  ehSched - ok
18:35:13.0680 0x0d6c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:35:13.0752 0x0d6c  elxstor - ok
18:35:13.0793 0x0d6c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:35:13.0795 0x0d6c  ErrDev - ok
18:35:13.0850 0x0d6c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:35:13.0884 0x0d6c  EventSystem - ok
18:35:14.0025 0x0d6c  [ B56D9602DB5FE1C116B1CA5EFD8E2E50, 34F52939089A98860E659BEF6AB8275BC50C33CC282DD3D34E13909BB7E3E575 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:35:14.0116 0x0d6c  EvtEng - ok
18:35:14.0169 0x0d6c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:35:14.0181 0x0d6c  exfat - ok
18:35:14.0211 0x0d6c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:35:14.0225 0x0d6c  fastfat - ok
18:35:14.0303 0x0d6c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:35:14.0344 0x0d6c  Fax - ok
18:35:14.0369 0x0d6c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:35:14.0371 0x0d6c  fdc - ok
18:35:14.0400 0x0d6c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:35:14.0404 0x0d6c  fdPHost - ok
18:35:14.0424 0x0d6c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:35:14.0428 0x0d6c  FDResPub - ok
18:35:14.0440 0x0d6c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:35:14.0444 0x0d6c  FileInfo - ok
18:35:14.0451 0x0d6c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:35:14.0454 0x0d6c  Filetrace - ok
18:35:14.0475 0x0d6c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:35:14.0477 0x0d6c  flpydisk - ok
18:35:14.0509 0x0d6c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:35:14.0521 0x0d6c  FltMgr - ok
18:35:14.0619 0x0d6c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
18:35:14.0689 0x0d6c  FontCache - ok
18:35:14.0745 0x0d6c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:35:14.0749 0x0d6c  FontCache3.0.0.0 - ok
18:35:14.0767 0x0d6c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:35:14.0771 0x0d6c  FsDepends - ok
18:35:14.0805 0x0d6c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:35:14.0808 0x0d6c  Fs_Rec - ok
18:35:14.0849 0x0d6c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:35:14.0859 0x0d6c  fvevol - ok
18:35:14.0876 0x0d6c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:35:14.0880 0x0d6c  gagp30kx - ok
18:35:14.0920 0x0d6c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:35:14.0924 0x0d6c  GEARAspiWDM - ok
18:35:14.0983 0x0d6c  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
18:35:14.0987 0x0d6c  GoToAssist - ok
18:35:15.0048 0x0d6c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:35:15.0095 0x0d6c  gpsvc - ok
18:35:15.0102 0x0d6c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:35:15.0105 0x0d6c  hcw85cir - ok
18:35:15.0170 0x0d6c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:35:15.0215 0x0d6c  HdAudAddService - ok
18:35:15.0270 0x0d6c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:35:15.0279 0x0d6c  HDAudBus - ok
18:35:15.0323 0x0d6c  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
18:35:15.0327 0x0d6c  HECIx64 - ok
18:35:15.0336 0x0d6c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:35:15.0340 0x0d6c  HidBatt - ok
18:35:15.0366 0x0d6c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:35:15.0370 0x0d6c  HidBth - ok
18:35:15.0375 0x0d6c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:35:15.0378 0x0d6c  HidIr - ok
18:35:15.0411 0x0d6c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:35:15.0417 0x0d6c  hidserv - ok
18:35:15.0450 0x0d6c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
18:35:15.0453 0x0d6c  HidUsb - ok
18:35:15.0479 0x0d6c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:35:15.0486 0x0d6c  hkmsvc - ok
18:35:15.0528 0x0d6c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:35:15.0551 0x0d6c  HomeGroupListener - ok
18:35:15.0600 0x0d6c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:35:15.0631 0x0d6c  HomeGroupProvider - ok
18:35:15.0684 0x0d6c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:35:15.0690 0x0d6c  HpSAMD - ok
18:35:15.0776 0x0d6c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:35:15.0802 0x0d6c  HTTP - ok
18:35:15.0846 0x0d6c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:35:15.0848 0x0d6c  hwpolicy - ok
18:35:15.0918 0x0d6c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:35:15.0925 0x0d6c  i8042prt - ok
18:35:16.0005 0x0d6c  [ 2064090C9FAAD92C090D77E50E735B2E, 802BF10AF2F4B5DC93926C34DB2782DA6FD7243766D583E85603879483A592D2 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:35:16.0023 0x0d6c  iaStor - ok
18:35:16.0099 0x0d6c  [ A9BE186ABF28B3D3D698CB855EDF457E, 03E1851132E1C8669CF9B3CEB1C9E6AE45BBAC2632FEEDD311F3B3FAA9B623DD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:35:16.0101 0x0d6c  IAStorDataMgrSvc - ok
18:35:16.0147 0x0d6c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:35:16.0170 0x0d6c  iaStorV - ok
18:35:16.0244 0x0d6c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:35:16.0283 0x0d6c  idsvc - ok
18:35:16.0315 0x0d6c  IEEtwCollectorService - ok
18:35:16.0688 0x0d6c  [ 677AA5991026A65ADA128C4B59CF2BAD, 013F9D7362960EEE1DB70EE8B90A896EACA0B752924717FD019A6DD3BFF50C00 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:35:17.0052 0x0d6c  igfx - ok
18:35:17.0100 0x0d6c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:35:17.0103 0x0d6c  iirsp - ok
18:35:17.0162 0x0d6c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:35:17.0202 0x0d6c  IKEEXT - ok
18:35:17.0238 0x0d6c  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
18:35:17.0244 0x0d6c  Impcd - ok
18:35:17.0304 0x0d6c  [ C6C1F19205DA83C801BE7C25F4E2EE07, AE28686272D0F3789751C8F73BE998026BA80D93539C81DDE148E34A34A9AD0C ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:35:17.0325 0x0d6c  IntcDAud - ok
18:35:17.0357 0x0d6c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:35:17.0360 0x0d6c  intelide - ok
18:35:17.0384 0x0d6c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:35:17.0387 0x0d6c  intelppm - ok
18:35:17.0410 0x0d6c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:35:17.0415 0x0d6c  IPBusEnum - ok
18:35:17.0448 0x0d6c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:35:17.0455 0x0d6c  IpFilterDriver - ok
18:35:17.0507 0x0d6c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:35:17.0541 0x0d6c  iphlpsvc - ok
18:35:17.0575 0x0d6c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:35:17.0580 0x0d6c  IPMIDRV - ok
18:35:17.0597 0x0d6c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:35:17.0603 0x0d6c  IPNAT - ok
18:35:17.0684 0x0d6c  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:35:17.0737 0x0d6c  iPod Service - ok
18:35:17.0768 0x0d6c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:35:17.0770 0x0d6c  IRENUM - ok
18:35:17.0787 0x0d6c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:35:17.0790 0x0d6c  isapnp - ok
18:35:17.0828 0x0d6c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:35:17.0847 0x0d6c  iScsiPrt - ok
18:35:17.0900 0x0d6c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:35:17.0904 0x0d6c  kbdclass - ok
18:35:17.0943 0x0d6c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:35:17.0946 0x0d6c  kbdhid - ok
18:35:17.0962 0x0d6c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
18:35:17.0967 0x0d6c  KeyIso - ok
18:35:18.0004 0x0d6c  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:35:18.0009 0x0d6c  KSecDD - ok
18:35:18.0030 0x0d6c  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:35:18.0040 0x0d6c  KSecPkg - ok
18:35:18.0084 0x0d6c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:35:18.0086 0x0d6c  ksthunk - ok
18:35:18.0130 0x0d6c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:35:18.0153 0x0d6c  KtmRm - ok
18:35:18.0230 0x0d6c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:35:18.0276 0x0d6c  LanmanServer - ok
18:35:18.0316 0x0d6c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:35:18.0331 0x0d6c  LanmanWorkstation - ok
18:35:18.0420 0x0d6c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:35:18.0425 0x0d6c  lltdio - ok
18:35:18.0475 0x0d6c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:35:18.0520 0x0d6c  lltdsvc - ok
18:35:18.0537 0x0d6c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:35:18.0541 0x0d6c  lmhosts - ok
18:35:18.0631 0x0d6c  [ 23DE5B62B0445A6F874BE633C95B483E, 39A8E5BD057F5EE049FA48848C5881DCD2CFB16CD9E2A03CC9DDF35F116FEE0B ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:35:18.0652 0x0d6c  LMS - ok
18:35:18.0698 0x0d6c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:35:18.0704 0x0d6c  LSI_FC - ok
18:35:18.0726 0x0d6c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:35:18.0733 0x0d6c  LSI_SAS - ok
18:35:18.0745 0x0d6c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:35:18.0748 0x0d6c  LSI_SAS2 - ok
18:35:18.0762 0x0d6c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:35:18.0766 0x0d6c  LSI_SCSI - ok
18:35:18.0804 0x0d6c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:35:18.0813 0x0d6c  luafv - ok
18:35:18.0857 0x0d6c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:35:18.0867 0x0d6c  Mcx2Svc - ok
18:35:18.0889 0x0d6c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:35:18.0892 0x0d6c  megasas - ok
18:35:18.0918 0x0d6c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:35:18.0930 0x0d6c  MegaSR - ok
18:35:19.0040 0x0d6c  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:35:19.0046 0x0d6c  Microsoft Office Groove Audit Service - ok
18:35:19.0082 0x0d6c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:35:19.0089 0x0d6c  MMCSS - ok
18:35:19.0106 0x0d6c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:35:19.0110 0x0d6c  Modem - ok
18:35:19.0143 0x0d6c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:35:19.0146 0x0d6c  monitor - ok
18:35:19.0222 0x0d6c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:35:19.0226 0x0d6c  mouclass - ok
18:35:19.0260 0x0d6c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:35:19.0264 0x0d6c  mouhid - ok
18:35:19.0303 0x0d6c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:35:19.0309 0x0d6c  mountmgr - ok
18:35:19.0372 0x0d6c  [ 46297FA8E30A6007F14118FC2B942FBC, 40785B7121DBFA411EA922ECF6008BA4A94BC742662E271BFD6B31288ECC1BA4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:35:19.0383 0x0d6c  MozillaMaintenance - ok
18:35:19.0461 0x0d6c  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
18:35:19.0483 0x0d6c  MpFilter - ok
18:35:19.0530 0x0d6c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:35:19.0540 0x0d6c  mpio - ok
18:35:19.0579 0x0d6c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:35:19.0586 0x0d6c  mpsdrv - ok
18:35:19.0653 0x0d6c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:35:19.0686 0x0d6c  MpsSvc - ok
18:35:19.0746 0x0d6c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:35:19.0755 0x0d6c  MRxDAV - ok
18:35:19.0793 0x0d6c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:35:19.0799 0x0d6c  mrxsmb - ok
18:35:19.0830 0x0d6c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:35:19.0838 0x0d6c  mrxsmb10 - ok
18:35:19.0856 0x0d6c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:35:19.0860 0x0d6c  mrxsmb20 - ok
18:35:19.0885 0x0d6c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:35:19.0888 0x0d6c  msahci - ok
18:35:19.0961 0x0d6c  [ A592A054D78750B4D73ABAA4C94DECDF, 40B135C9F9EE698EC78BD19BD18353AE2CF4D020DDB9CFC37CD2FDBF7602614A ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
18:35:19.0974 0x0d6c  MSCamSvc - ok
18:35:19.0996 0x0d6c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:35:20.0001 0x0d6c  msdsm - ok
18:35:20.0039 0x0d6c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:35:20.0047 0x0d6c  MSDTC - ok
18:35:20.0075 0x0d6c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:35:20.0077 0x0d6c  Msfs - ok
18:35:20.0103 0x0d6c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:35:20.0105 0x0d6c  mshidkmdf - ok
18:35:20.0133 0x0d6c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:35:20.0135 0x0d6c  msisadrv - ok
18:35:20.0164 0x0d6c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:35:20.0176 0x0d6c  MSiSCSI - ok
18:35:20.0181 0x0d6c  msiserver - ok
18:35:20.0213 0x0d6c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:35:20.0216 0x0d6c  MSKSSRV - ok
18:35:20.0287 0x0d6c  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:35:20.0290 0x0d6c  MsMpSvc - ok
18:35:20.0312 0x0d6c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:35:20.0314 0x0d6c  MSPCLOCK - ok
18:35:20.0321 0x0d6c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:35:20.0324 0x0d6c  MSPQM - ok
18:35:20.0373 0x0d6c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:35:20.0407 0x0d6c  MsRPC - ok
18:35:20.0419 0x0d6c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:35:20.0423 0x0d6c  mssmbios - ok
18:35:20.0474 0x0d6c  MSSQL$QSRNVIVO9 - ok
18:35:20.0545 0x0d6c  [ 8E8E74C953EB0C4F8828D99D6F27FD6F, 94AFB1B09A6E92302D29B3C563B1744CECC5F5487418962BE537B7C57717CA42 ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:35:20.0550 0x0d6c  MSSQLServerADHelper100 - ok
18:35:20.0558 0x0d6c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:35:20.0561 0x0d6c  MSTEE - ok
18:35:20.0577 0x0d6c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:35:20.0580 0x0d6c  MTConfig - ok
18:35:20.0606 0x0d6c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:35:20.0611 0x0d6c  Mup - ok
18:35:20.0666 0x0d6c  [ A9BC2302FBDF52C8AF4E2FC966288D21, 4CBDCDCC2BA8133BDC0BA1A1EB47FB9241CAACF93544BAD37175417DA9E616D6 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:35:20.0695 0x0d6c  MyWiFiDHCPDNS - ok
18:35:20.0745 0x0d6c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:35:20.0777 0x0d6c  napagent - ok
18:35:20.0864 0x0d6c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:35:20.0897 0x0d6c  NativeWifiP - ok
18:35:20.0988 0x0d6c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:35:21.0047 0x0d6c  NDIS - ok
18:35:21.0079 0x0d6c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:35:21.0084 0x0d6c  NdisCap - ok
18:35:21.0108 0x0d6c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:35:21.0111 0x0d6c  NdisTapi - ok
18:35:21.0142 0x0d6c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:35:21.0147 0x0d6c  Ndisuio - ok
18:35:21.0173 0x0d6c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:35:21.0181 0x0d6c  NdisWan - ok
18:35:21.0213 0x0d6c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:35:21.0217 0x0d6c  NDProxy - ok
18:35:21.0234 0x0d6c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:35:21.0237 0x0d6c  NetBIOS - ok
18:35:21.0259 0x0d6c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:35:21.0271 0x0d6c  NetBT - ok
18:35:21.0284 0x0d6c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
18:35:21.0287 0x0d6c  Netlogon - ok
18:35:21.0335 0x0d6c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:35:21.0363 0x0d6c  Netman - ok
18:35:21.0380 0x0d6c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:35:21.0394 0x0d6c  netprofm - ok
18:35:21.0421 0x0d6c  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:35:21.0425 0x0d6c  NetTcpPortSharing - ok
18:35:21.0723 0x0d6c  [ 24F64343F14A119308456E1CA7507B26, E9219B173426E872977C3D615552B066C697A31D003AE3F0012BF1C6FFCEFF51 ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
18:35:21.0996 0x0d6c  NETw5s64 - ok
18:35:22.0035 0x0d6c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:35:22.0037 0x0d6c  nfrd960 - ok
18:35:22.0095 0x0d6c  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:35:22.0104 0x0d6c  NisDrv - ok
18:35:22.0143 0x0d6c  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
18:35:22.0162 0x0d6c  NisSrv - ok
18:35:22.0185 0x0d6c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:35:22.0196 0x0d6c  NlaSvc - ok
18:35:22.0214 0x0d6c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:35:22.0216 0x0d6c  Npfs - ok
18:35:22.0224 0x0d6c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:35:22.0228 0x0d6c  nsi - ok
18:35:22.0239 0x0d6c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:35:22.0241 0x0d6c  nsiproxy - ok
18:35:22.0348 0x0d6c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:35:22.0407 0x0d6c  Ntfs - ok
18:35:22.0420 0x0d6c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:35:22.0421 0x0d6c  Null - ok
18:35:22.0470 0x0d6c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:35:22.0480 0x0d6c  nvraid - ok
18:35:22.0504 0x0d6c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:35:22.0510 0x0d6c  nvstor - ok
18:35:22.0548 0x0d6c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:35:22.0552 0x0d6c  nv_agp - ok
18:35:22.0676 0x0d6c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:35:22.0704 0x0d6c  odserv - ok
18:35:22.0732 0x0d6c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:35:22.0737 0x0d6c  ohci1394 - ok
18:35:22.0783 0x0d6c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:35:22.0790 0x0d6c  ose - ok
18:35:22.0830 0x0d6c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:35:22.0840 0x0d6c  p2pimsvc - ok
18:35:22.0895 0x0d6c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:35:22.0928 0x0d6c  p2psvc - ok
18:35:22.0965 0x0d6c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:35:22.0972 0x0d6c  Parport - ok
18:35:22.0999 0x0d6c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:35:23.0004 0x0d6c  partmgr - ok
18:35:23.0030 0x0d6c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:35:23.0041 0x0d6c  PcaSvc - ok
18:35:23.0070 0x0d6c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:35:23.0076 0x0d6c  pci - ok
18:35:23.0108 0x0d6c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:35:23.0110 0x0d6c  pciide - ok
18:35:23.0141 0x0d6c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:35:23.0152 0x0d6c  pcmcia - ok
18:35:23.0173 0x0d6c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:35:23.0177 0x0d6c  pcw - ok
18:35:23.0217 0x0d6c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:35:23.0252 0x0d6c  PEAUTH - ok
18:35:23.0347 0x0d6c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:35:23.0354 0x0d6c  PerfHost - ok
18:35:23.0456 0x0d6c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:35:23.0506 0x0d6c  pla - ok
18:35:23.0565 0x0d6c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:35:23.0592 0x0d6c  PlugPlay - ok
18:35:23.0597 0x0d6c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:35:23.0602 0x0d6c  PNRPAutoReg - ok
18:35:23.0629 0x0d6c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:35:23.0638 0x0d6c  PNRPsvc - ok
18:35:23.0676 0x0d6c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:35:23.0694 0x0d6c  PolicyAgent - ok
18:35:23.0769 0x0d6c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:35:23.0782 0x0d6c  Power - ok
18:35:23.0832 0x0d6c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:35:23.0840 0x0d6c  PptpMiniport - ok
18:35:23.0866 0x0d6c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:35:23.0871 0x0d6c  Processor - ok
18:35:23.0912 0x0d6c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:35:23.0924 0x0d6c  ProfSvc - ok
18:35:23.0940 0x0d6c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:35:23.0945 0x0d6c  ProtectedStorage - ok
18:35:23.0973 0x0d6c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:35:23.0979 0x0d6c  Psched - ok
18:35:24.0004 0x0d6c  [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
18:35:24.0009 0x0d6c  PxHlpa64 - ok
18:35:24.0093 0x0d6c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:35:24.0152 0x0d6c  ql2300 - ok
18:35:24.0171 0x0d6c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:35:24.0176 0x0d6c  ql40xx - ok
18:35:24.0208 0x0d6c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:35:24.0219 0x0d6c  QWAVE - ok
18:35:24.0227 0x0d6c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:35:24.0230 0x0d6c  QWAVEdrv - ok
18:35:24.0245 0x0d6c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:35:24.0248 0x0d6c  RasAcd - ok
18:35:24.0266 0x0d6c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:35:24.0269 0x0d6c  RasAgileVpn - ok
18:35:24.0295 0x0d6c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:35:24.0307 0x0d6c  RasAuto - ok
18:35:24.0328 0x0d6c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:35:24.0333 0x0d6c  Rasl2tp - ok
18:35:24.0361 0x0d6c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:35:24.0373 0x0d6c  RasMan - ok
18:35:24.0390 0x0d6c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:35:24.0393 0x0d6c  RasPppoe - ok
18:35:24.0413 0x0d6c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:35:24.0417 0x0d6c  RasSstp - ok
18:35:24.0449 0x0d6c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:35:24.0474 0x0d6c  rdbss - ok
18:35:24.0489 0x0d6c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:35:24.0492 0x0d6c  rdpbus - ok
18:35:24.0511 0x0d6c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:35:24.0513 0x0d6c  RDPCDD - ok
18:35:24.0540 0x0d6c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:35:24.0542 0x0d6c  RDPENCDD - ok
18:35:24.0559 0x0d6c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:35:24.0561 0x0d6c  RDPREFMP - ok
18:35:24.0601 0x0d6c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:35:24.0616 0x0d6c  RDPWD - ok
18:35:24.0667 0x0d6c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:35:24.0677 0x0d6c  rdyboost - ok
18:35:24.0780 0x0d6c  [ 0AA473966357C4A41B5EB19649EB6E5E, D4F1EADDECE41481332CBF03B8CAB4AC6AB048834DF013DB30757E7941F306FE ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:35:24.0822 0x0d6c  RegSrvc - ok
18:35:24.0858 0x0d6c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:35:24.0868 0x0d6c  RemoteAccess - ok
18:35:24.0885 0x0d6c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:35:24.0893 0x0d6c  RemoteRegistry - ok
18:35:24.0939 0x0d6c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:35:24.0947 0x0d6c  RFCOMM - ok
18:35:24.0964 0x0d6c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:35:24.0972 0x0d6c  RpcEptMapper - ok
18:35:25.0001 0x0d6c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:35:25.0006 0x0d6c  RpcLocator - ok
18:35:25.0053 0x0d6c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:35:25.0068 0x0d6c  RpcSs - ok
18:35:25.0082 0x0d6c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:35:25.0085 0x0d6c  rspndr - ok
18:35:25.0120 0x0d6c  [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
18:35:25.0135 0x0d6c  RSUSBSTOR - ok
18:35:25.0166 0x0d6c  [ FD978B2BF8A9B2390DCBEF435E9C1F9F, 52CFFE354006CCF087D3651D9D2AF201FD8A8FE8FB7D9CAAC8A527E91838ACE6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:35:25.0176 0x0d6c  RTL8167 - ok
18:35:25.0195 0x0d6c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
18:35:25.0198 0x0d6c  SamSs - ok
18:35:25.0252 0x0d6c  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:35:25.0255 0x0d6c  SASDIFSV - ok
18:35:25.0271 0x0d6c  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:35:25.0276 0x0d6c  SASKUTIL - ok
18:35:25.0307 0x0d6c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:35:25.0313 0x0d6c  sbp2port - ok
18:35:25.0347 0x0d6c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:35:25.0359 0x0d6c  SCardSvr - ok
18:35:25.0398 0x0d6c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:35:25.0401 0x0d6c  scfilter - ok
18:35:25.0478 0x0d6c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:35:25.0520 0x0d6c  Schedule - ok
18:35:25.0543 0x0d6c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:35:25.0545 0x0d6c  SCPolicySvc - ok
18:35:25.0562 0x0d6c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:35:25.0570 0x0d6c  SDRSVC - ok
18:35:25.0740 0x0d6c  [ 95AA9E165C7DE1B64A11E8B18E91E499, 505BB51F358EAE5835071A89069530DFDA99E9C5220EA6A648842C15E74E4907 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
18:35:25.0774 0x0d6c  SDScannerService - ok
18:35:25.0834 0x0d6c  [ D31398D4BB4907B517B6E784C2100C4A, 36BDB2BFAC2C0ADF8C6DF6D1511ECF43C8F6ED7D4D76244DC5232AD97BA5E9C9 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
18:35:25.0867 0x0d6c  SDUpdateService - ok
18:35:25.0882 0x0d6c  [ 6AE8E702D1027A9627DDE2B77BB9992B, 5EA68E2A487D252A68DB0861E7FAFA69956D266CBAA5A1D77751F7E6BD4169B7 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
18:35:25.0887 0x0d6c  SDWSCService - ok
18:35:25.0940 0x0d6c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:35:25.0943 0x0d6c  secdrv - ok
18:35:25.0976 0x0d6c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:35:25.0982 0x0d6c  seclogon - ok
18:35:26.0007 0x0d6c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:35:26.0015 0x0d6c  SENS - ok
18:35:26.0052 0x0d6c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:35:26.0061 0x0d6c  SensrSvc - ok
18:35:26.0087 0x0d6c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:35:26.0090 0x0d6c  Serenum - ok
18:35:26.0123 0x0d6c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:35:26.0132 0x0d6c  Serial - ok
18:35:26.0170 0x0d6c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:35:26.0173 0x0d6c  sermouse - ok
18:35:26.0219 0x0d6c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:35:26.0225 0x0d6c  SessionEnv - ok
18:35:26.0257 0x0d6c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:35:26.0259 0x0d6c  sffdisk - ok
18:35:26.0284 0x0d6c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:35:26.0286 0x0d6c  sffp_mmc - ok
18:35:26.0305 0x0d6c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:35:26.0307 0x0d6c  sffp_sd - ok
18:35:26.0326 0x0d6c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:35:26.0328 0x0d6c  sfloppy - ok
18:35:26.0391 0x0d6c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:35:26.0431 0x0d6c  SharedAccess - ok
18:35:26.0474 0x0d6c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:35:26.0511 0x0d6c  ShellHWDetection - ok
18:35:26.0551 0x0d6c  [ 7799106FEE728B907A86D9C9751E02D5, EE85E8D3CF3819DB28221BFC103DE8DF0E14E1878CECF54E8CD8C161B0E0AF3C ] silabenm        C:\Windows\system32\DRIVERS\silabenm.sys
18:35:26.0554 0x0d6c  silabenm - ok
18:35:26.0578 0x0d6c  [ 39A6F89D7EFF9B1B839570134170D859, FC3C54C39DAD73A2174CA37C62B48162B6E5B101B395A0A48E2FE2DC3E5D3919 ] silabser        C:\Windows\system32\DRIVERS\silabser.sys
18:35:26.0584 0x0d6c  silabser - ok
18:35:26.0610 0x0d6c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:35:26.0613 0x0d6c  SiSRaid2 - ok
18:35:26.0629 0x0d6c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:35:26.0636 0x0d6c  SiSRaid4 - ok
18:35:26.0744 0x0d6c  [ 3E587DBBDFF938DDE5D4CE4047BE9041, CA13B2C50FB09365362077AEC4B25120CF09F8C35702F645922D618FE57B5E05 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:35:26.0754 0x0d6c  SkypeUpdate - ok
18:35:26.0792 0x0d6c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:35:26.0798 0x0d6c  Smb - ok
18:35:26.0853 0x0d6c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:35:26.0857 0x0d6c  SNMPTRAP - ok
18:35:26.0867 0x0d6c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:35:26.0870 0x0d6c  spldr - ok
18:35:26.0921 0x0d6c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:35:26.0998 0x0d6c  Spooler - ok
18:35:27.0156 0x0d6c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:35:27.0303 0x0d6c  sppsvc - ok
18:35:27.0331 0x0d6c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:35:27.0337 0x0d6c  sppuinotify - ok
18:35:27.0366 0x0d6c  [ 230C6AA1091190D2FDB40766CBD3DBBD, 3E256C3D97A2DA2767051EA0D3F39FFBC9C9494176C6ABEAF2F455A153FDBAA9 ] SQLAgent$QSRNVIVO9 c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\SQLAGENT.EXE
18:35:27.0377 0x0d6c  SQLAgent$QSRNVIVO9 - ok
18:35:27.0452 0x0d6c  [ 7D67C07C63796775CC5492BCFEAFF125, BAEFF806F656FA252D1DBC1E21603CF5F7D54C5AFB3FC91F2723729A7740DF8A ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:35:27.0471 0x0d6c  SQLBrowser - ok
18:35:27.0506 0x0d6c  [ F98DDFBFE0EE66D4C4B00693512B9527, 322FF75D1CA460368FD72ADCD93273F1D5AA5CF2C4DF65A94BF9ABAA2E695150 ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:35:27.0514 0x0d6c  SQLWriter - ok
18:35:27.0558 0x0d6c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:35:27.0586 0x0d6c  srv - ok
18:35:27.0606 0x0d6c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:35:27.0617 0x0d6c  srv2 - ok
18:35:27.0633 0x0d6c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:35:27.0639 0x0d6c  srvnet - ok
18:35:27.0658 0x0d6c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:35:27.0666 0x0d6c  SSDPSRV - ok
18:35:27.0687 0x0d6c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:35:27.0719 0x0d6c  SstpSvc - ok
18:35:27.0799 0x0d6c  [ 463E33B1EA7AF1E6EB87B66B831DB41A, E76654F8E301829C0F27775A5673A3BA929FE4FA6C1C214A98C2915C5EC189A4 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
18:35:27.0821 0x0d6c  STacSV - ok
18:35:27.0867 0x0d6c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:35:27.0869 0x0d6c  stexstor - ok
18:35:27.0931 0x0d6c  [ 4304B75094E106FB5423A290C95841E5, 55670F1DBC9B25A5E31FBEB3CB3C97E2B11CCD6359DA89FF1310C1BBCEC66A80 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
18:35:28.0006 0x0d6c  STHDA - ok
18:35:28.0044 0x0d6c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:35:28.0080 0x0d6c  stisvc - ok
18:35:28.0111 0x0d6c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:35:28.0113 0x0d6c  swenum - ok
18:35:28.0150 0x0d6c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:35:28.0185 0x0d6c  swprv - ok
18:35:28.0235 0x0d6c  [ 8A3FBCB3D6D4710730D27DA4392A4863, 392CCBB54FF2017EDA147283F479E8DED525F41A316EAE114596BBA02D04AF82 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:35:28.0244 0x0d6c  SynTP - ok
18:35:28.0351 0x0d6c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:35:28.0409 0x0d6c  SysMain - ok
18:35:28.0441 0x0d6c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:35:28.0447 0x0d6c  TabletInputService - ok
18:35:28.0469 0x0d6c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:35:28.0480 0x0d6c  TapiSrv - ok
18:35:28.0501 0x0d6c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:35:28.0506 0x0d6c  TBS - ok
18:35:28.0625 0x0d6c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:35:28.0691 0x0d6c  Tcpip - ok
18:35:28.0754 0x0d6c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:35:28.0790 0x0d6c  TCPIP6 - ok
18:35:28.0827 0x0d6c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:35:28.0830 0x0d6c  tcpipreg - ok
18:35:28.0883 0x0d6c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:35:28.0887 0x0d6c  TDPIPE - ok
18:35:28.0909 0x0d6c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:35:28.0912 0x0d6c  TDTCP - ok
18:35:28.0947 0x0d6c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:35:28.0954 0x0d6c  tdx - ok
18:35:28.0991 0x0d6c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:35:28.0996 0x0d6c  TermDD - ok
18:35:29.0047 0x0d6c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
18:35:29.0088 0x0d6c  TermService - ok
18:35:29.0106 0x0d6c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:35:29.0112 0x0d6c  Themes - ok
18:35:29.0148 0x0d6c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:35:29.0157 0x0d6c  THREADORDER - ok
18:35:29.0177 0x0d6c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:35:29.0184 0x0d6c  TrkWks - ok
18:35:29.0224 0x0d6c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:35:29.0230 0x0d6c  TrustedInstaller - ok
18:35:29.0255 0x0d6c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:35:29.0257 0x0d6c  tssecsrv - ok
18:35:29.0295 0x0d6c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:35:29.0299 0x0d6c  TsUsbFlt - ok
18:35:29.0346 0x0d6c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:35:29.0351 0x0d6c  tunnel - ok
18:35:29.0369 0x0d6c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:35:29.0372 0x0d6c  uagp35 - ok
18:35:29.0405 0x0d6c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:35:29.0415 0x0d6c  udfs - ok
18:35:29.0438 0x0d6c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:35:29.0443 0x0d6c  UI0Detect - ok
18:35:29.0481 0x0d6c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:35:29.0486 0x0d6c  uliagpkx - ok
18:35:29.0530 0x0d6c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
18:35:29.0534 0x0d6c  umbus - ok
18:35:29.0549 0x0d6c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:35:29.0551 0x0d6c  UmPass - ok
18:35:29.0799 0x0d6c  [ CC3775100ABA633984F73DFAE1F55CAE, 845F129289BB73FD78A6C3B497F17BA973FD691BC9242200F81993417C803FE9 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:35:29.0910 0x0d6c  UNS - ok
18:35:29.0952 0x0d6c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:35:29.0996 0x0d6c  upnphost - ok
18:35:30.0033 0x0d6c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:35:30.0037 0x0d6c  USBAAPL64 - ok
18:35:30.0078 0x0d6c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:35:30.0087 0x0d6c  usbaudio - ok
18:35:30.0119 0x0d6c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:35:30.0124 0x0d6c  usbccgp - ok
18:35:30.0178 0x0d6c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:35:30.0186 0x0d6c  usbcir - ok
18:35:30.0241 0x0d6c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:35:30.0245 0x0d6c  usbehci - ok
18:35:30.0288 0x0d6c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:35:30.0308 0x0d6c  usbhub - ok
18:35:30.0339 0x0d6c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:35:30.0341 0x0d6c  usbohci - ok
18:35:30.0375 0x0d6c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:35:30.0378 0x0d6c  usbprint - ok
18:35:30.0423 0x0d6c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
18:35:30.0426 0x0d6c  usbscan - ok
18:35:30.0453 0x0d6c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:35:30.0458 0x0d6c  USBSTOR - ok
18:35:30.0473 0x0d6c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:35:30.0476 0x0d6c  usbuhci - ok
18:35:30.0510 0x0d6c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:35:30.0517 0x0d6c  usbvideo - ok
18:35:30.0530 0x0d6c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:35:30.0536 0x0d6c  UxSms - ok
18:35:30.0550 0x0d6c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
18:35:30.0553 0x0d6c  VaultSvc - ok
18:35:30.0580 0x0d6c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:35:30.0583 0x0d6c  vdrvroot - ok
18:35:30.0648 0x0d6c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:35:30.0688 0x0d6c  vds - ok
18:35:30.0708 0x0d6c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:35:30.0710 0x0d6c  vga - ok
18:35:30.0725 0x0d6c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:35:30.0728 0x0d6c  VgaSave - ok
18:35:30.0758 0x0d6c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:35:30.0768 0x0d6c  vhdmp - ok
18:35:30.0803 0x0d6c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:35:30.0807 0x0d6c  viaide - ok
18:35:30.0851 0x0d6c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:35:30.0855 0x0d6c  volmgr - ok
18:35:30.0917 0x0d6c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:35:30.0944 0x0d6c  volmgrx - ok
18:35:31.0004 0x0d6c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:35:31.0023 0x0d6c  volsnap - ok
18:35:31.0047 0x0d6c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:35:31.0052 0x0d6c  vsmraid - ok
18:35:31.0159 0x0d6c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:35:31.0232 0x0d6c  VSS - ok
18:35:31.0253 0x0d6c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:35:31.0255 0x0d6c  vwifibus - ok
18:35:31.0289 0x0d6c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:35:31.0295 0x0d6c  vwififlt - ok
18:35:31.0309 0x0d6c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:35:31.0312 0x0d6c  vwifimp - ok
18:35:31.0425 0x0d6c  [ C366AE91D2CC2C1C25380061D235C36B, FF641D2D913223069EEDCDC08286D91D40BEE5FC7471610DE76E98D8A32045A2 ] VX3000          C:\Windows\system32\DRIVERS\VX3000.sys
18:35:31.0508 0x0d6c  VX3000 - ok
18:35:31.0556 0x0d6c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:35:31.0576 0x0d6c  W32Time - ok
18:35:31.0598 0x0d6c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:35:31.0601 0x0d6c  WacomPen - ok
18:35:31.0633 0x0d6c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:35:31.0636 0x0d6c  WANARP - ok
18:35:31.0643 0x0d6c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:35:31.0646 0x0d6c  Wanarpv6 - ok
18:35:31.0764 0x0d6c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:35:31.0843 0x0d6c  WatAdminSvc - ok
18:35:31.0977 0x0d6c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:35:32.0064 0x0d6c  wbengine - ok
18:35:32.0088 0x0d6c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:35:32.0097 0x0d6c  WbioSrvc - ok
18:35:32.0142 0x0d6c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:35:32.0189 0x0d6c  wcncsvc - ok
18:35:32.0207 0x0d6c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:35:32.0213 0x0d6c  WcsPlugInService - ok
18:35:32.0229 0x0d6c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:35:32.0231 0x0d6c  Wd - ok
18:35:32.0282 0x0d6c  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
18:35:32.0285 0x0d6c  WDC_SAM - ok
18:35:32.0356 0x0d6c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:35:32.0383 0x0d6c  Wdf01000 - ok
18:35:32.0407 0x0d6c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:35:32.0413 0x0d6c  WdiServiceHost - ok
18:35:32.0419 0x0d6c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:35:32.0423 0x0d6c  WdiSystemHost - ok
18:35:32.0467 0x0d6c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:35:32.0485 0x0d6c  WebClient - ok
18:35:32.0513 0x0d6c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:35:32.0522 0x0d6c  Wecsvc - ok
18:35:32.0538 0x0d6c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:35:32.0544 0x0d6c  wercplsupport - ok
18:35:32.0583 0x0d6c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:35:32.0595 0x0d6c  WerSvc - ok
18:35:32.0609 0x0d6c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:35:32.0611 0x0d6c  WfpLwf - ok
18:35:32.0669 0x0d6c  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
18:35:32.0681 0x0d6c  WimFltr - ok
18:35:32.0700 0x0d6c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:35:32.0703 0x0d6c  WIMMount - ok
18:35:32.0727 0x0d6c  WinDefend - ok
18:35:32.0752 0x0d6c  WinHttpAutoProxySvc - ok
18:35:32.0817 0x0d6c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:35:32.0825 0x0d6c  Winmgmt - ok
18:35:32.0911 0x0d6c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:35:33.0036 0x0d6c  WinRM - ok
18:35:33.0088 0x0d6c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:35:33.0092 0x0d6c  WinUsb - ok
18:35:33.0170 0x0d6c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:35:33.0229 0x0d6c  Wlansvc - ok
18:35:33.0286 0x0d6c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:35:33.0291 0x0d6c  wlcrasvc - ok
18:35:33.0460 0x0d6c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:35:33.0556 0x0d6c  wlidsvc - ok
18:35:33.0588 0x0d6c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:35:33.0590 0x0d6c  WmiAcpi - ok
18:35:33.0637 0x0d6c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:35:33.0647 0x0d6c  wmiApSrv - ok
18:35:33.0674 0x0d6c  WMPNetworkSvc - ok
18:35:33.0690 0x0d6c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:35:33.0698 0x0d6c  WPCSvc - ok
18:35:33.0738 0x0d6c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:35:33.0753 0x0d6c  WPDBusEnum - ok
18:35:33.0810 0x0d6c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:35:33.0813 0x0d6c  ws2ifsl - ok
18:35:33.0833 0x0d6c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:35:33.0843 0x0d6c  wscsvc - ok
18:35:33.0848 0x0d6c  WSearch - ok
18:35:33.0983 0x0d6c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:35:34.0093 0x0d6c  wuauserv - ok
18:35:34.0129 0x0d6c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:35:34.0136 0x0d6c  WudfPf - ok
18:35:34.0161 0x0d6c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:35:34.0167 0x0d6c  WUDFRd - ok
18:35:34.0188 0x0d6c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:35:34.0194 0x0d6c  wudfsvc - ok
18:35:34.0229 0x0d6c  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:35:34.0239 0x0d6c  WwanSvc - ok
18:35:34.0284 0x0d6c  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
18:35:34.0306 0x0d6c  yukonw7 - ok
18:35:34.0340 0x0d6c  ================ Scan global ===============================
18:35:34.0367 0x0d6c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:35:34.0409 0x0d6c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:35:34.0433 0x0d6c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:35:34.0467 0x0d6c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:35:34.0515 0x0d6c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:35:34.0545 0x0d6c  [ Global ] - ok
18:35:34.0546 0x0d6c  ================ Scan MBR ==================================
18:35:34.0571 0x0d6c  [ C3220EB08ADD62E3ED9F72A1F4E4B1BB ] \Device\Harddisk0\DR0
18:35:34.0947 0x0d6c  \Device\Harddisk0\DR0 - ok
18:35:34.0947 0x0d6c  ================ Scan VBR ==================================
18:35:34.0950 0x0d6c  [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
18:35:34.0951 0x0d6c  \Device\Harddisk0\DR0\Partition1 - ok
18:35:34.0954 0x0d6c  [ 42830D70BBEF9B5EC0B23BAAE40FA686 ] \Device\Harddisk0\DR0\Partition2
18:35:34.0990 0x0d6c  \Device\Harddisk0\DR0\Partition2 - ok
18:35:34.0991 0x0d6c  Waiting for KSN requests completion. In queue: 83
18:35:35.0991 0x0d6c  Waiting for KSN requests completion. In queue: 83
18:35:36.0991 0x0d6c  Waiting for KSN requests completion. In queue: 83
18:35:38.0115 0x0d6c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
18:35:38.0130 0x0d6c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 8.0.1506.399 ), 0x41000 ( enabled : updated )
18:35:38.0142 0x0d6c  Win FW state via NFP2: enabled
18:35:40.0650 0x0d6c  ============================================================
18:35:40.0650 0x0d6c  Scan finished
18:35:40.0650 0x0d6c  ============================================================
18:35:40.0665 0x173c  Detected object count: 0
18:35:40.0665 0x173c  Actual detected object count: 0
 

MBR.dat - Attached File  MBR.zip   574bytes   0 downloads



#5 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 18 February 2014 - 10:47 PM

Thanks for the logs. :)

Please read through these instructions to familiarize yourself with what to expect when this tool runs

Refer to the ComboFix User's Guide


Download ComboFix from one of these locations:

Link 1
Link 2



* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : How to Disable your Security Programs


====================================================


Double click on combofix.exe & follow the prompts.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#6 Kayjay4860

Kayjay4860
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 19 February 2014 - 07:03 PM

ComboFix log:

 

ComboFix 14-02-19.01 - Katherine 02/19/2014  18:36:00.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2935.1602 [GMT -5:00]
Running from: c:\users\Katherine\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-19 to 2014-02-19  )))))))))))))))))))))))))))))))
.
.
2014-02-19 23:47 . 2014-02-19 23:47    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-02-19 23:18 . 2014-02-19 23:16    1031560    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{23AA8207-0806-452D-9CB0-BC9D414B3BF2}\gapaengine.dll
2014-02-19 23:17 . 2014-02-06 09:01    10536864    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{42781B80-1E0F-4CCB-B4A2-311050110C5A}\mpengine.dll
2014-02-18 23:14 . 2014-02-06 09:01    10536864    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-18 03:05 . 2014-02-18 03:21    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-02-18 03:04 . 2014-02-18 03:04    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-02-18 02:10 . 2014-02-18 02:10    --------    d-----w-    c:\program files (x86)\Common Files\Adobe
2014-02-14 03:48 . 2013-12-21 09:53    548864    ----a-w-    c:\windows\system32\vbscript.dll
2014-02-14 03:48 . 2013-12-21 08:56    454656    ----a-w-    c:\windows\SysWow64\vbscript.dll
2014-02-13 20:21 . 2013-12-06 02:30    1882112    ----a-w-    c:\windows\system32\msxml3.dll
2014-02-13 20:20 . 2013-12-04 02:03    428032    ----a-w-    c:\windows\SysWow64\secproc.dll
2014-02-13 20:20 . 2013-12-04 02:27    123392    ----a-w-    c:\windows\system32\secproc_ssp.dll
2014-02-13 20:20 . 2013-12-04 02:02    390144    ----a-w-    c:\windows\SysWow64\msdrm.dll
2014-02-13 20:20 . 2013-12-04 02:27    123392    ----a-w-    c:\windows\system32\secproc_ssp_isv.dll
2014-02-13 20:20 . 2013-12-04 02:03    87040    ----a-w-    c:\windows\SysWow64\secproc_ssp_isv.dll
2014-02-13 20:20 . 2013-12-04 02:03    87040    ----a-w-    c:\windows\SysWow64\secproc_ssp.dll
2014-02-13 20:20 . 2013-12-24 23:09    1987584    ----a-w-    c:\windows\SysWow64\d3d10warp.dll
2014-02-13 20:20 . 2013-12-24 22:48    2565120    ----a-w-    c:\windows\system32\d3d10warp.dll
2014-02-13 20:20 . 2013-11-26 08:16    3419136    ----a-w-    c:\windows\SysWow64\d2d1.dll
2014-02-13 20:20 . 2013-11-22 22:48    3928064    ----a-w-    c:\windows\system32\d2d1.dll
2014-02-05 21:46 . 2014-02-05 21:46    5556104    ----a-w-    c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-16 05:03 . 2011-05-12 07:26    88567024    ----a-w-    c:\windows\system32\MRT.exe
2014-02-05 21:46 . 2012-11-30 03:33    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 21:46 . 2012-11-30 03:33    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-22 14:52 . 2013-03-01 16:43    189936    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-01-22 14:52 . 2013-03-01 16:43    65336    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-01-22 14:52 . 2012-12-15 05:56    378944    ----a-w-    c:\windows\system32\drivers\aswSP.sys
2014-01-22 14:52 . 2012-12-15 05:55    72016    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2014-01-22 14:52 . 2012-12-15 05:55    64288    ----a-w-    c:\windows\system32\drivers\aswTdi.sys
2014-01-22 14:52 . 2012-12-15 05:55    1030952    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2014-01-22 14:52 . 2012-12-15 05:56    33400    ----a-w-    c:\windows\system32\drivers\aswFsBlk.sys
2014-01-22 14:52 . 2012-12-15 05:55    80816    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-01-22 14:51 . 2012-12-15 05:55    41664    ----a-w-    c:\windows\avastSS.scr
2014-01-22 14:51 . 2012-12-15 05:55    295544    ----a-w-    c:\windows\system32\aswBoot.exe
2014-01-19 07:33 . 2011-05-23 23:24    270496    ------w-    c:\windows\system32\MpSigStub.exe
2013-12-04 01:09 . 2013-12-04 01:09    940032    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-04 01:09 . 2013-12-04 01:09    194048    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-12-04 01:09 . 2013-12-04 01:09    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-04 01:09 . 2013-12-04 01:09    645120    ----a-w-    c:\windows\SysWow64\jsIntl.dll
2013-12-04 01:09 . 2013-12-04 01:09    62464    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-12-04 01:09 . 2013-12-04 01:09    34816    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-04 01:09 . 2013-12-04 01:09    337408    ----a-w-    c:\windows\SysWow64\html.iec
2013-12-04 01:09 . 2013-12-04 01:09    24576    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-12-04 01:09 . 2013-12-04 01:09    235008    ----a-w-    c:\windows\system32\elshyph.dll
2013-12-04 01:09 . 2013-12-04 01:09    182272    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-12-04 01:09 . 2013-12-04 01:09    61952    ----a-w-    c:\windows\SysWow64\MshtmlDac.dll
2013-12-04 01:09 . 2013-12-04 01:09    36352    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-12-04 01:09 . 2013-12-04 01:09    151552    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-12-04 01:09 . 2013-12-04 01:09    139264    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-12-04 01:09 . 2013-12-04 01:09    13312    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-12-04 01:09 . 2013-12-04 01:09    1051136    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-12-04 01:09 . 2013-12-04 01:09    942592    ----a-w-    c:\windows\system32\jsIntl.dll
2013-12-04 01:09 . 2013-12-04 01:09    86016    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2013-12-04 01:09 . 2013-12-04 01:09    74240    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-04 01:09 . 2013-12-04 01:09    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-12-04 01:09 . 2013-12-04 01:09    111616    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-12-04 01:09 . 2013-12-04 01:09    90112    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-12-04 01:09 . 2013-12-04 01:09    86016    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-12-04 01:09 . 2013-12-04 01:09    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-12-04 01:09 . 2013-12-04 01:09    247808    ----a-w-    c:\windows\system32\msls31.dll
2013-12-04 01:09 . 2013-12-04 01:09    13312    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-12-04 01:09 . 2013-12-04 01:09    131072    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-12-04 01:09 . 2013-12-04 01:09    84992    ----a-w-    c:\windows\system32\mshtmled.dll
2013-12-04 01:09 . 2013-12-04 01:09    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-12-04 01:09 . 2013-12-04 01:09    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-12-04 01:09 . 2013-12-04 01:09    616104    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-12-04 01:09 . 2013-12-04 01:09    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-12-04 01:09 . 2013-12-04 01:09    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-12-04 01:09 . 2013-12-04 01:09    413696    ----a-w-    c:\windows\system32\html.iec
2013-12-04 01:09 . 2013-12-04 01:09    40448    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 01:09 . 2013-12-04 01:09    30208    ----a-w-    c:\windows\system32\licmgr10.dll
2013-12-04 01:09 . 2013-12-04 01:09    296960    ----a-w-    c:\windows\system32\dxtrans.dll
2013-12-04 01:09 . 2013-12-04 01:09    263376    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-12-04 01:09 . 2013-12-04 01:09    243200    ----a-w-    c:\windows\system32\webcheck.dll
2013-12-04 01:09 . 2013-12-04 01:09    235520    ----a-w-    c:\windows\system32\url.dll
2013-12-04 01:09 . 2013-12-04 01:09    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-12-04 01:09 . 2013-12-04 01:09    143872    ----a-w-    c:\windows\system32\wextract.exe
2013-12-04 01:09 . 2013-12-04 01:09    1228800    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-12-04 01:09 . 2013-12-04 01:09    105984    ----a-w-    c:\windows\system32\iesysprep.dll
2013-12-04 01:09 . 2013-12-04 01:09    101376    ----a-w-    c:\windows\system32\inseng.dll
2013-12-04 01:09 . 2013-12-04 01:09    83968    ----a-w-    c:\windows\system32\MshtmlDac.dll
2013-12-04 01:09 . 2013-12-04 01:09    774144    ----a-w-    c:\windows\system32\jscript.dll
2013-12-04 01:09 . 2013-12-04 01:09    62464    ----a-w-    c:\windows\system32\pngfilt.dll
2013-12-04 01:09 . 2013-12-04 01:09    48128    ----a-w-    c:\windows\system32\imgutil.dll
2013-12-04 01:09 . 2013-12-04 01:09    147968    ----a-w-    c:\windows\system32\occache.dll
2013-12-04 01:09 . 2013-12-04 01:09    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-12-04 01:09 . 2013-12-04 01:09    135680    ----a-w-    c:\windows\system32\iepeers.dll
2013-11-27 01:41 . 2014-01-18 03:08    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:41 . 2014-01-18 03:08    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:41 . 2014-01-18 03:08    53248    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:41 . 2014-01-18 03:08    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2013-11-27 01:41 . 2014-01-18 03:08    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2013-11-27 01:41 . 2014-01-18 03:08    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:41 . 2014-01-18 03:08    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2013-11-26 11:40 . 2014-01-18 03:08    376768    ----a-w-    c:\windows\system32\drivers\netio.sys
2013-11-26 10:32 . 2014-01-18 03:08    3156480    ----a-w-    c:\windows\system32\win32k.sys
2013-11-23 18:26 . 2013-12-17 00:19    417792    ----a-w-    c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-17 00:19    465920    ----a-w-    c:\windows\system32\WMPhoto.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2014-01-22 4858968]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
.
c:\users\Katherine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$QSRNVIVO9;SQL Server Agent (QSRNVIVO9);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MSSQL$QSRNVIVO9;SQL Server (QSRNVIVO9);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\sqlservr.exe [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-30 21:46]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1517947845-3531664004-2862059384-1001Core.job
- c:\users\Katherine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-12 05:48]
.
2014-02-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1517947845-3531664004-2862059384-1001UA.job
- c:\users\Katherine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-12 05:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-22 14:51    133840    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-09-07 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-09-07 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-09-07 415256]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-01-25 1802472]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\Katherine\AppData\Roaming\Mozilla\Firefox\Profiles\7chlrh8u.default\
FF - prefs.js: browser.search.selectedEngine - Google
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-02-19  19:00:14
ComboFix-quarantined-files.txt  2014-02-20 00:00
.
Pre-Run: 241,745,764,352 bytes free
Post-Run: 241,324,908,544 bytes free
.
- - End Of File - - 0857FD4AB24FCF4BCF5529E7D39E1A88
 

What's next, Sir Conspire? :warrior:



#7 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 20 February 2014 - 04:20 AM

Hello,

ComboFix didn't find much.

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#8 Kayjay4860

Kayjay4860
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 20 February 2014 - 05:45 PM

Ok, finished the scan. I didn't remove anything, so let me know if and when I should... and also what. :)

 

Log:

# AdwCleaner v3.019 - Report created 20/02/2014 at 17:35:38
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Katherine - KATHERINE-PC
# Running from : C:\Users\Katherine\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Katherine\AppData\Roaming\Mozilla\Firefox\Profiles\7chlrh8u.default\searchplugins\Askcom.xml
File Found : C:\Windows\SysWOW64\conduitEngine.tmp
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Ask
Folder Found C:\Users\Katherine\AppData\Local\apn
Folder Found C:\Users\Katherine\AppData\LocalLow\Conduit
Folder Found C:\Users\Katherine\AppData\LocalLow\facemoods.com
Folder Found C:\Users\Katherine\AppData\LocalLow\PriceGong

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\caphyon
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\caphyon
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\caphyon
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v14.0.1 (en-US)

[ File : C:\Users\Katherine\AppData\Roaming\Mozilla\Firefox\Profiles\7chlrh8u.default\prefs.js ]

Line Found : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v

[ File : C:\Users\Katherine\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3746 octets] - [20/02/2014 17:35:38]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3806 octets] ##########


#9 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 20 February 2014 - 10:19 PM

Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished... make sure all found items are checked.
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.

A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

===================================================

 

Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

===================================================

On your next reply please post :
AdwCleaner log
JRT log


 


Edited by Conspire, 20 February 2014 - 10:21 PM.

Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#10 Kayjay4860

Kayjay4860
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 20 February 2014 - 10:58 PM

Ok, done!

 

AdwCleaner log:

# AdwCleaner v3.019 - Report created 20/02/2014 at 22:41:08
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Katherine - KATHERINE-PC
# Running from : C:\Users\Katherine\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\Katherine\AppData\Local\apn
Folder Deleted : C:\Users\Katherine\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Katherine\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Katherine\AppData\LocalLow\PriceGong
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
File Deleted : C:\Users\Katherine\AppData\Roaming\Mozilla\Firefox\Profiles\7chlrh8u.default\searchplugins\Askcom.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKCU\Software\caphyon
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v14.0.1 (en-US)

[ File : C:\Users\Katherine\AppData\Roaming\Mozilla\Firefox\Profiles\7chlrh8u.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v

[ File : C:\Users\Katherine\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3910 octets] - [20/02/2014 17:35:38]
AdwCleaner[R1].txt - [3970 octets] - [20/02/2014 22:39:11]
AdwCleaner[S0].txt - [3770 octets] - [20/02/2014 22:41:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3830 octets] ##########

Junkware Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Katherine on Thu 02/20/2014 at 22:47:53.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C305B7FC-F853-4D5E-9324-0608CBA7BE01}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0012EB30-D6DF-4060-BBA9-D6599671F259}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0022680F-667B-4426-93D5-1075B7BA4071}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{00400EA0-4537-409A-A6BB-2F00E47B9417}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{00530075-383F-48C3-8F16-731E3B937E67}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{006B7781-D80D-49C7-9019-77BB2B3477A6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{007F44DF-701E-4002-8BD6-69FEDFE76705}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{008B03EA-4F65-4ADA-9F3A-6FE3414B43CD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{00BAC19C-B7C6-4A46-A476-1C821BE59CFB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{00E8D019-359B-4ECE-BD40-BD634CD7D4FE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{012F0355-D982-4AEC-9DCE-7BFFD8A1B41B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{01308EB6-AA9A-4CF9-A68B-E4DD1F15E1F3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{013547CC-96C8-4762-8745-1A94F9115059}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{013EABEC-6B02-475F-9FA3-7219A53D1D9F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{01542A75-3CAA-477F-913A-3F359365CB7E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0197791D-8C51-4526-8838-ABD2B6AD2350}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{019EA6D8-AC27-41D6-B49E-4C2B6A410691}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{01C9A0C5-362C-4717-88FA-F793103053C9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{02E8335D-CC17-41A7-9ED9-DA8E15B530C5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{02FF1C4D-8EB0-4F3C-9698-8165F8432CF8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{033AD3BB-16BB-4043-9FA2-CF24A214FFA1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0365E06E-4D7D-444E-9C83-D2C68D77D87D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{03828037-F20B-472A-8DDA-5015299F10F5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{03A43D6B-1F05-4062-9E95-61720CD0579C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{03B29D8D-7CAF-4CB6-A503-8D072761B3AF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{03F39CDE-DBC4-4046-9506-28DBBB5F09FF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0423BC09-0F0A-44AF-831C-B5BD0F694FC2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{04A76989-9161-46CC-BBB8-94D602D2EF3E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{04C7555C-81C8-4F09-BBB7-62BE4CC64908}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{050E9912-7ACA-4C84-B857-6F1BAF69E766}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{051FF650-5941-498B-B923-07ED9DD53209}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{05393E97-9B86-4771-8777-8B31E150B259}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{05D808EE-95FC-44DD-A8AB-3808DB4146CC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{05E31805-B573-4030-B53E-D54F930222AF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{05E594FE-2E62-462B-8E90-004A3F233ADD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{06224FDF-E2DC-42D6-87D6-0C4D16887F34}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{062835D8-0C5A-4446-BE16-AD4F1CB479EE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{063595E4-52DD-433D-A264-16EAE92F1189}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0648970D-5320-4D19-BBBC-FA172839FFA9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0651C29F-4694-4CEE-89CB-2B66E8908736}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0688CEDD-0207-4C76-8B82-B74DDCB3C33B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{06A9C735-683F-40BC-AB8B-9C7735D3A6B5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{06E08893-38B5-45D5-B405-01632FA2EA16}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{075203E4-F29B-454C-B8D9-EF6DA6DE3CBA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{07BC46A2-BBB7-423E-8EFD-76EFB33379C0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{07BD9521-F140-42B4-9595-31998BFBDEA4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{08057A77-9C84-459B-846C-7FBC927BDD76}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{080F5F42-3D2B-4B08-9E81-56359C7EF414}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{085FA378-D2CE-4676-9455-02D4C7C90764}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{08A04B36-9210-48DF-A611-9FC5D87BBBC2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{08A1AA58-F386-4DCF-91E2-CB07F7BC729E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{08A4E622-16D9-4251-9FA6-B6FACC56AA12}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{08B57032-4755-4D97-B211-C275777D3257}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{08D2CE4B-38C1-42AA-9218-8A41CA9AA6FB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{092AF5C8-63C5-4F05-84A2-97DFA62ED728}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0983170A-89E7-4E8E-892C-E25D3FA11342}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{09A3D53B-14CD-47C8-B766-1072A5CA770E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0A0CACBC-2F15-4EB5-A489-E324A8776C7B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0A5BF554-BBEF-4D80-A815-5D95AA8303DA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0A768D9B-D434-4561-955B-206BCBC70A1B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0A84B18C-50E5-4C39-A93B-0FF24FA2EBDE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0A964F6C-F009-4FA0-9393-D512705562AE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0AC060E7-3F8C-4E2F-AD21-C898A16F4099}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0ADD02AC-65BB-4893-9C92-0F9A29433712}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0B75B88F-54C1-4649-913F-8BADADE07FB0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0B91CFD7-C4B7-4386-95F7-E0A89EC0AAD1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0BAE7F0F-FD70-49CA-8BC0-DAB3A857EF9A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0C3EE8DD-1748-4839-91DD-37561D7FFA81}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0C64A354-2422-4975-8214-7638DC24A230}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0C67E4A1-0842-43F8-8954-CB8CE5657728}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0C839830-C249-4306-86E7-D17471263B71}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0C96ABE1-12FA-4DB3-B868-E1FB395F9829}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0C9D6B99-3591-416C-AA9A-5EF20E4A85D7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0C9DAFC2-06E5-4128-A805-B6B4B008723A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0CB6CB62-EC53-4FDB-8604-5CA439E53F47}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0D795576-8B85-4343-8010-3DBAAC55862A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0D91972A-D7A6-41C7-A783-0417FB7C8005}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0DA5F33B-649B-4041-BAA0-DD1A37D262A5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0DCC5C61-C7EA-4B81-A0F5-A99DA3A720BB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0DE93159-6FDB-40F1-A9F4-D17670F58E2B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0E589256-568E-4345-9D83-C15AE266F7B3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0E5DF6F3-1F8C-4611-BDF8-273432638598}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0E8ECEE4-D056-420C-9859-2CC0E304351E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0EA1C7F2-2626-4CC0-9874-6A0367BDB3BD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0EA5ACAC-2B85-4FBB-A2F7-DFEA6293E2FF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0F1188C3-9358-44EA-A05F-639E09E57DE6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0F2A276D-E4B7-4EA1-9222-AD0385AD18A6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0F62D61A-1255-4399-A478-7433635DF621}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0F77A59B-9C92-4DF6-AA92-784FABEAB8AE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0FCF2BA5-211E-4281-BBC4-10B6454C91A2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{0FE16EF7-4FF9-4475-B23D-BD97AE49F0DD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{10542409-3BF8-4244-95C4-8E8289BB77B2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{10B8D74B-C192-40C5-A5ED-E376CF0FCA25}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{10F1BC05-1C64-4192-A539-29E08AEDDE45}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{114333BA-7B02-460B-82FD-D977949525FF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{11BAE5C3-E79D-44B9-836C-4468E0E5D292}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1298657F-B723-4D54-9B07-477E13CD1A8A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{131A40E5-6B59-4D82-A40D-E3422C4D8FF9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{135978DC-4062-4734-BEC8-20108E3EE9D9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{137284D3-6657-4A90-8784-79ADA67BC04E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{138F5FA8-6131-46FF-8806-1EB7B1406C64}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{13B82529-2088-4800-A0ED-C0E9C43206CA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{145C8F77-32C3-4E46-8561-5186AF1FB0EE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{152828D7-8A73-4DF3-A2DA-821755F2E351}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{153F338C-DE52-4B11-A5AA-A31AF581B4D3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{159494F7-1088-48F5-B4C8-A41DD3D11B7A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{15A73C6C-24A2-4A13-BE37-22880C74D461}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{16352A90-0067-4C34-8468-39AFCDBA11FE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{16DEF3D1-E585-4139-B02F-77E8E8C8EBEA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1701111C-720F-4A34-91FB-EF382690340D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{175B2379-9797-4A85-9643-BBB538943DCC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{177E04A6-4BB2-4C5A-A166-4949D1923AC7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{17ACB40C-1CB1-4136-ADE3-93AE06A1888F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{17E17F12-7A91-4A3A-AB81-9A8E7328BD91}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{180190C6-8FBF-48C9-BC6A-E04B833A7027}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1837E073-367A-48D5-96B4-5F73C30F7EED}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{18FDF442-2C9C-4132-8CE5-8EEC51ABFB91}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{192CCB75-3A83-4BA8-8855-F0C2340A2F67}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{19459EDE-3A23-4EC5-9DD0-329B0A2D845D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{199DC63A-807B-410B-AED9-32B4BA085F91}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{199E328C-B2DC-48AC-BC90-C1CAF75A7280}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{19FE7512-8103-46D7-BA24-A7CA2C027BE4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1A53C5EA-2F15-4ACA-A8E3-2B9D525BFF7B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1A89BAEA-E6A6-478B-8B8A-84B5B77FF992}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1AB989F4-7430-414F-B8A5-D0590113977B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1B177642-FFBC-4D2E-8DE1-5C81812E57A7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1B244B15-B922-4D53-B55E-897E2BDAD946}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1B2C191C-9F3F-4FA8-8FE9-72DBDADA72EE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1B4947B5-B00C-46BC-BBEA-1634D06FB947}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1B4D960D-3620-491C-AD19-B604D161261C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1C51BC36-7B82-4E3B-814F-F2EF5B391F5D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1C7C8416-0E0A-4B83-B0F2-85586B1DFB00}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1CC2F126-F39C-4A10-91BB-AB0BC484F911}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1CDB8A5D-588C-4CAF-9DDF-E3151F386E7C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1D054D8D-5B42-4071-86CB-FF8211515030}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1D09A19A-9145-459F-94AD-87BD34F97ED1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1D36CC3B-0FC5-4B7C-BB38-503EBB4EF7DC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1D38A63D-D3DA-4774-9D75-1C64AFFDD472}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1DA71DE4-C295-4D65-96F1-2D3963C4CB7D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1E152DAA-45E1-4677-B694-F6202AF5FC11}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1E465744-A287-480C-9194-B8A1DF33D6F9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1E86C9DF-0000-42FD-ACC8-2E1FA0D612F9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1E8B34DC-C902-45B4-AEB6-3D070DD8FD67}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1E988530-71B7-4E07-9820-B5E3FEB012C0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1EEAA522-09C8-47D1-9341-AE68CE375335}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1F10280C-9A44-4AF0-A00A-8C9E20274BC2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1F1EEE28-1C28-4175-B7F0-3414A9E933D4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1F272F6F-D159-403F-8CC0-D97016E3F0DE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1FA48892-8C4A-4E85-978D-0D8C9B2D2DAC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1FBC5A2C-05CB-4E01-B9D0-7C2EE6569426}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{1FC9E837-DC59-4F45-9B3B-83311B4B4147}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{20BB1E0C-02FA-47EA-B105-E6CBCE11D422}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{20DC627F-D5B4-444A-8926-3F937C2C003A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{211D910C-FD73-42B8-A2A8-EC8DD7168EA0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{213E84B0-4B3F-49E7-B197-EF487F4768A2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{21B15583-089E-4E09-9807-B48B4F534504}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{21C2373C-2717-4733-B0B6-77BABC150C04}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{21E06551-6F0B-478A-AB1A-615B670DF696}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{21F86689-67BE-4D66-A915-DC118CA4D0BB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{22289373-08E1-4C81-8762-CC3E0370D9FC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{22369360-4BE2-41E4-AA31-C5A6D0901E64}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{22605F9C-E0BD-41D5-B514-77AC5CEEF55C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{22AB2016-168B-4D99-B9BD-F1E630237085}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2314226B-63AE-49F9-9284-4E94BA3E91E9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{234E7AD6-C59A-4A8D-AC61-E520E3E5D4B2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2355D766-45F5-4DED-9E6F-45BDD0ED8722}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{23622638-F0A0-43C7-836A-C89FE6E4FBE4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{23D393A4-A930-46D1-96DF-FC0B9DFC9A39}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2419863B-4F03-415F-8D63-24E19B57BEF8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{24DBC760-FFD7-4AC2-809F-685F42151531}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{253C67DE-2AF8-46C8-BA25-8CEE8298DAA2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{25460FB5-53B5-4801-98AE-CA24E2CFB2BD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{254CF09B-D442-4B80-949E-880858424E56}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{25568E05-F485-4EA0-8EBB-E9E8F3B3B775}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{25780C4C-30D4-4885-BD9C-EEA4099CCD52}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{26BEAC0C-332C-447E-8459-DB13209FDF3B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{26D26901-0466-4363-ADFA-46E5574C129A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{271F34BA-13CD-4CE0-AD41-EA03332798D6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2726C689-9652-4BE6-A884-FA4DD6D9DA24}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{273F8466-8237-40C3-90BC-14D98B2FA537}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{27550A7A-3B38-4EC1-9444-463D13DF111A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{27D1582D-03BE-47E2-93E5-B29B1F55A7A4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{27FF8C8C-A5A9-43D1-8490-92DEC35E387D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{283FAB88-3C01-4DEF-943B-D64BE3CAD066}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{28C23E88-C65C-4D0F-B722-D71EDC964B55}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{28F723E7-B6CB-4A95-947C-DF9AC99CDB43}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{28F9DAAE-9881-4117-B931-441B0226EAA0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{29AA7EF2-9AEF-4A30-93BE-B63804FAC6BC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{29AE535D-3D6A-432D-84DB-3FA9894C4A83}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{29E8C11D-1D6F-4D18-9113-98FECEA94038}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2A031FCE-99E6-4B49-ADDA-7F6A19FDA9ED}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2A0E716F-13DA-4E0E-AC48-E36A7BE2A82A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2A3447D9-442F-4B0E-88CD-F3E51C4CC5D6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2A65F0FC-0CC7-494B-ACC8-7480081197D2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2A72A3EC-D545-4658-9801-37E88E60001C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2AC0DBB6-48E6-4797-AB56-AAAAD4F4066A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2ACE1084-A7CB-446E-B124-BC8F72FBA812}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2B3E4195-508E-488E-9721-48EAC4585521}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2B56B97B-7FC3-4098-B708-4A5EF4095F43}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2B973583-840E-4242-858E-C946AB6E23BB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2BBAFFD0-5F5D-4C1C-9E75-831E1C2D8892}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2BC6F899-CDFD-4D78-BF10-925B0D9FBF85}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2C14E7EE-CA3B-49EC-8056-2D31670E8C66}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2C2959DC-1F42-4DDC-8557-36D403D4115F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2C55D5ED-FD26-48FA-A449-6BC84DC3746D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2C81CE00-E336-4AD1-8B7A-2ED66FCB6A6E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2D3CA53F-161A-4A86-AB88-2CF4F2B51DAC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2D7BECC3-F2B1-4CB7-A11B-E404B10C52C1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2D9D057A-90C4-41A3-AD83-0532CD3D3FAA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2DC52FCC-D974-4E3E-A383-D0976594877C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2DD29C21-C3E1-4BDE-9B44-C1841261217A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2DE09682-46B8-410C-BC94-AE60E73C8E80}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2E11E044-EF92-4D32-A7E6-4AA3DB01E0C9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2E8C70E6-C414-4C46-A609-CA80189F19C6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2E8F7226-4B6F-4FF7-A9FD-D41E267AD73E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2EADEDC3-B9AE-4EC3-9503-9443E756DC6E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2F3A7B3A-34EF-423A-8AB8-BBCC8E4F80C2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2F3D6F44-87F0-480B-8AAD-45A7795E7BE0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2F42A418-E2B2-4C4C-823F-A6AAB340B73F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{2FA81587-1F14-4DE4-9E17-2CA7D780679B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{303E7A43-487B-47B4-A2C5-6C2525CC9CD7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3041D6A7-B917-4F75-8B2F-1B99E90B9A0D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{308F2AB5-3420-4747-8B41-31A07C8A0131}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{30F725CB-165C-4E57-A496-F6E1EEDCCB55}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{310F1B18-E75C-49D8-A868-CC6B249CED56}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{311CD278-72D9-47F0-9FCC-E90FB4C89944}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{31288B93-3D9E-46EE-8FC3-DE143950BECE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{317CF421-5C0F-4BF3-895D-A8D21D5DFDAF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{31A732BE-7E5B-4F03-833D-9260A235F38C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{31B18AC4-A2E0-4014-A8B8-0AADFA0FAE36}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{31E95AD4-D616-4ED9-97F7-E7932F0DCB95}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3215B0C3-BC1C-4851-9429-709D80787EE5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{32164DCE-8261-4F67-99A5-8315905456FF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3231BE09-C16D-4078-B0E8-D525E405D1EA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{327480BE-0935-4C91-AF16-0F29EE0DAF5A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{328CA99A-A1C0-4317-B1FE-951C91D3D3A7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{32B298E1-E5DF-41EC-8C17-F7A3B6F3CAE9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{33E90B2F-B4EB-4D2C-BE10-C4DE398B578F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{33F4BC95-28AF-4B8D-9BC5-1BB86835B8E7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{33FAB878-9B88-4E86-8912-6FBCCD06920F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3404D3CF-62E5-440F-8127-F42F5E72E176}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{341501D0-BFB7-4638-83AA-3293075BC0BF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3418BFB5-AC0F-47C2-9335-BD338EF91297}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{342079C5-0A18-4792-BFFE-11A937F31A27}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{342430CD-EB22-4405-A1A9-0A29DD7BB45A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3457A11E-5740-448B-8C86-187E45B1D1CF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{34866FE0-B8DE-42C7-AB22-EC26EF916F43}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{34B4E4F7-9CCC-4F79-8253-F4F4FD645FEE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{34E45BA6-660A-4080-A9BF-D591DD806AA0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{357BCC96-24BC-4BA3-A687-897F353FBEA4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{358093B9-8C28-423D-A7E1-AFB39EF1078D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{35EB3CC6-2600-45C7-8D3C-E3D5F5E80400}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{363BD977-9726-4336-A5C9-B85BF24F9814}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{36529736-F168-4590-B7EE-325828CDCA32}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{368FEFDC-7AB1-4607-8F81-F211D8E2409E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{369C91B5-A72F-4E54-A09B-08284253B76E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{36A4C414-2D70-435E-8544-72C06846481E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{371C6572-77B1-4851-8D2D-F97A74AAAFEC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{373A332B-5C58-4737-9211-95B7AF6694C4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{374C8017-3BE4-462B-B721-8BFA32AC3587}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{37763D85-E849-421D-9A01-BAA98A6A1025}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{379E9698-3AD2-4224-901E-DA00FA3DC8B3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{37D3FC75-958C-44B5-9DD2-24D892B6F18C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{37E67305-C7C5-4ABD-AB58-F44A592072A6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{37FA5347-51D2-4934-8F01-4B673EC1D9B5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{384FA4AC-00DC-46CD-847B-27D8D15D7A30}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{38A24490-2BD9-4AEA-ADD2-027FD6A66732}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{39692D25-6F54-4429-8C5B-1CCF85721DE6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{39830EA6-27CC-4357-B94B-29B1AEAF3F93}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3B0FB7CF-D480-4CAC-BDC9-5A3ACD4F9BB6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3B2FD988-5E5C-46C3-ACB1-ED988A853A63}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3B91EFD6-D62A-491A-8A95-63F951E862AC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3BEC014C-E4D3-4A3D-B567-71EA579CA69A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3C07A402-CD67-47C4-8EFA-CFED8E90CF9A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3C129923-9B46-4C66-A0AF-2B4A10A4A666}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3C197E51-A939-4D56-BE1D-A67530E5376A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3CDAAA0C-6955-4962-BFA3-B7FE519157FE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3CE8DBA6-414E-4A76-8B49-63171B73686E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3D33A005-35DE-40D0-9456-17849782A6F9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3D6B2AA5-BAD0-458D-9E38-CE3F30F9CAB2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3DDACD85-F194-4BBB-A9BC-DC192E14D1ED}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3DEEDAD4-7A92-45F7-AF13-D822514182CB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3E1CFCC9-4D96-41F0-8F87-17804AF9C2CB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3E5D979F-A2B9-4F24-A8E0-A686829D5565}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3E9B56F8-5D1C-41A9-92CA-6825897309FA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3EA039AC-0349-4B60-93EA-2333D1E1B84C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3F45F0C3-B06F-43D7-9BF1-F6D3AE2B7538}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3F73311D-797C-4593-B6A6-70FED801A8BD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3F75B249-A7E1-4D6F-B334-DBCFD4B553B5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{3F971093-D0EA-46DA-BE60-4C76162C3B12}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4014C472-EB28-42D8-A009-D8E816738A4F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{40327ACB-1FEC-45A9-9227-18CF8BFB82CF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{40781E8D-8053-4AFD-B848-D3B78F20B924}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4098ECAA-8050-4174-9F00-B90CC0E330F9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{409F75F4-C623-4899-A7FA-6A89B92C9F2A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{411AFB88-E5D4-4694-A00E-FF305851564C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4147EF43-5732-4C92-98CA-54ED4F1CB93C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4182D5B6-412F-4493-A30E-6B60FBB00050}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{41A861A6-4CD2-4BD1-9546-E15B0F3C39B6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{41A8B216-7328-4F40-AB46-0ACFA2101F86}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{41EA8066-5068-463D-8C54-73EA6CB4D307}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{41F94F9C-A05A-4C34-AC1B-34A3E081F059}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{42343ECD-7BBE-4D29-B03F-8904D34AED23}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{425BF335-0ED8-4219-AFA1-FEEC9BF1BE9B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{428A5A91-BCE5-472C-9B0C-E9FB6FA9C454}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{42C2252A-4CDC-40EE-B673-5F5B2F8E0FB1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{42F3E69A-CA13-4549-8FDC-49CF39F34751}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{432418FE-1A63-467D-872B-FD7BEFCA50D9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{43389568-938F-4286-94B3-960EEBD0AF83}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{437A75E1-B3FB-48FB-B730-3AD692B10D16}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{438550CE-3BAB-4E67-A311-F79DC90EF21B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4392894E-24C8-4D31-9C54-3F71B2F49A93}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{439B6AF1-A78F-45AB-AF9C-2B66F9798711}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{43B9C3B4-296C-46D7-823F-3623D498A0A2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{43F64135-366D-4210-BD84-36F62134481F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4434EB8D-12AB-4A04-B467-EE9F9EF09DED}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4539D8E3-A0BF-43CB-94D5-751DBBA4D929}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{45CD71E4-8E21-4BC9-87E0-F31E26AFBF50}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{46316B5B-2A63-43F7-95C6-AE3B8DBC704D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4696B0C9-5431-4DEC-8756-925B878AD505}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{46DEC054-0CE9-4008-A763-323FA858F120}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{46FACC17-D23C-41FD-81B2-4319FABFFA73}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4704F05A-5DC7-4BD9-95F6-06F00FCDEE63}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4710CBD9-C72D-43C0-86CF-1908D4769688}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4729AFCC-8A03-4068-A1A0-55E03D2D71E2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4758208A-9EFF-4759-9CF5-F88B91E43F74}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{47A94BDB-0DF6-47E0-91B0-E5246DA3FBE0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{47C72174-0CC6-4F90-8AA7-7D24FE0766C2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{47D60AF5-5940-4D9A-878D-4590781BA4C2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{480A7B0A-DF1D-4851-B495-471F89266E2F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{48250203-73B9-48CD-991B-579D9ACB2BED}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4825CB93-F4BA-4C08-9FBC-5E4F6C118EF3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{48B16B37-276A-4EF8-86E5-F0DA827AADF0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{49217A70-D21D-4609-B670-8BA185A81EF4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{492AD46B-0FF3-4767-908C-C852E177F1C9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{494D9D97-A97A-42C7-9DB9-1963EDA9DDA7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{495B6C73-8C35-495C-9418-F6FD0304823C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4968FBFC-BB27-4FA4-902A-FAE1F08C2780}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{49D86EAF-FEE4-4BAC-99F4-5C6221C75AC7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4A0F60E0-1602-403A-9E08-6A68A924FAA2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4A7783EA-222B-4C90-B5B4-26D6ABF2EA86}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4A7B9F3B-B250-4C8B-B162-293BFB18263F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4ACCDDBA-0BBB-476B-BCB1-EE34F506B369}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4AFBB4D2-41B9-42A0-9D8E-8AAEF11FC18B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4B0B644F-1269-41D6-9185-12A36556F40A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4B199163-A861-4B77-BCC0-2845D74D38A8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4B746B33-5193-4058-84C6-9DBE703589FD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4C2698B4-68FF-4608-A9A3-4176F90C67C6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4CFD2DAC-96F2-4084-AA42-4C32C106568A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4D02B76D-547F-4B83-B399-FD5153DE98C2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4D25CD04-86BA-4574-9AE8-6BE56EBB18CC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4D427417-4FCD-41E0-8107-A4EC68429D59}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4E49D92A-B93A-43CC-9776-690DD3A18BD2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4EA4D3DD-65A7-4544-8BF6-CA99C6D8F242}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4EBD819E-06B4-4758-A8D8-70DDF272FCC2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4EDDD9B3-4E1C-43E7-860C-85EEF65D28C6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4F2D754F-611C-4AFE-B263-F121018FD981}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4F53F00E-DE4C-4F35-8F5F-B2A7395DCD6F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4F56158A-DF29-4EB3-A584-1CC7D2682026}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{4F712C48-2A5A-4586-B3D7-71FADDB59794}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{501D51D8-8043-42C5-AE76-53C12DE3A20C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{50627ACB-02CB-48E1-A8EC-AD2F7ACF7EDE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{507B3B5D-C388-4E51-8534-BAAC072DBB6E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{509DB9AE-E26A-4DFF-AA9D-A23973CEFC27}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5182A03A-E953-4B02-841D-9A0CA927FE2A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{51B31DE1-8A3E-4F44-9261-BDBB1A8EAE8A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{51BAA0E4-DCEC-489F-928B-33CB060DAD6E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5275A4A3-9472-42FF-90E8-2C85E7A2A2ED}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{52E7CBF8-427D-420C-AD70-5FA0DDB7F42F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5317A868-33A9-4B8E-AF2B-14CF46F61AC4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{531B54B7-84F9-42DE-B2E3-FE92955B75EF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{535B3902-479A-4531-AEA1-43821E07E1BB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{53611880-2E08-4C1A-B81F-609B22848937}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{53D136A3-88A4-45BC-8F4D-A7898D707D73}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{53D1D653-95DC-414F-8FF4-4C5CA23C8568}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{53D94544-189C-4982-900B-E0804FDC5B8E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{54E6D950-EC13-4940-9513-AB2F861332E3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{54F95CFC-9AB5-485D-A3C1-3101D2D4EBC6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5529252A-1A4E-45BE-9B07-B832DBB031BA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{554471A1-460C-4C57-AC00-B801094495C0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{559C59D2-CFEE-438A-9A5D-7E7DA44D139F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{55D2EED6-C330-442E-8F44-08518830E0CC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{55E7B846-40D1-450C-8170-77DC37C88F0D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{56821E7D-34E0-4FC3-8CA0-1287AE33DF06}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{56CA4326-81B9-4A1D-A297-3346CCC98211}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{56F3F1F4-E935-4CF2-B47A-4959EBD5F408}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{570D2D88-73F4-4D7B-BAB3-C34EC68F5489}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{572199C2-8DEE-4EB6-B863-F01734042A32}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{57544EA0-7653-4665-A2F8-86A21397A5D5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{578D6D4F-C6CE-41A5-9EDE-601E8751D6AF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{584F2DC9-F659-46E4-97D2-B51BED6D4EDF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{58628B18-651D-46CA-8DA5-1912D3815989}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{58B66FAB-EDB7-49B1-BCDA-AD3AAFFBC668}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{59AFEBB4-2F01-4F00-8123-0801579049BD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{59F0BA58-FD58-41F7-88A3-7F03BAAB3254}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5A03738E-19A1-43D1-80BD-0499C3BA1A94}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5A3E7CBE-5AF4-4BB9-9FB1-CE677251036F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5A7E3C3D-BE62-4F6D-BE95-FB62B32D78C9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5AC38313-36AC-4FE8-914F-35E452E06D33}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5AE7396A-22C1-45C4-B28D-E6FF5943E779}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5AE7BECE-1FAA-4179-88C6-EA62C02F9D8B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5AED044F-AFA7-4982-BA71-BC5F6D0F262D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5B033D4F-40C7-4C82-B08F-1C7E4F278B13}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5B1BA16C-AEF3-41EC-BBB4-FFFE3678B68F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5B242EB4-CA56-431A-82CB-C998244184CA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5B5AC1C6-7FF7-493B-81BE-0A6BDE9A043C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5BBA0BE7-791E-401E-A638-7F87C9034E07}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5C17EA5E-0DAF-4796-A4B8-FDE4F375BEF4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5D9810E5-B3FB-4260-862F-7159DB1812D3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5D9980D9-88D8-4259-807D-BEE4101F525B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5DAA3F31-BB50-4E5B-84E2-5CA05B8200F4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5DE90DDD-FE27-479F-AD6E-E9EB6A9623B5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5DEF6766-67DB-4A7B-9732-0DBD6D92483A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5E119C45-714E-4EF0-A69B-ECE601BDB068}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5E436E5B-B353-4624-AC5B-2C2C7D98D315}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5E565726-B33F-4D9C-BF5B-E8732790063F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5E8C33A0-2D20-4548-B0D3-FD5717A89BE0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5ED09584-7ED9-498E-833F-61E7ABD2789C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5F3F86C1-82D4-4EFC-90AA-7EE572DF851F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5FC0CA18-7B74-4A76-9EF9-85A34930CE12}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{5FD0935B-E03E-4026-8C16-712789A92338}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6009CE28-D3E4-4587-8B5D-B2B787E25849}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{604F8310-2A33-4307-A9D8-8CC8EB64C6C1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{60C46A29-89CF-499F-B410-BFF063B7049B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{60C47BDB-3D1B-4AB0-8932-F44F4C5CF900}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{60F82956-AF9D-4958-A250-FC4D4B2B0162}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{610D1754-748B-4EB4-B75F-84BBE8450FD1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{616A16AE-09C7-48E8-99B1-EE5FD9CC27DF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{617329A6-8217-4C40-ABFA-70FD2DE338E0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{61C9270F-6314-4B3F-B90A-CAF177DAA93F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6204613D-F9A7-4B23-8BF8-830CCDB26F4F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{62CB443B-F08D-49F7-BA3F-8EC88E13273E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{630CE3B1-DE7A-49A5-8843-5A4B537D4AF5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{63872449-FE79-4A85-854F-9A56098EAB9F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{63FB4CB2-476A-473B-938A-E1DB1E26C2BE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6443593C-219F-4E9E-870A-4C63348DB7A6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{644BDF50-D2FE-4900-85C1-1387F3FCFD35}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{648A34D8-AFF1-4456-B221-C87C18DD24A9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{649041AE-A317-491F-B027-A98836F23857}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{64B06B1E-4381-4E71-B5F8-C52DC0DB768C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{64BFCC6A-CF92-44E7-A150-D97A45696F3F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{653A870D-E744-4C6D-820D-4B68189905F2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6569944D-3666-4B5A-ACDD-2D8C9AE0C1CC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6577D1AA-1FBB-410C-9B93-FBD27D10B945}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{65B302B4-F7C2-4640-93F7-441EFF9CBA47}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{65B6DEF0-E9AD-4F53-B0BE-AB5A7B5644E7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{65D7CA8B-08F5-4CF2-935A-D2ECB3F32AFB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6670274C-4FE8-4B49-8EEF-0C65667DFAC4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{667D1458-DF44-46D4-B0FF-39050C34F365}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{66E8A1B7-E2EB-4AA2-B19E-40F0FC442C80}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{670DF9A1-1C59-4201-9AFC-19826DEA60E6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{671112DE-DBDF-4983-B903-B2E5DB6076F8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6794C6C0-06D0-4EB5-A623-1022698462EE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{67DC6FAD-A8F8-4F56-B695-AA81B0D4A251}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{681A39C7-0480-472C-897E-D305C6195CCA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{68219C96-A53A-4A51-A790-7C98F3CDA59F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{68294F0D-6D7B-4605-9353-00AC9C2B74A2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{68616E53-8BD9-40B0-B0AA-44A2EA83E042}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{686AAD0C-3FB7-43D4-B04A-9AF00265F2F4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{68C4CE3F-D486-4503-B6AC-A3A822FB2485}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{68D77F40-49B2-44AA-8028-2B235AC94EED}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{68EBAAAE-965B-4800-968A-8BD889461B56}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{691206B5-F0D4-460D-B308-5D6CF1B7487F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{69646625-6FA1-4786-BB7B-D1733ABC9D60}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6A4D1AF4-EC20-43C1-A723-3E8EBA36FC86}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6A56E92F-D55E-4229-8EEF-8BA1A8D4284C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6A63E042-CCBD-4DEE-9FAD-E5E84EE68E18}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6A668E2C-EF6E-4466-9171-DFC0151E7AA6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6ACC2A46-EE6D-4E10-8FC4-BD2266091778}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6ADC1E1D-BB0C-4560-BC0D-976605C05AC3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6ADFF40F-8985-4A13-81B4-BE62C0A9095C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6AE6DF87-A8F8-4D56-8B3A-5499666D1DF3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6AF6A9A6-6C05-499F-AD96-B53AE249276B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6B5B65DC-834B-4BE5-9B02-04DE71B3C822}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6B638908-C390-4CC8-9CD7-ED6B5D18A2B1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6BB8E1EF-783F-4FCA-96DB-4ACFF32CE909}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6C748C89-4305-4AD0-A82A-B2005F4510AB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6CB16893-379E-45F6-BCCF-A7D895F414DC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6CDAC143-AD6B-4E3A-8F0D-EC809D71D2F9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6D0B7CFE-0343-49FE-9A6F-8040BC97572F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6D12E5E8-29CB-47B4-BD2C-BD56F35F92EF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6D42CE62-1F4C-4F76-A5C9-CEA0442B28E9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6D77EA27-2027-4976-91AE-C995567987F9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6DD00DAA-24E6-4D1C-8778-00FE2A8D6CC0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6DEA28C2-7A58-4F38-B80B-FDC658A4E22C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6E808822-D48C-4A1F-B35E-B433A7718029}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6E811B91-031C-4BB8-A5B9-7BA706D0A112}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6E8E3CC4-8FA8-46A0-AEBC-FAD326F33C49}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6EB35ACA-BBE1-409B-AE21-DA80E43CA415}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6EE500AD-5CA1-4E69-9F42-91365EF2F719}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6EFA3BE6-89E2-49BF-9A72-021E82B9A933}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6F5DB58D-3BC7-4501-8AB5-BC9F6A4EA6AC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6F88C46B-DF25-493E-B207-0CCBA1B94BF2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6F9C513B-AF1F-4700-9889-C260681EADE9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{6FE38D1C-6137-429F-A4B1-F2673A8026E8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{703B22CD-B968-4BF3-915B-453A8B57AEF7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{704B867F-9505-439B-9A00-92ED3E578496}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{707E7C22-A8CC-4CA7-A036-B4FCB4E5E36C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7082FA50-0C0F-4564-A85C-9848DBE33FCF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{70B5D0F2-EE48-4371-9F98-1B7A67828432}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{715F1BC4-0A4C-4C89-98AF-1EC546B121CC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{71A52A21-DD23-4D66-912A-5C1F6628EC7D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{71AE7418-5075-436D-BAAB-4BCF3C368BD1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7221CC16-D938-4A88-9A53-C6CB8A28DDB8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{729D8383-DDE5-4540-816B-5A9FF147F6F5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{72D70910-DF38-4797-BD05-F8784A4DFA6F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7350B5CD-6E41-426E-B97F-0910AC656CD6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7395F407-5DFF-45E3-BBC8-1339F8E0B421}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{740641F3-CDD2-4D65-A995-1185DEF01DE4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{740812E9-185A-4566-BAC9-BEF232D542DB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{74387883-78CC-43CC-820E-CD0517846555}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{75341596-BE4A-46DE-ABEF-7B6C5BEBC02F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7590DEE1-0EA8-46E6-AB6F-C916A8650FE9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{75A27391-3F24-48AE-AEEF-9C7E5917CC31}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7631CE38-A968-471D-A67F-5528E7D4403E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{767E6EF9-1CF7-4C51-9B22-1BA35235DB29}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{76BCADA3-A88C-4195-97B6-5C068CA2AC1D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{76F1F1AA-B93E-456B-8C6A-4E8AB9EAAEFF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7743167C-7FFA-4F4A-AA6E-709760F4CA46}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{77681129-0EB1-4E86-86FF-6A4D883020D4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7768FEE9-16F5-4583-870D-4EDABCB3DB86}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{77916E2E-F4C4-4CFA-BE55-0FA2A12291DD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{77D543E0-7BD9-49E1-AFBD-3E22D65A59BF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7847F3CA-D5BB-4AB3-BD0F-6A7F54DEE4A3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{78E83605-E878-4796-892F-445A791FE252}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{792D3261-D5D0-4E70-86D0-492A600EB968}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{795BC616-BF39-46ED-AB68-A9F46A9B41A0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{796462A9-ED17-4E0E-B305-B8BBB241DE63}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{79955726-E518-4F50-AE27-FD4B7CD93A50}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7A0DB0EC-5623-4501-9F3F-A525B261EE01}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7A5F71CD-AE9C-423C-B3B0-F4BB8B02155A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7A9EA961-77FA-4D27-A58D-11A5EE79299A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7AB6CD16-95B0-46BC-AD94-C8D61523BA09}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7B046818-232B-47D0-9892-6A40E8B2F6FF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7B09608D-64EF-466B-A791-22D5F80F547A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7B1F066E-7A42-4505-B883-134F8DC6DAE2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7B50826A-6EE6-4AD4-ADE9-EAF5182AC52A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7C1FF9AF-8118-4534-9B4A-197437A34D24}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7C33C035-8CD2-455D-8119-5F11258EC91A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7C3BA38B-8189-4B1D-A41C-6CDA7D2E8040}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7C3CE051-AF2F-4F7F-97CB-F86D39234C31}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7C7D2905-0B67-47AE-9D1D-C778DBE095C9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7C9BB1D7-8567-46F7-BBD1-4285CA8C99A5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7CA9D5CB-4E15-4808-A4CE-0FDEAE7F7038}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7CC679FD-C1ED-44A8-95B2-AB7DEE9911E4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7CEA36C4-E091-4BD9-B98E-CA2FA9D5D742}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7D5E773D-73CB-4D8D-A702-F8B5BE0FBDC3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7D742E8B-1E3C-42D1-86BD-D100039DE4A3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7D78F2BD-487E-41B3-A521-EF9B9FA98548}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7D7F3A04-8147-4BFE-B008-D9DC3D7D373B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7D938BDB-A447-4EE6-BADA-D5228529FE1D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7DCC2CCC-EC75-4BEE-A5A5-C22C58ABEA88}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7DDF59EF-B9C3-4D3F-8588-C0B614CBF414}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7E1167FE-CA0F-4426-BF0E-89565E32409A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7E32AB28-88B8-49AB-BCDE-2997D20312E5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7F327D86-8297-4B72-839E-02840942ED3D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{7F62C617-1F64-42FA-8060-B20D13FF86D7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8020FA6C-BEEF-4C15-92D8-664BBBA93CCA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{80677AED-5B4D-467B-BFD7-ACB10FC254A9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{806C4750-0208-4493-B41F-A2E87E5C721D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{80798F71-22BD-4399-A3F4-7737434FA41D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{80ADF6B0-B9DE-427A-9A21-7E5569E90234}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{80C2C0B2-DC2D-456B-B78B-ECB76100B130}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{80F25E9C-7E97-4FDD-B8E6-789D94BC1ABF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{81080B65-70B5-4A05-A08F-37FBB3EE3D3A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8109B04E-F202-4450-8B9A-AED731734B23}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{811CB0BC-F342-41EE-9150-DA5B01FDE4A4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{81E67EAA-5003-45D8-B750-3AC12B20D236}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{81F5848A-CA3C-4E1D-A88B-4DC533073E70}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{821A0CE9-7975-42F8-AFF7-74BE34EA2A24}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{824D6445-E408-48A4-A89F-AF4CAF67E7A4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{82778ED0-AA8A-4DA9-88EA-F05D766671B3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{82B51544-14E0-4526-B034-FAC20D587311}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{82B9CF57-8725-45C6-AEFF-42C96144686B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{82F1F5BA-EE6E-47BB-817B-14ADEC9DD9C5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{834639B6-28C3-403B-9A09-161581F17725}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8361F6D3-F8D7-482A-BAC2-53669976E381}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{839FB502-3DBF-4BB6-97C7-B3F88BDF783B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{83AA8DE8-AC16-4564-9FE8-844058C332D4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{83D9C068-C92E-42FC-A2E0-3430F8055CCB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{84292A30-0A51-44EA-8CA4-BD537FFCF928}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8448ABEC-E3DE-4F13-96DA-B72AE1AE7166}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8471D2E6-2C71-459C-917D-986070635913}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{84A5E6CF-0B60-4D06-8548-49DFB1C18E4A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{84EC9A39-EBBB-4F7D-9199-5770FCF5F9E4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{859D14A0-18C3-4160-AB20-64DBBEFC37BF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{85DDCE61-D259-469D-8149-F59F5EC6B32B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{86477816-EE1D-4A5A-A6E9-7BC052D24680}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{86C69CBA-1A4F-41E2-BAD1-1AF3C17B8084}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{87197201-313F-4E82-886A-0B23620DEC53}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{874E3DB4-080D-439D-B103-386285D4AB34}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{876D7770-0665-4428-A306-8978A2AA629A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{883A3F20-5DCA-40AB-9E69-E78EF631CB29}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{88A8BE95-7EA4-4E14-B3D3-982A19394345}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{88F5EAFB-3595-4805-BFFE-9E4ADE22A469}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{895071A1-D1D4-468B-BF4C-50620D214539}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{89656461-BFCC-4BEF-B065-DCC4E7A273BD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{896D9ABE-BD86-444F-A8BF-E4ECAD68A783}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{89791CDB-A30B-4EB3-B421-CB7CDB004ECC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{898904FC-25CE-4048-8D9A-7007135D39B8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8ABB8731-FDE8-439E-B2EC-9B435D49E6CE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8B8312A1-6FED-4F7C-8CE2-829A8AB431E6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8B91F199-2ADA-48D4-8C1F-97F5215EF16B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8B923699-D975-42D5-BF38-3FAA276E4D95}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8B95967F-83A7-41D0-9424-23C0BFB0E62B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8BCD4CF1-09A8-4661-9AA9-0548B3E3C91C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8BCFA21F-013F-453B-B3B7-56F261DDEF47}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8BF6476A-D07F-4BB1-809C-5D523E2AE1FE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8C29059A-3122-439A-A1FD-B2EECF8E5103}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8C4BB790-419B-45F6-9008-EC6E3B564457}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8C5D2CEA-FFD5-41E8-B0BF-C5295DB44557}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8CCDEFB6-A67D-48C0-AFF7-7A06E226D2E5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8CED46CA-EE01-4484-AF3F-574626B5467F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8D2587FA-A92E-4978-A4DD-62386F28EEB3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8D9B6FAE-E14B-4C3D-9706-81E19011FB92}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8DDC1EC0-6AC4-4583-9D33-9DAF8F98CA08}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8DDE9073-C0C0-48F5-B77E-DD68F1EB55BF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8DEE1287-A304-47D4-99E9-E0DAB4A535A8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8E10E58F-D484-473F-AB6E-06EADD396236}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8E1D342D-2BA6-4D23-BEB0-1695AD7CC1F0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8E76C3D5-FAE5-4E23-ACB9-A3139D9B5F08}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8EBFD233-E9DE-4540-9A25-35E144985EEB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8EC93BDD-6E8A-4479-A9B4-68E4B6E2AFF2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8F48675B-E582-4E03-B5C9-B23A93B12525}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8F4D3F41-D6D3-46D3-872D-8335ED1BB362}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8F65FC39-495B-4730-9744-388C385A408B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8F71ADDF-56A0-4938-A094-09BCA9A3F050}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8F82044C-F649-4337-A557-3262F976C778}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{8FE1C103-4EBC-4651-83CB-4717E71EDB4B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{90384DB4-2F9F-45D1-909E-82A4B585536D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{90481580-BCDC-4D28-84D1-CF236F96FACD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{90DFBD3A-84A2-48FD-873E-2C10362F88A2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{90EE8F55-3068-4E5B-A2A5-97CCDA57DDF1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9100E6CD-4E08-4421-AB91-2B1D3269CFEF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{91EC685B-DC5E-4BC6-A840-A2DE036C8702}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{924B6404-6DE5-4E4D-ACC7-3A73FD8A3956}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{925581D7-502B-4F65-A225-B729F67CED67}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{92571E62-306B-490B-BDED-6D5718B1EA76}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{92FA1847-6B62-4F8B-B33B-A0072DEC717E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{92FFFC5A-A266-441B-BEE0-9912A66394F0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9311A6E1-574F-4B9F-955D-1C1668AEA977}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9323EA39-2D7F-4DF7-8EA2-0695687C4BC6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9334BDDC-874F-49C0-B5CA-88755AAE4D54}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{933A27B5-197F-4A0E-8B69-C60B8A18DBD7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{935CA6CC-7969-4ACB-ABC4-2DC21D83C369}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{93EDD29E-94BE-47A1-8C68-A00356689FE8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9459E5FE-206E-40E3-AA45-B4256B4B9471}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9466805A-8007-481C-AFC7-7D6E05E2A8A5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{94C38926-534C-4A86-95F8-AA85DC5C2F44}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{94FA4A30-04E7-4D49-9444-39DD61BDA3B5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{953ACA92-ACAB-4558-8833-E4007F85992E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{956CDCCB-21DA-4529-B328-DF93E7164A09}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9590B9BE-CE88-4749-A45F-2377AD314850}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{95A4B526-BD8F-4C55-AF4A-15F143A51BF5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{95D4DE62-CC90-4407-B3D0-50FC0A5823AA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{95F5F150-31B5-456E-8718-3EC978AF3F52}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{96594E06-A7AB-46F4-8215-9F611E885D98}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{969B2F32-E483-4482-93C8-A78083DE2800}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{96BAD643-823D-46B7-AD20-6303B4821C5C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{96D34A56-5859-4736-824B-077DF4D66E6E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{96E65C3E-FB59-4D8B-B948-D5D293566D27}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{96EB3952-9780-4653-89D1-ACE8633FF9AC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{96FFF2EE-82EA-464A-9515-AA79A1814ED2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{97148576-CB36-493B-B028-8EA768938FC1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{97A900B7-5719-4C68-966E-CD965E8F4E24}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{97C50EDB-0EE4-4697-8706-6388318DEC33}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{97E2FBD9-FE4C-4620-AC6C-F64C8EB37C17}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{97EBB72C-81FE-43CC-8B3F-516B87DAD9D7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{97F00555-C713-4344-9360-3ACA746572F7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{980ED98E-94F3-4D1A-A293-7C55AE4B0B4A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9825EAAD-8BF6-4DEB-8B57-7C15979D9AAC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9845F3E2-ED35-4831-8E22-A8D1C2D1E9B0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9872F3B9-A446-4F9B-A358-A57FB0F0519E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{98769A39-8B0E-4235-BCFC-BFD84BC4D3B5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{98819E69-717D-48D8-99AC-EA44EC9E75EB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{98A35384-7AAC-4D22-AB67-51ACA4B296E7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{990653A5-E593-494B-B37F-CF05CC71A09E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{99154EBC-0B02-422A-902D-77A855CE386E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{994A0C3D-F534-4831-BC43-BCEAD2509227}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9A0FB109-7D44-46D5-B25E-71061F76EE8A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9A242778-4645-4413-8951-CC98FC5D74A6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9A2D263E-6359-41C3-99CF-FBD20303DC90}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9AAE6099-EEFE-44BF-A931-B280F2E41561}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9AEAF4A0-4C63-4A3F-8268-30A0D224AD35}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9B57CB67-1933-4E50-B523-54C1F4FB489B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9C2338FC-0D0A-4E35-A27F-08AA66132E67}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9CDC5719-4953-47F0-8149-8F3BBF91CA46}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9CE3D274-D842-4600-8E60-DA19D9E7AC6F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9D1D2774-0959-451A-8984-B7F9D348F3D4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9D3F5B09-19C3-404D-A0CF-4FC9A7E5D1A6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9D5F84B5-B040-4184-9D11-4E6BEFC81490}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9D6525B2-3422-421C-B4C4-78B8B752C97D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9D8EACC7-116F-44D7-9DE3-B4DBA5FE878C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9DD4079E-4BD9-458D-9D32-8FD8C36A2184}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9DF835BB-9E96-4658-94E8-1664F7B75C91}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9E076AFB-5AFE-4CC5-9A77-1064693A1588}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9F02B61B-B61F-4D76-AA1E-DE242C1FD4AB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9F114D6D-54B9-4764-BD4B-9FB28E13F9A9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9F896E7C-E350-4FF4-804A-0876CCCA3500}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9FB38308-83A2-4459-A7C9-8B27B710E2DA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9FCB74A4-5A56-445A-8F04-EF1CA7995798}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{9FF70E36-482C-4298-A5C6-DF35C774EFCC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A0242BBB-921A-4B85-869E-EAD2215DB2A8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A0462C05-1E8F-480E-BA88-7877A7D3E01A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A0B3B858-FC01-4D02-A56B-316AB726259F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A0EC6169-7C08-4CB6-921A-FBE1FC6C70F5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A128118A-9FD0-49F7-8999-268F99BD1CCC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A145CB9F-9605-4D1B-9B42-8F4F3FF531EE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A191E47D-4D48-43DA-88AE-AA8D063AF0F6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A1C42127-78E0-4333-A853-365D3A05712C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A1DA65D2-8305-45F3-9DDF-DE8725EDDB9D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A1FAD2F1-EC5B-4658-A532-3CB302FB6F96}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A2179946-3252-4C61-B079-0792012FC40B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A27FCBA0-98F5-4D3D-8B85-E2C5434280DB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A2C9CBE9-0D3C-4AE5-9DD5-F829E5FBB157}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A37E0976-D7AE-4EA6-B468-D18A458BB2B6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A3AB6B4D-4F67-40B6-B87D-C8010171FC1E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A3BCE936-501B-4F74-98E4-26B9F0FE87F4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A3BD7A00-5983-4341-B518-5B1063A8EC81}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A3BE62E6-045B-45FE-B6B3-77CFFDE4E1DA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A3C0428C-1AC5-4143-A63F-3022D6B6F334}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A41760C1-9653-4AB0-8595-2CD5702EE3F8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A41A3DAD-39A5-4FF4-9B58-2672681071CC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A42FAF1C-D33C-44D6-AE5A-91B187581C15}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A437A820-4ED0-47F6-ABA5-18A82458D4D0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A459ACB5-09EC-4946-ABEB-8503DD0D00AB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A45AEDCA-C4C5-4773-B96C-CAA0D25D649B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A4D840E0-8FF6-4DC3-9BA6-A11E160F4407}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A4F88FEB-0F97-4116-830A-E60381862664}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A4F9CEDF-13EC-4DFF-9562-EED4AAFB5957}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A506F9C6-8F31-4446-A3F4-841A8FA47AA0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A555E1B1-EDCE-416B-9F59-96687A6E217C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A59C4382-D597-4D7C-B879-E9448C9C2CBB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A60BB3D0-D285-45C2-901A-595B736441E9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A61315F2-1442-4082-ACA6-C3397D466D6A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A655BFFC-56EC-446A-B28D-FBF11A392C1A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A65A0D88-81EA-4CF2-9A5E-0133FA3D8C13}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A69541C3-A2AF-4DA6-B96E-3AFD5ECB3737}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A6A9EC58-059A-45BE-9BBD-7D3F15BDA013}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A78A7F9D-66E8-4D4C-9B12-6EF55E00BBC3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A7A2E871-5A8B-40CE-A2AE-7CF2F109E36E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A7BD6DFB-0A42-4E88-B881-85AB5DC9D310}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A7EAB9E2-EB68-46DC-918A-91101DF0A17E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A83333D8-5B96-457E-A3E7-ABD6D29C546F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A85D71C0-59BA-4776-B11D-4CF317159315}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A934861C-7F01-42F7-893F-9B3E21F76E25}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A95FEA7A-22C4-4B97-9E7F-855B88DE96C8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A9CCCAC0-68E3-4CC2-AEA3-A89124D6616E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{A9DA0D2E-B0A6-46FA-B922-881FD21F5BA7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AA2954ED-F3F0-4990-BFD3-FB7C6CF1C514}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AA41ECA4-3512-4B27-854A-6A90F88636B3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AAFA2BEE-7581-4FDE-9B11-D9C8CF882094}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AB487505-9362-43BD-8C89-684C47E23E39}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AB803DC5-CA1C-48D3-B2DD-33DCA052D3DF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ABB35985-A281-439C-A0D8-339525210B36}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ABD26622-B7EC-48BB-9B13-D0931A72D102}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ABDEBDA8-FCC3-42F0-837E-653776500EF9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ABF4E7DC-61F6-4D11-8ED2-EA2058FAC5F4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AC0E31DB-C180-4A52-B1F9-F0B833AD5D0E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AC169833-17F7-491C-AE0E-CA48254A2272}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AC33EC53-7A44-4154-ADF0-2EB32CBA33AE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AC5EB4B9-7454-4E95-92A0-7C51AB2B2AE7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AC7019EA-A799-4EBC-A7B1-49C3F3A8F1DD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AC730320-AB4B-4AD2-8C5F-F8752E68A973}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ACE3C425-3E6A-4741-B24D-5950BF6D3D57}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AD18ED0E-A26E-45C6-A01F-7614A55EE88E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AD257CF4-D32A-422B-9DE9-C97B0C6E76D9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AD4B6B8F-8C1D-46C4-A06B-C7575987DB1B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AD703C7A-4EB6-46CB-AD5C-F88EEC9FDEBD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AD7924B9-3AA8-468C-9288-539F8BE9DD95}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AD9B7B04-8C29-48BC-A207-2FD82472759F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ADCED83C-48E5-46EF-90E9-CE906C58BD18}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AE179204-70B7-4BF6-B746-B390A6CB588B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AE65D43D-DBC4-465C-9EFD-6A299743DB68}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AEB34853-7DBA-43ED-B90F-C32ED0B587DD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AF330FBB-51B8-412C-99D1-082439B77FC2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AF9F1FC9-0E80-43B1-8BA9-2D479F3F0E3B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AFB4A2FA-2421-4232-8BE6-57E8857125EE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AFD4DC6F-D3FB-41A3-B63D-BC67092ECFAC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{AFECD7EE-29DA-4DCA-BF7E-5010EA87BFE4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B0133F7A-591A-4B29-A7B8-D86DCE6FA936}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B1525F2B-5D1D-4157-9BF2-5CE9AEB5369E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B1910FEF-BBBB-47E7-8C89-85EB7ADB1032}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B1A52B7D-01D0-4B8C-93C3-5A6F5F1868A9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B2598F08-D092-42D1-BA4E-85941722E6B7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B2824464-9CD1-4EAB-B822-8CE9A9881215}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B336F99A-DF28-461A-854E-11FE8FF964D0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B3BB630B-B736-4ACD-93E7-3B5B8B43ABA9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B3FE8AED-EF71-45AC-84E8-2EF966F2B8B7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B4559457-6AD5-42B9-96B2-2A692431FF85}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B469EDD4-CD22-4155-B59C-E60A6554638B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B47EA59B-D974-4A3A-A2A8-EF6221FF9E3A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B4E7D903-F193-4C1F-A483-1AFA933FD7B6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B50D078A-E3BF-4780-AA36-56308583B5B1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B549C0BB-AF23-4AEB-A6BE-477A3D6BC77F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B57E5EF2-BC9D-440D-9792-68FCC4A09C39}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B5D8B2CE-422A-48E6-818E-1055D245BB99}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B623DBCD-2BDB-4A0D-AB31-7AB1D34340D1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B689ECD8-64DA-4058-BBC3-7A324B425DEA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B6DB387C-C465-4535-B1FF-66EC18AB4B01}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B6EC50C5-0003-4562-8609-73D739354F92}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B72AAF56-37A6-42D5-B358-25BE2B8AF9DD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B73CB212-E07A-40CF-AE4B-BB03F7CF4BF1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B79EAD54-7D70-4FC1-8391-21443CD8EE1E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B7AC8AEC-6760-40E3-A53A-05490C52C21E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B7C6D49E-5BB4-4189-B635-4A6C85C15C12}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B8049595-7CAB-4EF9-B9F4-181BBD2945C1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B8326BCC-FA17-494D-AAD8-04F7B8193EC9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B874672C-1152-4D74-8C84-CBF02D99DD6A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B89339E6-718A-48C5-BFE2-FA6F2AC018E3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B8FB455A-D1E3-4B1E-915E-54B4C0DD2D4D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B90010A8-25D5-4E40-81FD-3EB3321A2C7F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B96821D8-5AC4-497B-8EDF-C59EB0E7E4EA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B97D2592-FDAE-4772-A1F8-F5B836417276}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B98EEAAB-72DD-4F66-BDF8-63C44101F8E9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{B9FFABBB-A2A6-4252-B4D3-30382E172665}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BABB533A-F554-4D63-BE71-A08E3CF56A26}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BAE05ABD-7F9B-479D-9FE3-354C6FBA2A24}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BAEE5EAE-F7C9-42BA-8A30-4100C0B117C8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BB0F8FF4-F3C4-44C0-B457-C4CF4C4B1FBA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BB3E3238-AE9F-4ED0-8CFA-A321E8733A64}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BB9E655C-7962-49B8-8CC4-DE89D5F1DAC2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BC384CB4-0E2F-428F-AEF6-A581257023D4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BC3A474B-1D30-4479-B765-7DD943FA8854}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BC87693B-7E72-43FE-A9F6-913F68F0FFDD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BC888E45-2356-45B9-B809-9FA6A0980FC8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BC8ACD10-A323-4B91-9516-9B94000EFD5E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BCA57249-46E0-4A53-B7ED-C09CCAA4686F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BCECE640-6028-4869-99EF-B01066885CD5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BD34AC84-565E-4468-820F-284E7507B3C8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BD7F09ED-752C-4990-B02D-DD3E15DA98BA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BDD8ABF1-7CD1-4DDF-B594-022C419587EB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BDE7E341-5626-4B68-8A11-9C9385DF7CE3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BE1DEC5B-F1CE-49E5-B35F-F01A60D532A3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BE6FCED3-7245-427D-8DE3-022889E1774B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BEABD67F-C2D0-4931-AA6D-5EC6164FDC61}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BF139EFF-1734-415B-B494-08AF27E38F82}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BF205140-B885-4BF0-9A13-781BC34B6234}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BF3C684B-04F7-45F6-A7F6-03D53BCE90EA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BFAC1D72-0869-470D-8991-E5C921F8CEF4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BFE615CC-00C5-40C0-8430-255BC9529942}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{BFF0A814-4686-475E-8AE2-590A91C4AFD5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C022CF60-B957-45C6-9C78-BFD5749D238B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C03B95BC-6BE4-410F-9F15-9AF3914747B5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C0939CAF-F004-4B35-9B81-63BBC9CD9BE4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C0A57555-9900-4D7C-85F3-2C835A5A3962}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C0C31EB1-35FC-4A83-8470-549295A3676B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C0D2114C-0BAC-4478-9749-C632EC855A6E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C0D5E5B4-591A-4516-99B1-01AAECD40906}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C0F49925-90E2-46E7-8664-170B062C1032}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C1216A8C-2B93-42E8-A37E-7B0AC73E73E7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C14A168C-06E5-42B5-B3AE-1CFC70679DEC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C1699789-94B7-4647-B751-DDA325D20F46}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C1944727-9F18-47A4-9493-8C925D8151A5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C1DABE0F-61E3-4926-9761-BE13289FB04D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C1F2C1B0-27AB-480F-84DB-E07E8D3C7C35}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C2389617-F590-45A3-BD5F-C41C51441F4B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C264C15F-1CD7-48FF-8C35-2CCB7D04B370}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C2768A2E-AFCA-418B-840F-29A6EB677CF9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C27917E5-96D0-4895-B3EE-F4607C199CBB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C2D9CE89-F7B0-48FF-91E4-8956EAF07F49}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C3630598-3FA0-40FC-B413-E21B61A839B3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C3A60502-E890-458F-BA38-94D887DEFADD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C417F79C-3E5E-4F32-85F3-7224EC11D84A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C473C139-4778-41E8-9DF3-9C247C1DF0E1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C4787589-C80D-4592-AEB5-DCD46A0CDED1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C4A258CA-8AC6-48B6-9390-B0FCE28A2DA3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C4E6A31A-BEC5-4B10-B1DE-A4EFBB7931F0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C4EB9D3F-C3D5-4714-B086-4C2AF8CD1352}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C4F7B0FB-44D7-48D7-911A-9D77167AA54B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C4FFDE37-0A12-45DD-A61B-EE17C7172C02}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C502FCD6-8C66-4928-AF21-81FBFEC088AF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C50C5C4D-BC90-44AD-8B5F-73475F2B6D96}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C60DBCCC-7380-4660-B5D6-5F843378287A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C64B14A4-114A-4EBF-9B68-83D80C08FB91}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C6E73A0B-6589-4D20-A8C3-89791C99B2CF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C6F8BCF7-B715-4356-82FE-518963ACFDC1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C730F5C4-BFBF-4821-9413-EBE0DB340A23}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C78B782B-4836-4104-899F-ADCD0CC5EC64}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C78ECA9F-CC95-4379-ABD2-35A560D69E55}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C7A32435-744A-43EB-8E66-827218505DCB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C7E75D50-D8BB-4B5B-AB8A-3D99124FED82}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C8010501-956F-4E21-89A1-5E0819E0EBF1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C833BF69-3E9B-4DC3-91A5-CACB1BF4429B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C8579C9F-157F-4DBF-A175-372DD35AEB72}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C8619962-F537-40F6-849D-9EFEA6AC0FC5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C87868D1-72EE-4D14-9865-647243AE9828}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C8E86EF6-5C84-41B7-85E6-1E9C8B80B053}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C912DCCB-D8BE-4530-A7EE-44FDE1B11F03}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C928305B-7718-4A8A-B763-CD8B887C09AF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C942B840-D505-4FB4-82A9-D8D2EF4DEF54}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C96D4002-EBA6-4F1F-99E5-19D2C8E96BA9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C98C3802-12FF-4B09-BDA7-7FFC6B9778F6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{C9AAE37F-ECE2-44B1-9CB8-C0110C78039C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CA2BA124-65F6-47A2-8D39-6B15392F62B9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CA2CD861-378E-4378-A3F6-13B3F4F7A086}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CA69AA7B-FB69-41F5-A82B-0E0554D61FC3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CAEA3FBF-D408-4089-B2F2-C54BBDF8CBDE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CAED64C7-E840-4CFF-AC77-42A0FA74B6D2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CB68A8AE-F54C-410D-B5A3-B4D326121876}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CB6C8761-A742-4403-B85B-CFB08786D2D8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CBACDF93-B909-4578-9816-345D4AD4BF84}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CBB6A0FC-690A-4AB7-9594-38584D051A3B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CBD04098-1C2B-48D5-91C5-21D8E86B49BD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CBFCF875-3A08-4168-8549-AEFD07EA8456}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CC0F326E-3CAB-4806-A1A0-9438E551F430}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CC2EBC36-7D5A-4AF7-A8BF-CB544DD94515}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CC6C82D3-C67F-42A0-9F80-3F8B33E57423}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CCBCA698-B5DF-4693-8ED2-87DB89E92C8E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CCC5D00E-77D4-4E46-B5A3-4043AFDB00F7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CCD25385-49D8-4A52-ACE7-84D4EDDA4DC5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CD06269A-88E4-4696-AE4E-6E8043971D2C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CD1E36E7-10E8-49DE-BCFD-6A78768F21C0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CD3994EF-408F-4CE3-BE03-FD1F02BE0EC7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CDA2314A-DE15-44C0-83CD-2BB00CB99E93}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CDC079ED-F640-40B5-B923-6826F791E576}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CDF34A79-7284-461A-B114-9CDB03D7F9FC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CDFDDB7A-DE0A-4AF6-81CA-0470384FAF07}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CE92BFF0-7704-4C9D-A362-7BAA2C70CC0A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CEB3A24C-B544-483D-AF76-EBA6B168B403}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CEC447E3-EA43-4E41-97BE-BA2AC5B6A070}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CEE3E832-B7DE-42D7-B52B-7D2D28867772}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CF10CB54-A24E-4EC8-A5F0-3DD8136F4907}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CF757D7E-57B7-4B34-B858-BB756920BC51}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CF936364-CFCF-4026-A5C3-75AF33F9EE79}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CFD849A1-76AF-434B-8EE5-161C9EE46CAF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CFD86EA5-D915-40AE-AEA4-53B9EE4AD008}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{CFDB0841-FE06-424D-8BCB-F6C011D3B734}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D0648492-18B1-4EDF-89FC-CF5FE2BEE44B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D06FBFCC-6FEA-4ACA-8DEC-8CF2899F646B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D10D16A8-651B-4C42-8A3A-5AAADF452DE9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D11B2282-2E1C-4613-A151-5D48708E5BEE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D131082A-266E-4940-88D2-B276AD441B82}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D13A1746-B21A-4CB2-8333-4F27EF3B5F24}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D1602E04-96AC-485A-B8CC-FEB886E3767F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D1CA74F0-052D-423E-9B81-447A7F38BF56}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D1FB6106-4467-4107-87FE-F6960EBD7174}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D222762B-BD69-45F7-8D05-58A784ABDD06}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D2339B37-73D1-4C84-A0E7-A1B344D2103C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D23D529E-56F3-4F83-B156-0ECA4DE4BB28}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D2DA7BD7-B0CA-4420-BA58-9977565B8F7E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D3128CD0-1078-4282-9267-A87B665AD55F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D3580D53-0201-4980-8219-E7438DB3D6A4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D39EA9D4-7034-418E-A831-265AC5EBFDC4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D3E8E128-9245-4018-9A60-FEF71314A769}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D415A54A-A810-4D03-8002-DF7674B8ED51}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D42CAC22-6A6D-42C3-9530-0668E70E1914}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D453B324-34B4-4EC7-B69B-D409C6CBEAF7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D4E36BC4-7834-41A0-9F0C-90B7B7C6DEA0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D5AD8E07-0101-4FAD-BD6C-FFB70124E64A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D5E3EFB3-5D82-4EB6-A4BA-8A256D24162C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D657DE14-EA3B-4C3B-B66A-8D1FE25174E4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D66B2636-4E91-4DE2-B9CA-B81A189B868E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D67447EE-7EE3-44B8-A150-E932F7B27722}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D6C465D8-E7AE-48F9-8FC0-97C797B14EDF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D6EDE7D3-5151-4396-AAE6-5CA07242A274}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D759E4CC-09AD-48EF-86BC-CF79565D9BD3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D766B63B-0B69-43FF-B364-0FEE8CFBA5B5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D85988A4-BB8A-4CDD-9650-6E00F6C641EB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D8ADC103-D659-40B5-B90F-98ABC3F10A50}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D9826F7E-EF48-4D03-A66E-18186A6D3E6E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D99CCED3-18C1-422E-8FCC-152134929D06}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D9C42979-7669-4C07-9CAF-C08DF1E440BB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D9F60DB0-CA28-4CCD-B6A3-0D36786E4F50}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{D9FD3A9E-DA9F-4013-AD49-9D0D98C090C1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DA7840CC-6401-44E8-B227-2F597147DDB8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DA8D9ACB-691A-4F8B-A2F9-3AF8AE889BA8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DAA61A3F-2310-4864-A916-AF58AFF714AB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DB8A0F1F-6EE1-4162-A56B-F05079FA1D3C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DBAFF984-2130-4643-A751-0E65BE7C6E94}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DBD73D49-574A-4C77-9554-5FAFD774EBC7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DBE2DD5B-65F6-4F9A-8ADA-BA26456B4D9D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DC44DDC7-BB9E-43C9-B94F-E2DA40178561}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DC4890F1-4D92-4B22-B23B-9E71468555BE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DC5F86B0-8185-4E6A-B5DB-A22E5101AA8B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DCC7F988-37CD-46FA-9435-BD4B7F14DB5C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DCD5EA54-C4C4-48DC-8D96-0186F75DF7C9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DCDD47BE-F30E-4BBF-9EA1-CBD4EA0D2C4D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DD0B3906-670E-4403-8DA9-1BC39AF73F70}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DD42FE0B-7463-4EC8-AB41-E2C560F3E6B6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DD8A9491-22E7-48EB-9295-1B0B67D3690E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DD94E7A4-14E9-437D-A377-A8C9FE9CDC97}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DD9A26BE-5673-400A-957A-207C89502EF9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DE14A714-036A-4C5D-841E-855A4F5944C0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DE51B631-5ED5-4BE3-8A64-5D3BDFE03B69}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DE641D59-1484-43F9-A6C1-701C5742DC15}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DE93E13F-B8FC-476C-8298-F87A31228742}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DE9AD29C-50B0-4DBB-8614-B8D8B535F8A0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DEC94E7A-6891-4945-830D-CBCF48C9DDD9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DF0C7F60-9499-4FFA-9E98-76D58634B2C8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DF63E4D3-EE39-43BC-971A-CF8D970069C7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DF678671-B668-49A1-BA09-8EAA9026AC69}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DFB04180-8D7D-416E-AEE1-6E2B0BBA70FA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{DFFFD8AD-281E-4D90-8302-D024C87D52E3}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E046DC26-51FD-4DD4-9398-7CA7E9BE0D2B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E05746D9-CDCE-4689-B812-AA5BDEE6D63E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E069DD98-DD89-4763-BC34-55BBC77349F9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E09CD800-22E8-4985-BFFC-3F03CB000343}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E0E525EC-C68A-4B6A-A490-577D25B36C7D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E10E85F9-F0AE-45AA-AA69-CD52CFBA8B67}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E1CDE9E6-73C2-436B-B8C2-D891C5C2082C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E1E826FF-53A9-4F1D-AC78-0A301B4CD124}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E211D472-C919-4B87-BCED-C3CA2EF59A22}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E21B5163-4F96-4081-908E-2F61A547CC5B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E24FD82C-F9B1-4609-AE79-B104751B0C4B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E2D0D048-FD19-4B82-B1C4-9507B2FFFF2E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E34E882E-721B-4976-882C-1A93C841B62C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E365FFB6-9385-409C-8B4D-B615BB615398}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E430845E-9C74-4A54-8BD3-F5D23ED89B13}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E431B99D-B99E-4285-8DC5-ECC8836BA09F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E4938A9B-398B-410B-A3DA-A62B4CABAF56}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E49F446F-0AC4-4473-A495-144F439C404A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E539EB81-2E42-4E21-9BBB-5DB6794A39B0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E5430F27-CB8B-40EA-B7E4-063C810A2F41}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E596F370-94C0-4051-A668-FC46F9F6CF5E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E597B2DB-CA54-4D97-A001-1E4A8AE2E182}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E5A29965-9ABB-4C43-9CD3-ADE67AA04517}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E5C0943C-0179-4C90-BFE9-880E543E04EC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E5F4E468-6539-46D0-BB89-13F3D8B62BE5}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E5F54C27-5E8A-4846-A3B7-BC8D10A990F4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E5FA0477-2EEC-41BC-B062-28B7E71D4AC8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E669CC32-6917-4CA0-A106-D59A5E4D4ECB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E6B2CB94-D3B7-4744-BB96-723E9E488785}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E6C03652-8927-42F0-9B3E-9E7B00B69632}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E77892B5-910F-439A-BFAC-26B1587D8E0D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E795E13D-5665-49E8-92C1-6395DAECD627}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E7C3E125-31C5-4C84-B5AF-FA3D3DCBCB1D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E7F38199-B32C-4EB5-9700-16ED8C44F9C1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E86EBD90-6D99-4B3A-AF1A-036DED5A7999}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E87A7370-FA8C-4FC0-8B56-11D853466B38}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E8CF7531-09AE-48F5-B1B7-11F1DC510636}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E8FAD9C0-9F6A-494A-A8B3-1B73316CC624}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E9090C97-C534-4380-A77A-0753D1A81AC7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E9167E8D-25E7-425A-8EF9-66B69055D31C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E9406BF9-751D-4AB8-AB21-EDCE3FD8C442}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E9549FDC-2214-4690-9FED-F26ECF37B4CF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{E99C133C-431C-4E7F-B032-725F9B4C6030}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EA7D7521-87F3-443B-98EC-1D258122F19A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EA86B690-980B-4B6C-B405-BDCCE80F72CD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EB0749C8-C78C-45EC-988C-83EB06EC2296}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EBA08ED1-B6CB-4001-8BF9-67CEB5FE1A66}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EBAB9B4B-A3C4-43AA-845F-BC2E11CEF555}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EBE47170-B796-4C00-98D2-4BBCEDED074E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EC1986AE-16F5-4061-B51A-EAD585D6C492}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EC19A0F9-9E40-42C9-B46A-CD57BB6FE7EB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ECE80BE9-583C-4EF7-B915-BD683BEE6374}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ED152BC0-4079-4216-8733-45A5C9BA27CE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ED341B91-1565-4D60-9E9F-39ADB70A20AD}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ED4D47B0-A6D1-465C-ABDD-6AED20C115E2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ED787A0C-5966-40B8-9D87-9464AC9E1276}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{ED7EFD4B-8770-48D7-AD61-68A03E6004EB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EDC4EC73-C06D-4DEE-9086-6A539AC4ADA4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EE1613C4-971D-49CE-AE44-FA288DFC1555}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EEC9F6DE-EE28-436B-BA53-722118D8D285}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EEFFE11A-03BA-4B88-838E-8F21388816C1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EF2E4B27-6DE5-439F-8F64-1306ECF30A4C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EF372D58-4C47-44B1-93C8-8F702051B893}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EF3A4BC8-DF67-4924-B043-D46939033C72}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{EF3F7DD4-E4AB-4DFE-8F02-9110D421D13F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F0228FCD-EC84-4983-B1CF-E57349CA079F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F0694ED3-661E-4CDD-9F72-6DCCA9E285B0}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F06E0142-69AC-4CED-A75E-6EDF596925E4}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F0854EED-4488-4072-BD01-286520CCAFB1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F0E74FBA-E6C4-4AA7-9633-578E74420893}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F0FBED88-1575-4C6F-8D60-FAAF7AB3BC1A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F10CD2CC-3542-45B7-96A1-2FF3A8D3902B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F135BC12-0F1E-453E-8668-8961A4FD212A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F13B0F00-1108-4045-9AF1-358578750515}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F174D4CA-7C83-4B6F-957B-18B2A189595B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F19FF743-44EE-4BE4-8398-2EA58E5600BC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F1F09ECB-0093-4ED5-A45E-29AB41F52FED}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F24B82A9-46EF-40D5-9002-6DEEFE030F4B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F272EB72-2495-4FBA-B250-E974BBD2629A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F2A97D57-7E51-4327-B1CA-2D1F2A9CF050}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F2CF66AD-DA55-44C2-825D-6BA16854D5E9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F2D72B66-4D89-429C-B774-199B9D0E135D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F301483C-655F-4C17-8381-E19A1717B40B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F31019CE-B9E2-49D7-824B-CCD80607537E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F3B96ED3-326F-4E5A-A588-37458F1C38B6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F3FFACD4-444F-4F3F-8C24-CE82B0FDC290}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F43E2FA2-2DA5-4869-BE42-FD5E1A8001A6}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F474ECB3-12C6-4A35-BD16-675858C91209}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F49939DF-4770-412A-B9A0-3C47D2C65BAF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F4CC8EE4-6600-480A-9676-3E91A0111ACF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F560D83C-FCCA-429A-A79D-84B625A39909}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F57965CE-89B9-4A08-874B-564F8479C521}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F5F64FBD-A890-49CF-A381-A6D0D39B2455}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F5F9A161-AD63-4B86-A663-A9F7BBF416FE}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F6448A12-5449-4017-8523-38F9C00ADDD7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F64DF297-33D1-4AB3-96CA-4F3464FC3810}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F65649E1-07BB-489C-BB48-0D194B147040}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F65FF0D1-177B-4A5B-8852-F683B45DF99E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F6F11585-B1A1-4D7B-B9D5-C953181B3ABF}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F6FA0440-8953-4FB0-990E-33A4A7924E6E}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F7000D54-2EAD-408D-9AF9-BB559FF34468}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F787A5DB-4E08-433B-AB55-62150A53D24A}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F7BCB08B-0E36-4FC8-9629-B25D4C0B3ADB}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F7BE7CF4-01C9-4925-AFB5-C05E876E052D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F834F529-8B56-4CF0-81DA-A8E993CB5E47}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F89E1224-458E-4C69-A7B7-11A3C4876005}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F932A6FF-732E-4037-AA0E-3842AEF7BE88}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F9442E6B-FC06-4F2F-A8C9-FF9996375C32}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{F954B64F-DD34-495E-B4F7-319528BCD973}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FAD10FAF-86E6-4A7B-8185-058D84112642}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FB1395E1-AD6B-49E2-90E6-84797FF306AA}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FB2B3BFF-0557-4B5A-A231-B0A580A39C49}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FBEAF4E5-C612-472B-ADF3-007DFB4FC517}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FBEDBD3E-6E17-4554-B462-719961A95283}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FCA68BC9-F9F0-4DCB-AEF1-E6967B5CC446}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FCB2C790-C6C9-4EC0-9CE6-B95ED584A8E2}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FCE661BA-5765-48AC-A1C1-92A42A74C51C}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FDFACCF0-7B1E-49DA-A525-55E52A98FE9B}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FE4A86CB-DA7B-4662-A629-96978F774B5F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FE4C463E-05B4-4E54-BD81-C24C4C74BD2F}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FE85D411-CD7C-4AC4-95F4-77FC091292F9}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FE86A918-16CE-4807-9734-B1E2311F72B1}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FE9D2E51-68D4-4865-BD57-4B0F9A503D37}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FEBAA949-EC36-4E9C-8906-78BDB0CC5A7D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FEEA4D3F-E54E-486D-AC7A-5230C7B56BE7}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FEEDEA2D-57D8-4107-BEC6-64049381C9DC}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FF08D6D3-98AD-4603-8AA0-7D349D33C215}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FF64489D-E70C-4414-8067-117917F6C3D8}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FF90FE5E-CFDE-4231-997D-EC506498C34D}
Successfully deleted: [Empty Folder] C:\Users\Katherine\appdata\local\{FFCBE021-F5D2-4393-BD2A-2309CB06C28C}



~~~ FireFox

Emptied folder: C:\Users\Katherine\AppData\Roaming\mozilla\firefox\profiles\7chlrh8u.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 02/20/2014 at 22:55:44.50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#11 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 21 February 2014 - 03:25 AM

Hi,

Download TFC to your desktop
  • Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't, manually reboot to ensure a complete clean
===================================================

Go here and click 'ESET Online Scanner'.
  • If you are not using Internet Explorer, double-click esetsmartinstaller_enu.exe to install it, then click 'Run'.
  • Turn off the real-time scanner of any existing antivirus program while performing the online scan.
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • If using Internet Explorer, allow the ActiveX control to install when asked.
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Next to 'Current scan targets: Operating memory, Local drives', click the Change.. button.
  • Tick all the boxes that correspond to your external/inserted drives.
  • Click Start
  • Wait for the scan to finish.
  • When the scan is done, if it shows a screen that says "Threats found!", click "List of found threats", and then click "Export to text file..."
  • Save that text file to your desktop, and then copy/paste the contents in your next reply. Please do not attach it.
===================================================

Malwarebytes' Anti-Malware
Download Malwarebytes' Anti-Malware here and save to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program. (Note to Vista users, please right-click and select Run as Administrator.)
  • At the end, be sure a checkmark is placed next to:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply
Note:
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • Or via the Logs tab when Malwarebytes' Anti-Malware is started.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so. Failure to reboot will prevent MBAM from removing all the malware.


===================================================

On your next reply please post :
ESET log
MBAM log
How is it running now?



Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#12 Kayjay4860

Kayjay4860
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 21 February 2014 - 08:26 PM

I can not give a fair description of how the computer is running because we are trying not to use it until the process is complete. Shall we start using it like normal again?

 

ESET Log:

C:\Windows\Installer\MSIDB9.tmp	a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

MBAM Log:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.17.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Katherine :: KATHERINE-PC [administrator]

2/21/2014 8:20:09 PM
mbam-log-2014-02-21 (20-20-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217434
Time elapsed: 3 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 



#13 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 21 February 2014 - 09:59 PM

Hi,

Go ahead and trying using it now. Let me know how it's running. :)

Please follow all previous instructions regarding security programs.

Open a new Notepad session
  • Click the Start button, click run
  • in the run box type notepad
  • click ok
  • In the notepad, Click "Format" and be certain that Word Wrap is not checked.
  • Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE
File::
C:\Windows\Installer\MSIDB9.tmp

ClearJavaCache::

In the notepad
  • Click File, Save as..., and set the Save in to your Desktop
  • In the filename box, type (including quotation marks) as the filename: "CFScript.txt"
  • Click save
Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown below.

This will start ComboFix again.Close all browser/windows first.

When finished, it shall produce a log for you. Please post that log, C:\ComboFix.txt, in your next reply.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

CFScriptB-4.gif
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif

#14 Kayjay4860

Kayjay4860
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:05:35 PM

Posted 22 February 2014 - 11:25 PM

Hi, Conspire,

 

Let me know if I did this correctly. When combofix started running, the notepad actually disappeared from my desktop... was that supposed to happen?

 

Here is the log:

 

ComboFix 14-02-23.01 - Katherine 02/22/2014  23:14:57.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.2935.1540 [GMT -5:00]
Running from: c:\users\Katherine\Desktop\ComboFix.exe
Command switches used :: c:\users\Katherine\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Installer\MSIDB9.tmp"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Installer\MSIDB9.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-23 to 2014-02-23  )))))))))))))))))))))))))))))))
.
.
2014-02-23 04:20 . 2014-02-23 04:20    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-02-21 23:52 . 2014-02-21 23:52    --------    d-s---w-    c:\windows\SysWow64\Microsoft
2014-02-21 23:12 . 2014-02-21 23:12    --------    d-----w-    c:\program files (x86)\ESET
2014-02-21 22:44 . 2014-02-21 22:44    17858952    ----a-w-    c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-02-21 03:53 . 2014-02-06 09:01    10536864    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{84D5D8EC-AEE9-4AF1-934E-61386080BAF2}\mpengine.dll
2014-02-21 03:47 . 2014-02-21 03:47    --------    d-----w-    c:\windows\ERUNT
2014-02-20 22:35 . 2014-02-21 03:41    --------    d-----w-    C:\AdwCleaner
2014-02-19 23:18 . 2014-02-19 23:16    1031560    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{23AA8207-0806-452D-9CB0-BC9D414B3BF2}\gapaengine.dll
2014-02-19 23:17 . 2014-02-06 09:01    10536864    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-18 03:05 . 2014-02-18 03:21    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-02-18 03:04 . 2014-02-18 03:04    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-02-18 02:10 . 2014-02-18 02:10    --------    d-----w-    c:\program files (x86)\Common Files\Adobe
2014-02-14 03:48 . 2013-12-21 09:53    548864    ----a-w-    c:\windows\system32\vbscript.dll
2014-02-14 03:48 . 2013-12-21 08:56    454656    ----a-w-    c:\windows\SysWow64\vbscript.dll
2014-02-13 20:21 . 2013-12-06 02:30    1882112    ----a-w-    c:\windows\system32\msxml3.dll
2014-02-13 20:20 . 2013-12-04 02:03    428032    ----a-w-    c:\windows\SysWow64\secproc.dll
2014-02-13 20:20 . 2013-12-04 02:27    123392    ----a-w-    c:\windows\system32\secproc_ssp.dll
2014-02-13 20:20 . 2013-12-04 02:02    390144    ----a-w-    c:\windows\SysWow64\msdrm.dll
2014-02-13 20:20 . 2013-12-04 02:27    123392    ----a-w-    c:\windows\system32\secproc_ssp_isv.dll
2014-02-13 20:20 . 2013-12-04 02:03    87040    ----a-w-    c:\windows\SysWow64\secproc_ssp_isv.dll
2014-02-13 20:20 . 2013-12-04 02:03    87040    ----a-w-    c:\windows\SysWow64\secproc_ssp.dll
2014-02-13 20:20 . 2013-12-24 23:09    1987584    ----a-w-    c:\windows\SysWow64\d3d10warp.dll
2014-02-13 20:20 . 2013-12-24 22:48    2565120    ----a-w-    c:\windows\system32\d3d10warp.dll
2014-02-13 20:20 . 2013-11-26 08:16    3419136    ----a-w-    c:\windows\SysWow64\d2d1.dll
2014-02-13 20:20 . 2013-11-22 22:48    3928064    ----a-w-    c:\windows\system32\d2d1.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 22:44 . 2012-11-30 03:33    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 22:44 . 2012-11-30 03:33    692616    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-16 05:03 . 2011-05-12 07:26    88567024    ----a-w-    c:\windows\system32\MRT.exe
2014-01-22 14:51 . 2012-12-15 05:55    295544    ----a-w-    c:\windows\system32\aswBoot.exe
2014-01-19 07:33 . 2011-05-23 23:24    270496    ------w-    c:\windows\system32\MpSigStub.exe
2013-12-04 01:09 . 2013-12-04 01:09    940032    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-04 01:09 . 2013-12-04 01:09    194048    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-12-04 01:09 . 2013-12-04 01:09    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-04 01:09 . 2013-12-04 01:09    645120    ----a-w-    c:\windows\SysWow64\jsIntl.dll
2013-12-04 01:09 . 2013-12-04 01:09    62464    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-12-04 01:09 . 2013-12-04 01:09    34816    ----a-w-    c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-04 01:09 . 2013-12-04 01:09    337408    ----a-w-    c:\windows\SysWow64\html.iec
2013-12-04 01:09 . 2013-12-04 01:09    24576    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-12-04 01:09 . 2013-12-04 01:09    235008    ----a-w-    c:\windows\system32\elshyph.dll
2013-12-04 01:09 . 2013-12-04 01:09    182272    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-12-04 01:09 . 2013-12-04 01:09    61952    ----a-w-    c:\windows\SysWow64\MshtmlDac.dll
2013-12-04 01:09 . 2013-12-04 01:09    36352    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-12-04 01:09 . 2013-12-04 01:09    151552    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-12-04 01:09 . 2013-12-04 01:09    139264    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-12-04 01:09 . 2013-12-04 01:09    13312    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-12-04 01:09 . 2013-12-04 01:09    1051136    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-12-04 01:09 . 2013-12-04 01:09    942592    ----a-w-    c:\windows\system32\jsIntl.dll
2013-12-04 01:09 . 2013-12-04 01:09    86016    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2013-12-04 01:09 . 2013-12-04 01:09    74240    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-04 01:09 . 2013-12-04 01:09    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-12-04 01:09 . 2013-12-04 01:09    111616    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-12-04 01:09 . 2013-12-04 01:09    90112    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-12-04 01:09 . 2013-12-04 01:09    86016    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-12-04 01:09 . 2013-12-04 01:09    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-12-04 01:09 . 2013-12-04 01:09    247808    ----a-w-    c:\windows\system32\msls31.dll
2013-12-04 01:09 . 2013-12-04 01:09    13312    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-12-04 01:09 . 2013-12-04 01:09    131072    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-12-04 01:09 . 2013-12-04 01:09    84992    ----a-w-    c:\windows\system32\mshtmled.dll
2013-12-04 01:09 . 2013-12-04 01:09    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-12-04 01:09 . 2013-12-04 01:09    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-12-04 01:09 . 2013-12-04 01:09    616104    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-12-04 01:09 . 2013-12-04 01:09    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-12-04 01:09 . 2013-12-04 01:09    453120    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-12-04 01:09 . 2013-12-04 01:09    413696    ----a-w-    c:\windows\system32\html.iec
2013-12-04 01:09 . 2013-12-04 01:09    40448    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-04 01:09 . 2013-12-04 01:09    30208    ----a-w-    c:\windows\system32\licmgr10.dll
2013-12-04 01:09 . 2013-12-04 01:09    296960    ----a-w-    c:\windows\system32\dxtrans.dll
2013-12-04 01:09 . 2013-12-04 01:09    263376    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-12-04 01:09 . 2013-12-04 01:09    243200    ----a-w-    c:\windows\system32\webcheck.dll
2013-12-04 01:09 . 2013-12-04 01:09    235520    ----a-w-    c:\windows\system32\url.dll
2013-12-04 01:09 . 2013-12-04 01:09    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-12-04 01:09 . 2013-12-04 01:09    143872    ----a-w-    c:\windows\system32\wextract.exe
2013-12-04 01:09 . 2013-12-04 01:09    1228800    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-12-04 01:09 . 2013-12-04 01:09    105984    ----a-w-    c:\windows\system32\iesysprep.dll
2013-12-04 01:09 . 2013-12-04 01:09    101376    ----a-w-    c:\windows\system32\inseng.dll
2013-12-04 01:09 . 2013-12-04 01:09    83968    ----a-w-    c:\windows\system32\MshtmlDac.dll
2013-12-04 01:09 . 2013-12-04 01:09    774144    ----a-w-    c:\windows\system32\jscript.dll
2013-12-04 01:09 . 2013-12-04 01:09    62464    ----a-w-    c:\windows\system32\pngfilt.dll
2013-12-04 01:09 . 2013-12-04 01:09    48128    ----a-w-    c:\windows\system32\imgutil.dll
2013-12-04 01:09 . 2013-12-04 01:09    147968    ----a-w-    c:\windows\system32\occache.dll
2013-12-04 01:09 . 2013-12-04 01:09    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-12-04 01:09 . 2013-12-04 01:09    135680    ----a-w-    c:\windows\system32\iepeers.dll
2013-11-27 01:41 . 2014-01-18 03:08    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:41 . 2014-01-18 03:08    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:41 . 2014-01-18 03:08    53248    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:41 . 2014-01-18 03:08    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2013-11-27 01:41 . 2014-01-18 03:08    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2013-11-27 01:41 . 2014-01-18 03:08    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:41 . 2014-01-18 03:08    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2013-11-26 11:40 . 2014-01-18 03:08    376768    ----a-w-    c:\windows\system32\drivers\netio.sys
2013-11-26 10:32 . 2014-01-18 03:08    3156480    ----a-w-    c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-06-08 284696]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
.
c:\users\Katherine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 1082656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$QSRNVIVO9;SQL Server Agent (QSRNVIVO9);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MSSQL$QSRNVIVO9;SQL Server (QSRNVIVO9);c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10_50.QSRNVIVO9\MSSQL\Binn\sqlservr.exe [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-30 22:44]
.
2014-02-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1517947845-3531664004-2862059384-1001Core.job
- c:\users\Katherine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-12 05:48]
.
2014-02-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1517947845-3531664004-2862059384-1001UA.job
- c:\users\Katherine\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-12 05:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-09-07 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-09-07 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-09-07 415256]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-03-05 1928976]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-01-25 1802472]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
FF - ProfilePath - c:\users\Katherine\AppData\Roaming\Mozilla\Firefox\Profiles\7chlrh8u.default\
FF - prefs.js: browser.search.selectedEngine - Google
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
AddRemove-SLABCOMM&10C4&EA60 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\SLABCOMM&10C4&EA60
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-02-22  23:23:50
ComboFix-quarantined-files.txt  2014-02-23 04:23
ComboFix2.txt  2014-02-20 00:00
.
Pre-Run: 242,837,356,544 bytes free
Post-Run: 242,280,022,016 bytes free
.
- - End Of File - - 86F1664A41C6EA4DD50FE9A552AF7255
 



#15 Conspire

Conspire

  • Malware Response Team
  • 1,155 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:35 AM

Posted 23 February 2014 - 03:21 AM

Hi Kayjay,

Yes that is to be expected.

The log is looking good so far. Please let me know how your computer is behaving. :)
Proud Graduate of the WTT Classroom
Member of UNITE
The help you receive here is always free. If you wish to show your appreciation, then you may btn_donate_SM.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users