Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer slow/unresponsive - Help analyze Hijackthis Log


  • This topic is locked This topic is locked
22 replies to this topic

#1 lakergal

lakergal

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 16 April 2014 - 05:34 PM

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:00:10 PM, on 4/16/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\QuickBooks Online Backup\OnlineBackup.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Kim-PC\AppData\Local\Workspace\workspaceupdate.exe
C:\Users\Kim-PC\AppData\Local\Workspace\wben.exe
C:\Users\Kim-PC\AppData\Local\Workspace\workspacestatus.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\TechSmith\Jing\Jing.exe
C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
C:\Program Files\Trend Micro SafeSync\HrfsClient.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USSMB/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SmileBox EN Toolbar - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Trend Micro Toolbar BHO - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe32.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmileBox EN - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: SmileBox EN Toolbar - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll
O3 - Toolbar: Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [OnlineBackupScheduler] C:\Program Files (x86)\QuickBooks Online Backup\OnlineBackup.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kim-PC\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Starfield Updater] "C:\Users\Kim-PC\AppData\Local\Workspace\WorkspaceUpdate.exe"
O4 - HKCU\..\Run: [SmileboxTray] "C:\Users\Kim-PC\AppData\Roaming\Smilebox\SmileboxTray.exe"
O4 - HKCU\..\Run: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN2BEB4G8G05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [wben] "C:\Users\Kim-PC\AppData\Local\Workspace\wben.exe"
O4 - HKCU\..\Run: [Workspace Status] "C:\Users\Kim-PC\AppData\Local\Workspace\workspacestatus.exe"
O4 - HKCU\..\Run: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_77_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Download App.lnk = Kim-PC\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe
O4 - Startup: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk = ?
O4 - Global Startup: Online Backup Scheduler.lnk = ?
O4 - Global Startup: Trend Micro SafeSync.lnk = C:\Program Files\Trend Micro SafeSync\HrfsClient.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: intu-help-qb2 - {84D77A00-41B5-4B8B-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll
O18 - Protocol: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
O18 - Protocol: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: File Backup Service (File Backup) - Starfield Technologies - C:\Program Files (x86)\Workspace\offSyncService.exe
O23 - Service: GoToMyPC - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LeapFrog Connect Device Service - LeapFrog Enterprises, Inc. - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OnlineStorageService - Trend Micro Inc. - C:\Program Files\Trend Micro SafeSync\hrfscore.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
O23 - Service: WDFMEService - Western Digital  - C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
O23 - Service: WDRulesService - Western Digital  - C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 19744 bytes

 

I appreciate your help!



BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:17 PM

Posted 18 April 2014 - 03:09 AM

:welcome:

Hello lakergal,

my name is Jo and I will help you with your computer problems.



Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Download OTL to your desktop.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note: These logs can be located in the OTL folder on your C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 lakergal

lakergal
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 18 April 2014 - 11:04 AM

Thank you Jo,

Here is the results of the checkup.txt

 

Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Trend Micro Titanium Maximum Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java™ 6 Update 31  
 Java version out of Date! 
  Adobe Flash Player 12.0.0.77 Flash Player out of Date!  
 Mozilla Firefox 17.0 Firefox out of Date!  
 Google Chrome 33.0.1750.154  
 Google Chrome 34.0.1847.116  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 QuickBooks Online Backup OnlineBackup.exe   
 Trend Micro UniClient UiFrmWrk uiSeAgnt.exe 
 Trend Micro SafeSync HrfsClient.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 


#4 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:17 PM

Posted 19 April 2014 - 03:47 AM

please run OTL as instructed in post #2 and post the log.


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#5 lakergal

lakergal
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 19 April 2014 - 09:16 AM

Jo,

Here is the OTL.Txt file:

OTL logfile created on: 4/19/2014 10:01:32 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kim-PC\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.91 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 63.34% Memory free
7.83 Gb Paging File | 5.37 Gb Available in Paging File | 68.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.57 Gb Total Space | 180.62 Gb Free Space | 40.26% Space Free | Partition Type: NTFS
Drive D: | 120.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 1.87 Gb Total Space | 1.62 Gb Free Space | 86.75% Space Free | Partition Type: FAT
 
Computer Name: KIM-PC-PC | User Name: Kim-PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Kim-PC\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Users\Kim-PC\AppData\Local\Workspace\wben.exe (Starfield Technologies, LLC)
PRC - C:\Users\Kim-PC\AppData\Local\Workspace\workspacestatus.exe (Starfield Technologies)
PRC - C:\Program Files (x86)\Workspace\offSyncService.exe (Starfield Technologies)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Users\Kim-PC\AppData\Local\Workspace\workspaceupdate.exe (Starfield Technologies)
PRC - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files\Trend Micro SafeSync\HrfsClient.exe (Trend Micro Inc.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2tray.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2pre.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2comm.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\QuickBooks Online Backup\OnlineBackup.exe (SwapDrive, Inc.)
PRC - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\fd746553afb4778c8736b6d8af4caa6d\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\801b632b8b7ef72f14333dbce41524b8\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d3df00ba3df9c1790499701b79269570\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8a01cb6ca56adf4f33cdad0592538b58\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1c58ae226a791dc3ba4cd09225f7599e\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\868ad9d8acc0bf80a973c0e4e9cae4fa\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f703846404bb66a4ae03ef8133755007\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - C:\Program Files\Trend Micro SafeSync\avcodec-52.dll ()
MOD - C:\Program Files\Trend Micro SafeSync\avformat-52.dll ()
MOD - C:\Program Files\Trend Micro SafeSync\avutil-50.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe File not found
SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe File not found
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (OnlineStorageService) -- C:\Program Files\Trend Micro SafeSync\hrfscore.exe (Trend Micro Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (File Backup) -- C:\Program Files (x86)\Workspace\offSyncService.exe (Starfield Technologies)
SRV - (IntuitUpdateServiceV4) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (LeapFrog Connect Device Service) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (GoToMyPC) -- C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
SRV - (AdobeActiveFileMonitor10.0) -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.)
DRV:64bit: - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.)
DRV:64bit: - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (tmeevw) -- C:\Windows\SysNative\drivers\tmeevw.sys (Trend Micro Inc.)
DRV:64bit: - (TMEBC) -- C:\Windows\SysNative\drivers\TMEBC64.sys (Trend Micro Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (tmnciesc) -- C:\Windows\SysNative\drivers\tmnciesc.sys (Trend Micro Inc.)
DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook: {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USSMB/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {1CFA0FA4-42E4-4900-840A-733C2C7E8D77}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Kim-PC\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@starfield.com/off: C:\Users\Kim-PC\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/off64: C:\Users\Kim-PC\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/wbe: C:\Users\Kim-PC\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)
FF - HKCU\Software\MozillaPlugins\@starfield.com/wbe64: C:\Users\Kim-PC\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kim-PC\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kim-PC\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\adobe.com/AdobeExManCCDetect32: C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\adobe.com/AdobeExManCCDetect64: C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll (Adobe Systems)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com: C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1137\7.5.1137\FIREFOXEXTENSION [2014/04/16 12:15:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/02/21 10:49:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/02/13 11:02:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com: C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension [2014/04/16 12:15:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2013/01/27 22:31:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2014/04/16 12:17:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/17 09:38:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/02/13 11:02:38 | 000,000,000 | ---D | M]
 
[2012/03/31 11:44:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kim-PC\AppData\Roaming\Mozilla\Extensions
[2012/11/28 15:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/20 02:17:52 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/20 02:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/20 02:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kim-PC\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kim-PC\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kim-PC\AppData\Local\Google\Chrome\Application\34.0.1847.116\gcswf32.dll
CHR - plugin: Trend Micro Titanium (Enabled) = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.2.0.1035_0\npToolbarChrome.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Online Storage plug-in (Enabled) = C:\Users\Kim-PC\AppData\Roaming\Mozilla\plugins\npoff.dll
CHR - plugin: Workspace Webmail plug-in 1.0.20.42 (Enabled) = C:\Users\Kim-PC\AppData\Roaming\Mozilla\plugins\npwbe.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: TrendMicro BEP Extension = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1137_0\
CHR - Extension: Google Search = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: TrendMicro Toolbar = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\6.0.0.2030_0\
CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\
CHR - Extension: Google Wallet = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmileBox EN Toolbar) - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SmileBox EN Toolbar) - {f897eb0e-a3a4-46c3-80eb-2729699d8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (SmileBox EN Toolbar) - {F897EB0E-A3A4-46C3-80EB-2729699D8892} - C:\Program Files (x86)\SmileBox_EN\prxtbSmil.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Jing] C:\Program Files (x86)\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - HKCU..\Run: [OnlineBackupScheduler] C:\Program Files (x86)\QuickBooks Online Backup\OnlineBackup.exe (SwapDrive, Inc.)
O4 - HKCU..\Run: [SmileboxTray] C:\Users\Kim-PC\AppData\Roaming\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4 - HKCU..\Run: [Starfield Updater] C:\Users\Kim-PC\AppData\Local\Workspace\WorkspaceUpdate.exe (Starfield Technologies)
O4 - HKCU..\Run: [wben] C:\Users\Kim-PC\AppData\Local\Workspace\wben.exe (Starfield Technologies, LLC)
O4 - HKCU..\Run: [Workspace Status] C:\Users\Kim-PC\AppData\Local\Workspace\workspacestatus.exe (Starfield Technologies)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_77_ActiveX.exe -update activex File not found
O4 - Startup: C:\Users\Kim-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Kim-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download App.lnk = C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe (CBS Interactive Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: solvusoft.com ([store] https in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19CAA5C9-1E53-4E01-AC49-7A547FAAEA75}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{368D19D0-3BB9-4F1C-9C96-B586167BE430}: DhcpNameServer = 198.224.146.119 198.224.147.135
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0DA8453-1FF5-4631-AF0E-B7E46A2036A2}: DhcpNameServer = 172.20.10.1
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtb - No CLSID value found
O18:64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/10/28 15:07:36 | 000,000,113 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{8439f371-5656-11e1-8524-d4bed9bece7e}\Shell - "" = AutoRun
O33 - MountPoints2\{8439f371-5656-11e1-8524-d4bed9bece7e}\Shell\AutoRun\command - "" = I:\unlock.exe autoplay=true
O33 - MountPoints2\{b17659db-368f-11e1-8565-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b17659db-368f-11e1-8565-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2013/10/28 15:07:41 | 003,086,640 | R--- | M] (Intuit Inc, 2013)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O34 - HKLM BootExecute: (bootdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/16 20:29:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014/04/16 16:45:18 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2014/04/16 11:58:39 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/16 11:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/16 11:58:13 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/16 11:58:13 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/16 11:58:13 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/16 11:58:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/04/16 11:58:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/15 13:59:16 | 000,000,000 | -HSD | C] -- C:\Users\Kim-PC\AppData\Local\EmieUserList
[2014/04/15 13:59:16 | 000,000,000 | -HSD | C] -- C:\Users\Kim-PC\AppData\Local\EmieSiteList
[2014/04/15 09:26:21 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{3BD30331-7B7A-4922-BCDF-09DF89292411}
[2014/04/14 21:21:42 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{3D75C77E-5CCD-46AB-BB51-D279BC184BBE}
[2014/04/14 09:18:06 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{4E4C25B3-E7FB-40F1-AF13-952D9953A33B}
[2014/04/13 03:02:00 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/13 03:01:59 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/13 03:01:55 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/04/13 03:01:36 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/04/13 03:01:36 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/04/13 03:01:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/04/13 03:01:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/04/13 03:01:32 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/04/13 03:01:32 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/04/13 03:01:32 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/04/13 03:01:31 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/13 03:01:31 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/04/13 03:01:31 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/04/13 03:01:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/04/13 03:01:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/04/13 03:01:29 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/04/13 03:01:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/04/13 03:01:29 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/04/13 03:01:27 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/04/13 03:01:21 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/04/13 03:01:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/04/13 03:01:20 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/04/13 03:01:20 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/04/13 03:01:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/04/13 03:01:19 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/04/13 03:01:19 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/04/13 03:01:15 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/04/13 03:01:14 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/04/13 03:01:09 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/04/11 06:21:33 | 000,000,000 | ---D | C] -- C:\9cf429ed318cb126b2cc9cc97a
[2014/04/09 05:06:35 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/04/09 05:06:35 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/04/09 05:06:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/04/09 05:06:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/04/09 05:06:22 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/09 05:06:22 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/04/09 05:06:21 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/04/09 05:06:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/04/09 05:06:21 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/04/09 05:06:21 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/04/09 05:06:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/04/09 05:06:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/04/09 05:06:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/04/09 05:06:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/04/08 08:13:28 | 000,000,000 | ---D | C] -- C:\fdac12dd690fac58e7ab2ee2365b
[2014/04/04 18:10:25 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Roaming\Solvusoft
[2014/04/03 12:09:43 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\Programs
[2014/04/01 10:14:35 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{C1EC9FF2-3E69-4580-B758-D3078B49611C}
[2014/03/31 22:14:09 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{6050271D-A622-462C-8880-5EC9C1307ADC}
[2014/03/31 10:11:41 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{D0B0E367-DFEE-43E9-8453-08B6E469E65F}
[2014/03/30 22:11:02 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{828998EC-F898-4AD0-BF7B-4008D292BD06}
[2014/03/30 10:09:33 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{0EFA9018-6650-4441-9406-2A9A09D81E2D}
[2014/03/29 22:08:44 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{92688783-8889-42B6-B171-2175D0956768}
[2014/03/29 10:08:25 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{3C614048-200F-4F8A-ABD2-E1A19867B1C7}
[2014/03/29 07:15:36 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{C0A8DBDC-A856-47A0-930B-F5C58FA24DE9}
[2014/03/28 19:15:16 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{8B528E92-FA49-4C2A-A33B-FE77FB54666A}
[2014/03/28 07:14:57 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{4881A72F-886A-4A6A-9737-B3A11279DD56}
[2014/03/27 19:14:02 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{83BDB2A7-AA33-4F50-8A30-148E6CFDFEFE}
[2014/03/27 07:13:39 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{E8FFF6D8-DD80-4513-BA85-B634ABDE4438}
[2014/03/26 19:13:20 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{E378624F-3E7C-42F8-BD53-8D3D25647226}
[2014/03/26 07:12:57 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{2CC21063-5585-464E-95B6-7A8480A87C12}
[2014/03/25 19:12:39 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{E9D1DC43-0B0A-4094-9EB7-518B6BB56778}
[2014/03/25 07:12:23 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{765CF26C-16C0-4473-9D24-4D4FFF22A5B5}
[2014/03/24 19:12:06 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{3DD98B86-08F4-4CC5-B96C-FF294B37F42B}
[2014/03/24 07:11:50 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{F043300A-C466-47CA-8AFA-A5A73EABC8EF}
[2014/03/23 19:11:33 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{4134F49E-A7C2-4C88-93C8-F78C5D0081DE}
[2014/03/23 07:11:19 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{06A6A96D-81B8-4312-A456-9873D969E98B}
[2014/03/22 19:10:38 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{23FDDCCF-02B6-4FB5-B3C1-FDB4BC98B905}
[2014/03/22 19:09:51 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{94B480D5-09EA-4E54-B1F0-362D6FEC0533}
[2014/03/21 12:28:10 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\{814BD92B-C28D-40B7-96C3-5B671DF9CCC9}
[2012/02/20 10:27:07 | 001,393,736 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Kim-PC\gotomypc_635.exe
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/19 10:02:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/19 09:40:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4131391989-150066398-3726755509-1001UA.job
[2014/04/19 09:23:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/19 04:40:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4131391989-150066398-3726755509-1001Core.job
[2014/04/19 03:23:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/17 02:47:19 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/17 02:47:19 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/17 02:27:35 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/16 16:45:19 | 000,002,981 | ---- | M] () -- C:\Users\Kim-PC\Desktop\HiJackThis.lnk
[2014/04/16 13:10:28 | 000,001,926 | ---- | M] () -- C:\Users\Kim-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
[2014/04/16 13:08:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/16 13:08:25 | 3152,510,976 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/16 11:58:15 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/15 16:50:31 | 000,007,608 | ---- | M] () -- C:\Users\Kim-PC\AppData\Local\Resmon.ResmonCfg
[2014/04/12 15:18:36 | 000,002,374 | ---- | M] () -- C:\Users\Kim-PC\Desktop\Google Chrome.lnk
[2014/04/10 11:10:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\iqvw64e.sys
[2014/04/07 13:55:22 | 453,779,535 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/04/07 13:54:00 | 000,011,780 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/04/07 10:31:41 | 000,817,102 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/07 10:31:41 | 000,689,554 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/07 10:31:41 | 000,131,180 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/03 12:18:09 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RegClean Pro.job
[2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/21 17:37:04 | 000,238,128 | ---- | M] () -- C:\Windows\RegBootClean64.exe
[2014/03/21 17:25:00 | 000,000,499 | ---- | M] () -- C:\Users\Kim-PC\Desktop\Workspace Login.website
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/04/16 16:45:19 | 000,002,981 | ---- | C] () -- C:\Users\Kim-PC\Desktop\HiJackThis.lnk
[2014/04/16 11:58:15 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/15 16:50:31 | 000,007,608 | ---- | C] () -- C:\Users\Kim-PC\AppData\Local\Resmon.ResmonCfg
[2014/04/10 11:10:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\iqvw64e.sys
[2014/04/07 13:54:00 | 000,011,780 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/04/03 12:18:09 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\RegClean Pro.job
[2013/11/05 12:44:35 | 000,004,608 | ---- | C] () -- C:\Users\Kim-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/23 20:18:29 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Bass Amp
[2013/07/23 20:18:28 | 000,000,268 | RH-- | C] () -- C:\Users\Kim-PC\AppData\Roaming\Basic Synth
[2013/07/23 20:18:28 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2013/05/22 09:08:11 | 000,000,430 | ---- | C] () -- C:\Windows\wininit.ini
[2013/02/15 23:54:58 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/01/27 22:23:59 | 000,000,036 | ---- | C] () -- C:\Users\Kim-PC\AppData\Local\housecall.guid.cache
[2012/07/08 07:45:39 | 000,238,128 | ---- | C] () -- C:\Windows\RegBootClean64.exe
[2012/07/08 07:45:39 | 000,021,520 | ---- | C] () -- C:\Windows\DCEBoot64.exe
[2012/05/30 10:31:03 | 000,000,515 | ---- | C] () -- C:\Windows\Viewer.INI
[2012/05/30 09:35:56 | 000,000,502 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2012/05/30 09:35:06 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2012/03/28 15:42:01 | 000,000,132 | ---- | C] () -- C:\Users\Kim-PC\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/03/05 10:18:21 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/02/13 16:16:48 | 000,000,935 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/07 20:35:01 | 000,002,047 | ---- | C] () -- C:\Program Files\Adobe Photoshop CS2.lnk
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012/02/13 12:05:48 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\Canon
[2013/12/13 12:43:20 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\CBS Interactive
[2012/03/20 19:34:09 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/08/02 13:35:57 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\com.Shutterfly.ExpressUploader
[2014/02/17 16:43:11 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\Mirada
[2012/07/03 16:07:55 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\MyHeritage
[2013/07/27 11:59:38 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\Nikon
[2014/04/18 12:08:12 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\Online Backup
[2012/06/11 09:23:03 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\Opera
[2012/02/08 11:03:28 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\PCDr
[2012/03/28 13:38:40 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\PDAppFlex
[2014/04/02 18:09:06 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\Smilebox
[2014/04/08 12:29:10 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\Solvusoft
[2012/03/28 14:02:07 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014/04/03 12:10:03 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\Systweak
[2012/05/30 09:35:05 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2012/09/25 14:16:27 | 000,000,000 | ---D | M] -- C:\Users\Kim-PC\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\yWriterProj:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 17.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 16.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 15.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 14.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 13.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 12.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 11.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 10.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 09.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 08.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 07.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 06.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 05.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 04.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 03.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 02.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 01.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\SpiralFrog:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Retrospect Catalog Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Restore:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Piqua Cut & Sew:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Outlook Contacts:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\OldEducator:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\NetObjects Fusion 11.0:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\MyHeritage:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\My Data Sources:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\McGinness:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Logan Labs:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Lifestyle Real Estate Services:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Labels:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Kimage Design:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Jenni:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Indian Lake Chamber Business:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\ILREAL:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\House:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Honeycutt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Earthworks:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Dawn.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Coco:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\CMX Oil:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Christmas08:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Choice Properties:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Carrie:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Callie:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Broker Realty Service:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\AnnualDinnerInvite12-08.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\AeroScents:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\_vti_cnf:Roxio EMC Stream
 
< End of report >
 
Here is the Extras.txt
OTL Extras logfile created on: 4/19/2014 10:01:32 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kim-PC\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.91 Gb Total Physical Memory | 2.48 Gb Available Physical Memory | 63.34% Memory free
7.83 Gb Paging File | 5.37 Gb Available in Paging File | 68.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.57 Gb Total Space | 180.62 Gb Free Space | 40.26% Space Free | Partition Type: NTFS
Drive D: | 120.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive H: | 1.87 Gb Total Space | 1.62 Gb Free Space | 86.75% Space Free | Partition Type: FAT
 
Computer Name: KIM-PC-PC | User Name: Kim-PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A42A05C-1823-44EF-9CE5-B3692EF729BF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{13143919-842A-499E-9C67-FB723C5CED55}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1B27E6F1-867E-4D37-8EE0-9A03F9BAC8AB}" = rport=445 | protocol=6 | dir=out | app=system | 
"{1D1CE644-517E-4BD6-A0EA-AF87339C4615}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{24E68A96-9129-4CD5-94F2-070501B2B6B8}" = rport=137 | protocol=17 | dir=out | app=system | 
"{34EDA49B-9964-4834-96E0-E89C04D6E573}" = rport=139 | protocol=6 | dir=out | app=system | 
"{47C588DC-02C4-4B0D-807B-6ECAA639D456}" = lport=139 | protocol=6 | dir=in | app=system | 
"{4A4E72B4-FC47-453D-94E8-7C9C901D686A}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe | 
"{4B6170F8-D8D8-4F32-BF1A-357CFBDCB7D9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4DFA09C6-423D-489A-96BF-8E1F887ACB1B}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{58C2F8B2-1C8A-451D-99D7-E399C65276AA}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{609166A1-B5E6-49DA-B92F-DC333909B473}" = lport=21112 | protocol=6 | dir=in | name=trend micro client/server security agent listener | 
"{6A1CCE81-BB08-4AF4-BD63-4B966E46B484}" = lport=61116 | protocol=6 | dir=in | name=trend micro client/server security agent update | 
"{6BB0BF45-2027-48F9-B2EC-8B5F6D407EAB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6F3A90E5-94A5-42AE-AD89-FBDA67C3295C}" = lport=61117 | protocol=17 | dir=in | name=trend micro client/server security agent broadcast | 
"{71E6FEC6-A2C1-4530-8040-55F6B99EBFC5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{8E5E1653-CA5A-4896-AA59-B9904050FC8B}" = lport=445 | protocol=6 | dir=in | app=system | 
"{99FEB68E-91E6-4046-B66A-2B4B7A8C6076}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{AB6B43E7-DC48-4019-9625-CBAE0373071C}" = rport=138 | protocol=17 | dir=out | app=system | 
"{BDB92B4D-1DEF-48DD-94B2-52D61120F8A6}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe | 
"{BDD546E4-9646-4B52-82B1-35DE671CFCF3}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{BE78BC1F-E227-4AB2-A9D0-6F5FFFF7AC62}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BF184F32-8741-4F5F-B852-5E8ACE865E91}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{C02ABEAD-99C9-46B6-87F0-00497B213709}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{CB715141-8877-47CE-93C3-E9134BEBBD60}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D55FF719-6BB6-4821-8626-91362A559E6E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DB8A1E3D-B4B1-44E9-B50D-33AF751E2BF0}" = lport=137 | protocol=17 | dir=in | app=system | 
"{DBC09382-A093-4B93-93F9-5003724E3251}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E60C67CF-17C6-43B9-8728-955DB8BF757D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{E83028A5-7D46-4BB1-B4CE-8F0B8589F581}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{EA6C2F76-1DEF-4E96-B46D-50C3C6C50325}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F1504865-1AE3-4D6E-9269-9C89F73982DD}" = rport=10243 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A9E6307-697C-47D0-ABE9-6E58695052EB}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{0D919767-2D68-4F28-9620-115D3B2E4F01}" = protocol=6 | dir=in | app=c:\program files\winthruster\winthruster\winthruster64.exe | 
"{108DB5D6-12D1-4143-AFB9-3A32B4CF4B64}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{1326078F-2E58-4C1A-8266-51DB0E7AA3FC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 
"{1499FEDC-2B71-43EE-8EAB-214E4A4C13E3}" = protocol=17 | dir=in | app=c:\program files (x86)\winthruster\winthruster.exe | 
"{15599249-181B-45BC-B244-EF6F15BC4AF7}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{175387F0-FA1B-4BEE-A8E4-02EF5E8B8345}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{1B620654-CDD6-4E1B-84E5-DC41591A7491}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{20788C05-7654-47E1-9B2C-10BDC9477608}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{21E10DED-52F9-4B72-95C5-7B2BD296F5EE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 
"{21E2D2F1-84F2-4421-928A-E4A47FF7F989}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 
"{21E4AD03-74FF-4922-BA94-0D92741F7C78}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\digitalwizards.exe | 
"{23BE83B6-545F-465E-9972-86E9B7075C40}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{23F9CBF8-4F14-47D5-B160-395D32AD6B86}" = protocol=6 | dir=out | app=system | 
"{27B669B4-5E8C-488E-87A3-6A5C32777E8A}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{2A5D181F-E7C6-4515-8259-454CF86DF47F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{2C186A8C-80CE-4DDB-8E96-EE354FD9D7AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{308DF3A9-D1C9-4649-902B-B3BD2DFA9A75}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{313D5D56-3BF2-4EF6-A4FF-84B381E68EFA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{31BA36E1-AEF6-4989-8ED3-CA643E6E0465}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{342BB301-BF7A-414F-A777-5C6A4D40A2B9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{38831A92-B0E2-48AC-A6F1-AFFA15D5242A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{399C2999-A879-473B-94A2-8931E61E1456}" = protocol=6 | dir=in | app=c:\program files (x86)\winthruster\winthruster.exe | 
"{3E47BBE5-FBCE-46F2-9395-98C3FD1D9CA7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{437FF640-B939-4446-97A2-0B88D471B65C}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe | 
"{44B453F3-F602-4ADC-B957-861BDD18745E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4B28CB67-AFE0-404B-907B-C9A9A64B5205}" = dir=in | app=d:\setup\hpznui40.exe | 
"{4B3ED377-BD56-4BB3-B56D-85E75507BB96}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{4D340362-C44C-4EC5-80A4-1F9077866105}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{5092FEED-5F27-4F1D-805C-2755A6F50DAD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{61F02A86-A23B-4C3C-A027-81748682D80F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6391988A-D53C-41C6-A64C-7F518A83794F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{69325886-1D52-4695-90BA-45F50B4EFCC3}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\faxapplications.exe | 
"{6D06CE8D-EB93-4466-A031-6ED0FA0C2529}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6DEAC593-F631-4499-9538-09A34638FAD8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{6E40EF91-4F9C-4D23-9DBA-CA71A6883760}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{71EE57AB-DEE0-43BF-A27E-8236BDCA56AC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{74FB75A0-B234-4E13-9116-A666FDB547DF}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{75A3C422-E776-4F02-A1BE-1F2D98110C9A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{7AF49E03-E453-4291-80E6-2FD13A5A9847}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{7B71BA83-2AEB-498A-BA51-05A1B77F622A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 
"{8796ACAB-E3CA-4A37-9F3F-BB022B93347C}" = protocol=17 | dir=in | app=c:\program files\winthruster\winthruster\winthruster64.exe | 
"{8AA00170-F776-4778-A1C5-BD6E118FAFE3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{972BB66E-6B15-40D9-8251-038C54E20AA1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{994F7B7C-78CB-455B-A94D-1BDAA744E972}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{9C3D0CC2-EE1E-43C5-8494-CD7748CF103D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A909A779-DC87-41A6-9254-DFBF62993084}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{AAD4A76E-CAA6-4350-BD51-73B63C79BC77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{AE9B3F89-A9CC-43BE-8A9C-B25EE6A6EAC3}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe | 
"{B5630056-5220-450F-9112-9DAB4B5A6B7C}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe | 
"{B9FE32D7-B71D-414D-93EA-D84B3591EFBA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BB393143-C982-43D3-90FD-30AB7F2BB802}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{C28660DD-701B-4D3C-8E86-C8FF31EA3BE5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{C9F03739-ADFC-47D3-B250-46915821C302}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 
"{CCA7B387-7689-4DEC-BB94-F07773B17FCD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{CD421B62-FB89-40E1-893D-BE9646E97EA1}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicatorcom.exe | 
"{D7F78E35-0A81-4619-9BF0-6644203F9139}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 
"{E27F739B-81DC-4C6D-9100-9BDC0FCC5B7F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 
"{E65851F8-484A-4196-8924-D21EDC28FE5E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{ED42208F-01AC-4793-83CB-6725C0A3EEEB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 
"{ED60BC8A-02D9-421F-A283-C33F1650AC44}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{EF74675F-5D0A-4F02-85D8-1DBFDCC19D48}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{F9578FE4-7680-4ACC-94CA-8B26F1A4AC0D}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\sendafax.exe | 
"{F9638563-70A1-4777-BB3F-B1B537700FC0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{14CBB0E2-D8F8-4439-99E5-7B1568AF645C}C:\users\kim-pc\appdata\local\temp\g2_635\g2viewer.exe" = protocol=6 | dir=in | app=c:\users\kim-pc\appdata\local\temp\g2_635\g2viewer.exe | 
"TCP Query User{3D7204FC-34E5-4E59-8CA2-17DDDEA4DB4A}C:\program files (x86)\adobe\adobe muse\adobe muse.exe" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe muse\adobe muse.exe | 
"TCP Query User{BBE0EFE3-E4D1-4576-854D-9DF7A44C2856}C:\users\kim-pc\appdata\local\temp\g2_943\g2viewer.exe" = protocol=6 | dir=in | app=c:\users\kim-pc\appdata\local\temp\g2_943\g2viewer.exe | 
"UDP Query User{89A0F7C0-D603-4EC0-ACAD-6842FC73E48F}C:\program files (x86)\adobe\adobe muse\adobe muse.exe" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe muse\adobe muse.exe | 
"UDP Query User{AB70E315-47BB-4F0F-B252-92969E1D0DBC}C:\users\kim-pc\appdata\local\temp\g2_635\g2viewer.exe" = protocol=17 | dir=in | app=c:\users\kim-pc\appdata\local\temp\g2_635\g2viewer.exe | 
"UDP Query User{CEC79190-F240-437F-A1C3-414A58501881}C:\users\kim-pc\appdata\local\temp\g2_943\g2viewer.exe" = protocol=17 | dir=in | app=c:\users\kim-pc\appdata\local\temp\g2_943\g2viewer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{181AC4C7-B83C-4B5F-B566-E19BF2472429}" = HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java™ 6 Update 27 (64-bit)
"{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}" = HP Officejet Pro 8600 Product Improvement Study
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{791A06E2-340F-43B0-8FAB-62D151339362}" = HP Officejet Pro 8600 Basic Device Software
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9DCA0803-0890-4631-94BA-17DE31C49C40}" = Microsoft Camera Codec Pack
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Maximum Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}" = WinZip 16.0
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"HFRS_is1" = Trend Micro SafeSync
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"PC-Doctor for Windows" = My Dell
"Shop for HP Supplies" = Shop for HP Supplies
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04D54043-35E4-49B5-8930-15E5CE05C7B7}" = TurboTax 2013 WinBizFedFormset
"{06C84AD5-A13A-43CC-B20C-D1D5E7BA2658}" = LeapFrog Leapster Explorer Plugin
"{07BA9E63-243F-46EA-BD08-B89A64675E76}" = TurboTax 2013 wohsbpm
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A014044-292B-422C-944A-5AA9991EBF7B}" = TurboTax 2012 WinBizFedFormset
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18DD5ADB-4839-4057-8586-C9304AEFC580}" = TurboTax 2011 wksiper
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D106581-6726-4D1B-ABEC-0CA02410F24F}" = Adobe Photoshop CS6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22800204-9E53-45C7-B6F3-5BB0F1C1A147}" = Jing
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}" = Adobe Extension Manager CC
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{317243C1-6580-4F43-AED7-37D4438C3DD5}" = Adobe After Effects CC
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3365E735-48A6-4194-9988-CE59AC5AE503}" = Bing Bar
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3D4DB3CA-6766-4FE3-BCC4-BD2F2E10EE17}" = TurboTax 2013 WinBizTaxSupport
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46235FF7-2CBE-4A84-BEDA-87348D1F7850}" = HP Officejet Pro 8600 Help
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58F4D4FD-1814-4068-B316-C28FC776C6DD}" = GoToMyPC
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{6297487E-3778-4F72-B458-55690418DB98}" = Adobe ExtendScript Toolkit CC
"{63688C0C-441B-B09B-97A3-B059D79A84F7}" = Shutterfly Express Uploader
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65C0F43C-5F3B-4AB5-BFC9-ABA1C8F4AA7D}" = TurboTax 2011 wohiper
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6A905A05-964C-4F03-9A96-D34167807EC0}" = PS_AIO_06_C309g-m_SW_Min
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"{7236B5D0-A01F-4826-B1DD-BB598AF28CC7}" = TurboTax 2013 wrapper
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A27AAF5-1FD6-48B4-95C4-7354A1C35455}" = C309g-m
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{866BEB0E-879F-4F78-A9A9-F9938150A0D9}" = TurboTax 2013 WinBizReleaseEngine
"{8BA2648C-B0E5-4EAD-9789-22F807478D1E}" = TurboTax 2011 wrapper
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_XWeb_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_XWeb_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_XWeb_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_XWeb_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_XWeb_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0045-0000-0000-0000000FF1CE}" = Microsoft Expression Web 2
"{90120000-0045-0409-0000-0000000FF1CE}" = Microsoft Expression Web 2 MUI (English)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_XWeb_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_XWeb_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_XWeb_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A2F0810-3622-4E86-9072-973FBE1679C5}" = QuickBooks Pro 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9A554C9D-E12D-4205-8101-9F4337CD5673}" = Adobe Muse
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E3CDA4E-6522-43EB-AF6F-C8CA318A0772}" = TurboTax 2011 WinBizReleaseEngine
"{A004ACC6-A33D-4083-9775-139C76852C49}" = TurboTax 2011 WinBizFedFormset
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9255718-8A40-45F9-B738-93655FBD4F6F}" = QuickBooks Online Backup
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple Application Support
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-1033-0000-BA7E-000000000005}" = Adobe Acrobat X Standard
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X MUI
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B025BA0B-64A6-46DE-9D64-32965C83CCA9}" = Citrix Online Launcher
"{B1DF70FB-E1CB-4EEA-A281-414AE40B11E4}" = TurboTax 2012 wohsbpm
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BA731FF4-DA48-D1D7-2BF6-E155339D9A27}" = Adobe® Content Viewer
"{BC448016-6F11-1014-B0EA-97CEE6E26CB6}" = Adobe InDesign CC
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
"{DB9AB084-C93E-4D07-8BB9-0EC5CA5467BC}" = TurboTax 2011 WinBizTaxSupport
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3094B9F-C411-4DB4-9D87-27BE5C868A21}" = TurboTax 2011 wohsbpm
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E51E4530-C0FB-6914-275F-B6082FE9400B}" = Adobe Muse
"{E57E14CC-A22A-414F-BC52-B53C5D0E7282}" = TurboTax 2012 WinBizTaxSupport
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F06C1CD4-62F7-41C0-BB00-A6C03D6594A5}" = TurboTax 2012 wrapper
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F2321021-08A2-44D6-B1DF-BDB415F23EC3}" = Adobe Illustrator CC
"{F6A258B5-482F-449F-B132-7483B78C4C57}" = TurboTax 2012 WinBizReleaseEngine
"{F9233F02-5617-4BDC-8EC6-4B798EDFE6F4}" = LeapFrog Connect
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"AdobeMuse" = Adobe Muse
"Batch Photo Watermarker_is1" = Batch Photo Watermarker 3.5
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.dmp.contentviewer" = Adobe® Content Viewer
"com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader
"DPP" = Canon Utilities Digital Photo Professional 3.10
"EOS Sample Music" = Canon Utilities EOS Sample Music
"EOS Utility" = Canon Utilities EOS Utility
"EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
"Family Tree Builder" = MyHeritage Family Tree Builder
"HTML Password Lock_is1" = HTML Password Lock 5.2
"InstallShield_{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"LeapsterExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.1.1004
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 17.0 (x86 en-US)" = Mozilla Firefox 17.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"Office14.SingleImage" = Microsoft Office Professional 2010
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"SmileBox_EN Toolbar" = SmileBox EN Toolbar
"TurboTax 2011" = TurboTax 2011
"TurboTax Business 2011" = TurboTax Business 2011
"TurboTax Business 2012" = TurboTax Business 2012
"TurboTax Business 2013" = TurboTax Business 2013
"UPCShell" = LeapFrog Connect
"WinLiveSuite" = Windows Live Essentials
"WinZipBar Toolbar" = WinZipBar Toolbar
"XWeb" = Microsoft Expression Web 2
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Download App" = Download App
"Google Chrome" = Google Chrome
"Smilebox" = Smilebox
"workspacedesktop" = Workspace Desktop
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12/10/2013 1:34:49 PM | Computer Name = Kim-PC-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
 Hand
 
Error - 12/10/2013 1:34:49 PM | Computer Name = Kim-PC-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
 Hand
 
Error - 12/10/2013 1:34:49 PM | Computer Name = Kim-PC-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
 Hand
 
Error - 12/10/2013 1:34:49 PM | Computer Name = Kim-PC-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks": Returning NULL QBWinInstance
 Hand
 
Error - 12/10/2013 1:36:10 PM | Computer Name = Kim-PC-PC | Source = QuickBooks | ID = 4
Description = An unexpected error has occured in "QuickBooks Pro 2009": An attempt
 to LogOff without a logo
 
Error - 12/12/2013 4:57:28 AM | Computer Name = Kim-PC-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 12/12/2013 5:02:12 AM | Computer Name = Kim-PC-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ApplePhotoStreams.exe, version: 7.12.44.1,
 time stamp: 0x516e136b  Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229,
 time stamp: 0x51fb1116  Exception code: 0xe06d7363  Fault offset: 0x0000c41f  Faulting
 process id: 0x15a8  Faulting application start time: 0x01cef7187e504664  Faulting application
 path: C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
Faulting
 module path: C:\Windows\syswow64\KERNELBASE.dll  Report Id: 1661f47d-630c-11e3-84a1-d4bed9bece7e
 
Error - 12/12/2013 5:03:02 AM | Computer Name = Kim-PC-PC | Source = CNET TechTracker | ID = 131074
Description = 
 
Error - 12/12/2013 5:03:04 AM | Computer Name = Kim-PC-PC | Source = CNET TechTracker | ID = 131074
Description = 
 
Error - 12/13/2013 11:28:39 AM | Computer Name = Kim-PC-PC | Source = WinMgmt | ID = 10
Description = 
 
[ Dell Events ]
Error - 2/13/2012 11:31:31 AM | Computer Name = Kim-PC-PC | Source = DataSafe | ID = 1
Description = The process was interrupted before completion.
 
[ OSession Events ]
Error - 8/28/2012 9:31:11 AM | Computer Name = Kim-PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 22, Application Name: Microsoft Expression Web, Application Version:
 2008.1200.6329.5000, Microsoft Office Version: 12.0.4518.1084. This session lasted
 1018872 seconds with 1740 seconds of active time.  This session ended with a crash.
 
Error - 8/28/2012 10:35:15 AM | Computer Name = Kim-PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 22, Application Name: Microsoft Expression Web, Application Version:
 2008.1200.6329.5000, Microsoft Office Version: 12.0.4518.1084. This session lasted
 404 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error - 5/31/2013 4:02:56 PM | Computer Name = Kim-PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 22, Application Name: Microsoft Expression Web, Application Version:
 2008.1200.6329.5000, Microsoft Office Version: 12.0.4518.1084. This session lasted
 908737 seconds with 1200 seconds of active time.  This session ended with a crash.
 
Error - 7/22/2013 9:18:35 AM | Computer Name = Kim-PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 22, Application Name: Microsoft Expression Web, Application Version:
 2008.1200.6329.5000, Microsoft Office Version: 12.0.4518.1084. This session lasted
 261537 seconds with 480 seconds of active time.  This session ended with a crash.
 
Error - 8/22/2013 5:13:53 PM | Computer Name = Kim-PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 22, Application Name: Microsoft Expression Web, Application Version:
 2008.1200.6329.5000, Microsoft Office Version: 12.0.4518.1084. This session lasted
 5912 seconds with 2400 seconds of active time.  This session ended with a crash.
 
Error - 8/30/2013 10:59:58 AM | Computer Name = Kim-PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 22, Application Name: Microsoft Expression Web, Application Version:
 2008.1200.6329.5000, Microsoft Office Version: 12.0.4518.1084. This session lasted
 153374 seconds with 9060 seconds of active time.  This session ended with a crash.
 
Error - 12/9/2013 2:29:48 PM | Computer Name = Kim-PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 22, Application Name: Microsoft Expression Web, Application Version:
 2008.1200.6329.5000, Microsoft Office Version: 12.0.4518.1084. This session lasted
 1730657 seconds with 4140 seconds of active time.  This session ended with a crash.
 
Error - 2/18/2014 4:48:51 PM | Computer Name = Kim-PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 22, Application Name: Microsoft Expression Web, Application Version:
 2008.1200.6329.5000, Microsoft Office Version: 12.0.4518.1084. This session lasted
 567 seconds with 360 seconds of active time.  This session ended with a crash.
 
Error - 2/18/2014 4:54:57 PM | Computer Name = Kim-PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 22, Application Name: Microsoft Expression Web, Application Version:
 2008.1200.6329.5000, Microsoft Office Version: 12.0.4518.1084. This session lasted
 346 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error - 2/18/2014 4:57:34 PM | Computer Name = Kim-PC-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 22, Application Name: Microsoft Expression Web, Application Version:
 2008.1200.6329.5000, Microsoft Office Version: 12.0.4518.1084. This session lasted
 145 seconds with 120 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 4/16/2014 7:43:18 PM | Computer Name = Kim-PC-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 4/16/2014 7:43:24 PM | Computer Name = Kim-PC-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 4/16/2014 7:43:29 PM | Computer Name = Kim-PC-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 4/16/2014 7:43:35 PM | Computer Name = Kim-PC-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 4/16/2014 7:43:40 PM | Computer Name = Kim-PC-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 4/16/2014 7:43:45 PM | Computer Name = Kim-PC-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 4/16/2014 7:43:50 PM | Computer Name = Kim-PC-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 4/16/2014 7:43:56 PM | Computer Name = Kim-PC-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 4/16/2014 7:44:01 PM | Computer Name = Kim-PC-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 4/16/2014 8:14:48 PM | Computer Name = Kim-PC-PC | Source = Service Control Manager | ID = 7034
Description = The WDFMEService service terminated unexpectedly.  It has done this
 1 time(s).
 
 
< End of report >
 
Thanks!

 



#6 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:17 PM

Posted 19 April 2014 - 10:07 AM

Hello lakergal,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 lakergal

lakergal
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 19 April 2014 - 09:01 PM

Jo,

 

There were no issues after running Malwarebytes Anti-rootkit.

 

The following is the report from AdwCleaner

 

# AdwCleaner v3.024 - Report created 19/04/2014 at 14:26:07
# Updated 18/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Kim-PC - KIM-PC-PC
# Running from : C:\Users\Kim-PC\Downloads\AdwCleaner (1).exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : Web Assistant Updater
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
File Found : C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Found : C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Found : C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Found : C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Found : C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
File Found : C:\Windows\Tasks\RegClean Pro.job
Folder Found C:\Program Files (x86)\SmileBox_EN
Folder Found C:\Program Files (x86)\WinZipBar
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\Users\Kim-PC\AppData\LocalLow\SmileBox_EN
Folder Found C:\Users\Kim-PC\AppData\LocalLow\WinZipBar
Folder Found C:\Users\Kim-PC\AppData\Roaming\Solvusoft
Folder Found C:\Users\Kim-PC\AppData\Roaming\Systweak
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmileBox_EN
Key Found : HKCU\Software\AppDataLow\Software\WinZipBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AA760D-D058-4A63-AA81-BADC600FE745}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F897EB0E-A3A4-46C3-80EB-2729699D8892}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AA760D-D058-4A63-AA81-BADC600FE745}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F897EB0E-A3A4-46C3-80EB-2729699D8892}
Key Found : HKCU\Software\systweak
Key Found : [x64] HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{31AA760D-D058-4A63-AA81-BADC600FE745}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F897EB0E-A3A4-46C3-80EB-2729699D8892}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3061355
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CC9B033-1523-4AF0-9849-6FA63C678AB8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEDFF94F-A30D-4DA9-A07E-4847A2A5E3EB}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8BE6BE0-C386-413B-B362-12E767BE95E6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1A39606-BE87-4767-BC1D-B58CEBB7B7E2}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_icloud-control-panel_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_icloud-control-panel_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F897EB0E-A3A4-46C3-80EB-2729699D8892}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{31AA760D-D058-4A63-AA81-BADC600FE745}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SmileBox_EN Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinZipBar Toolbar
Key Found : HKLM\Software\SmileBox_EN
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\Web Assistant
Key Found : HKLM\Software\WinZipBar
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : [x64] HKLM\SOFTWARE\Web Assistant
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{F897EB0E-A3A4-46C3-80EB-2729699D8892}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{F897EB0E-A3A4-46C3-80EB-2729699D8892}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Jing]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Starfield Updater]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F897EB0E-A3A4-46C3-80EB-2729699D8892}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{F897EB0E-A3A4-46C3-80EB-2729699D8892}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Mozilla Firefox v17.0 (en-US)
 
[ File : C:\Users\Kim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\5r6lq5cb.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [5878 octets] - [19/04/2014 14:26:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5938 octets] ##########


#8 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:17 PM

Posted 20 April 2014 - 03:46 AM

Hello lakergal,

Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Run OTL again.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 lakergal

lakergal
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 20 April 2014 - 08:22 AM

Jo,

AdwCleaner scan report

 

# AdwCleaner v3.100 - Report created 20/04/2014 at 09:20:24
# Updated 20/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Kim-PC - KIM-PC-PC
# Running from : C:\Users\Kim-PC\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Starfield Updater]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v17.0 (en-US)

[ File : C:\Users\Kim-PC\AppData\Roaming\Mozilla\Firefox\Profiles\5r6lq5cb.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [6030 octets] - [19/04/2014 14:26:07]
AdwCleaner[R1].txt - [7606 octets] - [20/04/2014 08:22:10]
AdwCleaner[R2].txt - [1068 octets] - [20/04/2014 09:20:24]
AdwCleaner[S0].txt - [7555 octets] - [20/04/2014 08:23:39]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1188 octets] ##########

 

Junkware report:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Kim-PC on Sun 04/20/2014 at  9:08:35.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

Successfully stopped: [Service] web assistant updater
Successfully deleted: [Service] web assistant updater

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4131391989-150066398-3726755509-1001\Software\web assistant

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Kim-PC\AppData\Roaming\systweak"
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0032580D-9CA4-49C4-841D-D0BCEBAF8BF6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{00540842-4659-4FBA-AA9E-C7711D9A3792}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{01AEFD74-10A9-4678-8924-87B933B59580}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{01B09BD1-A81F-44F7-A73E-BBCAAE4C6EB9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{026B3455-06D5-4B30-A002-3F4DB71890D8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{026D9D85-9E64-4574-968C-3E23CA0391EA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0335E5FB-EE79-4DFE-9ED2-60CA6E64BBFE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{045B5D92-AE0D-4A78-B1C1-A7F294452E9D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{046A7103-7F62-44D0-BB93-DB2185559DB9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{04786873-93B4-467D-9DE4-88A9C87BA14A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{04BB159D-FC7B-47ED-8B2E-F1679D846BC4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{04F80639-E116-4346-B113-A90ADD4E891B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{052684E8-8D4E-4CBD-ADFE-C1CD736DB433}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0528D96D-6BB5-4A57-87B5-9A2ABC29D42A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{05AEB03D-9150-4247-93D8-617729337EA0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{062D6342-2578-4743-8F9A-46CD4AD79B4B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{066FC84A-A3D1-4DDF-A1D5-1DB3D2A7C423}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{06A6A96D-81B8-4312-A456-9873D969E98B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{06E59431-3992-4B27-A5F8-E0B6A5A3603D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0752EF62-F962-4011-A23A-4FD6F32CD43A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0767C288-F841-476E-8749-C5747EFD20C8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0767CBE6-56F5-431C-A4C7-DE0A5E144BBD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{079CF06C-F319-4EC8-8351-C4064FA18CA4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{07A714A6-9883-4CB8-86FF-9F67A3502199}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{07B49407-DB7F-4377-9A5A-BC52A6116426}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{08515EF6-28F4-4A1A-A8AB-827BB13A694E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{086963FB-673A-4681-ACB6-62C6B59B4F49}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{08929C24-CC3E-45DF-97D3-1E92FF7A4E34}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{090284D9-80E1-4F09-AEE2-C74A533A4A4D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{092013ED-5135-4B09-88DB-E73378BBE942}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{093199B4-2158-434E-875E-3F8E3882A566}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0A287371-7A21-488A-A420-98A13D0DEA93}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0B374C31-0196-45F8-9DA3-7390F224E1B8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0B6AED4A-DE40-4A49-A3B0-8849C4B15DD7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0C7867D8-796E-4F80-8672-CE6294FC418E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0DB83E0E-0FA9-47D3-8E23-2885437C2C7A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0E39589A-EF00-45E8-B62F-29F8FE43AE25}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0EEBD25A-5EBB-4034-94F8-BFA17E39EAC9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0EFA9018-6650-4441-9406-2A9A09D81E2D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0F1194E8-922B-400C-B49A-0BEA53E3FF23}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0FA28A5A-EE70-49D0-81EF-D4231DDCEBE5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{0FCB7CB1-0816-4521-8E10-D03F772E751E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{10603233-1AA7-4039-98EF-429066DE5E10}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{112DA97B-F0B8-4A42-A301-6FCB17F6ABE2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{115D88DC-F0B3-4FAF-A0FE-78065AFBE6C2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{11DD0A8B-9AB3-4353-9F78-AF7617F820EF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{125D1C75-CC70-4DF9-83A2-C5D0BF3A204E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{12631ECC-40AE-4425-980A-03ED6A2A3B21}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{127C9E15-FF0C-4144-808D-525BD99E4CF9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{12D4D944-6841-4C21-8DBE-A510838191F7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{133A89DC-5BEB-481A-8068-2FA5C266153E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{135FCFD1-B1C7-4A0D-ACDD-70BDC636879D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{13E3125B-D6E6-4A44-A288-0039B5184A0C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{141E3A73-F795-4464-BE46-30791654417D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{145370EC-0C0E-4FB0-953C-9A99701DA0EF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{14D2F764-999B-4F91-B151-03BA20218576}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{14F7AF4D-103E-4E4D-98E8-75DCC1B028DD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{15712675-5BC5-4098-871E-1A94A3D994DA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{15F94C0D-83D6-4452-B50A-BB1C61E11266}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{16320AB4-DD8B-4B0A-BA3F-9E763C9072EE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{16F8D237-961D-483C-BC00-027D9549CAED}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{17ABAA98-6985-4538-BF73-39553C4EB359}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{17BAC006-CFEB-49AB-B7D0-CB085393E511}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{189FD802-60AE-4141-B64E-545AFA606CCB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{18A1E0F9-6F64-40C4-99D8-990A73DD3104}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{18B67FE6-02C2-42DA-82C1-28648C7A93AB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{19AD6892-F56D-4741-9177-703557DD1700}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{19E668EA-5E91-4E89-92E8-87DECC6D1265}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1A30DE91-FB65-4AED-957F-E2955E4818C9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1A605B17-42B9-4F82-B190-A7D4A0DE1B13}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1A825CC0-E44E-4D58-8030-93EF8765C804}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1A872FAC-ABB6-4E99-A04A-0DA4AE970473}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1A999D5D-322A-49B1-B285-80744D4CB97C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1AA57AED-6D9E-494C-99E9-8B0FE2934BF6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1B417E2F-A26F-4969-AE48-8780D2F909C1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1C113CF1-4F06-4DB6-A705-B138AC21760E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1C9DA5F8-5F17-49D2-8E91-C252C7D8C634}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1D99B105-0CF9-489B-8C65-F3642B17F7EF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1E075658-933C-4C98-8E93-D0B04BC85E61}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1E1FEB27-9F29-45C2-9EA1-88EAD97F1212}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1E37EAA5-6215-4CF8-8ABA-A900041D43A8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1E56306C-70C6-4637-9271-315D266AD0E0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1E75B91B-12DC-44A3-87E1-BFD6C1B2244B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1EB34FBA-C232-4B7A-9F82-F5A2F32A83E0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1EBB711D-6BA1-4986-B6D6-7856228F1F26}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1F0D9C84-513F-4BF2-A32C-14C98523B468}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{1FEBA32F-F158-4A77-9084-C45578925653}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2197CB78-9EA7-4125-A124-AD55692EAF3D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{21A7643E-F390-473B-8FF2-2E7D79806F69}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{21FD884F-FA3A-4C5F-9953-1EE2B6C399E7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2226A174-0EE4-4FED-A19F-E8CF815FF875}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{22B8E216-2DB2-43DC-9620-70B3320C7CB6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{22BD8C28-8D8C-46D0-8074-A1BD75086F2D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2330FDA4-B7EE-4853-A512-4B3B951AE83B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{23FDDCCF-02B6-4FB5-B3C1-FDB4BC98B905}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2425E945-042E-4A0C-8E0B-987ECFF80226}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{24B0D570-C963-43C1-9689-9724B2313C6A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{254B3CDF-1086-4091-A276-82F2EF902A13}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{257B2ACE-C2D4-4202-A2CD-CD998247F1B6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{25802D59-64FD-4EEA-A351-92B0B781720B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{25EBCEA3-B1B9-4F20-A363-676B5C0310DA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{25EC0217-BC4D-4AAC-95FC-C19059924BF1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{266D3963-5876-41A8-81F1-6EB69E89D6DF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{268FF0EC-5267-4810-8D25-094509685A98}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{26A71612-8579-40DD-B216-E5515ED9C289}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{26CAE0A2-889B-4C03-A068-CEA30BAA6710}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{26F54914-F9DF-4C2F-BA77-A725F05C295D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{278E9053-2333-4E89-ABAD-60C7B88BCF04}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{27D726DF-5EDB-41DB-B502-6A756E02D1DD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2834884C-7FE6-4D3E-BED6-A1902EB3D913}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{28AE0FFF-DDC7-4FD9-8121-5FE5C6307497}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{28D9F079-F264-4066-9ACE-7CE8C6BD2FF1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{28FA2579-9980-4D8F-A921-2D2656CB7517}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2922E2E7-9062-434E-B6B9-E8AC1171DCC0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{293BE21F-CB5C-4BA4-8DF0-EA492E009225}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{29C80D17-F13C-4CD6-BBE6-2DBFE2EC5CE9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{29C8120E-DFF9-4F0F-8812-22D122F5A589}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2A2F7232-AB42-4F83-A8A3-25642CECF7D8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2BDB2F93-9E6E-4CC7-A29C-1AEC2273BE80}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2BDDD09B-4965-45FD-9883-A3EFB55B1408}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2C33F196-C97D-4449-941F-C80768C046BE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2C47517D-A4F0-4FD6-854F-C7CACC227D42}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2C76A673-911B-47C0-98CC-9CE687B20B86}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2C9D5ADA-D2A4-470C-AD6F-D3F8DE9ABB86}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2CAA3046-7A76-4C81-B95B-A5674FE70A7D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2CC21063-5585-464E-95B6-7A8480A87C12}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2D23C078-D23C-41D9-B85F-94EB91A11F85}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2DB9351E-8AC7-4E45-A227-86D1FD297A6F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2E12F2F4-799D-4A77-80DD-17329D61379D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2E64D37B-A9E8-4F21-870F-D839A8B96A17}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2EE1C3E1-524D-44F1-9222-2520699CBCDC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2F7E3671-50A5-4404-ABEA-94B6D54E5AAB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{2F94ECE5-3BE3-4138-B934-9629C0A7D655}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3017AE7F-9FAE-450F-877D-33417D19610A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{30D88138-D549-44B9-AD67-9ED4BEB211DA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{312DD2A4-8EBA-43ED-B66E-D452BB9200FA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{31358CF1-DEE8-4A77-8B82-7AC052AC2058}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3188F0A8-49CF-4538-851A-7FE5E0903A3B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{31CC3238-5EF3-4E60-AD73-5912CDDA6DF6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{32059E42-1482-423D-9CC4-6826CC8F9942}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{334881E7-102A-45C2-8B5D-804ACC110981}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3382ED27-2F5B-4D6F-A818-8435B33172D7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{33B9FC38-A8FD-4841-BB78-5D7E43B593DB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{33F8CD9B-B9B0-4DAC-94E4-E7B377E3EA12}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{33FEBA88-A1CA-4F52-84A4-7A2219503D25}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{341EB88F-E482-4687-9075-108AAEA0BFB0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{34CF9AE1-8AA3-4DCE-996B-7F7BBE21876A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{34D12526-CA10-4E17-AD44-F9398E5BBDE2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{34EF44D3-DA5D-4641-9A77-5E9178D8C44F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3507CF9C-7910-43FD-9E73-BDF350FD70FC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{358E913C-49CC-4206-B981-B717245CAE20}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{359E1811-ACEE-4340-B7EF-515CEB3FCA77}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{35C71A16-6F86-446F-A5EC-523527B8BB48}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{36104E53-458B-4DCE-A7B1-ED52CFE72B7E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{36CF8CCC-8DEB-47F0-849A-35196E0865A7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{36E76085-52C1-4B48-B34C-A364B15AB503}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3733D010-67D4-44B9-BE08-0F48703E48D5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{37F2B0DF-A23C-4D3E-B4E8-9B6259A9B6F8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{380C2D8E-0D85-45E9-8D6F-309A95DEBA97}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{38DBBBCA-229B-4A54-B230-83E745099672}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{390C31CA-5FDF-4E30-8181-92A2D8492F76}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{393EC424-0B56-4586-B613-1147F997E734}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{39972F85-AEFC-4F8B-9A7D-5F87687CE278}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{39ADD525-2E14-4C4E-BBED-A06060019068}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3A198DF4-2598-44DC-A18A-8DD04D26AF60}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3A5CF046-8E4B-4AA5-849C-1C62E5DCF9FF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3AC32F9E-0894-4BF1-8D4B-8F690BF526C9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3ADD04D7-C94C-49C3-BD40-9CDCC9A5A58E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3AE31BA1-5815-4EDA-A342-2BD052A4371E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3AFE6E24-918D-49EB-B9C7-875C95384B8D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3B07EBA0-5007-4C94-A21C-07BEAE756D78}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3B7E6579-8624-45A8-8262-E6F1322DEE09}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3BC02245-91BD-495D-80EE-D92F292D6223}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3BCCC833-D772-4CBA-BB41-810753C55381}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3BD30331-7B7A-4922-BCDF-09DF89292411}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3C28AC57-2E77-45DA-B295-C9E42EFA0D70}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3C4F8457-CD5F-44BB-BB18-EC0F4F6FB389}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3C614048-200F-4F8A-ABD2-E1A19867B1C7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3D015816-BD97-4CFC-88FD-9266F0083A21}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3D3A8307-47FE-4739-BB30-C3189682788A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3D6237CB-799F-4319-8A9B-4DE8955E0C3F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3D75C77E-5CCD-46AB-BB51-D279BC184BBE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3D95634F-01F1-427E-8962-7AE877EFBD92}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3DD98B86-08F4-4CC5-B96C-FF294B37F42B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3DD98E12-E173-4CB9-916B-42BA53F250F1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3DDC8F1B-7F45-435F-806D-0AFCB61897B6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3DF971BC-8271-40DD-A1E6-FE25E37B19B0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3E01F1E1-F16D-4B14-925F-5BE665BA2087}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3E7C9A55-66AB-4D70-BCF5-7E05B51430B0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3E81AB88-77F1-441C-88A3-7FF511537D38}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3E85AA79-A615-44A9-A2B9-CDB82AADC593}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3EBA1881-4E6A-42BA-B21F-42922AC6E566}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3EBCAECA-AADB-4CB1-B741-15C2939B36B0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3EC51F36-7762-4E76-9EFD-3B11DCDDB65C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3F0F07DE-F360-4C04-8D1A-BA6ED7A23F2B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3F54D052-E3A4-4C23-8714-A68F1300FC75}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3FA5B206-B931-4E3D-8F4C-2763D72BCCC2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{3FE7FF89-DD6D-45F2-9298-6003DF72FD70}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{40003D7D-BAFC-4A93-B44F-0C79A60588E1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{40334D6D-3457-409B-9332-5C53A096F975}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4049F3BD-0CBA-410F-A6B6-B5479C9DC887}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{407B175B-CFB0-48AC-B198-37C3507D06BE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4134F49E-A7C2-4C88-93C8-F78C5D0081DE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4166E174-730B-4E01-A71F-73506D41439B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{41E8D84F-47A6-4225-890A-A301715B65CD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{42448DF1-217F-4079-8DBA-9238CA046992}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{43090FB3-0F8E-4C01-8E6D-67205D3C2EF2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{432E9731-7905-4A27-86B0-BDAA5E75C09F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{43760EAE-94B7-4A58-B217-67234AF0C3B5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{43827020-4C7E-4DD5-85CF-0C3F5A402A90}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4424A16F-71D6-4E23-AA34-8ABC154FA71B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{44C6B041-BF1B-46C3-9ED8-1BB1CAD68EBF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{44E43D57-C8E3-40F3-9785-FE33FF4221AA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{45D4E326-72A7-444E-A826-59F83F0F663C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{45F65C7A-3F0A-4EEB-A356-540E556C1D47}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{464ACC65-A576-4B90-AD6B-6114F4831823}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{46CA2187-E6B3-435C-9A66-EF3113B0EEBD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{46E592EA-7DD3-4B4F-8F0A-788B9E8B37B5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{46E69D2C-9BEE-422C-85A7-9AEFFABAD50E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{46F1D357-2A25-4681-B197-36D52DF1168E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{470F1402-BB8E-4F63-9288-9B852FA9CA42}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{47A4CD44-7FC8-4CB7-A620-8361E5C31B18}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{47DCF5C8-3D2F-45D9-AB43-72F2B927E52B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4881A72F-886A-4A6A-9737-B3A11279DD56}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{489520EE-F7C8-460C-9E0F-F8DA237E0927}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{48B95B71-75B3-43DE-A08E-52DF9F4F850A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{48E7BC9C-FC10-48A9-972B-51D84F95A44F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4951BE68-E4C2-4E49-A554-BA6F1C135734}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{496EF713-9C26-413B-88F7-987AEFE313C1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{49969334-F875-4382-84F1-2CA8026D62A2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{49CACF62-25FE-4D7C-B5AC-79E4BEFA5CFC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4A076D49-A277-4371-879B-A2CB8ADBD43D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4A99450A-06C4-441A-B353-8AB579B86531}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4BF83300-6F42-4340-87CE-E332D744CA4A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4CB0A84D-DBA4-4612-AE22-FBA4C4E5A57B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4CC9382E-8641-4ABC-9350-13EC061FC7F4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4CE910B5-4F81-4A78-A405-8F2DDBFADD15}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4DDB1653-87BC-440E-A798-4A26E8395CE9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4DF8CCE2-4F06-41BF-A45C-075DF3483D10}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4E07B901-B5BC-49AB-86AF-89AE01FC6337}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4E4C25B3-E7FB-40F1-AF13-952D9953A33B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4E6102ED-813B-47D5-B06D-1A70AC24D5D3}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4E7024B9-6F7A-49FC-93C1-4C5CEF9E1B90}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4E954DF8-9BCD-430B-8DB1-4E70B9E4E6DF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4EA4754F-D586-40BE-8C7C-DB3D3BCA4590}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4F79AC3B-12E9-4C9D-895D-582BFE64AE28}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4F8A32C8-8B81-4F79-8B16-EF3E4BB37007}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4F97A065-F9C7-4A18-A511-C11FB35436FC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{4FA42E55-10A0-4E09-A81B-E03BC6325E44}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5010AC3B-1272-4A80-AE7B-2A0A39B74AE1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{508B4B84-F95E-437B-9BCD-A6BEDF4C493A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{518C8D79-FBEB-48B1-A529-6BD133608D38}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{51AF0AA3-7178-426B-A224-CEB4FC3C6190}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{51E79127-F958-4BB9-BA24-677D2FA70E9F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{51F0F21B-C762-4982-9368-B579A3FE9193}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{51FF60D1-8D6C-49D5-ADE5-D652D6EC8644}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{53287340-BADD-4211-B1B7-3B8B301E3C50}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5394E503-A9F0-4480-8375-DA2248A9C491}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5421AAAA-B58D-406B-BD32-8E8F5E458A3E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{543A9A89-8806-4EBA-B72B-D31D49226753}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{54EC273C-F802-4628-8B64-9C9642996A18}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{55362AE6-4203-4CD2-9537-3D3CAE939FB8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{556D9293-8860-4F15-95C0-86812F740F1C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{56B91A54-0287-4AC4-93A5-4FF99935DADA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{57237E36-5682-447D-81BF-D7A96661868F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{58027590-B678-40B3-98B5-8ED989EBB1E5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{581A3355-FB74-4F6C-9476-0975BC89F63B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5843589A-9D64-4EBE-9329-3BD55ABDB59E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{58B83440-3075-4458-8C2F-6FFF96BF79FB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{597C489E-4C67-4124-8543-CEC625DF9459}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5AA6C8B3-8903-49C5-AE8C-3EC65996220B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5AD18D13-A006-45F8-A6A8-9FB91DE6275E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5B5E619E-E2D9-47BD-9F2D-CEA7A2C17DBF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5BF41224-4F6E-4779-ADC6-AEBF9650C3E3}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5C0FB8C1-70EB-44DD-A08E-C395DA9D812F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5CF991DA-33B5-493A-99D8-1596A8A9B671}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{5E6525E6-1450-4F5C-B92D-E2BE401E0A74}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6050271D-A622-462C-8880-5EC9C1307ADC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6081D534-D035-466D-A7E9-93BB758DDA81}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6166A9B9-6B0D-4E56-9689-B5BD8F2E64F1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{62AFDD02-A071-459D-9957-49110AD27B2E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6305AD6C-0562-4108-B8FF-0333EA926F14}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{63869E7B-E85B-4FB1-A14E-E22F857987B1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{63A7C630-3D97-4F9B-A086-30CBE79D27A3}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{63A90749-9A1D-4DAD-A75E-BA27A86B8868}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{63AE0247-5C43-4318-8DBB-18D8F85ADCF8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{63AEB7BF-F048-42A2-AB59-91C59D73A55E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{63EA3309-275A-4D7B-9FB9-89E58ABA2372}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{64A842BA-8980-430C-A19D-B54E869C6DC0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{64E98DA2-8320-4FDA-B839-61790CD0F22F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{654EFEAF-6C86-41AB-86CB-933D7DD9D948}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{65536235-AC82-4709-B716-260B08D4476C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{656C5536-8CA9-4E07-B678-FF34B975E5EC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{660BBC4F-C8CC-4985-BAAD-435DA1FC3CB4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{66A564EE-816E-4B53-A918-BA6BC0EA6BC1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{66C350B7-BE99-4168-A6AE-9AAB0B14D8D9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{66E66B83-13F9-42DC-8697-14FA25A31D43}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6762AF69-A01B-4B7F-9E43-20EF04DBC5C9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{67867832-9E87-44C7-A348-386EC8DE0E5D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{67C14A51-55A2-4195-B8EE-ECDF02F0F28B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{67E315B9-3420-4911-9525-64BD1F84363C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{68123968-C01B-4FB6-B4D9-0CA1FCF9B876}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{687F9475-572C-452C-BD4D-1CE8624ECABA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6944876F-DAAC-41C0-8720-34802878CA52}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6951428B-5487-470B-8949-A01737D62FCA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6A275B8C-B71E-41D7-9B77-AFAD0D97323B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6A775CFE-74E2-4DA3-BE60-216F79624A57}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6AE48AB4-5569-4F1C-BB38-A8FDAC3A5CA7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6BC1E02C-23B0-4A9A-96B3-28B4F5CE48F5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6BE4831D-9985-43B0-9DB0-FA9B599421C1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6C0D783F-BDE0-4566-9D3A-B453CCC1B7AB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6C0E258E-C4A8-4D85-83BD-EAF1B5B37F88}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6C298060-B2B8-47CF-97C3-D332F699FD19}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6C653093-1887-4A5C-83F8-111EE7BB28B1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6C91F144-9618-4909-B99E-E30F3F06DAA1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6CA7AB02-995D-4CD4-9F3C-2BE58C2A48E7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6D5C8004-7FE0-4125-A464-0E070E38C856}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6F2DC191-0BE6-4E46-9D30-0D7AA8DCAA0E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{6F769FB8-5B3F-4E83-A497-BB26996A1DB5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{700E8F7B-FA5F-4F60-A5CB-2DC2FA252A1B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{70E35C6A-CAC8-48A6-AD32-7A81AAFEBC7A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{70EAF13D-9193-440F-AB84-15456F13EA3B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{712AAD15-42A3-4FB4-B7ED-D69400AF3516}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{71C9D598-B111-40BF-A49F-1EA618DC2550}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{71CCC544-512B-4803-AFCE-665C795F8288}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7219B67F-F849-45AF-B1EF-7EDDA4F7D991}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{723545AB-DA3C-497B-A643-564F5349E853}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7293F12E-7C18-4E64-9D15-BEFA029BFD9A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{72EA8ECE-5ABD-431D-8554-954882AA6C02}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{73616F93-2580-4F15-AEED-E0B700ED2F07}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7450AA02-E3BB-4224-99F4-30C370776E8A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{74ABB4E7-2F54-4A8E-838A-961B0E954689}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{74AED084-C9B6-46E6-AEF0-FF6AFE049B63}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{74CB55DB-18C8-4AF8-B5A5-EB36DA6BCA12}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{75526882-470F-410E-B3E0-0DF647FF5ECB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7659FD92-EEA3-4B27-B91B-1CBCE6B2F343}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{765CF26C-16C0-4473-9D24-4D4FFF22A5B5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{767FA109-C5CE-4C66-963B-679BE392569C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{76B4F086-9533-4E55-BD7D-653A557A6209}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{76C3A36F-A84E-414E-8427-28B11C147173}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{76FC06F0-AED5-49DE-BBFD-34323A4DCEB8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{77D327CD-B4BC-4699-A2B2-4ABE3BE8E78B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{782C573E-9E1F-4192-8523-A13D1528B413}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{78338461-30BF-4313-A82A-DF8167B62233}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{785BB723-0905-4D2A-83A3-F98045F0E72E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{78849A5C-ED55-42B1-B55B-55A5FE1ED212}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{78884D66-B9BC-4828-A69C-D94477BBE569}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{790E6550-A64A-45E0-98AD-60B7A6932087}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{79761D73-CE45-4F8B-8119-BF462C00B158}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{797625DF-17DB-402A-8067-B903150A7958}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{799D2579-9C76-4038-8B6B-0B1EECE3CA22}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{799DB0EC-92EC-40A9-BA56-5472C4F427EE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7A9EF975-BD8F-4137-8A8D-708C9E766E0A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7AA3EC23-96BB-4BEC-B932-FFB615F1005B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7AC471F5-7568-4BC1-9696-766F6CC6DC04}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7B06C67E-B734-4C77-A566-D5648071BE20}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7BCA4D6D-0283-4D03-B143-0958679F2040}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7C045936-C838-49C2-B593-91E75A12AF10}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7C19D3BC-ED39-44D5-9508-9AE62ACFCB27}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7C64EA92-2F53-4F54-9AB8-D51BCD9CA4C3}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7D3AEBDD-0ED2-4810-96D0-ACB26792583B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7D3F2771-7B67-4A55-BCA4-BE61F9D819A0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7D60E030-799C-496E-AC94-89F4FF1EA075}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7D85D6D6-FABD-41D3-922E-BEA9B10DAD44}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7E2574B1-C621-4478-A64B-8B2207DE2F4A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7E7666AF-7584-4AEB-AC5F-BF28E9B97001}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7F3773D0-8F92-4F42-9E6A-D57610510A61}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7FA04E7F-F22C-4F27-963A-9685AE8BAA75}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{7FD3848F-246B-4060-9444-D6FBD8B3F44B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{80160299-A072-4AA6-BC3C-2379A1EC77AA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{80466351-E4CA-47DF-9F41-88E9313119FF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8087923D-5F54-4939-9592-0A5B3ECE11A9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{814BD92B-C28D-40B7-96C3-5B671DF9CCC9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8151AED1-910B-4841-BCB7-7DFBCF0AB79E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{82118D36-1C1C-458E-83D5-904773E05B2D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8211A623-9922-4A4A-AA0A-699B8AE799DA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8232B2E5-4DE0-4151-9D0C-D0FC9B094412}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8259B04A-E6B7-47B5-8D79-F12AFA2CAE8B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{828998EC-F898-4AD0-BF7B-4008D292BD06}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{830ACB65-05B3-4F66-B4B8-25D9503009B5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{83BDB2A7-AA33-4F50-8A30-148E6CFDFEFE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{842D6C69-B46A-4224-A28C-1222C5CCAF65}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{845A1FA6-9B51-44BB-9B38-7E09119FE9FA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{85108B66-1031-497C-B4CB-629E6C3B4E1A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{859932C5-6327-46B9-909D-E0C08C702A05}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{85D414F4-3691-47DB-9AAD-F21924D5CACF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8626DA99-19AB-4E29-8E0C-E77325D83C67}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{86CE21F2-39E0-437E-9A06-168C7E995945}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{86DCC4C7-8DD8-47BA-A3AE-876327DE7BC0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{86F260E5-F13E-4CBF-BA03-69E101D45386}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{86F4931B-14F5-44FA-9DE0-9D9AEB403941}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8756517F-FA72-4F36-97F7-3F39D49D1EEC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{878D90FC-D13F-47EA-AF35-5BBA34816FB8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{883468BE-B727-4188-8AC3-B26C2B3FB473}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{884B7FBD-D6A6-421F-A2F5-254587539782}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{884B86BF-D03C-4B1B-AA71-511FDB967FBE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{884D9B4E-0E02-409F-BD82-10DE098D1A61}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{88DD66CB-7412-43E7-AAB9-5986EDD437EF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{89415832-E216-4CCA-8F1D-D920CD77C98A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{89714292-9B5A-4DEA-845B-65C86802378C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{897C290A-2810-44AA-A874-79AFE7C91C4C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{89BD6C79-BD8E-458B-840F-098C92722081}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8A070D99-C429-4EB1-B09B-AF74AA0AD2D9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8A1E6111-C09D-4D18-A20B-11973FB4C2C1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8A7D0C0B-1FF7-49EA-8AE7-36DCB11F7960}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8AB2E170-3FC8-4E74-87E0-A2B6DBCC2524}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8AB4E29B-8631-49AC-A1F9-575EB68E2926}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8AD33207-4BB7-4061-A409-3E998F7C94C2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8AE54A22-07DB-4904-B358-49EDBABE69CC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8B2B64AE-2428-4EC5-886C-DF4C7B022480}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8B528E92-FA49-4C2A-A33B-FE77FB54666A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8B576C40-31F8-4BD2-BB4F-80CA149EDCE9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8B722346-2264-472B-9A47-09C76E218484}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8BEC7E7B-414B-4A1D-9A85-B9E064536D61}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8CB6F32A-4C93-4C84-9121-3C0069F188E5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8CF05BB5-6A2B-44DD-AFE1-E7920A3D5D8C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8D2BDD55-A03F-4D47-9796-9A3ED2AF0C90}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8DCABE90-B29D-46FA-8F90-645858F98F31}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8E045DF4-A5A3-4ECC-AEB7-FCB7DB2B8146}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8E128F0D-222B-42E1-98DC-972E1B6F8108}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8E606CB6-A1C1-4D8E-A0BC-8989F60D2CCD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8F2CE79E-CD69-4366-AFBE-091AA20828DD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8F2FDF68-3BF8-4EEB-9453-9556735FF7CA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8F34099F-16A6-446F-B9F9-8FF58CA8128E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8F344A7A-0C1B-4D92-93BD-767625B54BEC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8F93E959-ABAB-41C9-9A34-6570C5C79F4D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8FDE40F0-AB5C-4625-94C8-D198A7AA7041}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{8FEF8694-0F40-49AA-9F2D-D30C7C99AD8D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{907AD55B-C942-4373-B19A-137834440B68}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{90820128-5ED6-4EC3-B584-2182E533AA5A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9176D694-7D8D-4EC8-9E5C-B9423AF3FC95}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{92688783-8889-42B6-B171-2175D0956768}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{92AD16B4-017B-4ADB-90DA-76EFB67F6085}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{92E1AFC3-D7E0-40C2-AA16-B04FE609EDA6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{93368FDE-1E3D-48E7-B8D0-3776686F5954}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{93B813CB-61DE-482A-8D2D-297194961459}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{947A0D3D-A039-4FB4-B7E4-3F312FEB4378}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9494F63B-A779-4649-B78E-8EC4F6EAB499}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9498706A-190D-420C-8801-46F366CF9D46}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{94B480D5-09EA-4E54-B1F0-362D6FEC0533}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{952B7018-17B4-4820-9DAF-AF392D2F54B8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9540E5E3-F8C4-4954-B40B-A10F33795DA4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{95500578-46C1-4D0C-98C2-08C495CD522B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{95C05584-B88E-4133-97D1-5D2D18898708}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{96263E8D-065A-4CD5-96FD-76C5FFEFAF09}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{96A3BABB-A916-41B5-AB9D-689FBD55A437}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{96C1DF6B-7F9D-44C8-A702-B0EAE2985A3F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{96EE68F8-1723-44C8-BEE1-A8C5B252411B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{970A7C9E-A923-4B95-A4F4-E4932167BB22}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{973B7D5D-EB3B-485B-A035-565B3940E1F6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9761E2FA-6BFF-4741-8406-F5091C55AA52}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{97C71566-F7F1-47AC-9D85-4DD4451BA8C5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{97E89363-2284-4826-A043-9DB8C2128284}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{98279061-083E-4ADC-8D11-D61AF14D3AF9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{982A0AB7-4F44-4BD6-81E0-A40BA5759DA7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{986CCFE2-97E6-4E89-A313-F6FD9386EBD2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{987B81EF-DE92-47D6-99AF-694C309E479E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{98AC8138-0C69-4479-B0F3-3FEB2C6679FF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9905A396-2634-44B3-96F6-2EC2511FBD5D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{993EAEB3-3AE9-4D0D-9613-99A6E4DAAC43}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{99D2A28E-CBF8-4A2F-B6AD-48CD5113CCA1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9A6377C0-1B79-495A-B264-8E910FAE7F2D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9A8DDB6E-EFAC-4DF1-B47E-77A76AA9A9D9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9ACC7E4A-C43C-4556-B7D0-EE5E804508E8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9B21B846-37B9-4416-A86A-037B610D300B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9B241871-797A-48AB-8C43-7425EBD47043}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9B75120D-DD1C-4155-A398-7C3581EF80DA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9BB6F1BF-3AB2-4D35-BBAE-43747D5F59BF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9BD88AF1-BE7A-42E6-9832-BC4E14C833F2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9BDE8A23-326F-40EB-8D89-EFC894D5656B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9C26DDAB-5C90-473B-9ABF-A09D0DF0EB2C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9C6BE6BF-D0E2-41E3-BF09-F557E82ED83F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9C6DFD14-8204-4420-9961-A44C85B783D8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9D417560-1F86-4279-80E9-87C872755045}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9D78BA6F-BED5-4743-8300-FB7A094B1602}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9E10C6FE-048B-4331-8989-D0DF7F30EFBD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9E2725F4-47A1-4C43-B824-AA52429F5558}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9E437D40-EE5B-4716-9458-9337F85C3A6B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9EAE2FCA-A88C-499A-9AAE-228906B05C47}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9EAEE849-0787-440A-8577-7FA9ADD3DC75}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9ECC9F08-682A-48DF-A6BA-581B184EE2DF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9F18A7F4-DECA-455A-A992-F658CE7786FB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9F462DC6-4DE3-43F6-AAA6-8A50FFEEB2B4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9F6E6D88-1DF6-4644-B917-7DF46A3D29F5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9FCEFA11-2FDE-4DBB-8619-13D2D498F209}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{9FE85749-F05B-4745-BBCD-8C9699AB805F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A03D45AF-31BE-4DF1-B0F9-FB0BC8026D3B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A044870F-677E-4918-A116-6C64706C4291}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A0AA3702-EB85-48E0-B10C-6FDD27F3902E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A0AFF3DF-B114-4D68-AF07-B249895902BA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A0C8F5CA-0231-4591-A348-EB26DC35EBD0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A122BB12-69F5-40DC-B7A7-B498CEEFA95B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A1A22509-4963-4659-A3A2-B264994371FD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A1F446F2-F122-4B8F-9383-4119794242AB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A24EA79F-7CB0-4F5C-836B-955B316F86C9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A28AB35F-4EE4-43EB-AC2C-D3A42520A3F4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A28B986D-CCF4-4DC9-89A2-DB5A818F4781}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A297B730-E732-4550-90C1-2FE3E513C0DD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A2C87F71-177F-484B-9D83-28D54A4FAAB2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A30FAA5D-7E92-45B4-998A-7E2F48B894F4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A39CEABD-5346-4108-9C34-536AB50542AF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A423762A-F644-4B33-B64A-11031F22230E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A434ADF3-2829-443C-AE10-ABCE796B7483}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A461E3AA-7BD6-432B-A987-CDCDE243CE61}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A4625C1F-B375-46E7-A7FA-E3F0D4D96216}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A47E3DFE-E961-4696-8153-424B5145EC8B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A481025A-6AFB-4DE2-905A-C675726E93A5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A4B9BCCC-FC45-4448-A80A-9EAE62891B4F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A4EDF6EA-481C-4D11-BE8A-8B682EDD7305}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A53CE796-1857-4070-B38E-9212A72D84A0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A5651630-1FC1-46F9-801E-B2D63E42A162}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A59046DA-FD5A-4CC2-A9C1-0068AFBC2652}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A5E7288F-AB21-4F0F-8356-113596129673}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A5F8D148-0AEF-47E6-86D8-786D66334694}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A6647F65-FA8A-4270-B5CA-D1717165F107}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A68043E0-3A67-4B75-AEA7-5BBDD093747B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A7577FDE-E21E-47E1-BA03-CAB06ECF09EE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A769D05E-07DF-4C4A-AA57-1552AE25D9E5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A79B81C8-DA05-442D-ACD6-7C524DE29F1F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A7EAE17B-5085-4F1A-92DE-C69802A09D43}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A8425206-F12B-4A5D-A84F-D8E0A626AA58}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A86CBD6F-75A0-433C-8B94-164140BA8078}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A872C993-62E0-4D07-9859-8DB32A4454E3}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A902CB5F-1672-4BE3-9D48-A6A9ECA0364A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A935F89F-CCB0-4410-9A5E-216A3F6449FF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A93BDBE1-2BEF-4557-BB49-9974847C1EE3}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A96BD3F9-4755-4CF0-88CE-6E18FD9F594A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A97B0ECD-9300-4F45-96BF-C34D408F948E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A9AF3F25-22B6-4B48-A866-728CFAFEA4AE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A9BC5217-F5FF-4AF6-9512-472E81F47B23}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{A9D01B0E-CF78-4AA8-9731-B73320D754CC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AA057B2D-9822-4976-801C-08ED372171F7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AAE57EF0-211F-46D5-856A-DFC6B2AD5486}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AB6038E6-62FD-439C-B731-97E2C274B2A2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AB8625AB-C147-414D-8D46-FE07E1B4645A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AB8CAA9C-BEBA-455C-88D7-F32949319D63}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AB8EB48C-FB5F-4B5D-8021-8583DE53D4B6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{ABE0BB2E-8B3E-4179-A7D3-0EF6A62B7257}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{ACFE97AC-14C8-4844-84F6-F59625906A82}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AD46E6D4-4668-4592-9913-450353417760}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AD4B22C8-0CBC-4D52-B948-DCDC74C7A3F1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{ADF5A96F-0B1F-4D91-86CD-866467E02420}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AEDF1AFC-9FF9-4E12-941C-DE8A9E3FD26E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AF701D8E-D770-4AF6-BA07-1C236A494F67}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AF85A727-AF0A-4075-8710-D6CD027724DD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AFC11106-BEEA-4F6B-802D-CA2D90374AE5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AFD40FB8-0FD2-49BE-A932-791F26CCEBB6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{AFD63464-7C2B-4CF9-9EBA-FC3CB82145C5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B07EC4DE-738D-4E76-B777-9B68FA0973BC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B1543353-298D-4916-9037-EA5033E5D885}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B15743A7-9558-4969-825A-377F09100127}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B158B6E8-401D-4CCC-AAE3-AC06B034A910}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B1A3D873-5792-40C0-8BED-E04A5682DD84}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B1EDD402-4727-458A-B112-E7D739975FA4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B20A18DB-4121-4918-B545-FFA8D975DBAA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B235FC25-53DE-4FD4-BD85-4D80C8F4B6B1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B27A8BEB-277E-4A67-A4E7-30086D36A548}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B284143E-8FFC-4871-B6BC-91183D86550A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B2F05668-E062-4AFA-8370-71F9F5316A9A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B30E072E-CEEE-4DB6-9F3C-EA56BB3A7EF6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B32D8C81-BD95-4779-A71A-1603EA243BBB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B3E3B1B9-8EB6-4A14-9E47-7BBE70BE70EA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B3F63DBA-036A-4A43-87BE-861C5C1511A9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B411E1DE-1AA5-40E9-81B7-ED143E240E3F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B47503B5-B7F0-4F25-8F0F-756F1FEC72A6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B4975568-1735-48DA-B5E0-2930A51946CE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B49D63C4-87ED-43EE-B6E9-F45428BF65EA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B52E98C5-5291-4F3B-9767-80B6E3C825F6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B5EDB9E5-BACA-4A14-B002-023523E0F8DD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B662E707-BFE1-40FF-BDFA-F2837046B76E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B68CAA28-3234-400F-8182-F06027A6F715}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B6E2A7EA-BFC4-4A27-8EE1-4B047738D94D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B6E43341-994B-4A21-A61C-56DFAB03110C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B72F2143-BD8C-421C-A05F-21AF282F72A0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B731D83F-B3DD-4DC3-959C-4907A4523D79}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B7D061F3-4D9E-49EC-AF1A-F31E1BDEB60A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B7D65F8A-987C-4A9C-BE89-D9ADBF181EC2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B80BE10E-7BCF-41F8-90D6-DFE0FA56A833}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B82369B6-7338-4B35-933E-1A4112F21C7B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B8747A6B-0678-414E-A86B-ED66DAA6B65D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B8C0353F-5D06-4343-8FC4-B064D296CB77}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B923D710-60AF-4962-870F-DB8B10C8A776}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{B93F22D5-6AAB-481E-AC87-66D66FD676DB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BA2D0C63-88C4-40B8-B5AB-ADAC6DD43B4B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BA4E105F-178B-4DD7-8BD2-16C8716D2EF1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BAD19C7C-0827-4FC7-80F1-A0439988FC5A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BAF239F7-2741-42EA-A44C-0071796358B9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BAFE9619-F44F-41B5-94FD-8296EDD16874}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BB39B4E7-5802-4A2A-99AC-ACB0DA5AE4D6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BB402B4E-3FBC-43FE-80C8-CC2BCDA194E8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BB408DCE-EDE8-4EE0-BF04-F70B13051D24}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BC239C0F-95AB-441E-B574-F3D17F74F799}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BCFCEE97-C11B-41E6-87C1-A523BF2EB9A3}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BD2EE7C2-0210-4A1A-B47A-A32AB54FE5E3}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BD4DEDFA-6C5C-4844-8BD5-36A51B780B37}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BD7185B4-F393-4EF4-B37E-09FE0C68D69C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BE149970-8184-4990-AF18-9A4C14A2ABE8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BE968643-374C-4631-8C2D-4194FB90DF4F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BEDAE79E-F430-4093-BDFF-913A5541671E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BF07BC91-624A-4CAD-B286-E8ADDB200B03}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BF21C076-C662-4795-B6D0-35895EBB85EB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BF78E883-800B-4CBE-8394-C4513F34829D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{BF8EA588-A639-4118-87BF-D232BB7317A6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C061518F-4183-4E6B-ACCA-D2D984263F07}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C09B4DA7-3701-4DA2-86E2-63CC663850D9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C0A8DBDC-A856-47A0-930B-F5C58FA24DE9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C1915A1D-3FA9-43CC-A03E-AE05ECDD4208}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C19D2498-5425-4F96-B0FA-BD8A01EA9AAE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C1DF1091-E3FF-465F-A66B-4E69960D7A83}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C1EC9FF2-3E69-4580-B758-D3078B49611C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C28466A6-3C37-44BC-B16B-5012F08DD53C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C284B70C-3E3B-47C9-8A04-8EE979CC77B2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C2864C05-692D-4537-AF1F-712D640BEDB9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C31EC2E2-01BA-4120-A522-B0F5755B0584}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C3FCD330-1851-463B-914A-C5DD87630D6F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C400E9FB-95A1-4BAE-A0BA-5F41374AE295}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C437DEFD-DCFF-46D1-BBFD-29E5D63C42D6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C44B7631-5DF9-41C6-9A2E-8FE82FC98BCF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C51E5547-FF35-4F1B-AE81-C98A9494236B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C5D272AF-E213-4ECC-8194-0D19E625E11A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C6731AE4-1C06-40E7-8C95-2EC770F07742}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C69BAA06-A47E-4288-85F7-AF6256F37801}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C6B0A8E4-DDF3-45C3-9C54-95FFF0C4044F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C6F4E4C2-1625-4BC2-BA7C-AE38D16342CA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C7A441EE-FA09-487D-B711-3A2B7C78B12E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C7C185F2-0254-48FD-A80C-189E28BD52BA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C7CD1C88-D2F6-4FDF-B447-CC66573358C7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C85B4254-E0C2-4680-9FE4-EC0AEE41249C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C8713AFC-FAFB-4242-94E4-6DB2094CDD04}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C92BD23A-D278-4C27-A480-9C7AC15921FF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C94ADC8F-93A5-4873-9809-50DCF2A0E230}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C964D4BD-6DCB-405B-99EB-6A35A60A3930}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C99BF371-702C-4A0E-ACF5-3407C6101AC8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C9A5376A-8EAE-44BA-8879-BE5B45A15E48}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{C9CA2D42-69EE-42CE-9B9D-0784D120C855}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CA3933A0-3B52-4C57-95A7-A0CF564B2F11}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CA70F6E3-A294-4EDE-8C73-90D07583E619}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CA796998-652C-4EA6-9D6C-7C8069DAEC8B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CB869EC5-4767-4F51-A8D5-6B0447465398}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CBAB43E9-5F51-4915-85BE-A969401C1D4E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CBC2D301-BC4E-46DE-A9C7-EAB34DF6992A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CBCA2FBF-785F-4D2F-B44A-912E9B83D89E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CC2E7E77-FEDB-4B4E-8AF9-5E1AB7A82B10}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CCC321CE-85B6-4C39-84D6-EF91F0951847}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CD082DCA-E697-41B0-9591-22D332435F2A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CD3D6C10-29FB-400E-8C2A-DE6A4113F87F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CD5AD78B-8F5E-49EF-A0F3-95435944E89F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CDFA1A27-8D19-4268-BE0C-BC364BB6044C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CE3BF81D-4418-4380-9ECA-0F98E577F7C3}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CE90FCF1-CC92-4B53-9ED4-7567BF9D9631}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CEB53587-2327-4A96-8188-51ADDAAF381A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CEE11930-315D-41EF-BC20-C16CD86977E2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CEEFE8BD-87EB-46C6-9EF5-E9175B581654}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CF1B8CF1-AEFB-4F28-9E69-811F13629E76}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{CF4ADC5C-2D2D-462F-8559-4D1D53459A5D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D033392C-8E12-45F3-818A-A4F612252B8D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D0830D36-3B9F-407D-9521-42BC59673814}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D08C0152-2494-4805-B1BE-FF5658647303}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D0B0E367-DFEE-43E9-8453-08B6E469E65F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D0C541ED-3E44-48A8-89A3-1002B529809E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D0E22DA5-57BE-4077-BD71-87EB5F13D514}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D0FE9474-91A2-4160-9A0E-2A20E24553B9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D10F17EC-459E-4CBE-856F-A00377690658}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D11476E5-245C-4F1D-A67A-87E2786F092E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D12B07C7-7BE9-4514-A3C5-43D3E38324C0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D14BA6C0-3A58-48C3-8EAF-C06180E2CB78}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D1D34ED1-9DD4-43A9-A5D4-5D8B2640B718}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D1F3B0CD-FF27-48EE-B2DC-F0CF7DA4AC0C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D2471E99-545E-4EEE-ABC3-94A4D9D43990}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D2DE5F16-63E4-4C51-AFBE-92A1204FECAE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D4644030-12FE-4752-8FBD-EB605F1906F7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D4816FF9-4D25-43E1-AD29-A1AD741E6879}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D4D46ED5-5AF6-47B2-B1E1-83AAEC6634B5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D4DB4409-C5A4-4B53-8904-B192403AF81C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D6711C0A-3FCC-4208-BF37-4E7571A9C6E1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D690F919-866F-4AF1-9BDD-A3CC813382B4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D782B1EE-487B-42A0-AE74-CBDF964F266F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D79AE99A-F3ED-4E3D-B3C9-E595208AAB59}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D7DE5AE7-CB51-4233-9F9F-F3E0EE14FBC8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D80EDAAB-3FC3-45A3-A4C0-F03D1CB29CBD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D8A204C3-BF09-4F11-A7A6-F64F213A796A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D8F4FED0-98D8-4528-8555-B7BD0FD3C3D4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{D8FF8351-28A7-4949-AF32-6EFBDF96289B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DA6365D8-C50B-4906-8391-1E0F4CCDCCC0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DA6FDA35-76BB-49EA-A772-C45E385E878F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DB0337E0-8F22-4F3B-B543-363B0450BAB7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DB21714E-FCCB-482D-995C-3E0FF65D15D3}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DBFE0986-53DC-4057-9F54-10D2C95BE3B7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DC3909FF-93D4-4359-BDD5-DF6243502E35}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DC8F78A0-3906-4B17-8AE3-F5219656F489}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DCCA01A2-BB47-43D8-9B51-F9A7DB0C0468}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DD965A15-F511-4613-9CC3-686BEC864982}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DE50BD58-3F38-45B4-A30C-933E4E4D282C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DE5F16BC-20CF-47AD-9782-6D9A5838FBDC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DEA509ED-C7FA-4D71-BB10-C1A690A84E44}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DEDD37A3-B33C-48BE-A7BE-EF0AE7D87058}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DEEA2A7B-C31D-4A7B-9D46-8EF146FF8EE5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DEF93024-BD5A-4CEC-A6BD-0FA892326DB6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DF1401AE-46A2-4E41-8D54-87F4E9D161CA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DF4E3BA1-0EFF-46D5-A9A7-417233A304B6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DF821C0A-0906-4C64-8929-897C4F1C1E40}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{DFB219BD-99EE-4DA1-AEBF-CAC96E1F7114}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E021432D-2E45-472C-9EE1-2F392990F48C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E0DC3CB3-BBF4-4FD9-A19F-932F39CB68B4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E113B36A-ABCE-4C05-A45E-AD5B786219FE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E134D7AB-5C99-40B4-99B3-FDE23B870CA1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E147CF0B-CCD6-40F5-A830-C11AAB480E78}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E15D7693-66EE-4CD2-9082-4F90EF2AD8B5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E1C513BE-A43C-4C07-B57B-F30759C5CCFB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E27B2484-8419-423F-8CFE-13E23E17924C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E2EBDFF1-7AF3-4CE4-91EB-38C7A1445C00}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E378624F-3E7C-42F8-BD53-8D3D25647226}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E3AFD9D1-BABA-48F3-88C5-60DD84EB1EEB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E3B6AC6E-D6AC-4976-ACA4-BCCBA091EAE7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E4780D8E-338D-409A-85F7-E51F1675D726}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E4A70F8E-BE00-4B56-AA49-4C5E6B0D90AF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E4B50225-EE02-4B26-A877-DA351F0F2F64}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E4BC5736-4711-4F04-8016-1EE043B6E2A8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E5260925-E89F-42C1-86B1-DD4293EA6217}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E549CA90-3826-4D8C-AF8F-F4C6BBFFFFF2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E5A70B72-C9ED-4C01-ADBB-A25B3BD71C41}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E6C510BB-168F-4F63-A5E4-9AD1CFB84EF7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E6F8465C-CE4F-452A-9F49-348893A2B088}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E70B78BA-ECC2-4A84-9D73-645A7F3ECC10}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E73C13E9-0A1A-427E-AF63-B2026D2F3888}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E76557D0-C9FF-44C9-B454-59E44E59A34A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E79E9FC6-9E12-4AB9-BDE1-EFEACDE9B58C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E7A03B61-6808-469E-9F7B-6B71F5D7BAF1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E7AEF430-EFDB-4519-98C5-4E6E2FA52213}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E8051051-876D-4B53-A4DC-EF140743236A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E83628E7-5AE9-4C1A-B49B-3773A2347937}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E83F7750-AA08-4353-A96B-F757E0BE561C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E8470BCE-6FAF-4F7B-91E3-30214546EDAA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E85E89C6-C224-430E-8ED9-6E8AAF055234}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E8F8D9D3-5B98-44B2-B5E5-8DBBC91D88DC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E8FFF6D8-DD80-4513-BA85-B634ABDE4438}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E9D1DC43-0B0A-4094-9EB7-518B6BB56778}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{E9D64D65-A329-40FE-8D6D-EC7F6E11BC0C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EB50E6E4-2D3E-4033-8692-8695E5F250EE}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EB9C24F7-4C02-4923-A55F-F15CC4E00905}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EBA18E08-B8BE-4DFC-9B00-47AB30D1842D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EBC7BFAD-7B49-42E9-961A-C9A14DF370A1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EBDEFC7A-8532-4E4F-A563-9F012DF4CF5F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EC206A16-48E2-4E7E-9859-71341DA45E7E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EC43E159-7B3B-4D64-AEA4-5AE43C40A9B0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EC7C7668-6207-4ACF-801D-16AE9F0923CC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{ECDEA828-741E-40A3-A359-A66DE3E4A96A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{ECE50CFA-1A6B-49BD-9B0E-BDD83449A3DB}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{ECF0FCCE-06D2-4FE7-911E-7AB1335380AD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{ED117832-99D4-46C8-9CB4-92C4D77999CD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{ED1F42F5-9C24-4C9E-91F6-805A3054E7D1}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EDB3B3A0-16B2-442D-B7A8-DDE4B24DA484}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EE0C1FD7-AB68-4183-9F7A-CB6A3E3865D4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EECE4E4E-8565-4757-840E-F2B1F4DED006}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EEF2B4BD-1EE3-4E5A-AC81-12B1CF5F60E6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EFB16E22-B630-40B4-A02F-FB5C81E0FC0F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{EFDBBED1-0817-41F4-8672-C786CF077444}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F00B08A2-7165-4D1C-9F30-A3BD10D326FF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F043300A-C466-47CA-8AFA-A5A73EABC8EF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F1191518-66EE-4DE5-802D-3D6EE49E8DB7}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F1735B4A-4004-4641-8B55-2BD746777A1B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F1D692D2-0CF3-48C3-B42A-75484FE37191}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F2610398-D9C7-4949-AD19-D2DDEB1FA1F6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F265BFC7-D30F-4C16-B3D5-5FFEECFCF1C6}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F268F720-FB9C-461C-B6AB-0B2DCD0F0630}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F2B0FB72-D5B1-478F-9FF7-B9EA611BDCC2}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F2C87681-1261-4D0D-84BC-C769EC98C96A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F2CB72F4-93DA-4A62-B5DB-B2F39B824ABC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F4A9BDBE-3DA7-4F17-9192-FE78AEF50397}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F4DEB575-EB99-40C4-BE5F-5924602C7D3A}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F5183AB3-CD7F-4F61-B1C1-AE9CBE120087}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F51B477F-15C4-46CA-8B37-5DC894F6F055}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F542F396-1D08-42EB-B7D4-92C77027402E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F5E5F322-B3F0-467A-BE26-8BEF3AD6F41B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F6087AD6-9AA2-48C1-983F-467563C8278B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F738B70E-6E5F-41D4-BB94-7AE4406C020B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F74704D6-7A18-46D3-8E07-E56C5FBB999C}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F74B19E3-4157-4B25-A0F8-D5EF2663976E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F801AF35-1D9B-4165-BBAA-A4F3147A48BF}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F8318708-469E-4404-A7FE-3FBC551E79D9}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F8F46B9A-0732-4AED-9E67-E6635F9E509E}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F966EBA6-7F01-469F-9602-8BD3D72E58E5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F9D5B09B-BAD9-4FCC-A5BB-5567DCA61825}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{F9E89365-A66C-4913-9D38-8EBD1012F4A0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FA4F25C3-5496-489F-AE23-1891B912E252}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FA6036CA-7C6D-4983-9D65-60200E609312}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FA997AA0-43F7-489F-A976-7DD1EDD361EA}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FC13055A-1953-4459-8DD5-74F9DB29C928}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FC234F0B-7B9F-4D3A-BA63-57454277D32D}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FC5DFE96-A4EF-4503-AE41-1B17EA3F10D8}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FCCC2AEA-2AE8-4E96-8A24-5A0EF991F27F}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FCD7EBBD-204B-4C10-9C19-94096CCD9AC0}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FD20F150-2A63-422C-91AB-508DCAC41015}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FE16FF8A-EE30-40BC-AE17-84DCDFE463CC}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FE2AA6FA-256B-4274-9C47-97EEF74E52CD}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FE4E55E6-B391-47D1-9279-2D6EB9B0FFF4}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FE6713EE-1060-47E1-BEA2-0C66AB4A1F9B}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FE758A60-60EF-48F1-9D44-F109973CDB40}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FEFD7237-0AC2-4949-B620-6A8249FA1755}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FF1506A7-C5DA-480C-84BE-272AD3B833D5}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FF249CEA-A6AB-4809-896D-B0118B23D406}
Successfully deleted: [Empty Folder] C:\Users\Kim-PC\appdata\local\{FF76E404-47B4-406F-9B6F-820172DA4A3C}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 04/20/2014 at  9:16:39.98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 



#10 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:17 PM

Posted 20 April 2014 - 11:52 AM

Hello lakergal,

..

Run OTL again.

  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


How the computer is running now?


***

 
please post a new OTL log.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 lakergal

lakergal
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 20 April 2014 - 04:07 PM

Jo,

Computer seems to be running smoother.

Here is the OTL scan log:

 

OTL logfile created on: 4/20/2014 3:05:08 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kim-PC\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.91 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 54.97% Memory free
7.83 Gb Paging File | 5.49 Gb Available in Paging File | 70.09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448.57 Gb Total Space | 178.93 Gb Free Space | 39.89% Space Free | Partition Type: NTFS
Drive D: | 120.55 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: KIM-PC-PC | User Name: Kim-PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Kim-PC\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
PRC - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe (CBS Interactive Inc.)
PRC - C:\Users\Kim-PC\AppData\Local\Workspace\wben.exe (Starfield Technologies, LLC)
PRC - C:\Users\Kim-PC\AppData\Local\Workspace\workspacestatus.exe (Starfield Technologies)
PRC - C:\Program Files (x86)\Workspace\offSyncService.exe (Starfield Technologies)
PRC - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
PRC - C:\Users\Kim-PC\AppData\Local\Workspace\workspaceupdate.exe (Starfield Technologies)
PRC - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
PRC - C:\Program Files\Trend Micro SafeSync\HrfsClient.exe (Trend Micro Inc.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2tray.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2pre.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\GoToMyPC\g2comm.exe (Citrix Online, a division of Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\QuickBooks Online Backup\OnlineBackup.exe (SwapDrive, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\fd746553afb4778c8736b6d8af4caa6d\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\801b632b8b7ef72f14333dbce41524b8\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\d3df00ba3df9c1790499701b79269570\System.IdentityModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8a01cb6ca56adf4f33cdad0592538b58\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1c58ae226a791dc3ba4cd09225f7599e\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\868ad9d8acc0bf80a973c0e4e9cae4fa\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f703846404bb66a4ae03ef8133755007\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Flow.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\libcurl.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\libxml2.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\zlib.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\sqlite3.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\libcef.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\avformat-53.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\libEGL.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\avcodec-53.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\libGLESv2.dll ()
MOD - C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\avutil-51.dll ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe ()
MOD - C:\Program Files\Trend Micro SafeSync\avcodec-52.dll ()
MOD - C:\Program Files\Trend Micro SafeSync\avformat-52.dll ()
MOD - C:\Program Files\Trend Micro SafeSync\avutil-50.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe File not found
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (OnlineStorageService) -- C:\Program Files\Trend Micro SafeSync\hrfscore.exe (Trend Micro Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (File Backup) -- C:\Program Files (x86)\Workspace\offSyncService.exe (Starfield Technologies)
SRV - (IntuitUpdateServiceV4) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (LeapFrog Connect Device Service) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
SRV - (QBCFMonitorService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe (Intuit)
SRV - (GoToMyPC) -- C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (SoftThinks SAS)
SRV - (AdobeActiveFileMonitor10.0) -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (QBFCService) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.)
DRV:64bit: - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.)
DRV:64bit: - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (tmeevw) -- C:\Windows\SysNative\drivers\tmeevw.sys (Trend Micro Inc.)
DRV:64bit: - (TMEBC) -- C:\Windows\SysNative\drivers\TMEBC64.sys (Trend Micro Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (tmnciesc) -- C:\Windows\SysNative\drivers\tmnciesc.sys (Trend Micro Inc.)
DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USSMB/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {1CFA0FA4-42E4-4900-840A-733C2C7E8D77}
IE - HKCU\..\SearchScopes\{1CFA0FA4-42E4-4900-840A-733C2C7E8D77}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GZBN_enUS471
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@TrendMicro.com/FFExtension: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll (Trend Micro Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Kim-PC\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@starfield.com/off: C:\Users\Kim-PC\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/off64: C:\Users\Kim-PC\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF - HKCU\Software\MozillaPlugins\@starfield.com/wbe: C:\Users\Kim-PC\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)
FF - HKCU\Software\MozillaPlugins\@starfield.com/wbe64: C:\Users\Kim-PC\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kim-PC\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kim-PC\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\adobe.com/AdobeExManCCDetect32: C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\adobe.com/AdobeExManCCDetect64: C:\Program Files (x86)\Adobe\Adobe Extension Manager CC\npAdobeExManCCDetect64.dll (Adobe Systems)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com: C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20002\7.5.1137\7.5.1137\FIREFOXEXTENSION [2014/04/20 08:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/02/21 10:49:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/02/13 11:02:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.1.1104\7.1.1104\firefoxextension
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tmbepff-7.5@trendmicro.com: C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1137\7.5.1137\firefoxextension [2014/04/20 08:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2013/01/27 22:31:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\ [2014/04/20 08:29:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/17 09:38:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/02/13 11:02:38 | 000,000,000 | ---D | M]
 
[2012/03/31 11:44:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kim-PC\AppData\Roaming\Mozilla\Extensions
[2012/11/28 15:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/20 02:17:52 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/20 02:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/20 02:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kim-PC\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kim-PC\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kim-PC\AppData\Local\Google\Chrome\Application\34.0.1847.116\gcswf32.dll
CHR - plugin: Trend Micro Titanium (Enabled) = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\5.2.0.1035_0\npToolbarChrome.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Online Storage plug-in (Enabled) = C:\Users\Kim-PC\AppData\Roaming\Mozilla\plugins\npoff.dll
CHR - plugin: Workspace Webmail plug-in 1.0.20.42 (Enabled) = C:\Users\Kim-PC\AppData\Roaming\Mozilla\plugins\npwbe.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: TrendMicro BEP Extension = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee\7.5.0.1137_0\
CHR - Extension: Google Search = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: TrendMicro Toolbar = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj\6.0.0.2030_0\
CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\
CHR - Extension: Google Wallet = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Kim-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [OnlineBackupScheduler] C:\Program Files (x86)\QuickBooks Online Backup\OnlineBackup.exe (SwapDrive, Inc.)
O4 - HKCU..\Run: [SmileboxTray] C:\Users\Kim-PC\AppData\Roaming\Smilebox\SmileboxTray.exe (Smilebox, Inc.)
O4 - HKCU..\Run: [Starfield Updater] C:\Users\Kim-PC\AppData\Local\Workspace\WorkspaceUpdate.exe (Starfield Technologies)
O4 - HKCU..\Run: [wben] C:\Users\Kim-PC\AppData\Local\Workspace\wben.exe (Starfield Technologies, LLC)
O4 - HKCU..\Run: [Workspace Status] C:\Users\Kim-PC\AppData\Local\Workspace\workspacestatus.exe (Starfield Technologies)
O4 - Startup: C:\Users\Kim-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Kim-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download App.lnk = C:\Users\Kim-PC\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe (CBS Interactive Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: solvusoft.com ([store] https in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19CAA5C9-1E53-4E01-AC49-7A547FAAEA75}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{368D19D0-3BB9-4F1C-9C96-B586167BE430}: DhcpNameServer = 198.224.146.119 198.224.147.135
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0DA8453-1FF5-4631-AF0E-B7E46A2036A2}: DhcpNameServer = 172.20.10.1
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmtb - No CLSID value found
O18:64bit: - Protocol\Handler\tmtbim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/10/28 15:07:36 | 000,000,113 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{8439f371-5656-11e1-8524-d4bed9bece7e}\Shell - "" = AutoRun
O33 - MountPoints2\{8439f371-5656-11e1-8524-d4bed9bece7e}\Shell\AutoRun\command - "" = I:\unlock.exe autoplay=true
O33 - MountPoints2\{b17659db-368f-11e1-8565-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b17659db-368f-11e1-8565-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- [2013/10/28 15:07:41 | 003,086,640 | R--- | M] (Intuit Inc, 2013)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bootdelete)
O34 - HKLM BootExecute: (bootdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/20 14:39:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kim-PC\Desktop\OTL.exe
[2014/04/20 09:08:33 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/19 14:25:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/19 11:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/04/19 11:29:21 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\Desktop\mbar
[2014/04/16 20:29:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014/04/16 16:45:18 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2014/04/16 11:58:39 | 000,119,512 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/16 11:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/16 11:58:13 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/16 11:58:13 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/16 11:58:13 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/16 11:58:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/04/16 11:58:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/04/15 13:59:16 | 000,000,000 | -HSD | C] -- C:\Users\Kim-PC\AppData\Local\EmieUserList
[2014/04/15 13:59:16 | 000,000,000 | -HSD | C] -- C:\Users\Kim-PC\AppData\Local\EmieSiteList
[2014/04/13 03:02:00 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/04/13 03:01:59 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/04/13 03:01:55 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/04/13 03:01:36 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/04/13 03:01:36 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/04/13 03:01:36 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/04/13 03:01:36 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/04/13 03:01:32 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/04/13 03:01:32 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/04/13 03:01:32 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/04/13 03:01:31 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/04/13 03:01:31 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/04/13 03:01:31 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/04/13 03:01:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/04/13 03:01:29 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/04/13 03:01:29 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/04/13 03:01:29 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/04/13 03:01:29 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/04/13 03:01:27 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/04/13 03:01:21 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/04/13 03:01:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/04/13 03:01:20 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/04/13 03:01:20 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/04/13 03:01:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/04/13 03:01:19 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/04/13 03:01:19 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/04/13 03:01:15 | 001,967,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/04/13 03:01:14 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/04/13 03:01:09 | 005,784,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/04/11 06:21:33 | 000,000,000 | ---D | C] -- C:\9cf429ed318cb126b2cc9cc97a
[2014/04/09 05:06:35 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/04/09 05:06:35 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/04/09 05:06:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/04/09 05:06:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/04/09 05:06:22 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/04/09 05:06:22 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/04/09 05:06:21 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/04/09 05:06:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/04/09 05:06:21 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/04/09 05:06:21 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/04/09 05:06:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/04/09 05:06:18 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/04/09 05:06:18 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/04/09 05:06:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/04/08 08:13:28 | 000,000,000 | ---D | C] -- C:\fdac12dd690fac58e7ab2ee2365b
[2014/04/03 12:09:43 | 000,000,000 | ---D | C] -- C:\Users\Kim-PC\AppData\Local\Programs
[2012/02/20 10:27:07 | 001,393,736 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Kim-PC\gotomypc_635.exe
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/20 15:02:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/20 14:40:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kim-PC\Desktop\OTL.exe
[2014/04/20 14:40:08 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4131391989-150066398-3726755509-1001UA.job
[2014/04/20 14:23:02 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/20 13:55:19 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/04/20 12:32:57 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/20 12:32:57 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/20 08:27:14 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/04/20 08:26:49 | 000,001,926 | ---- | M] () -- C:\Users\Kim-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
[2014/04/20 08:26:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/20 08:26:12 | 3152,510,976 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/20 08:21:56 | 001,308,369 | ---- | M] () -- C:\Users\Kim-PC\Desktop\AdwCleaner.exe
[2014/04/20 04:40:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4131391989-150066398-3726755509-1001Core.job
[2014/04/19 11:29:30 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/16 16:45:19 | 000,002,981 | ---- | M] () -- C:\Users\Kim-PC\Desktop\HiJackThis.lnk
[2014/04/16 11:58:15 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/15 16:50:31 | 000,007,608 | ---- | M] () -- C:\Users\Kim-PC\AppData\Local\Resmon.ResmonCfg
[2014/04/12 15:18:36 | 000,002,374 | ---- | M] () -- C:\Users\Kim-PC\Desktop\Google Chrome.lnk
[2014/04/10 11:10:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\iqvw64e.sys
[2014/04/07 13:55:22 | 453,779,535 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/04/07 13:54:00 | 000,011,780 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/04/07 10:31:41 | 000,817,102 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/07 10:31:41 | 000,689,554 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/07 10:31:41 | 000,131,180 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/03/21 17:37:04 | 000,238,128 | ---- | M] () -- C:\Windows\RegBootClean64.exe
[2014/03/21 17:25:00 | 000,000,499 | ---- | M] () -- C:\Users\Kim-PC\Desktop\Workspace Login.website
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/04/20 08:21:49 | 001,308,369 | ---- | C] () -- C:\Users\Kim-PC\Desktop\AdwCleaner.exe
[2014/04/16 16:45:19 | 000,002,981 | ---- | C] () -- C:\Users\Kim-PC\Desktop\HiJackThis.lnk
[2014/04/16 11:58:15 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/15 16:50:31 | 000,007,608 | ---- | C] () -- C:\Users\Kim-PC\AppData\Local\Resmon.ResmonCfg
[2014/04/10 11:10:32 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\iqvw64e.sys
[2014/04/07 13:54:00 | 000,011,780 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2013/11/05 12:44:35 | 000,004,608 | ---- | C] () -- C:\Users\Kim-PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/07/23 20:18:29 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Bass Amp
[2013/07/23 20:18:28 | 000,000,268 | RH-- | C] () -- C:\Users\Kim-PC\AppData\Roaming\Basic Synth
[2013/07/23 20:18:28 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2013/05/22 09:08:11 | 000,000,430 | ---- | C] () -- C:\Windows\wininit.ini
[2013/02/15 23:54:58 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/01/27 22:23:59 | 000,000,036 | ---- | C] () -- C:\Users\Kim-PC\AppData\Local\housecall.guid.cache
[2012/07/08 07:45:39 | 000,238,128 | ---- | C] () -- C:\Windows\RegBootClean64.exe
[2012/07/08 07:45:39 | 000,021,520 | ---- | C] () -- C:\Windows\DCEBoot64.exe
[2012/05/30 10:31:03 | 000,000,515 | ---- | C] () -- C:\Windows\Viewer.INI
[2012/05/30 09:35:56 | 000,000,502 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2012/05/30 09:35:06 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2012/03/28 15:42:01 | 000,000,132 | ---- | C] () -- C:\Users\Kim-PC\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012/03/05 10:18:21 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/02/13 16:16:48 | 000,000,935 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/07 20:35:01 | 000,002,047 | ---- | C] () -- C:\Program Files\Adobe Photoshop CS2.lnk
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\yWriterProj:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 17.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 16.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 15.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 14.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 13.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 12.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 11.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 10.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 09.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 08.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 07.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 06.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 05.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 04.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 03.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 02.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Track 01.wav:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\SpiralFrog:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Retrospect Catalog Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Restore:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Piqua Cut & Sew:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Outlook Contacts:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\OldEducator:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\NetObjects Fusion 11.0:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\MyHeritage:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\My Data Sources:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\McGinness:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Logan Labs:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Lifestyle Real Estate Services:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Labels:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Kimage Design:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Jenni:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Indian Lake Chamber Business:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\ILREAL:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\House:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Honeycutt:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Earthworks:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Dawn.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Coco:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\CMX Oil:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Christmas08:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Choice Properties:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Carrie:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Callie:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\Broker Realty Service:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\AnnualDinnerInvite12-08.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\AeroScents:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Kim-PC\Desktop\Old PC\Documents\_vti_cnf:Roxio EMC Stream

< End of report >



#12 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:17 PM

Posted 20 April 2014 - 04:23 PM

Hello lakergal,


1. Java
1.1 Uninstall old Java versions (if present):
  • Please go to Start > Control Panel > Programs and Features .
  • Locate all Java Updates
  • Uninstall them all.
1.2 Install latest Java 7 update. Click this link and click on the Free JAVA Download.

1.3 Find here instructions how to clear the java cache.
Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)
Under Temporary Internet Files, click the Delete Files button.
There are options in the window to clear the cache - Leave ALL Checked
  • Applications and Applets
  • Trace and log files
Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. Click OK to leave the Java Control Panel.
 

---


Malwarebytes' Anti-Malware
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

---


ESET Online Scanner

Connect any existing external hard drives and / or other removable media.

Note:
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



If this program is already installed: Skip the installation and run only the scan!
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Select Uninstall application on close check box and push esetFinish.png

---


How the computer is running now?


---


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#13 lakergal

lakergal
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 20 April 2014 - 10:05 PM

Jo,

Here is the results of the latest scan:

 

C:\Users\Kim-PC\Downloads\DownloadManagerSetup (1).exe a variant of Win32/Kryptik.BWJC trojan
C:\Users\Kim-PC\Downloads\DownloadManagerSetup (2).exe a variant of Win32/Kryptik.BWJC trojan
C:\Users\Kim-PC\Downloads\DownloadManagerSetup (3).exe a variant of Win32/Kryptik.BWJC trojan
C:\Users\Kim-PC\Downloads\DownloadManagerSetup.exe a variant of Win32/Kryptik.BWJC Trojan

 

Computer is running better.



#14 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:17 PM

Posted 21 April 2014 - 07:17 AM

Hello lakergal,

Run OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :OTL
    
    :Files
    :\Users\Kim-PC\Downloads\DownloadManagerSetup (1).exe
    C:\Users\Kim-PC\Downloads\DownloadManagerSetup (2).exe
    C:\Users\Kim-PC\Downloads\DownloadManagerSetup (3).exe
    C:\Users\Kim-PC\Downloads\DownloadManagerSetup.exe
    
    :Commands
    [purity]
    [emptytemp]
    


    NOTICE: This script was written specifically for this user, for use on that particular machine.
    Running this on another machine may cause damage to your operating system
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post Fix OTL log.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#15 lakergal

lakergal
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:17 PM

Posted 21 April 2014 - 05:51 PM

Hi Jo,

Here is the Fix OTL log

 

All processes killed
========== OTL ==========
========== FILES ==========
Error: Unable to interpret <:\Users\Kim-PC\Downloads\DownloadManagerSetup (1).exe> in the current context!
Error: Unable to interpret <C:\Users\Kim-PC\Downloads\DownloadManagerSetup (2).exe> in the current context!
Error: Unable to interpret <C:\Users\Kim-PC\Downloads\DownloadManagerSetup (3).exe> in the current context!
Error: Unable to interpret <C:\Users\Kim-PC\Downloads\DownloadManagerSetup.exe> in the current context!
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33184 bytes
->Flash cache emptied: 57472 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Kim-PC
->Temp folder emptied: 2126779615 bytes
->Temporary Internet Files folder emptied: 603412735 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 28853240 bytes
->Google Chrome cache emptied: 213059455 bytes
->Apple Safari cache emptied: 15229952 bytes
->Flash cache emptied: 58649 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 1393152 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4261077011 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1368192 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42321377 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 743 bytes
RecycleBin emptied: 1299968 bytes
 
Total Files Cleaned = 6,957.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 04212014_172746

Files\Folders moved on Reboot...
C:\Users\Kim-PC\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Kim-PC\AppData\Local\Temp\JavaDeployReg.log moved successfully.
File\Folder C:\Users\Kim-PC\AppData\Local\Temp\~DF06B180BF6CEE9D4A.TMP not found!
File\Folder C:\Users\Kim-PC\AppData\Local\Temp\~DF60C7CB353CA3957E.TMP not found!
File\Folder C:\Users\Kim-PC\AppData\Local\Temp\~DF96D524492A9C4C77.TMP not found!
File\Folder C:\Users\Kim-PC\AppData\Local\Temp\~DF9EC907083C78C02C.TMP not found!
File\Folder C:\Users\Kim-PC\AppData\Local\Temp\~DFD6B78F76758291DB.TMP not found!
File\Folder C:\Users\Kim-PC\AppData\Local\Temp\~DFE10085DF72FD1227.TMP not found!
File\Folder C:\Users\Kim-PC\AppData\Local\Temp\~DFF1D4DBD433FEFBDC.TMP not found!
File\Folder C:\Users\Kim-PC\AppData\Local\Temp\~DFFA9C7691E070C818.TMP not found!
C:\Users\Kim-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMEIHAIE\fastbutton[1].htm moved successfully.
C:\Users\Kim-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J4FJDAD7\8n77RrR4jg0[1].htm moved successfully.
C:\Users\Kim-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J4FJDAD7\8n77RrR4jg0[2].htm moved successfully.
C:\Users\Kim-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J4FJDAD7\computer-slowunresponsive-help-analyze-hijackthis-log[1].htm moved successfully.
C:\Users\Kim-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J4FJDAD7\like[1].htm moved successfully.
C:\Users\Kim-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DVMF1GNT\postmessageRelay[2].htm moved successfully.
C:\Users\Kim-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\SysNative\SETB55.tmp scheduled to be moved on reboot.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users