Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

some sort of flash player exploit found by avg when visiting imgur.


  • This topic is locked This topic is locked
15 replies to this topic

#1 whatdoesntthefoxsay

whatdoesntthefoxsay

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 05 June 2014 - 09:08 PM

i clicked an imgur link this evening and avg popped open with an alert that it had detected and deleted some sort of exploit, in a panic i didnt get the full name of it. simple as that really, thought it would be best to check with you guys to make sure it isnt hiding, or anything else is cheekily hiding too.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.45.2
Run by mykie at 3:03:52 on 2014-06-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.3020.716 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
uRun: [Google Update] "C:\Users\mykie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AVG-Secure-Search-Update_0913b] C:\Users\mykie\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 66276cdfd38847d191a21d1be94566cd-8432e76a3661af319bf62f11500f574ac1cfa34b --CMPID 0913b
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Magic Desktop for HP notification] "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{345DE2E7-2C6D-48C5-9862-DEEDB9141FC2} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-4-15 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-8-30 46368]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-26 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-5-26 2372096]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-27 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-17 701512]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-26 2656280]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-5-26 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-5-26 39464]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-12 317440]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-10-20 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-8 565352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2013-6-2 131912]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-8 111616]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-5-26 335464]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-05-16 00:17:03 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-16 00:17:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-16 00:09:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-05-16 00:09:59 39936 ----a-w- C:\Windows\System32\wincredprovider.dll
2014-05-16 00:09:59 35328 ----a-w- C:\Windows\SysWow64\wincredprovider.dll
2014-05-16 00:09:59 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-05-16 00:09:59 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-05-16 00:09:59 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-05-16 00:09:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-05-16 00:09:59 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-16 00:09:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-16 00:09:59 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-05-12 01:08:45 -------- d-----w- C:\Users\mykie\AppData\Local\{E4570145-2AD3-46AD-8C50-2918778BD45B}
.
==================== Find3M  ====================
.
2014-05-17 20:32:41 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-17 20:32:41 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-15 12:35:26 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
.
============= FINISH:  3:04:38.44 ===============
 

 

 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,550 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:33 AM

Posted 10 June 2014 - 09:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/536803 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 whatdoesntthefoxsay

whatdoesntthefoxsay
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 11 June 2014 - 08:53 PM

ive pretty much explained everything thats happened, although MBAM isnt picking anything up with scans i still get a bit paranoid.

 

no original windows cd

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.45.2
Run by mykie at 2:50:58 on 2014-06-12
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.3020.1426 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
uRun: [Google Update] "C:\Users\mykie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AVG-Secure-Search-Update_0913b] C:\Users\mykie\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 66276cdfd38847d191a21d1be94566cd-8432e76a3661af319bf62f11500f574ac1cfa34b --CMPID 0913b
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Magic Desktop for HP notification] "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{345DE2E7-2C6D-48C5-9862-DEEDB9141FC2} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-4-15 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-8-30 46368]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-5-26 13592]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-5-26 2372096]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-26 2656280]
R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-5-26 344616]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-5-26 39464]
R3 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-9-13 1098296]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-12 317440]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-2-8 565352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-27 418376]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-17 701512]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2013-6-2 131912]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-8 111616]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-10-20 25928]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-5-26 335464]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-15 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-05-16 00:17:03 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-16 00:17:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-16 00:09:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-05-16 00:09:59 39936 ----a-w- C:\Windows\System32\wincredprovider.dll
2014-05-16 00:09:59 35328 ----a-w- C:\Windows\SysWow64\wincredprovider.dll
2014-05-16 00:09:59 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-05-16 00:09:59 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-05-16 00:09:59 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-05-16 00:09:59 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-05-16 00:09:59 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-16 00:09:59 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-16 00:09:59 136192 ----a-w- C:\Windows\System32\sspicli.dll
.
==================== Find3M  ====================
.
2014-05-17 20:32:41 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-17 20:32:41 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-15 12:35:26 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-04-12 02:22:05 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:32 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
.
============= FINISH:  2:52:00.83 ===============
 

Attached Files



#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,550 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:33 AM

Posted 15 June 2014 - 09:15 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

#5 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:05:33 AM

Posted 16 June 2014 - 04:00 PM

Hello mykie, and   :welcome: to the Virus/Trojan/Spyware/Malware Removal forum.

I am oneof4, and I am here to help you!

  • I ask that you refrain from running tools other than those I suggest to you while I am cleaning up your computer. The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received and do not proceed if you need clarification.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please do not re-run any programs I suggest. If you encounter problems please stop and tell me about it. When your computer is clean I will alert you of such. I will also provide you with detailed suggestions for prevention.
  • At the top right-center of the topic you will see a button called Follow this topic. If you click on this, another page will open. Please choose Instantly for notification and then clicking on Follow this topic you will be advised when we respond to your topic and facilitate the cleaning of your machine.
  • If after 5 days you have not replied to this topic, I will assume it has been abandoned, and I will close it.
  • I would also like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts.  :heart: Please be courteous and appreciative for the assistance provided!
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. Your computer fix will be based on the current condition of your computer! Any changes might delay my ability to help you.

==========

 
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note
: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Best Regards,
oneof4.


#6 whatdoesntthefoxsay

whatdoesntthefoxsay
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 19 June 2014 - 06:58 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-06-2014
Ran by mykie (administrator) on MYKIE-HP on 20-06-2014 00:53:09
Running from C:\Users\mykie\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Google Inc.) C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\mykie\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-11-18] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2012-02-08] (IDT, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-03-16] (EasyBits Software AS)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-09-13] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-29] (Easybits)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-10] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3030888214-3870064378-2335211991-1000\...\Run: [Google Update] => C:\Users\mykie\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-07-19] (Google Inc.)
HKU\S-1-5-21-3030888214-3870064378-2335211991-1000\...\Run: [AVG-Secure-Search-Update_0913b] => C:\Users\mykie\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid 66276cdfd38847d191a21d1be94566cd-8432e76a3661af319bf62f11500f574ac1cfa34b --CMPID 0913b
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/HPNOT/2
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPNOT/2
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-3/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-04-20] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\mykie\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\mykie\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: google.co.uk
CHR Plugin: (Shockwave Flash) - C:\Users\mykie\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\mykie\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\mykie\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\mykie\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\mykie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google Search) - C:\Users\mykie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (XKit) - C:\Users\mykie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2013-07-31]
CHR Extension: (AdBlock) - C:\Users\mykie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-04-26]
CHR Extension: (Totoro Rainy Day) - C:\Users\mykie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmiagjknjjfockcklibjlfdojojaffff [2013-04-05]
CHR Extension: (Google Wallet) - C:\Users\mykie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\mykie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
 
==================== Services (Whitelisted) =================
 
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2372096 2011-02-18] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-04-15] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-20 00:53 - 2014-06-20 00:54 - 00017355 _____ () C:\Users\mykie\Downloads\FRST.txt
2014-06-20 00:52 - 2014-06-20 00:53 - 00000000 ____D () C:\FRST
2014-06-20 00:52 - 2014-06-20 00:52 - 02082304 _____ (Farbar) C:\Users\mykie\Downloads\FRST64.exe
2014-06-20 00:50 - 2014-06-20 00:50 - 01072128 _____ (Farbar) C:\Users\mykie\Downloads\FRST.exe
2014-06-18 01:14 - 2014-06-18 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-13 01:21 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 01:21 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 01:21 - 2014-05-30 10:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 01:21 - 2014-05-30 10:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 01:21 - 2014-05-30 10:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 01:21 - 2014-05-30 10:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 01:21 - 2014-05-30 10:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 01:21 - 2014-05-30 10:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 01:21 - 2014-05-30 10:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 01:21 - 2014-05-30 09:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-13 01:21 - 2014-05-30 09:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 01:21 - 2014-05-30 09:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 01:21 - 2014-05-30 09:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 01:21 - 2014-05-30 09:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 01:21 - 2014-05-30 09:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 01:21 - 2014-05-30 09:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 01:21 - 2014-05-30 09:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-13 01:21 - 2014-05-30 09:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 01:21 - 2014-05-30 09:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-13 01:21 - 2014-05-30 09:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 01:21 - 2014-05-30 09:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 01:21 - 2014-05-30 09:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-13 01:21 - 2014-05-30 09:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 01:21 - 2014-05-30 09:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 01:21 - 2014-05-30 08:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 01:21 - 2014-05-30 08:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-13 01:21 - 2014-05-30 08:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 01:21 - 2014-05-30 08:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 01:21 - 2014-05-30 08:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 01:21 - 2014-05-30 08:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 01:21 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 01:21 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-13 01:21 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 01:21 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 01:21 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 01:21 - 2014-03-26 15:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 01:21 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 01:21 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-13 01:21 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-13 01:21 - 2014-03-26 15:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-13 01:21 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-13 01:21 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-13 01:20 - 2014-06-08 10:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 01:20 - 2014-06-08 10:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-13 01:20 - 2014-05-30 11:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 01:20 - 2014-05-30 10:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-13 01:20 - 2014-05-30 10:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 01:20 - 2014-05-30 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 01:20 - 2014-05-30 10:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-13 01:20 - 2014-05-30 10:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 01:20 - 2014-05-30 10:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-13 01:20 - 2014-05-30 10:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-13 01:20 - 2014-05-30 10:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 01:20 - 2014-05-30 09:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 01:20 - 2014-05-30 09:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 01:20 - 2014-05-30 09:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-13 01:20 - 2014-05-30 09:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 01:20 - 2014-05-30 09:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 01:20 - 2014-05-30 09:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-13 01:20 - 2014-05-30 09:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 01:20 - 2014-05-30 08:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 01:20 - 2014-05-30 08:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 01:20 - 2014-05-30 08:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 01:20 - 2014-05-30 08:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 01:20 - 2014-05-30 08:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-13 01:20 - 2014-05-30 08:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 02:52 - 2014-06-12 02:52 - 00015812 _____ () C:\Users\mykie\Desktop\dds.txt
2014-06-12 02:52 - 2014-06-12 02:52 - 00006316 _____ () C:\Users\mykie\Desktop\attach.txt
2014-06-12 02:50 - 2014-06-12 02:50 - 00688992 ____R (Swearware) C:\Users\mykie\Desktop\dds.com
2014-05-27 00:03 - 2014-06-20 00:46 - 00002016 _____ () C:\Windows\setupact.log
2014-05-27 00:03 - 2014-05-27 00:03 - 00000000 _____ () C:\Windows\setuperr.log
 
==================== One Month Modified Files and Folders =======
 
2014-06-20 00:54 - 2014-06-20 00:53 - 00017355 _____ () C:\Users\mykie\Downloads\FRST.txt
2014-06-20 00:53 - 2014-06-20 00:52 - 00000000 ____D () C:\FRST
2014-06-20 00:52 - 2014-06-20 00:52 - 02082304 _____ (Farbar) C:\Users\mykie\Downloads\FRST64.exe
2014-06-20 00:52 - 2011-12-30 08:03 - 01618542 _____ () C:\Windows\WindowsUpdate.log
2014-06-20 00:51 - 2011-09-12 20:57 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-20 00:50 - 2014-06-20 00:50 - 01072128 _____ (Farbar) C:\Users\mykie\Downloads\FRST.exe
2014-06-20 00:46 - 2014-05-27 00:03 - 00002016 _____ () C:\Windows\setupact.log
2014-06-20 00:46 - 2013-06-03 19:51 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-06-20 00:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-18 05:06 - 2011-07-19 01:41 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3030888214-3870064378-2335211991-1000UA.job
2014-06-18 02:06 - 2011-07-19 01:41 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3030888214-3870064378-2335211991-1000Core.job
2014-06-18 01:26 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-18 01:26 - 2009-07-14 05:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-18 01:14 - 2014-06-18 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-06-18 01:14 - 2012-10-03 16:00 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2013.lnk
2014-06-16 00:38 - 2013-09-22 21:01 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleFormykie.job
2014-06-16 00:35 - 2012-09-25 21:01 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-16 00:35 - 2011-09-11 19:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-16 00:20 - 2013-09-22 21:01 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleFormykie
2014-06-16 00:19 - 2012-02-10 19:27 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-16 00:19 - 2011-07-15 18:10 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-14 01:13 - 2011-07-19 01:41 - 00002368 _____ () C:\Users\mykie\Desktop\Google Chrome.lnk
2014-06-13 01:29 - 2013-08-14 21:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 01:26 - 2011-09-02 04:05 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-13 01:24 - 2014-05-07 01:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 02:52 - 2014-06-12 02:52 - 00015812 _____ () C:\Users\mykie\Desktop\dds.txt
2014-06-12 02:52 - 2014-06-12 02:52 - 00006316 _____ () C:\Users\mykie\Desktop\attach.txt
2014-06-12 02:50 - 2014-06-12 02:50 - 00688992 ____R (Swearware) C:\Users\mykie\Desktop\dds.com
2014-06-11 02:22 - 2012-12-18 16:42 - 00000000 ____D () C:\Users\mykie\Desktop\Tumblr
2014-06-08 10:13 - 2014-06-13 01:20 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:08 - 2014-06-13 01:20 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-30 11:21 - 2014-06-13 01:20 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 11:02 - 2014-06-13 01:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 11:02 - 2014-06-13 01:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 10:45 - 2014-06-13 01:21 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 10:39 - 2014-06-13 01:21 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 10:39 - 2014-06-13 01:20 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 10:38 - 2014-06-13 01:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 10:28 - 2014-06-13 01:20 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 10:27 - 2014-06-13 01:20 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 10:24 - 2014-06-13 01:20 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 10:21 - 2014-06-13 01:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 10:21 - 2014-06-13 01:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 10:20 - 2014-06-13 01:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 10:18 - 2014-06-13 01:21 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 10:11 - 2014-06-13 01:20 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 10:08 - 2014-06-13 01:20 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 10:06 - 2014-06-13 01:21 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 10:02 - 2014-06-13 01:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 09:55 - 2014-06-13 01:21 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 09:49 - 2014-06-13 01:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 09:46 - 2014-06-13 01:20 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 09:44 - 2014-06-13 01:20 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 09:44 - 2014-06-13 01:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 09:43 - 2014-06-13 01:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 09:42 - 2014-06-13 01:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 09:38 - 2014-06-13 01:21 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 09:35 - 2014-06-13 01:21 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 09:34 - 2014-06-13 01:21 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 09:33 - 2014-06-13 01:21 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 09:30 - 2014-06-13 01:21 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 09:29 - 2014-06-13 01:21 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 09:28 - 2014-06-13 01:20 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 09:27 - 2014-06-13 01:21 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 09:24 - 2014-06-13 01:20 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 09:23 - 2014-06-13 01:21 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 09:16 - 2014-06-13 01:21 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 09:10 - 2014-06-13 01:21 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 09:06 - 2014-06-13 01:20 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 09:04 - 2014-06-13 01:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 09:02 - 2014-06-13 01:21 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 08:56 - 2014-06-13 01:20 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 08:56 - 2014-06-13 01:20 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 08:54 - 2014-06-13 01:21 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 08:50 - 2014-06-13 01:21 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 08:49 - 2014-06-13 01:21 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 08:43 - 2014-06-13 01:20 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 08:40 - 2014-06-13 01:21 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 08:30 - 2014-06-13 01:21 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 08:21 - 2014-06-13 01:20 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 08:15 - 2014-06-13 01:21 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 08:13 - 2014-06-13 01:20 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 08:13 - 2014-06-13 01:20 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-27 00:03 - 2014-05-27 00:03 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-25 01:05 - 2011-11-07 14:44 - 00000000 ____D () C:\Program Files (x86)\Steam
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-02 01:54
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2014
Ran by mykie at 2014-06-20 00:55:10
Running from C:\Users\mykie\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.1.29963 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.4.402.278 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Any Video Converter 5.0.7 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3485 - AVG Technologies)
AVG 2013 (Version: 13.0.3485 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.3955 - AVG Technologies) Hidden
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - Gaijin Games)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.86 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 3.11 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
Diablo III (HKLM-x32\...\Diablo III) (Version: 1.0.4.11327 - Blizzard Entertainment)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Divekick (HKLM-x32\...\Steam App 244730) (Version:  - Iron Galaxy Studios)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version:  - 3D Realms)
Dustforce (HKLM-x32\...\Steam App 65300) (Version:  - )
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FINAL FANTASY VII (HKLM-x32\...\{141B8BA9-BFFD-4635-AF64-078E31010EC3}_is1) (Version: 1.0 - Square Enix)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Game Dev Tycoon version 1.3.4 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.4 - Greenheart Games Pty. Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Gratuitous Space Battles (HKLM-x32\...\Steam App 41800) (Version:  - Positech Games)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - )
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden
HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{6C453C9C-38AE-494D-BF89-7AA0DE87F3E5}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
Indie Game: The Movie (HKLM-x32\...\Steam App 207080) (Version:  - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2279 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Jamestown (HKLM-x32\...\Steam App 94200) (Version:  - )
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kudos 2 (HKLM-x32\...\Kudos 2_is1) (Version:  - Positech Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version:  - )
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - )
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - )
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pinball FX2 (HKLM-x32\...\Steam App 226980) (Version:  - Zen Studios)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Reus (HKLM-x32\...\Steam App 222730) (Version:  - Abbey Games)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Rogue Legacy Demo version 1.0.3 (HKLM-x32\...\Rogue Legacy Demo_is1) (Version: 1.0.3 - )
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
Scrolls (HKLM-x32\...\Scrolls 1.0.0) (Version: 1.0.0 - Mojang)
Scrolls (x32 Version: 1.0.0 - Mojang) Hidden
Shank (HKLM-x32\...\Steam App 6120) (Version:  - Electronic Arts)
Shatter (HKLM-x32\...\Steam App 20820) (Version:  - Sidhe)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Crate Box (HKLM-x32\...\Steam App 212800) (Version:  - )
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
Super Meat Boy Editor (HKLM-x32\...\Steam App 40810) (Version:  - )
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Binding Of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
theHunter (remove only) (HKLM-x32\...\theHunter) (Version:  - Expansive Worlds)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - )
To the Moon (HKLM-x32\...\Steam App 206440) (Version:  - Freebird Games)
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games, Inc.)
TweetDeck (HKLM-x32\...\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1) (Version: 0.38.1 - TweetDeck Inc)
TweetDeck (x32 Version: 0.38.1 - TweetDeck Inc) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Voxatron 0.1.4 (HKLM-x32\...\Voxatron) (Version: 0.1.4 - Lexaloffle Games)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
14-03-2014 01:10:34 Windows Update
08-04-2014 22:31:53 Windows Update
03-05-2014 02:00:16 Windows Update
07-05-2014 00:14:07 Windows Update
16-05-2014 00:10:45 Windows Update
17-05-2014 23:25:22 Installed DirectX
13-06-2014 00:23:37 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {38B316D8-2385-48BC-AD60-CE950D0636C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-06-10] (Microsoft)
Task: {52558AA1-85D2-4C8C-A40B-43977AA4C441} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{2BCAC96B-EA51-4A6A-85A5-614EF2862D11}.exe
Task: {7FA5EC65-227D-41BD-91FA-DD65B1721E3D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3030888214-3870064378-2335211991-1000UA => C:\Users\mykie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-19] (Google Inc.)
Task: {9687022E-3130-47FD-90E5-38E665B7EBCD} - System32\Tasks\HPCeeScheduleFormykie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {9D7E0316-FFE2-4AD9-AD3E-17488D3CFBE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {ABD77DBD-582B-419F-A442-2AB0C1D03683} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3030888214-3870064378-2335211991-1000Core => C:\Users\mykie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-19] (Google Inc.)
Task: {BDD71150-A8CF-4A57-8A9C-9BDAC67ED4B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {F72A53CB-823A-4CCF-9CE7-BFF83B063746} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] ()
Task: {F74142A5-8772-434E-B858-96A341A55B1C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {FF5F52A4-6B38-42C0-A935-E2B5CDC0FF31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{2BCAC96B-EA51-4A6A-85A5-614EF2862D11}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3030888214-3870064378-2335211991-1000Core.job => C:\Users\mykie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3030888214-3870064378-2335211991-1000UA.job => C:\Users\mykie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleFormykie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-07-30 03:39 - 2010-07-30 03:39 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2011-10-02 16:13 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-04-12 00:16 - 2011-04-12 00:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-04-27 18:05 - 2011-04-27 18:05 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2014-06-14 01:12 - 2014-06-05 14:58 - 00716616 _____ () C:\Users\mykie\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-14 01:12 - 2014-06-05 14:58 - 00126280 _____ () C:\Users\mykie\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-14 01:12 - 2014-06-05 14:58 - 04217672 _____ () C:\Users\mykie\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-14 01:12 - 2014-06-05 14:58 - 00414536 _____ () C:\Users\mykie\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-14 01:12 - 2014-06-05 14:58 - 01732424 _____ () C:\Users\mykie\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-02-13 23:23 - 2014-02-13 23:23 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-05-26 08:54 - 2011-04-30 01:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2011-04-27 18:05 - 2011-04-27 18:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/20/2014 00:47:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/18/2014 01:19:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/18/2014 01:06:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/17/2014 01:38:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/17/2014 01:15:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/17/2014 01:05:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/16/2014 00:39:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/16/2014 00:08:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/15/2014 11:59:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/14/2014 10:49:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (06/18/2014 05:08:23 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (06/17/2014 03:26:28 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (06/17/2014 01:35:39 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (06/17/2014 01:12:50 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (06/17/2014 01:04:33 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (06/16/2014 02:21:51 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (06/16/2014 00:36:51 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (06/16/2014 00:06:04 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The AVGIDSAgent service did not shut down properly after receiving a preshutdown control.
 
Error: (06/16/2014 00:05:24 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (06/15/2014 02:02:38 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
 
Microsoft Office Sessions:
=========================
Error: (06/20/2014 00:47:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/18/2014 01:19:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/18/2014 01:06:56 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/17/2014 01:38:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/17/2014 01:15:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/17/2014 01:05:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/16/2014 00:39:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/16/2014 00:08:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/15/2014 11:59:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/14/2014 10:49:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 68%
Total physical RAM: 3019.86 MB
Available physical RAM: 949.76 MB
Total Pagefile: 6037.9 MB
Available Pagefile: 3643.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:451.88 GB) (Free:288.62 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.58 GB) (Free:1.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: D91F86F8)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End Of Log ============================


#7 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:05:33 AM

Posted 20 June 2014 - 01:25 PM

Not seeing anything malicious yet.  Let's run the two following scans to check further:

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

==========

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Best Regards,
oneof4.


#8 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:05:33 AM

Posted 24 June 2014 - 08:27 AM

Are you still with me?


Best Regards,
oneof4.


#9 whatdoesntthefoxsay

whatdoesntthefoxsay
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 24 June 2014 - 07:15 PM

my apologies, ive been working so quite busy! 

 

# AdwCleaner v3.213 - Report created 25/06/2014 at 00:57:59
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : mykie - MYKIE-HP
# Running from : C:\Users\mykie\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AVG Nation toolbar
Key Found : [x64] HKCU\Software\AVG Nation toolbar
Key Found : HKLM\Software\AVG Nation toolbar
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v
 
[ File : C:\Users\mykie\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
AdwCleaner[R0].txt - [1016 octets] - [25/06/2014 00:57:59]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1076 octets] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by mykie on 25/06/2014 at  1:01:54.92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{903E9084-8050-4C90-870A-226613C1C2F5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{903E9084-8050-4C90-870A-226613C1C2F5}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{00164F2C-7863-4F2E-B2BB-D978861C4AF3}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{00DF692A-81BF-48A1-950B-44079F752904}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{010C5273-246F-4919-9CF6-28A5E1B0BD94}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{01E4E334-EF99-4618-82D6-1016DF3FEF1B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0237CF88-2533-48C7-933B-D1F756AB2992}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{028524F5-CFE8-41FD-AA20-5BEC428ED383}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{03CCC480-F2BF-4E07-B467-26FB7D786D47}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{047AC6DE-FDBC-4BFA-BC20-1665398B08B3}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{04CCFC6D-9689-4D18-A815-204EAC801406}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0650CC59-64D0-458E-9767-0B3F14299C32}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{075A79D8-17C0-46A2-9343-FD4DEFD19602}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{07D3856C-93EF-4401-95A1-600B38089E0D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{08288025-79C1-440A-A5F6-AE3C4F113337}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0869961B-8267-447F-B2F5-18E1E73E477D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0BEE3E88-71F0-4D09-860C-46C43910801B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0C1E3C08-0653-4FBF-8867-BAAA6443D127}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0CDF9129-9A1F-46FF-9582-4986BCFB6A8C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0D1B28D3-FF58-4FF5-999A-B06635D0DA6B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0DA1A7E2-9291-4E73-9B4E-FCB007E75167}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0DD9D795-DA00-4E07-A8AC-13B52FE218B6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0DDD0A0C-915F-4519-B9FF-67FFAB6CD203}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{0E78EBFB-4EC0-40A3-B429-16D68FDB4D04}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{106E8101-DA3C-4853-8215-04B7FD3D7B1F}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{118C26D1-77A6-4B29-B6F5-BBD9AFEB31F4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{11FEDBF1-F033-4E7F-8525-D580B12CA544}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{12FC20D2-A0BF-4B21-97A5-56A821C13594}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1303DA70-3F7D-4686-8575-5408F9728051}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{135C92CC-4B97-4D28-AB37-E571BC14836F}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1496A012-BB84-4BDE-B324-E2957840CDE5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{14A4A76F-4C69-451A-85C7-F7039A21741D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{156595A4-0C09-427F-96F2-1F72A26D18AB}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{15751B4F-6597-45F3-BED0-1FD4718328E2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1590DB58-753B-46E9-9FCE-D31BA549A60C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{163AC0E9-0C31-4463-B5E6-B8A80CA94880}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{16569274-87F9-4A54-8936-98EAE5E42C6B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{169FE6AB-57C6-4556-AEC0-5DC23E9D9A76}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{17056DE8-D6AC-43AA-AB8C-1A0442985D1E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{17769B9B-B4DA-441B-857C-03BE4CFFF4F3}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1830686F-F958-41E7-9565-1D164E897BF5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{18710C19-989F-45AB-96E9-0E8720939BC9}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{19172C38-23E1-47E3-A9D0-E6A892B468CD}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1996AA42-1887-440C-83F0-FB28F010CBBA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1997CD10-0F32-4D3F-A5D3-2C630E63269E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1A1CADFF-C961-4749-91A3-DF3722D220AB}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1A2013D7-DC0D-4A46-921A-97B39C343559}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1A2188C0-848C-4446-9504-BC69814B43F1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1A8B7322-AEF5-41E7-980F-3908AD369843}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1AF7C976-A61D-4684-827B-609BD0D2D6F2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1D818F03-47D0-45C5-9AE0-5734962C0A31}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1E0A5AB6-A779-4932-970E-1D8C0DB7D35D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1E765518-6DB1-485C-BC7A-E44672170FF2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1E914160-BF2F-4A6F-AA30-0133F7860EBA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1ED3291A-B594-4517-93B4-8E677CD1212E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{1EF7C055-5873-4581-8D52-1E102E1F4211}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{20282E8C-DB65-4A5B-8073-7684E3387C3C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2061D574-01FF-4128-A817-D482D0BF90B5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{213CDF81-68A7-4807-A799-F7E15736F357}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2174ACAC-41B1-44F4-9360-11957A1DE2DA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2202203A-B380-4E9F-8ED3-B816A2822A66}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{23AB7FDB-170D-4803-B845-07C3235B7541}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{23FB89AF-9731-4F60-A9A2-6D7B483EAA15}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{241C7649-D668-445C-8D05-311E1BFC9552}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2517C5E2-EF53-4E2A-BB43-7312940024A0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{254EF4C7-8AE1-4DB1-B239-E671D0AA3D00}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2561E93B-4F38-41DD-A193-1B4BBCF9A197}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{25C7DE91-A964-4FA7-A4CC-10DCA7AF0744}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2625C6D5-D496-4C6D-85EC-8DCB440BEA85}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{280FB9A7-E995-441E-8FF7-98D5850B8D99}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2829A98F-A484-4D0B-91C0-7A7D4A223EED}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2833847C-3679-4235-A863-47921C20A5D7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{291AECF8-9ABE-46AA-A9B8-7D6EFA258D40}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{292005FD-7DFC-4EA6-B996-D7240D5A4477}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2A22A958-24FE-4672-8224-2B475479481F}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2AAE7587-C976-4FE5-92F3-8C607A3968E2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2AFE76AB-EBED-4E3B-9054-4F37E94A0049}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2B1B5A89-4C67-48C7-8208-529629AF4B65}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2B468E31-567B-469D-B3EF-01DD9B6993D9}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2BBDE272-703F-43C6-AFFE-B5BEDF6DCB97}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2BE517FD-7278-4BF3-9BDE-3350B20549FF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2C452CEA-47A2-46DE-B3EE-651B32CD0360}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2C6E7A48-2DEB-47E6-8546-529BBF98E6CF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2DB07399-49C9-4BBB-8247-D6017D8A239E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2DE58EB1-066F-499E-83A8-04DD0EF31DAA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2E342C11-D64D-4A74-ABAE-935876E8B04B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{2F5536B7-26B8-47ED-A272-ABE8AF8D63A5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3059CC55-A1F3-4CE6-AA3D-43276F30578A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{30F6DC0A-84C5-4ED4-A587-B016067E319C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{31FDD8E3-8501-45A9-A6A2-E6787EA3B51F}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{327417A8-65D8-48B8-976A-49543282D62B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{32DFF8BA-8385-4C00-9D25-EB438B63C1D0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{343EAFB0-C278-4C47-8820-4D27EDBDA4CC}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{356A4EA0-D19B-44C5-9464-30D985AD1F56}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{357F2184-D5F0-4AB7-A1AC-81EC695BF6FA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{35A3BC7D-D3C0-406F-A6EE-AFFD740139E6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{35AA49E9-FB30-4F04-A750-9525535E78B5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{35B0E4F7-43C5-4CC3-9F54-94E01166DA26}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{35EAE2A8-9C64-439F-A1A9-918DEA6B0784}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3603C70E-9421-40A2-9D6B-0CEA3B54925D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{372F2A4B-9A00-411E-88F1-38D2C808CBE0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3740DD20-C3A1-4E99-B772-BBD43F049C50}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{37F46DD4-9FC9-4445-964E-47AD0888F51E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3826D70B-5EA7-4439-AFCF-0086493F4A74}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3862B300-D481-4F37-A654-645FF8736BDB}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3A09C018-2F07-49C1-9C9F-205340C1B2EC}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3A44B1D2-EC28-4DF5-9DB2-BB5D451ACBC5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3AFA879B-4A5D-46CE-B25A-6A1B1885F495}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3B1518C8-8625-4614-9A1F-9CB262D8668C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3B25D6DD-4D01-4316-AE15-768B65E13A85}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3B775CB2-57C9-41B3-9F99-8C85DF22F0A6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3B924EAE-CF14-40C1-8FD9-495E96F165E0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3BBC0C93-4962-4B41-B753-2E60383C19F6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3BCF04CB-5291-4B4A-B5A2-2710A4C6D1DB}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3BD98C84-3625-47EA-9FE5-E12D2CCEA4F8}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3C037047-6364-4EA5-BF1C-662A54FB7CAA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3C110FDF-3CDB-4BC9-A434-B7AC89983EC8}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3C1BC83A-0A9C-4849-8425-53A12AADEAB1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3C699350-9DA5-40E5-939E-D6DA240D3170}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3C91A0DA-59A1-4A23-BC36-3F4FF5904E60}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{3CD2D8AB-EF70-4BCD-86B3-CFAC88E74DF2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4017DBD3-3C85-4DD0-87B1-5101CF0DB4B0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{415226AB-6377-4C01-89D3-84EDBCC09D97}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{42CA93B3-47CA-4087-96EB-F9AA20FE1792}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4444A729-A746-4C56-86A0-4F30D1159A80}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4696FE59-9087-4892-A07E-AC634A2DF434}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{47E3935E-47E6-4D0C-A4DF-A1C7FCC5DCAD}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{48D3FEF9-9EF5-47C9-A102-DCD489A3C52A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{493D6111-C6FA-40A6-AE82-D0AD7789F0B6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{49A137B8-F878-4D21-B0A7-9C0249293551}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4A10CD5B-966A-494E-A3A0-A234BBCEBD2A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4B3B177E-7922-4905-9853-88E8389E9D1F}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4C31C346-A7E4-4825-9049-06DD53FA4666}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4C61FFFB-6A71-4FDB-920E-579287DC7D54}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4CC44F46-BFB2-40A5-86E4-71434AB91E51}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4D200E05-BDE4-41E9-B96B-8F097D7B69CA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4D87B416-190C-470E-8A2C-42AFFE677DE1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4ECB946A-BE36-45E4-9313-44E42A78AE94}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4ED6B120-CA54-44CF-8932-FB1627FBE11E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4FD22B77-3AC1-49A3-B3E9-CFC375BE3961}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{4FF80D1D-EDC0-4428-B722-BF34E9713D2E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{50264310-1BED-4F16-B667-00D60155823D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{50295104-BB53-40EC-842B-557AEE2CEAFC}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{51435647-55BF-4714-B503-09ADE69C3D28}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5159B912-9CF8-4FC2-B527-7EBE939D6320}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{51D55AE6-BF13-47E1-8C16-87E25E16F7B8}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{52747B17-FB9F-4370-B633-B7E5AC43C389}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{52B8A6B4-6C75-4C3A-A266-F267B8AFCDB4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{52E61F83-E6D0-4757-B102-44B60CA2BEB5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{53905B77-E768-4B67-9625-8C36FE718318}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5503A0B2-219B-4C78-8AC9-428D65C949C5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{553B5898-FE2E-4CB2-BF65-F4B228488719}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{55413E90-6197-46E4-B5ED-9B136ED81D35}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{55787E7A-87B6-4997-AEA2-92791B7AAE47}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{55F38432-189C-46EC-A080-D0CCBC652DA2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{562F43FC-484F-45B1-A028-80900ED73E32}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{566EF463-6F52-4B05-83DD-7D4A4149CABB}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5680ECB2-28A1-4892-87E9-45CDE9A6E822}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{56C4B041-E0C7-46F9-85BE-688365AFAAC0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5725BEB9-E3E0-44CD-BB36-AF64C7B39741}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5759FC45-59B4-4014-85CF-42B02E888BD0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{579776D2-7A3A-4DB2-9924-CA949AA24938}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{57B65601-C394-4C7A-9A60-2E38A62B5EF6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{58559DCF-6C32-4499-8F8E-722BE27FB830}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{58661D94-E475-400C-90C3-17D13CBE4112}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5A67C412-DFD1-42E9-858E-EA084822669D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5A81089C-435E-44CB-8E6E-BBF9C0A44861}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5A8F3511-E2C8-4064-9CD9-8635D67CFB55}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5A900F9C-1008-4EFA-AF77-F25BEDFBBA82}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5AB1EC40-97A6-4F79-A1D0-A6FBBBC65A98}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5AB278DC-55C6-4F32-B49C-8A78F11546D3}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5AED7160-D7CF-4BD4-942C-A5B6DCF5A602}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5BB217AF-B8E0-4BDB-977B-7495CA5B2709}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5D0386E5-FC55-48A1-B1E8-C4BEAD31116D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5D6208C3-5B45-4E44-81EE-443E22145B44}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5EBAAA46-CEF3-4D56-BE86-DCCC466FDBB7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{5FCA6C87-7239-4CF9-A5DD-AD80214F854B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{615737C7-AFF5-4D00-AB62-79A9AC968017}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{620C4BC5-9E12-4523-9154-A4C5D8CD9E66}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{62164D10-1921-44F9-A1A4-1FD4550327B2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{630F7F9E-B53E-44F1-880E-732C73D07882}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6386D577-1455-404F-95DD-B02A4E1C1143}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{63AECFEA-A111-42BC-8A44-C81261C922BE}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6439D86A-4E93-437B-BCDE-D1935DE8B547}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{646FEF3A-8BA5-412A-8412-1C7C49C6D5B4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{64C0044D-58B5-42B5-A026-9D80DBB32759}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6674127A-C451-45F0-8785-9C254918061A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{66786191-68E3-47B6-B8D3-1455A411D858}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{67233373-5F33-492B-8C3E-91928E1D3BE7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{67362E0C-59F4-4978-88E5-6ECDC9E2A6B3}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{68C35E0C-E40A-48D2-BDEC-930C44E14791}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{68FA8AFE-1EA8-491B-A838-6958ED9B3BA1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{69193CE7-8418-4A21-9095-1998D6A9E355}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6948C740-39A7-4D79-99E5-AE155AEF1801}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{696919E0-40A9-461E-8B49-3F0184AFB5ED}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{69E1344B-ECDF-422E-8F97-9BE4F6060746}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6A5955FA-9249-4B22-88AA-2AA189F84F4E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6A8ECB22-F5F9-48CC-B800-B237C4353C02}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6ABB97E5-0D1F-465F-8C29-70F3FA493581}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6B223BB8-6F6B-40AE-8734-188E1E295EA4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6BCF4510-AE6A-4A5F-9890-776BD8D9F993}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6C73BAD6-C381-40ED-9A8E-A2F1084ACE2C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6C837F55-CF5E-4A11-88D5-10E1169097D6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6C848294-8EE1-4D2A-B807-6BF18DC15BB6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6DBE5B97-55AA-4694-AAF2-FA1F71C42FB9}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6E01B9D7-53AB-437B-A47A-FAB555A816E8}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6EAF33A6-19A9-4CEC-A97D-AC2F29EB386B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6F956081-4C8A-473E-B13D-ECEE5DAFBC61}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{6FB1DE3A-B424-43D5-97F7-A35120C93038}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{73A5A531-84A9-45FE-9AEA-448FFDB7EF2E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{73C1F355-71F4-42D5-B5EB-F512866FC085}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{73DD30D4-8A23-4546-B6A1-E26C4CAACD33}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{73ED18C3-3A07-4301-81BC-D7B0E54D47A8}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{74C74B8D-5021-4E7B-A6DD-2A7FBCAEA761}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7564AE3C-D875-4155-B792-0F196D5B092B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{757AD38C-2090-45EB-A57E-C8049B2241A5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7675F852-A723-4531-B925-93AA4D629DC7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7727091F-3D44-44CF-9077-A24B44CA25D6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{772AFCF7-6A13-4A6B-9519-C044B510A06D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{77895BE7-73B9-4DE5-A114-D6A7B4FAA1C7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{78284B0B-FC56-4DFC-A5E0-D9A7CB7B107A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{78B86B4D-B9E6-41FC-880C-88E4A66B6549}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{799397E9-DE2B-4761-A2A6-9F6B175D36A4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7B42105B-858D-479B-A3C9-B57588F15EF3}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7B6325D9-94AD-4ACB-93F8-B0760B0F93ED}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7B843045-3213-4652-B8AB-1405F26B5CDC}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7C7F1DB0-878D-4C50-B03E-757B5EFA7FB7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7C987096-3D32-4CBA-BA4F-E73F6AAB013E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7CA96551-EB50-4262-AFD5-2E9870DE450E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7CB2939A-7E4E-4CE5-A25B-2B62EDDCADE0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7CF3B474-F796-4676-9479-AD6A168E55EA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7D439791-DDB4-4F1B-B988-47C25734DD05}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7D599A55-AE5E-4182-A541-E71EA0326979}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7DA7A515-DF02-4221-BD98-6BD857769F43}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7E558216-464F-4F3D-9A26-A4F93FF65F98}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{7F87DEC5-B496-43A5-8F03-6513D03FE934}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{80D05B42-8523-48D0-AC5F-6B395EF8975D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{814E6209-B852-477C-B9A7-468CC9929513}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{833E458F-AD72-493F-A78D-0501A2208834}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8696CF1F-7B55-4CC4-80EA-C16D42D3BBDB}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{87275DEA-37EC-47D6-839E-B14B8190C8E7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{887E91FD-5BE9-49F2-A0EA-BF28437DBECC}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{89A9B44D-183E-43DD-A031-A5C7F9E9EC48}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{89B842DB-E3C2-437D-B03B-7847838CBCB6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{89E1010A-74AF-49F4-A94F-B3A42E5377D7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8AA1DC76-1D8C-4395-A2BA-B63EDB1E18B6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8AAAFF46-A2B4-4A59-9E21-1CBD0203B327}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8B22415B-91F8-447B-93CE-D9D73349419D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8B383FAA-8FF2-4B47-A57A-3972C5704B42}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8B9491B5-844C-49AC-9A5F-A19F5F6C3BF6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8D9BA1D1-C324-4549-9DBE-1176F9F28499}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8DBE6E2E-4319-4A35-9638-3B7317724772}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8DFCCC6F-5534-46B7-94B5-705F7A5ED384}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8EC73494-C7AE-4C56-9EF5-52925F66158D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8FCD8342-1713-4483-9D3D-EEC3D24FB4E1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{8FF91405-73F5-42F9-A91B-A34778B6D460}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9044EEB1-5420-45B7-9E5A-CAEEA84D24AF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9064F3C0-DD00-411A-AA38-6CFA9066C4EC}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{911E60E7-5FD6-4C0A-958E-CA1072ED54C4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9251DFE1-D3F9-44C6-A162-EAF7F8C4FF0A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{92FFF55D-8BBB-4DA5-BCD4-13A1A83F2A6E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{944588B7-3157-4A1C-9335-FDE14D601FEA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{948ECC85-5254-40F5-AD1F-A0BF05B0DA47}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{950B565A-6D4B-44E7-BC6C-EAFAAE6CE97C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9552EA62-B63C-4D0E-A9D5-88822637F1E0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{95BC7C6F-1FE2-4401-B6E2-DB46C365B012}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{95D9B156-31D3-40C5-AA6A-3D53F615CB77}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{95F04B43-4E19-4EB8-BCAC-6C9AF3256D71}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{96279988-C149-4FC1-B545-CBB8F825C6E0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{965FFD3E-73C1-4272-AA06-50874B8D8756}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{96ABC4F5-2D9A-4956-B42D-2523966C427B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{97401FA4-A577-4B71-989E-718FFE981522}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{97B23627-9792-464F-AEE0-0ADE13FA2366}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{97E6D547-FE39-473D-9524-5105D953B7F6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{98292316-75BE-449F-B028-2A86B00C8D08}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{98826F3E-F880-43A2-A387-909AE91F7D2A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9915C8B1-6661-49D0-9491-9109A4870239}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9998306F-2165-433E-9105-BFDA7CA1291B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{99DDC028-673D-48C0-BB83-0F34DBC8471D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9A715BC2-209A-409D-AE6D-C886D7D8F3AE}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9AB27A5A-2E5D-4EC3-AAEF-48525903636B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9ACD4D87-35B3-44ED-B531-AA7D98E958BF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9B3C3BB0-4FC1-4F1F-A709-779535DC94C2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9B753C77-0A21-4EF1-8FDD-3B99F18FFE63}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9BA30FDC-F63A-4FA4-96F8-542B8DE55779}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9C206D7C-1A88-4522-863F-D6721434FB7E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9C5377BE-9F5F-4074-8C81-78EB6A4C7323}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9D30388F-BD48-44BF-9AD6-F650BB00CD09}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9D766BE7-8A78-44D9-B7A4-2FCA5E240DDC}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9DCBECD8-EE47-4590-B032-37E973981D50}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9E83D6DE-31E5-4474-8134-B914EC0567F9}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9F76D1FB-56D1-4499-B094-F93099E9F9EF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{9FF78300-6ED8-438D-A543-31BC1C5A197E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A0652730-7BC0-40DF-A499-C39AF02E429C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A0C807F8-B4D9-4784-B068-A85CC1542969}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A0E5C055-8010-4620-A93C-1BAAA229A0F2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A3182B26-805F-41AC-8F87-9C24EDFAD193}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A32265A3-3058-4312-B921-A057CD122587}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A395DDDE-E105-49CA-BCE5-83DB0838F3F1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A432502E-6F01-4F77-B90E-348886869AAC}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A4563CBD-7A38-4AF1-84FA-AB109916075B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A46BA0EB-41C6-4B66-A340-A5E67217E3C2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A4D88E68-1ECD-435F-81B3-D129BA3DE204}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A51A7133-7421-456A-9DA4-E2459B3E082D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A546AF53-A9F4-4869-BE97-65FCA6049D3D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A55177D5-D63F-43D3-8362-432768D3EE93}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A55C4204-3A2E-4BF9-9221-0DC3C18A182A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A56781F4-160B-4226-893A-3B0C02063371}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A5722E43-9217-4803-83BA-123055394D70}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A6613C5B-6A8B-4DE6-A317-942DEEFC3BDF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A6898ED9-4CB2-4E80-840B-EEADE3847277}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A69B0105-4AC3-4BE6-B339-AB9DBB4AADF7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A6B41E01-079B-4D0A-9D06-38950FECC03B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A74FA1F3-4050-42A7-B26C-1936E6B2BE56}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A84E8C14-DFD9-4B16-B419-2CD12CA70C4D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{A9DE51E7-DB09-42CC-8BDB-7285F0FEA382}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AA120F39-4D5C-4258-B20D-D369502E1BEE}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AA1F69FB-9847-46F8-A42A-C3243B803097}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AA7448A7-5C30-4CDC-AD5D-35D4D0CD6F7E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AB2CDF16-D1A5-4E21-A2B7-091D15262D64}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AB590822-F754-4466-9A79-82780D87A528}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ABC717EA-19F4-4E37-8740-1EA1B3B504AB}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ABE6ECCE-5D91-400A-9D27-5FF9A1E78C3A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AC589CDA-DD75-42A5-BF6F-0C8116D3850F}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ACB34990-4F42-4B72-BA13-6894812DEFA7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ACD329F5-772F-4E41-96F5-350A99C4F4F2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AD059C1F-E49F-4E1C-A1D3-487EE550546C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ADC4409E-FE8F-4BD4-9F79-DA3E17AA87E6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ADC56DF1-1879-4EB7-9FF2-CA4E542339EB}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AE59986B-7A36-4B5F-8048-A211A89BC47C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AF2D9DB8-5654-4D8D-8846-EEBDCD8D3087}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AF2E8553-C47C-4B13-9DE2-5B5A6800DD12}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{AFD3D35D-287F-4288-987B-F2FF3E1F0553}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B0287927-ABAE-4685-B825-010935D93845}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B0F7E73E-5AA3-472A-A986-B8676FE67575}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B2167C82-FC51-44EE-A564-3F8DA940A0AF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B236EEA7-7F9E-4CB6-A367-958978C45898}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B29649A6-22CF-479B-8F9A-A7B9EDAEBC26}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B3A6AE86-4E95-4646-B3FD-E33D8C5AE21D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B478199F-C2D0-4757-827A-24728DA44B0B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B48F5415-3F6A-4974-816E-CB15BBE8368A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B5423919-13AF-4A96-96CC-8FA8F21D3BD0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B63A0EE5-3F0A-4DEC-AE25-E2600576ADA9}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B63BE3A2-DC12-41FE-B88D-403D1A99FD48}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B654AE0C-19CE-464C-AD09-4830AC179FC0}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B662E9DE-A4F2-49C4-914D-915A01632E54}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B699B628-3CA6-4F93-ADF0-C6403714D48D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B6D9834A-F7C0-4B16-A81B-17EB26AC0E11}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B796CBDB-FA49-47B1-8185-3F78876E3DC6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B80203E7-5461-4533-96B1-EBE06A9E51C5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B80ACCBF-8F42-470C-A4D0-F22F202083A2}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B8894793-A670-415F-84F7-1A75513C4C63}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B8F8EC7D-A2AD-42E4-8B99-AF8FDE53DB35}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{B9A7F526-168C-46BF-BAD4-3BC489513F7D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BA5DA706-9CB2-4747-B741-4685C69A853A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BACF8947-DB61-4D18-914D-6C6D888A5E4C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BACFB9A6-F46D-4490-AD5F-E7DB34936A58}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BB04936B-F922-4049-9596-DF63778B7818}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BB21BE04-0C7D-4AAA-A497-344DD78BF5C6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BB8DAB04-61BB-43DF-8A5E-6AA863AADDB1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BC46F6EB-D540-4687-B6CF-69DAB30DF985}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BC81E746-72AC-4B8C-BB0A-B5BEFE386AB7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BD0A7991-AB5B-453C-B8C2-E1E21E1123F7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BD100F34-8172-46B2-B72E-18BCAE797103}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BD10DECF-0A8D-48C9-9C20-1752E323BE99}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BD348129-C5B6-4CD9-BCF3-6F83A93750F1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BD72741D-F84C-4B1C-A012-79D0D30FF262}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BE28D917-1ADB-4C44-AEA3-2B2B55269FF6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{BFC449C2-560B-423E-AFCC-BC71398FCCB8}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C0A46116-926F-40B8-AF8B-224684E21B14}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C1116489-FB22-492E-9746-05E6710E0EF5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C1C7C428-CFCD-4E67-9A1C-5F5D560F7710}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C1ED95CC-30E1-4CB4-AB16-AA2B2189AB09}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C2AC8D51-643F-447D-881C-A2A1A3B7A9CD}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C300194F-633C-4DA6-9A9A-0BC41B553854}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C39046FA-272D-4760-B148-42F8F80E394A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C430DCA9-B027-402D-B923-CC8FC0817C06}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C4A60EE8-5B53-4423-B722-B9CA59D226B1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C59C2206-FFFD-4BA0-83A8-AC030F502BF9}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C66D44C3-A31C-441C-A390-4153C2774987}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C6B6CD77-C8E4-4CD7-B8F1-CCC687985461}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C6D09B72-9044-4825-9A8B-749936F67DCC}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C6DA7757-768A-4D58-8B19-8937EB3198BC}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C74C0916-E109-4086-BF31-2C2A24C40EFE}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C75AF878-F2F8-49EE-8F55-7A74D33B3B96}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{C8CEB99F-42E0-4676-935E-3187A3025844}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CA470B5A-ED05-4656-A2AB-AFB8CB70FB74}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CA6D2D00-2F9B-4E5A-AD84-D305BB5FDA2C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CAFC85D9-2354-45A5-B822-E6DAA566B6CF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CB233292-8E9C-431E-B2F3-BA8BDBB51653}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CB83D865-28FF-45C2-887A-D78EA8631ACA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CD3FB57A-B6DD-4B4D-A90D-95FE365FD33D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CD762CB9-F218-4116-9B2A-C15AB5BA7858}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CD963373-ACF8-4D53-8795-E3714122DC90}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CE297D02-9ACE-41D0-A418-0DFCEF46342C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CE97F581-61EB-4FA9-82D0-D21803571397}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CEA917EF-35C8-489C-9309-1AC028BAB0EF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CECBC806-2640-4B90-BE24-FBEDD15D6AC4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{CED56EEF-128B-462D-8778-0B81EA6A6B40}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D12485BB-7BEA-42CD-99E6-5E685D16186C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D1281A16-1E96-4840-A09E-54C73514EB2C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D20CC8BE-D83D-4442-A2D1-4053DA9CBC56}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D3530B08-AB5B-43C0-B829-7EC444D4D77F}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D3FB5730-8F56-4837-BF67-7EA2337D53B3}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D413F038-7E84-4EB5-8537-EA2C9AC45E2A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D445FC42-40F2-407C-85E2-118CCDD968D8}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D447FA34-C192-44F2-ACC5-648336C4361E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D460400A-BD15-426B-8437-97E07B2408AE}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D49329C9-55CD-4F72-A018-23AB7D180458}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D495BFD6-1FA8-4FBF-98EE-2CE63DE03A0C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D4B63F35-CA5A-4E0F-A222-BB2A773AD120}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D7642B28-D471-4715-A061-BA05596D6A91}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D765AFC0-FAB7-41BB-A6B9-2F6402798EB4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D7A4EC86-368D-4461-9CA3-C2B78BD5D7CE}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D8494CCE-9569-473A-B08D-297C53B475AE}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D89A631B-94A9-4AC9-9BEE-AE2B58B3BFA1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D8B5286C-B3FD-4057-A97F-CF5FDB8451E7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D8C33142-9EE5-456C-8B1C-15EBFEB96879}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D968CDFF-B085-47A3-A172-40B24DB8ECFA}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{D9BB32A4-B9DF-4412-9688-CB454948EC93}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{DA644258-B68B-4674-AF02-466302195038}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{DCCBE1DE-A371-4338-AA3E-2A1AF3B94518}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{DCD0C737-F089-4CF2-8AB3-E87BC6F450C3}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{DE220C6E-A958-4208-A2CC-556F34E00286}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{DE40DB72-08EC-4833-BC67-B68BFEF2F7EF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{DEAF95D8-6C2D-40EA-85B1-1BE80C79C76C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E1124A94-2716-4B31-A187-A0FFC695B55F}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E1CDC12E-0C38-44F2-A0E6-5A20A6D2A886}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E2098DFF-7A80-4D74-8197-0071FA995DE3}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E27DA0BD-0FD5-4E13-B940-DB0C9ACE550C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E2BB9EEA-A214-4AAB-86FC-8314B1229767}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E2F45C7C-4235-48DC-9312-8465DBBD2863}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E37E5E7C-6984-45C5-AEE4-A3B913F0C3C7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E3D3F5DE-5EC0-48EE-85D9-1848540713B4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E3EB0FB4-8CD5-4344-BA94-32EF97CEF6F1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E438CEDC-647D-4344-ACAF-D7A467F25A25}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E4570145-2AD3-46AD-8C50-2918778BD45B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E4D815D8-9DF6-46F1-9182-1DA059B17D62}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E4E4FB42-E247-42F3-90B8-5A53CCD82099}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E587975A-6131-45B5-BA9D-49CEC0856F36}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E5D925A1-DFFB-4313-A090-342E95D831B5}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E63C626F-90D2-4698-AD98-D7BCFA44A68D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E7242447-009D-4302-A973-6A4DD01B7BAD}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E9892259-6C43-48EE-B4E2-643475726C90}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{E9DAACE1-E6C4-430B-B925-FA17E211B1B6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EA0131EA-CE2F-4196-A014-A69431BC0363}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EB1D0769-5826-4EF3-9782-9A38F79F85EE}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EB4346D6-2547-4F2E-A519-588E6B8A0CE4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EC1FCAD3-9578-4225-9372-CADE844D6C2E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EC3A71F5-1F5C-4718-AE26-CEE4FD483E74}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EC677D81-BEB1-45F7-BC84-A178265FEE93}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EC8D1BE1-1E62-4EE6-80B4-824996CA8FA7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ECF0996A-33F8-4B78-880A-6B971124082B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ECFA4D5A-7A22-4712-A760-28FB5B443259}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ED00187B-408A-4F87-8081-4A9B058C251A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ED15B017-1596-470D-A86C-EEB2B4E9C7ED}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{ED69C5C2-F414-4BBE-BC8E-FEC495BB9F0E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EDFC531B-EA85-4B9C-B960-6A3221723F22}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EE1198C9-4B25-4429-824D-39CA616830EE}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EED13091-C17F-4A86-AD53-EAB6881A466E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EF481112-D9BA-48F8-BA84-EEE2547C90C6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EF74C134-E03E-43ED-801F-EBC0DE109E1C}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EF764B22-E188-45F3-A40F-B0257E1D6153}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EF7C38AA-E04C-4868-96B6-A822183517BE}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{EFB68FC1-6A9A-45F8-AB2C-44BADF569E5B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F1107D6A-87E1-4722-88A8-7CD2AFCC56F4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F1526067-BD6C-4F9C-89FD-F91EC3A93475}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F1AA17D8-85BE-4D66-B177-ED302010D46D}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F3A15D0A-241D-4C39-9FA1-B026900A469B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F4ABB065-2D6F-4AEE-871A-9CA9E415EE8B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F560132D-2C91-4203-9475-328DF3EEE3D4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F5638C51-9628-4A2B-97BC-F1E548EB06A8}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F566FAF1-AFC0-4A08-9DB2-CB9FB2CA469E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F5A6B575-5AA4-47DC-9B97-299FECFF6EB8}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F5B18A20-1B6B-4169-A605-4468D4619455}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F5FADBC0-4BC5-4443-A644-2D4B7C346FF4}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F6127CC9-3738-4006-B19B-0907FDC719BB}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F655B712-F925-4C97-85D2-C7C424AB1CE6}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F690EF6A-1C25-4EC6-A667-43D24BF601C7}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F7C04A25-64DC-4ACE-B0E3-E57D43701FE1}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F81DD1A6-6B4E-4744-97A6-09CC6FF2E08A}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F82A825D-6220-47EB-ACB9-AA8E605ED496}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F8A09D65-8159-45FA-93C0-8344386F692E}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F96D39C4-1AF9-4F02-9579-E402EB01CC31}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F9A9BDF1-DABF-4BFB-9405-A552EAF692F9}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{F9C00655-2EB6-4E18-A409-EF0F65A11B2B}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{FA3CD5B9-5B25-43C4-9C1B-44CF4DB42AAF}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{FC56071C-5668-497E-846B-6289E429D651}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{FE6EF6D7-9224-4EC4-8FCD-C6A9D24A79DB}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{FE8F0E26-01C8-4F62-9693-3A84FD169023}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{FEFBF59D-3230-47AC-9D91-A042D8CED32F}
Successfully deleted: [Empty Folder] C:\Users\mykie\appdata\local\{FFDDD04F-41F7-4D97-A371-31EF699E50F0}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25/06/2014 at  1:11:54.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#10 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:05:33 AM

Posted 25 June 2014 - 10:16 PM

Double click on AdwCleaner.exe to run the tool again.

  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

==========

 

Malwarebytes' Anti-Malware

I see you have MBAM installed - I think this is a great program and would like you to run a quick scan at this time

  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

 

==========

 

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan.

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: EOLS4.gif
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


Best Regards,
oneof4.


#11 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:05:33 AM

Posted 30 June 2014 - 09:00 AM

Are you still with us?


Best Regards,
oneof4.


#12 whatdoesntthefoxsay

whatdoesntthefoxsay
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 01 July 2014 - 01:40 AM

My apologies, I am replying via mobile at the moment and may be a day or two late for an official report with the results you asked for, this is due to work related issues. I hope that is OK?

#13 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:05:33 AM

Posted 04 July 2014 - 07:35 AM

:thumbup2:


Best Regards,
oneof4.


#14 whatdoesntthefoxsay

whatdoesntthefoxsay
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:11:33 AM

Posted 12 July 2014 - 09:53 PM

sorry for the very late reply, ended up getting sick!
 
# AdwCleaner v3.213 - Report created 13/07/2014 at 01:27:28
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : mykie - MYKIE-HP
# Running from : C:\Users\mykie\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKCU\Software\AVG Nation toolbar
Key Deleted : HKLM\Software\AVG Nation toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
 
-\\ Google Chrome v
 
[ File : C:\Users\mykie\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={03F8F75F-4585-44E3-892C-8DB2A576D349}&mid=66276cdfd38847d191a21d1be94566cd-8432e76a3661af319bf62f11500f574ac1cfa34b&lang=en&ds=AVG&pr=fr&d=2012-10-03 16:00:22&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
 
*************************
 
AdwCleaner[R0].txt - [1160 octets] - [25/06/2014 00:57:59]
AdwCleaner[R1].txt - [1220 octets] - [13/07/2014 01:26:38]
AdwCleaner[S0].txt - [1440 octets] - [13/07/2014 01:27:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1500 octets] ##########
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 13/07/2014
Scan Time: 01:37:51
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.12.09
Rootkit Database: v2014.07.09.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: mykie
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 276806
Time Elapsed: 10 min, 30 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
accidentally clicked finish on the eset scanner, did not get the log file. but the scan showed nothing detected anyway.
 


#15 oneof4

oneof4

  • Malware Response Team
  • 3,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Collective
  • Local time:05:33 AM

Posted 15 July 2014 - 06:06 PM

Hello Mykie, :)
 
Congratulations! You now appear clean!  :cool:

**********

Please pay particularly close attention to the instructions that follow. To neglect these steps risk needless reinfection!!

**********

Are things running okay?  Do you have any more questions?

**********

  • Any programs that we had you download and/or install can be removed at this time.
  • If we had you create or download any custom fixes, these can be deleted at this time.

**********

Recommendations

Below are some recommendations to lower your chances of (re)infection.
 
:step1: Update your AntiVirus Software

It is imperative that you update your Antivirus software at least once a week (Even more if you wish).  If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.  If you use a commercial antivirus program you must make sure you keep renewing your subscription.  Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.
 
:step2: Use a Firewall

I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

For a tutorial on Firewalls and a listing of some available ones see the link below:

Understanding and Using Firewalls
 
:step3: Install an Anti-Spyware program, and update it regularly

Malwarebytes' Anti-Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.

SUPERAntiSpyware is another good scanner with high detection and removal rates.
Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
 
:step4: Prevention article : To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections please read our Best Practices artice by quietman7.
 
:step5: Keep Windows (and your other Microsoft software) up to date!

I cannot stress how important this is. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.
http://www.techtalkz.com/windows-7/515869-windows-update-enable-disable-automatic-updates-windows-7-guide.html
 
:step6: Keep your other software up to date as well.

Software does not need to be made by Microsoft to be insecure. Download Secunia Software Inspector to keep all your software up to date.
 
The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing . :(
 
**********

Safe Surfing!


Best Regards,
oneof4.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users