Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

can't run EXE files or download [Closed]

Started by dumonm , Jun 17 2013 05:49 AM

  • This topic is locked This topic is locked

#1
dumonm
Posted 17 June 2013 - 05:49 AM

dumonm

    Member

  • Member
  • PipPip
  • 74 posts
About 2 months ago I tried to run an update ton Microsoft Security essentials, and was unable to. Tried to run any update and was unable to. Chrome and Firefox started to re-direct my home pages. I downloaded Spybot S & D it cleaned a bunch of files but the issue became worse. and Microsoft Essentials was not even working. I tried AVG was working fine and then the trial period ended and then everything went way over board.... went out and purchased Norton.... been on my system for the last month.... I've done all the online fixes shown on the firefox and chrome sites and nothing seems to work
I can't download anything and run it...won't extract files .... I get a security message.

Thanks for your help, here are the results of my OTL Scan

OTL logfile created on: 6/17/2013 7:04:25 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.05 Gb Available Physical Memory | 68.35% Memory free
5.99 Gb Paging File | 4.50 Gb Available in Paging File | 75.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 77.39 Gb Free Space | 51.94% Space Free | Partition Type: NTFS
Drive E: | 2.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 232.88 Gb Total Space | 154.04 Gb Free Space | 66.14% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/17 07:04:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL.exe
PRC - [2013/05/17 11:56:30 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/17 08:42:15 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013/04/10 17:11:52 | 000,168,592 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2012/12/23 23:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.3.1.22\ccsvchst.exe
PRC - [2012/11/22 22:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/17 11:56:30 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/05/17 08:42:15 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/05/30 02:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.3.1.22\wincfi39.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/05/17 11:56:30 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/17 08:42:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/04/10 17:11:52 | 000,168,592 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/04/02 16:36:06 | 000,045,056 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/18 17:10:18 | 000,577,536 | ---- | M] (Research In Motion Limited) [Disabled | Stopped] -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe -- (Blackberry Device Manager)
SRV - [2013/01/18 09:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/01/08 13:53:48 | 000,161,536 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/23 23:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.3.1.22\ccSvcHst.exe -- (N360)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/06/25 22:11:03 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/06/25 21:46:04 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/06/15 20:52:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2009/07/23 23:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\User\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/06/07 07:30:38 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130616.008\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/06/07 07:30:38 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130616.008\NAVENG.SYS -- (NAVENG)
DRV - [2013/05/31 12:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130531.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/17 11:51:31 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/05/17 11:51:31 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/05/17 11:44:06 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/16 15:35:56 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130614.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/02/26 01:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013/01/30 23:18:18 | 000,338,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symnets.sys -- (SymNetS)
DRV - [2013/01/30 23:18:06 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symefa.sys -- (SymEFA)
DRV - [2013/01/28 21:45:18 | 000,602,712 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.sys -- (SRTSP)
DRV - [2013/01/28 21:45:18 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.sys -- (SRTSPX)
DRV - [2013/01/21 22:15:32 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symds.sys -- (SymDS)
DRV - [2013/01/20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013/01/03 04:18:04 | 000,040,200 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2013/01/03 04:18:04 | 000,030,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2013/01/03 04:18:00 | 000,044,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2013/01/03 04:18:00 | 000,044,296 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2013/01/03 04:18:00 | 000,012,808 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2012/11/15 22:22:01 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\ironx86.sys -- (SymIRON)
DRV - [2012/11/15 22:18:04 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.sys -- (ccSet_N360)
DRV - [2012/09/06 14:05:08 | 000,036,512 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2012/08/23 10:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 10:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011/07/13 13:39:10 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/07/13 13:39:10 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/05/05 21:29:18 | 001,178,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010/05/05 21:29:10 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/05/05 21:29:02 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/05/05 21:28:54 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/05/05 21:24:44 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/05/05 21:24:34 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010/05/05 21:24:24 | 000,526,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2010/05/05 21:24:14 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2009/10/05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {739012BF-D354-4AAA-BE20-A3AA23977047}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 C6 32 54 D4 4B CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {739012BF-D354-4AAA-BE20-A3AA23977047}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001b116f749f
IE - HKCU\..\SearchScopes\{739012BF-D354-4AAA-BE20-A3AA23977047}: "URL" = http://search.condui...2256853422&UM=2
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-06-16 21:13:33&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AF684A3F-0B5A-4646-AF88-531B03410159}: "URL" = http://search.condui...q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://ca.msn.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "http://search.condui...707250&UM=2&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\ [2013/05/17 11:44:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\ [2013/06/16 22:55:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/27 16:14:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/27 16:14:34 | 000,000,000 | ---D | M]

[2013/05/18 01:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2013/02/13 15:00:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\[email protected]
[2013/06/14 08:32:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\585f7z1p.default-1369884388276\extensions
[2013/06/14 08:35:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\tw54q74o.default-1347149686625\extensions
[2012/09/10 10:39:06 | 000,000,000 | ---D | M] (FLV Runner) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\tw54q74o.default-1347149686625\extensions\{3bbd3c14-4c16-4989-8366-95bc9179779d}
[2012/09/26 19:08:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\tw54q74o.default-1347149686625\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013/05/18 01:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/28 10:05:52 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/17 11:56:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/04/28 10:05:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/17 11:56:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/07/18 20:21:33 | 000,003,752 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

========== Chrome ==========

CHR - default_search_provider: Norton Safe Search (Enabled)
CHR - default_search_provider: search_url = http://nortonsafe.se...ct=sb&qsrc=2869
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.condui...7251579930&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Java™ Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Windows Live? Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: MixiDJ V30 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.16.1.21_0\
CHR - Extension: MixiDJ V30 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.16.4.512_0\
CHR - Extension: Click&Clean = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\
CHR - Extension: KeyBar 1.8 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb\10.16.2.12_0\
CHR - Extension: KeyBar 1.8 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb\10.16.4.512_0\
CHR - Extension: Norton Identity Protection = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\
CHR - Extension: Click&Clean App = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\

O1 HOSTS File: ([2013/05/30 06:33:44 | 000,446,422 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15355 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98982E72-BE15-4F59-A3FB-99CA4DE25267}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B26AB584-DC8D-4130-B6F9-0A004C021B8F}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\intu-tt2012 {02F985EF-502B-4597-993F-6BF9E004C138} - C:\Program Files\TurboTax 2012\ic2012pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/16 22:40:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{42BF93BD-844C-4F8E-B211-E6B62FB67600}
[2013/06/16 13:44:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{089BAD40-47BE-46B0-999F-CD4EDDC8874C}
[2013/06/16 11:33:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6744F6A0-050C-413A-8A31-0B2735A2B3C8}
[2013/06/16 05:49:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BC136183-F510-4F42-8400-4806940EB004}
[2013/06/15 09:31:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8AF4BCD7-687E-4B5E-8070-C41BCC6D7166}
[2013/06/14 12:53:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Curiolab
[2013/06/14 12:45:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\GetRightToGo
[2013/06/14 09:41:10 | 000,000,000 | ---D | C] -- C:\Users\User\New folder
[2013/06/14 09:33:53 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\New folder
[2013/06/14 08:30:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DD4DB9C0-3507-45BD-B63B-E7C2872D589B}
[2013/06/13 20:29:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DFFFD953-98D3-4F90-B720-9AEB1BE54287}
[2013/06/13 08:28:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CA8A7965-E186-4689-A73B-B2AF7E892597}
[2013/06/12 20:17:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{543B02B5-FE92-4193-8FD0-1E267C0BC9C3}
[2013/06/12 06:20:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A02B3CF5-CA91-46D5-9AAC-F8A1670090E1}
[2013/06/12 03:07:26 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/06/12 03:07:25 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/06/12 03:02:21 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/06/12 03:02:20 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/06/12 03:02:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/06/12 03:02:18 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/06/12 03:02:18 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/06/12 03:02:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/06/12 03:02:18 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/06/12 03:02:18 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/06/11 23:13:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1D55FB6F-51EF-4C6B-8010-E1AD70EE1B5B}
[2013/06/11 19:56:54 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/06/11 19:56:49 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013/06/11 19:56:03 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013/06/11 19:56:02 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013/06/11 19:55:18 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/06/11 19:55:17 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/06/11 10:22:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E07A77C2-1167-465E-A9B9-92BA7D4A59CE}
[2013/06/10 22:21:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{81ACCD27-FC9F-46FB-8EC4-8F2EE3639A3F}
[2013/06/10 06:16:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6ACBDEE8-8489-4CAB-9363-71714EBDBE96}
[2013/06/09 22:26:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{91B40416-F6F8-4B3E-9EA4-507E4C79D402}
[2013/06/09 07:14:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{00AE53C9-FF8D-44F0-9FFF-0674BB06B109}
[2013/06/08 19:14:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DB821A31-9599-40E5-968C-8A5BFAD7EB74}
[2013/06/08 06:46:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F76EA9ED-176D-4D98-830B-25751F88CD9D}
[2013/06/07 19:04:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BDD02D00-DBF1-413F-9B5B-1CE55DA22C92}
[2013/06/07 06:31:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{640F34F0-FFC5-41D6-A248-B3F492293DED}
[2013/06/06 16:00:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9627BD3A-5850-47E0-A201-3EF39F96D1FD}
[2013/06/05 23:01:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B44876AA-43B8-44D7-8C58-39C965F65670}
[2013/06/05 22:06:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F8A6E4F0-B7EC-4446-A6B1-4FAD24592B3D}
[2013/06/05 09:32:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5D1A6454-EAB7-4E91-8BAB-D3AE848DAFFA}
[2013/06/04 21:14:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AA988111-138F-4146-B232-BE111B0EBDB5}
[2013/06/04 06:38:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{969257D7-D05E-4C39-9D2B-CF3E00567BEF}
[2013/06/03 10:56:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6B521DE8-7686-48C1-A2EE-B4688370BD91}
[2013/06/02 22:56:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{15C4CCE6-6037-4F89-9E7F-C1DFA649401D}
[2013/06/02 06:35:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{058D9782-03D4-4AA6-BFFD-C7BA63BC3844}
[2013/06/01 23:53:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4857C518-BE71-49E9-B841-2FA050B17422}
[2013/06/01 06:37:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{823DE536-8C04-46CF-9038-21DAA9653CF4}
[2013/05/31 23:21:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AA985180-9F51-4A60-93A6-8CC1254FC5A5}
[2013/05/31 10:44:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F06DBF1B-CCDD-40FC-996D-CDC221DC0554}
[2013/05/30 22:16:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AAA6A185-41B0-4840-91F4-D28058518A83}
[2013/05/30 21:44:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{534FFF1C-2AAC-4A59-A224-3BAB724892EA}
[2013/05/30 16:44:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\redsn0w
[2013/05/30 15:08:39 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Carl Lee
[2013/05/30 07:00:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\gree
[2013/05/30 06:29:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C60FD693-2EF9-4F9B-857E-222BB0478C27}
[2013/05/29 23:11:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3C49E558-822B-435A-8AE5-34A0647F09FD}
[2013/05/29 20:55:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/29 20:54:49 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/05/29 20:15:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F3E8D56D-3346-4EE8-8B45-91CEAF5FF3FB}
[2013/05/29 07:04:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F7A3E80C-33B2-4CC3-BD2B-A13149AF2823}
[2013/05/28 19:03:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A753F4B2-55CF-4ACB-B0E0-9652D279704F}
[2013/05/28 05:38:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BA036E22-1C67-4C5E-B448-F44CF2D79A62}
[2013/05/27 22:44:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{790E1FF5-FDB1-4178-ADB6-20041D8F2886}
[2013/05/27 21:10:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{345A9803-3210-4FA6-844E-348D9FB57D9E}
[2013/05/27 18:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot
[2013/05/27 18:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\OtShot
[2013/05/27 18:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ZalmanInstaller_52330
[2013/05/27 16:16:23 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2013/05/27 16:14:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/05/27 16:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/05/27 08:43:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{79E38CB5-9479-4463-950E-99CA1E2C58D2}
[2013/05/26 19:36:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{311B2384-2DAC-430C-907B-012F6A4F3CCE}
[2013/05/26 07:15:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{2C233E21-189F-438B-B58F-B57693E0DDC7}
[2013/05/25 09:42:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9FAA2AD5-9BE3-483E-9744-99061EEE0967}
[2013/05/25 07:59:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{84F525DA-9130-4F08-9A26-B985889F4CC4}
[2013/05/24 19:18:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E64B5A67-D47A-4B46-BC94-8133AF962CED}
[2013/05/24 07:18:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9D9052D7-EF95-442A-8048-EA815DBDD4EC}
[2013/05/24 06:47:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{51F7FEFF-F352-4B06-A4E2-13ED51284D27}
[2013/05/23 18:30:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3EBC2DEA-D181-4B2F-9699-E29B98C43518}
[2013/05/23 14:37:02 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013/05/23 14:36:59 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/05/23 14:36:49 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013/05/23 14:36:15 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013/05/23 14:36:15 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013/05/23 14:25:30 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/23 14:18:18 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/05/23 14:16:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\temp
[2013/05/23 13:05:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/05/23 13:05:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/05/23 13:05:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/05/23 11:26:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/23 11:09:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/05/23 06:19:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{47F476A1-9EF8-4A7A-A7D9-0EFBB5579FA7}
[2013/05/22 18:12:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7F8F59FD-0104-4EEC-B488-31A9F5F3F7CE}
[2013/05/22 06:11:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BEE3E1CF-94A2-4EA9-9679-54148CA07F26}
[2013/05/21 11:30:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{65557CCC-3D9A-401D-B197-D03718394D2B}
[2013/05/20 23:13:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1C9EDB7D-994F-4993-9712-B9ECE2AF2A45}
[2013/05/20 06:36:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{660B46B0-AC09-4085-A01B-D66879935E75}
[2013/05/19 23:48:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{417C476A-0394-4039-818D-E672A06AB86D}
[2013/05/19 08:04:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3EB13233-3E24-434B-9170-B85B256F0070}
[2013/05/18 08:47:03 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/05/18 08:11:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{932C912E-09C0-4E98-85F4-36DAD213F1BB}
[2013/01/04 19:08:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\User\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/17 06:51:57 | 000,663,268 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/06/17 06:51:57 | 000,122,136 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/06/17 06:41:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/17 06:37:16 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/17 06:37:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/17 06:01:04 | 000,055,084 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000002-00000000-00000005-00001102-00000005-002C1102}.rfx
[2013/06/17 06:01:04 | 000,055,084 | ---- | M] () -- C:\Windows\System32\BMXState-{00000002-00000000-00000005-00001102-00000005-002C1102}.rfx
[2013/06/17 06:01:04 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000002-00000000-00000005-00001102-00000005-002C1102}.rfx
[2013/06/16 23:02:36 | 000,041,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/16 23:02:36 | 000,041,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/16 22:55:18 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/16 22:55:07 | 2413,834,240 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/16 14:04:40 | 000,307,536 | ---- | M] () -- C:\Users\User\AppData\Local\census.cache
[2013/06/16 14:04:12 | 000,155,165 | ---- | M] () -- C:\Users\User\AppData\Local\ars.cache
[2013/06/16 13:54:31 | 000,000,036 | ---- | M] () -- C:\Users\User\AppData\Local\housecall.guid.cache
[2013/06/15 08:57:25 | 000,000,545 | ---- | M] () -- C:\Windows\wininit.ini
[2013/06/08 07:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/06/08 07:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/06/04 02:36:13 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\isolate.ini
[2013/06/03 19:41:16 | 000,001,057 | ---- | M] () -- C:\Users\User\AppData\Roaming\vso_ts_preview.xml
[2013/05/30 16:37:20 | 000,000,884 | RHS- | M] () -- C:\Users\User\ntuser.pol
[2013/05/30 06:33:44 | 000,446,422 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/05/29 20:55:39 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/27 16:14:09 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/05/27 08:10:20 | 000,446,422 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130530-063344.backup
[2013/05/23 22:09:47 | 000,008,059 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symds.cat
[2013/05/23 14:49:24 | 000,442,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/23 14:18:12 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130527-081020.backup
[2013/05/23 01:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1404000.028\symefa.sys
[2013/05/23 01:25:28 | 000,007,583 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symefa.cat
[2013/05/23 01:25:28 | 000,003,434 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symefa.inf
[2013/05/21 01:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1404000.028\symds.sys
[2013/05/21 01:02:00 | 000,002,852 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symds.inf
[2013/05/21 00:40:20 | 000,008,059 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\srtsp.cat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/16 14:04:40 | 000,307,536 | ---- | C] () -- C:\Users\User\AppData\Local\census.cache
[2013/06/16 14:04:12 | 000,155,165 | ---- | C] () -- C:\Users\User\AppData\Local\ars.cache
[2013/06/16 13:54:31 | 000,000,036 | ---- | C] () -- C:\Users\User\AppData\Local\housecall.guid.cache
[2013/06/15 08:57:25 | 000,000,545 | ---- | C] () -- C:\Windows\wininit.ini
[2013/05/29 20:55:37 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/27 18:55:07 | 000,000,884 | RHS- | C] () -- C:\Users\User\ntuser.pol
[2013/05/27 18:53:14 | 000,000,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot.lnk
[2013/05/24 08:39:15 | 000,001,057 | ---- | C] () -- C:\Users\User\AppData\Roaming\vso_ts_preview.xml
[2013/05/23 13:05:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/05/23 13:05:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/05/23 13:05:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/05/23 13:05:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/05/23 13:05:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/28 10:14:30 | 000,000,154 | ---- | C] () -- C:\Windows\Reimage.ini
[2013/01/15 10:28:48 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2013/01/04 19:08:19 | 000,007,887 | ---- | C] () -- C:\Users\User\AppData\Roaming\pcouffin.cat
[2013/01/04 19:08:19 | 000,001,144 | ---- | C] () -- C:\Users\User\AppData\Roaming\pcouffin.inf
[2012/08/11 07:34:07 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/06/25 21:44:52 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012/06/25 21:44:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012/06/16 21:13:39 | 000,000,067 | ---- | C] () -- C:\Windows\Easy Video to DVD.INI
[2012/06/15 17:01:36 | 000,028,674 | ---- | C] () -- C:\Windows\System32\pr2kins.dll
[2012/06/15 17:01:31 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== ZeroAccess Check ==========

[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 166 bytes -> C:\ProgramData\TEMP:FB1B13D8

< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 17 June 2013 - 11:31 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there could I have a different look using OTL, there will only be one log generated this time

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

    Posted Image
  • Select All Users
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    dir "%systemdrive%\*" /S /A:L /C
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs

  • 0

#3
dumonm
Posted 18 June 2013 - 05:51 AM

dumonm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Did not ask for any clean up

here is the log

TL logfile created on: 6/18/2013 7:20:58 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 60.11% Memory free
5.99 Gb Paging File | 4.22 Gb Available in Paging File | 70.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 76.26 Gb Free Space | 51.18% Space Free | Partition Type: NTFS
Drive E: | 2.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 232.88 Gb Total Space | 154.04 Gb Free Space | 66.14% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/18 07:20:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL(1).exe
PRC - [2013/05/17 11:56:30 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/17 08:42:15 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013/04/10 17:11:52 | 000,168,592 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2012/12/23 23:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.3.1.22\ccsvchst.exe
PRC - [2012/11/22 22:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/23 14:51:33 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/23 14:51:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/05/17 11:56:30 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/05/17 08:42:15 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/02/05 22:57:56 | 000,269,824 | ---- | M] () -- C:\Program Files\Windows Live\Writer\en\WindowsLive.Writer.Localization.resources.dll
MOD - [2013/01/16 04:15:21 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/16 04:15:04 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/16 04:14:58 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/16 04:14:53 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2013/01/16 04:14:53 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/10/10 22:14:22 | 000,357,224 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
MOD - [2012/05/30 02:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.3.1.22\wincfi39.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/05/17 11:56:30 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/17 08:42:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/04/10 17:11:52 | 000,168,592 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/04/02 16:36:06 | 000,045,056 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/18 17:10:18 | 000,577,536 | ---- | M] (Research In Motion Limited) [Disabled | Stopped] -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe -- (Blackberry Device Manager)
SRV - [2013/01/18 09:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/01/08 13:53:48 | 000,161,536 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/23 23:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.3.1.22\ccSvcHst.exe -- (N360)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/06/25 22:11:03 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/06/25 21:46:04 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/06/15 20:52:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2009/07/23 23:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\User\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/06/07 07:30:38 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130617.021\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/06/07 07:30:38 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130617.021\NAVENG.SYS -- (NAVENG)
DRV - [2013/05/31 12:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130531.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/17 11:51:31 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/05/17 11:51:31 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/05/17 11:44:06 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/16 15:35:56 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130615.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/02/26 01:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013/01/30 23:18:18 | 000,338,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symnets.sys -- (SymNetS)
DRV - [2013/01/30 23:18:06 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symefa.sys -- (SymEFA)
DRV - [2013/01/28 21:45:18 | 000,602,712 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.sys -- (SRTSP)
DRV - [2013/01/28 21:45:18 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.sys -- (SRTSPX)
DRV - [2013/01/21 22:15:32 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symds.sys -- (SymDS)
DRV - [2013/01/20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013/01/03 04:18:04 | 000,040,200 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2013/01/03 04:18:04 | 000,030,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2013/01/03 04:18:00 | 000,044,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2013/01/03 04:18:00 | 000,044,296 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2013/01/03 04:18:00 | 000,012,808 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2012/11/15 22:22:01 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\ironx86.sys -- (SymIRON)
DRV - [2012/11/15 22:18:04 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.sys -- (ccSet_N360)
DRV - [2012/09/06 14:05:08 | 000,036,512 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2012/08/23 10:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 10:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011/07/13 13:39:10 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/07/13 13:39:10 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/05/05 21:29:18 | 001,178,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010/05/05 21:29:10 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/05/05 21:29:02 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/05/05 21:28:54 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/05/05 21:24:44 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/05/05 21:24:34 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010/05/05 21:24:24 | 000,526,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2010/05/05 21:24:14 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2009/10/05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {739012BF-D354-4AAA-BE20-A3AA23977047}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 C6 32 54 D4 4B CD 01 [binary data]
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\..\SearchScopes,DefaultScope = {739012BF-D354-4AAA-BE20-A3AA23977047}
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001b116f749f
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\..\SearchScopes\{739012BF-D354-4AAA-BE20-A3AA23977047}: "URL" = http://search.condui...2256853422&UM=2
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-06-16 21:13:33&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\..\SearchScopes\{AF684A3F-0B5A-4646-AF88-531B03410159}: "URL" = http://search.condui...q={searchTerms}
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://ca.msn.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "http://search.condui...707250&UM=2&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\ [2013/05/17 11:44:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\ [2013/06/17 14:54:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/27 16:14:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/27 16:14:34 | 000,000,000 | ---D | M]

[2013/05/18 01:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2013/02/13 15:00:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\[email protected]
[2013/06/14 08:32:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\585f7z1p.default-1369884388276\extensions
[2013/06/14 08:35:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\tw54q74o.default-1347149686625\extensions
[2012/09/10 10:39:06 | 000,000,000 | ---D | M] (FLV Runner) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\tw54q74o.default-1347149686625\extensions\{3bbd3c14-4c16-4989-8366-95bc9179779d}
[2012/09/26 19:08:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\tw54q74o.default-1347149686625\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2013/05/18 01:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/28 10:05:52 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/17 11:56:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/04/28 10:05:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/17 11:56:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/07/18 20:21:33 | 000,003,752 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

========== Chrome ==========

CHR - default_search_provider: Norton Safe Search (Enabled)
CHR - default_search_provider: search_url = http://nortonsafe.se...ct=sb&qsrc=2869
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.condui...7251579930&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Java™ Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Windows Live? Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: MixiDJ V30 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.16.1.21_0\
CHR - Extension: MixiDJ V30 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.16.4.512_0\
CHR - Extension: Click&Clean = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\
CHR - Extension: KeyBar 1.8 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb\10.16.2.12_0\
CHR - Extension: KeyBar 1.8 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb\10.16.4.512_0\
CHR - Extension: Norton Identity Protection = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\
CHR - Extension: Click&Clean App = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\

O1 HOSTS File: ([2013/05/30 06:33:44 | 000,446,422 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15355 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-636956645-3179581871-4100211739-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98982E72-BE15-4F59-A3FB-99CA4DE25267}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B26AB584-DC8D-4130-B6F9-0A004C021B8F}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\intu-tt2012 {02F985EF-502B-4597-993F-6BF9E004C138} - C:\Program Files\TurboTax 2012\ic2012pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-636956645-3179581871-4100211739-1000..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/06/17 14:50:53 | 000,000,000 | ---D | C] -- C:\Windows\en
[2013/06/17 14:43:12 | 000,000,000 | R--D | C] -- C:\Users\User\SkyDrive
[2013/06/17 14:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SkyDrive
[2013/06/17 14:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013/06/17 13:51:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7D03CCA1-24A9-4091-AC3F-3F720CE101CD}
[2013/06/16 22:40:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{42BF93BD-844C-4F8E-B211-E6B62FB67600}
[2013/06/16 13:44:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{089BAD40-47BE-46B0-999F-CD4EDDC8874C}
[2013/06/16 11:33:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6744F6A0-050C-413A-8A31-0B2735A2B3C8}
[2013/06/16 05:49:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BC136183-F510-4F42-8400-4806940EB004}
[2013/06/15 09:31:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8AF4BCD7-687E-4B5E-8070-C41BCC6D7166}
[2013/06/14 12:53:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Curiolab
[2013/06/14 12:45:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\GetRightToGo
[2013/06/14 09:41:10 | 000,000,000 | ---D | C] -- C:\Users\User\New folder
[2013/06/14 09:33:53 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\New folder
[2013/06/14 08:30:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DD4DB9C0-3507-45BD-B63B-E7C2872D589B}
[2013/06/13 20:29:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DFFFD953-98D3-4F90-B720-9AEB1BE54287}
[2013/06/13 08:28:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CA8A7965-E186-4689-A73B-B2AF7E892597}
[2013/06/12 20:17:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{543B02B5-FE92-4193-8FD0-1E267C0BC9C3}
[2013/06/12 06:20:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A02B3CF5-CA91-46D5-9AAC-F8A1670090E1}
[2013/06/12 03:07:26 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/06/12 03:07:25 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/06/12 03:02:21 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/06/12 03:02:20 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/06/12 03:02:19 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/06/12 03:02:18 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/06/12 03:02:18 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/06/12 03:02:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013/06/12 03:02:18 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/06/12 03:02:18 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/06/11 23:13:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1D55FB6F-51EF-4C6B-8010-E1AD70EE1B5B}
[2013/06/11 19:56:54 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013/06/11 19:56:49 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013/06/11 19:56:03 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013/06/11 19:56:02 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013/06/11 19:55:18 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/06/11 19:55:17 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/06/11 10:22:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E07A77C2-1167-465E-A9B9-92BA7D4A59CE}
[2013/06/10 22:21:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{81ACCD27-FC9F-46FB-8EC4-8F2EE3639A3F}
[2013/06/10 06:16:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6ACBDEE8-8489-4CAB-9363-71714EBDBE96}
[2013/06/09 22:26:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{91B40416-F6F8-4B3E-9EA4-507E4C79D402}
[2013/06/09 07:14:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{00AE53C9-FF8D-44F0-9FFF-0674BB06B109}
[2013/06/08 19:14:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DB821A31-9599-40E5-968C-8A5BFAD7EB74}
[2013/06/08 06:46:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F76EA9ED-176D-4D98-830B-25751F88CD9D}
[2013/06/07 19:04:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BDD02D00-DBF1-413F-9B5B-1CE55DA22C92}
[2013/06/07 06:31:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{640F34F0-FFC5-41D6-A248-B3F492293DED}
[2013/06/06 16:00:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9627BD3A-5850-47E0-A201-3EF39F96D1FD}
[2013/06/05 23:01:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B44876AA-43B8-44D7-8C58-39C965F65670}
[2013/06/05 22:06:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F8A6E4F0-B7EC-4446-A6B1-4FAD24592B3D}
[2013/06/05 09:32:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5D1A6454-EAB7-4E91-8BAB-D3AE848DAFFA}
[2013/06/04 21:14:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AA988111-138F-4146-B232-BE111B0EBDB5}
[2013/06/04 06:38:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{969257D7-D05E-4C39-9D2B-CF3E00567BEF}
[2013/06/03 10:56:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6B521DE8-7686-48C1-A2EE-B4688370BD91}
[2013/06/02 22:56:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{15C4CCE6-6037-4F89-9E7F-C1DFA649401D}
[2013/06/02 06:35:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{058D9782-03D4-4AA6-BFFD-C7BA63BC3844}
[2013/06/01 23:53:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4857C518-BE71-49E9-B841-2FA050B17422}
[2013/06/01 06:37:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{823DE536-8C04-46CF-9038-21DAA9653CF4}
[2013/05/31 23:21:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AA985180-9F51-4A60-93A6-8CC1254FC5A5}
[2013/05/31 10:44:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F06DBF1B-CCDD-40FC-996D-CDC221DC0554}
[2013/05/30 22:16:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AAA6A185-41B0-4840-91F4-D28058518A83}
[2013/05/30 21:44:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{534FFF1C-2AAC-4A59-A224-3BAB724892EA}
[2013/05/30 16:44:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\redsn0w
[2013/05/30 15:08:39 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Carl Lee
[2013/05/30 07:00:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\gree
[2013/05/30 06:29:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C60FD693-2EF9-4F9B-857E-222BB0478C27}
[2013/05/29 23:11:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3C49E558-822B-435A-8AE5-34A0647F09FD}
[2013/05/29 20:55:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/29 20:54:49 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/05/29 20:15:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F3E8D56D-3346-4EE8-8B45-91CEAF5FF3FB}
[2013/05/29 07:04:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F7A3E80C-33B2-4CC3-BD2B-A13149AF2823}
[2013/05/28 19:03:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A753F4B2-55CF-4ACB-B0E0-9652D279704F}
[2013/05/28 05:38:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BA036E22-1C67-4C5E-B448-F44CF2D79A62}
[2013/05/27 22:44:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{790E1FF5-FDB1-4178-ADB6-20041D8F2886}
[2013/05/27 21:10:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{345A9803-3210-4FA6-844E-348D9FB57D9E}
[2013/05/27 18:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot
[2013/05/27 18:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\OtShot
[2013/05/27 18:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ZalmanInstaller_52330
[2013/05/27 16:16:23 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2013/05/27 16:14:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/05/27 16:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/05/27 08:43:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{79E38CB5-9479-4463-950E-99CA1E2C58D2}
[2013/05/26 19:36:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{311B2384-2DAC-430C-907B-012F6A4F3CCE}
[2013/05/26 07:15:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{2C233E21-189F-438B-B58F-B57693E0DDC7}
[2013/05/25 09:42:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9FAA2AD5-9BE3-483E-9744-99061EEE0967}
[2013/05/25 07:59:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{84F525DA-9130-4F08-9A26-B985889F4CC4}
[2013/05/24 19:18:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E64B5A67-D47A-4B46-BC94-8133AF962CED}
[2013/05/24 07:18:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9D9052D7-EF95-442A-8048-EA815DBDD4EC}
[2013/05/24 06:47:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{51F7FEFF-F352-4B06-A4E2-13ED51284D27}
[2013/05/23 18:30:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3EBC2DEA-D181-4B2F-9699-E29B98C43518}
[2013/05/23 14:37:02 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2013/05/23 14:36:59 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/05/23 14:36:49 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2013/05/23 14:36:15 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2013/05/23 14:36:15 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2013/05/23 14:25:30 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/23 14:18:18 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/05/23 14:16:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\temp
[2013/05/23 13:05:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/05/23 13:05:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/05/23 13:05:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/05/23 11:26:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/23 11:09:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/05/23 06:19:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{47F476A1-9EF8-4A7A-A7D9-0EFBB5579FA7}
[2013/05/22 18:12:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7F8F59FD-0104-4EEC-B488-31A9F5F3F7CE}
[2013/05/22 06:11:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BEE3E1CF-94A2-4EA9-9679-54148CA07F26}
[2013/05/21 11:30:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{65557CCC-3D9A-401D-B197-D03718394D2B}
[2013/05/20 23:13:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1C9EDB7D-994F-4993-9712-B9ECE2AF2A45}
[2013/05/20 06:36:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{660B46B0-AC09-4085-A01B-D66879935E75}
[2013/05/19 23:48:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{417C476A-0394-4039-818D-E672A06AB86D}
[2013/05/19 08:04:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3EB13233-3E24-434B-9170-B85B256F0070}
[2013/01/04 19:08:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\User\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/06/18 06:41:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/18 06:40:39 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/18 06:40:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/18 06:01:12 | 000,055,084 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000002-00000000-00000005-00001102-00000005-002C1102}.rfx
[2013/06/18 06:01:12 | 000,055,084 | ---- | M] () -- C:\Windows\System32\BMXState-{00000002-00000000-00000005-00001102-00000005-002C1102}.rfx
[2013/06/18 06:01:12 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000002-00000000-00000005-00001102-00000005-002C1102}.rfx
[2013/06/17 22:51:20 | 000,001,057 | ---- | M] () -- C:\Users\User\AppData\Roaming\vso_ts_preview.xml
[2013/06/17 15:54:14 | 000,663,268 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/06/17 15:54:14 | 000,122,136 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/06/17 15:01:28 | 000,041,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/17 15:01:28 | 000,041,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/17 14:53:58 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/17 14:53:47 | 2413,834,240 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/16 14:04:40 | 000,307,536 | ---- | M] () -- C:\Users\User\AppData\Local\census.cache
[2013/06/16 14:04:12 | 000,155,165 | ---- | M] () -- C:\Users\User\AppData\Local\ars.cache
[2013/06/16 13:54:31 | 000,000,036 | ---- | M] () -- C:\Users\User\AppData\Local\housecall.guid.cache
[2013/06/15 08:57:25 | 000,000,545 | ---- | M] () -- C:\Windows\wininit.ini
[2013/06/08 07:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/06/08 07:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/06/04 02:36:13 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\isolate.ini
[2013/05/30 16:37:20 | 000,000,884 | RHS- | M] () -- C:\Users\User\ntuser.pol
[2013/05/30 06:33:44 | 000,446,422 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/05/29 20:55:39 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/27 16:14:09 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/05/27 08:10:20 | 000,446,422 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130530-063344.backup
[2013/05/23 22:09:47 | 000,008,059 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symds.cat
[2013/05/23 14:49:24 | 000,442,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/23 14:18:12 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130527-081020.backup
[2013/05/23 01:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1404000.028\symefa.sys
[2013/05/23 01:25:28 | 000,007,583 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symefa.cat
[2013/05/23 01:25:28 | 000,003,434 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symefa.inf
[2013/05/21 01:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1404000.028\symds.sys
[2013/05/21 01:02:00 | 000,002,852 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symds.inf
[2013/05/21 00:40:20 | 000,008,059 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\srtsp.cat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/06/17 14:49:40 | 000,001,251 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2013/06/17 14:49:19 | 000,001,320 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2013/06/17 14:48:07 | 000,002,432 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2013/06/17 14:43:08 | 000,002,152 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2013/06/16 14:04:40 | 000,307,536 | ---- | C] () -- C:\Users\User\AppData\Local\census.cache
[2013/06/16 14:04:12 | 000,155,165 | ---- | C] () -- C:\Users\User\AppData\Local\ars.cache
[2013/06/16 13:54:31 | 000,000,036 | ---- | C] () -- C:\Users\User\AppData\Local\housecall.guid.cache
[2013/06/15 08:57:25 | 000,000,545 | ---- | C] () -- C:\Windows\wininit.ini
[2013/05/29 20:55:37 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/27 18:55:07 | 000,000,884 | RHS- | C] () -- C:\Users\User\ntuser.pol
[2013/05/27 18:53:14 | 000,000,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot.lnk
[2013/05/24 08:39:15 | 000,001,057 | ---- | C] () -- C:\Users\User\AppData\Roaming\vso_ts_preview.xml
[2013/05/23 13:05:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/05/23 13:05:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/05/23 13:05:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/05/23 13:05:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/05/23 13:05:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/28 10:14:30 | 000,000,154 | ---- | C] () -- C:\Windows\Reimage.ini
[2013/01/15 10:28:48 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2013/01/04 19:08:19 | 000,007,887 | ---- | C] () -- C:\Users\User\AppData\Roaming\pcouffin.cat
[2013/01/04 19:08:19 | 000,001,144 | ---- | C] () -- C:\Users\User\AppData\Roaming\pcouffin.inf
[2012/08/11 07:34:07 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/06/25 21:44:52 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012/06/25 21:44:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012/06/16 21:13:39 | 000,000,067 | ---- | C] () -- C:\Windows\Easy Video to DVD.INI
[2012/06/15 17:01:36 | 000,028,674 | ---- | C] () -- C:\Windows\System32\pr2kins.dll
[2012/06/15 17:01:31 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== ZeroAccess Check ==========

[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/06/17 21:07:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft
[2012/06/16 17:06:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AnvSoft
[2013/06/17 17:16:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Azureus
[2013/06/14 12:53:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Curiolab
[2013/04/27 22:43:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DriverCure
[2012/09/29 09:50:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2012/09/26 19:08:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/07/20 18:26:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\eType
[2013/06/14 12:51:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GetRightToGo
[2012/06/18 19:24:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ImgBurn
[2013/05/13 16:38:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Individual Software
[2013/04/11 14:14:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2012/09/12 19:03:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nico Mak Computing
[2012/09/26 19:08:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenCandy
[2013/04/27 22:43:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PC Utility Kit
[2013/05/10 14:59:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\QuickScan
[2013/05/30 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\redsn0w
[2012/10/06 18:33:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Research In Motion
[2012/06/16 21:49:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\systweak
[2013/02/13 15:00:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TomTom
[2013/06/17 22:51:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Vso
[2012/06/22 21:08:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WinAVI
[2012/06/24 15:13:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV - [2009/07/13 21:14:53 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2013/02/27 00:49:16 | 000,047,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2009/07/13 21:14:11 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2010/11/20 08:20:58 | 000,585,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2010/11/20 08:18:06 | 000,494,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2012/07/04 17:14:34 | 000,102,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2013/05/13 00:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2010/11/20 08:18:30 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2011/03/03 01:38:01 | 000,132,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/07/13 21:15:13 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:33 | 000,300,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2010/11/20 08:19:23 | 000,350,208 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2009/07/13 21:16:15 | 000,313,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2009/07/13 21:15:41 | 000,049,664 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2009/07/13 21:16:03 | 000,280,576 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2012/10/03 12:42:26 | 000,242,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2009/07/13 21:16:11 | 000,019,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2011/05/24 06:44:59 | 000,293,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2012/02/11 01:37:49 | 000,317,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV - [2009/07/13 21:16:12 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2010/11/20 08:21:00 | 000,286,208 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2010/11/20 08:21:03 | 000,376,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2009/07/13 21:16:13 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/17 01:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/07/13 21:16:20 | 000,073,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/11/20 08:21:26 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2010/11/20 08:21:19 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV - [2010/11/20 08:21:05 | 000,750,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2010/11/20 08:21:28 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/13 21:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2012/05/01 00:44:12 | 000,164,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2010/11/20 08:17:51 | 001,025,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2010/11/20 08:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2010/11/20 08:18:05 | 000,473,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2010/11/20 08:21:06 | 000,125,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/11/20 08:21:35 | 001,086,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (eventlog)
SRV - [2010/11/20 08:19:40 | 000,566,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2010/11/20 08:21:35 | 000,463,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (StiSvc)
SRV - [2010/11/20 08:17:22 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/07/13 21:16:19 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 18:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2010/11/20 08:18:34 | 000,214,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/13 21:16:19 | 000,829,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2010/11/20 08:21:36 | 000,084,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2012/11/13 14:07:52 | 003,906,584 | ---- | M] (Safer-Networking Ltd.) MD5=E4A0900CF535888DDD85B10040CA3E34 -- C:\Program Files\Spybot - Search & Destroy 2\explorer.exe

< MD5 for: SERVICES >
[2009/06/10 17:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 17:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services

< MD5 for: SERVICES.CNF >
[2012/08/11 07:53:12 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\Users\User\Documents\My Web Sites\_vti_pvt\services.cnf

< MD5 for: SERVICES.CSS >
[2005/06/29 16:48:58 | 000,014,339 | ---- | M] () MD5=9D415BDEF74ADF7B0CD791E40A911A38 -- C:\Program Files\Intuit\QuickBooks 2012\Components\Services\services.css

< MD5 for: SERVICES.EXE >
[2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/13 21:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 22:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/13 22:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui

< MD5 for: SERVICES.JS >
[2013/03/07 17:23:26 | 000,001,083 | ---- | M] () MD5=18272708A717583EBB2AE9712FDA65CD -- C:\Program Files\Microsoft\BingDesktop\Apps\runtime\mocks\services.js

< MD5 for: SERVICES.LNK >
[2009/07/14 00:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/14 00:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 17:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 17:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/13 22:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 17:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PNG >
[2013/05/21 09:31:48 | 000,000,653 | ---- | M] () MD5=F4FFE88C8F84EE82D9EB026D42F449D4 -- C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\i\menu\services.png

< MD5 for: SERVICES.PTXML >
[2009/07/13 16:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 16:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml

< MD5 for: SERVICES.SBS >
[2011/03/01 08:58:46 | 000,034,818 | ---- | M] () MD5=62AFD4B2025CE6D4706B36F4C4808F9B -- C:\Program Files\Spybot - Search & Destroy 2\Includes\Services.sbs

< MD5 for: SVCHOST.EXE >
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 21:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 02:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 01:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 08:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 21:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is A838-908A
Directory of C:\
07/14/2009 12:53 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Program Files\Microsoft Security Client
06/27/2012 06:27 PM <SYMLINKD> Backup [c:\windows\system32\config]
05/23/2012 10:25 AM <SYMLINK> DbgHelp.dll [c:\windows\system32\config]
10/01/2012 05:34 PM <SYMLINKD> Drivers [c:\windows\system32\config]
02/15/2013 08:11 AM <SYMLINKD> en-us [c:\windows\system32\config]
01/27/2013 03:37 PM <SYMLINK> EppManifest.dll [c:\windows\system32\config]
01/27/2013 01:25 PM <SYMLINK> MpAsDesc.dll [c:\windows\system32\config]
01/27/2013 12:12 PM <SYMLINK> MpClient.dll [c:\windows\system32\config]
01/27/2013 12:11 PM <SYMLINK> MpCmdRun.exe [c:\windows\system32\config]
01/27/2013 12:12 PM <SYMLINK> MpCommu.dll [c:\windows\system32\config]
01/27/2013 01:05 PM <SYMLINK> mpevmsg.dll [c:\windows\system32\config]
01/27/2013 12:12 PM <SYMLINK> MpOAv.dll [c:\windows\system32\config]
01/27/2013 12:12 PM <SYMLINK> MpRTP.dll [c:\windows\system32\config]
01/27/2013 12:12 PM <SYMLINK> MpSvc.dll [c:\windows\system32\config]
03/26/2012 05:08 PM <SYMLINK> MSESysprep.dll [c:\windows\system32\config]
01/27/2013 12:12 PM <SYMLINK> MsMpCom.dll [c:\windows\system32\config]
01/27/2013 12:11 PM <SYMLINK> MsMpEng.exe [c:\windows\system32\config]
01/27/2013 12:11 PM <SYMLINK> MsMpLics.dll [c:\windows\system32\config]
01/27/2013 12:08 PM <SYMLINK> MsMpRes.dll [c:\windows\system32\config]
01/27/2013 12:11 PM <SYMLINK> msseces.exe [c:\windows\system32\config]
03/26/2012 05:08 PM <SYMLINK> msseoobe.exe [c:\windows\system32\config]
03/26/2012 05:08 PM <SYMLINK> msseooberes.dll [c:\windows\system32\config]
01/27/2013 12:11 PM <SYMLINK> MsseWat.dll [c:\windows\system32\config]
01/27/2013 12:12 PM <SYMLINK> NisIpsPlugin.dll [c:\windows\system32\config]
01/27/2013 12:12 PM <SYMLINK> NisLog.dll [c:\windows\system32\config]
01/27/2013 12:11 PM <SYMLINK> NisSrv.exe [c:\windows\system32\config]
01/27/2013 12:12 PM <SYMLINK> NisWFP.dll [c:\windows\system32\config]
01/27/2013 12:11 PM <SYMLINK> Setup.exe [c:\windows\system32\config]
01/27/2013 12:08 PM <SYMLINK> SetupRes.dll [c:\windows\system32\config]
01/27/2013 12:08 PM <SYMLINK> shellext.dll [c:\windows\system32\config]
02/08/2012 04:06 PM <SYMLINK> SqmApi.dll [c:\windows\system32\config]
05/23/2012 10:25 AM <SYMLINK> SymSrv.dll [c:\windows\system32\config]
04/06/2012 09:59 AM <SYMLINK> SymSrv.yes [c:\windows\system32\config]
29 File(s) 8,487,145 bytes
Directory of C:\Program Files\Windows Defender
07/14/2009 12:56 AM <SYMLINKD> en-US [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpAsDesc.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpClient.dll [c:\windows\system32\config]
07/13/2009 09:14 PM <SYMLINK> MpCmdRun.exe [c:\windows\system32\config]
11/20/2010 08:19 AM <SYMLINK> MpCommu.dll [c:\windows\system32\config]
07/13/2009 09:06 PM <SYMLINK> MpEvMsg.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpOAV.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpRTP.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpSvc.dll [c:\windows\system32\config]
07/13/2009 09:14 PM <SYMLINK> MSASCui.exe [c:\windows\system32\config]
11/20/2010 08:19 AM <SYMLINK> MsMpCom.dll [c:\windows\system32\config]
07/13/2009 09:07 PM <SYMLINK> MsMpLics.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MsMpRes.dll [c:\windows\system32\config]
12 File(s) 2,930,176 bytes
Directory of C:\ProgramData
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\System Volume Information\SystemRestore\FRStaging\Windows
08/11/2012 07:30 AM <SYMLINKD> $NtUninstallKB45116$ [..]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 12:53 AM <SYMLINKD> All Users [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 12:53 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 12:53 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/14/2009 12:53 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 12:53 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 12:53 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 12:53 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 12:53 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/14/2009 12:53 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 12:53 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 12:53 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/14/2009 12:53 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/14/2009 12:53 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 12:53 AM <JUNCTION> My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\User
06/15/2012 02:42 PM <JUNCTION> Application Data [C:\Users\User\AppData\Roaming]
06/15/2012 02:42 PM <JUNCTION> Cookies [C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies]
06/15/2012 02:42 PM <JUNCTION> Local Settings [C:\Users\User\AppData\Local]
06/15/2012 02:42 PM <JUNCTION> My Documents [C:\Users\User\Documents]
06/15/2012 02:42 PM <JUNCTION> NetHood [C:\Users\User\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/15/2012 02:42 PM <JUNCTION> PrintHood [C:\Users\User\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/15/2012 02:42 PM <JUNCTION> Recent [C:\Users\User\AppData\Roaming\Microsoft\Windows\Recent]
06/15/2012 02:42 PM <JUNCTION> SendTo [C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo]
06/15/2012 02:42 PM <JUNCTION> Start Menu [C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu]
06/15/2012 02:42 PM <JUNCTION> Templates [C:\Users\User\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\User\AppData\Local
06/15/2012 02:42 PM <JUNCTION> Application Data [C:\Users\User\AppData\Local]
06/15/2012 02:42 PM <JUNCTION> History [C:\Users\User\AppData\Local\Microsoft\Windows\History]
06/15/2012 02:42 PM <JUNCTION> Temporary Internet Files [C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\User\Documents
06/15/2012 02:42 PM <JUNCTION> My Music [C:\Users\User\Music]
06/15/2012 02:42 PM <JUNCTION> My Pictures [C:\Users\User\Pictures]
06/15/2012 02:42 PM <JUNCTION> My Videos [C:\Users\User\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.1.7600.16385_none_579306edb982ae36
07/13/2009 09:14 PM <SYMLINK> MpCmdRun.exe [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpOAV.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpRTP.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpSvc.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MsMpRes.dll [c:\windows\system32\config]
5 File(s) 1,533,440 bytes
Directory of C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_59c41ab5b67131d0
07/13/2009 09:14 PM <SYMLINK> MpCmdRun.exe [c:\windows\system32\config]
11/20/2010 08:19 AM <SYMLINK> MpCommu.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpOAV.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpRTP.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MpSvc.dll [c:\windows\system32\config]
11/20/2010 08:19 AM <SYMLINK> MsMpCom.dll [c:\windows\system32\config]
07/13/2009 09:15 PM <SYMLINK> MsMpRes.dll [c:\windows\system32\config]
7 File(s) 1,810,944 bytes
Total Files Listed:
53 File(s) 14,761,705 bytes
54 Dir(s) 83,274,080,256 bytes free

========== Alternate Data Streams ==========

@Alternate Data Stream - 166 bytes -> C:\ProgramData\TEMP:FB1B13D8

< End of report >


thanks
  • 0

#4
Essexboy
Posted 18 June 2013 - 07:15 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets marmalise the bad boy. The system may be slow on reboot dependant on how badly damaged MSES\Defender is

Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

  • Click on the Start Posted Image button and in the search box, type Notepad and click on it
  • Copy (Ctrl+C) all of the text in the following box and paste (Ctrl+V) it into Notepad
    fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\Backup"  
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\DbgHelp.dll"  
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\Drivers" 
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\en-us" 
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\EppManifest.dll"  
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MpAsDesc.dll" 
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MpClient.dll" 
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MpCmdRun.exe"  
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MpCommu.dll" 
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\mpevmsg.dll" 
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MpOAv.dll"  
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MpRTP.dll" 
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MpSvc.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MSESysprep.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MsMpCom.dll" 
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MsMpEng.exe"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MsMpLics.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MsMpRes.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\msseces.exe"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\msseoobe.exe"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\msseooberes.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\MsseWat.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\NisLog.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\NisSrv.exe"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\NisWFP.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\Setup.exe"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\SetupRes.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\shellext.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\SqmApi.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\SymSrv.dll"
fsutil reparsepoint delete "C:\Program Files\Microsoft Security Client\SymSrv.yes"
fsutil reparsepoint delete "C:\Program Files\Windows Defender\en-US" 
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MpAsDesc.dll"  
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MpClient.dll"  
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MpCmdRun.exe"  
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MpCommu.dll"   
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MpEvMsg.dll" 
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MpOAV.dll" 
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MpRTP.dll" 
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MpSvc.dll" 
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MSASCui.exe"
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MsMpCom.dll"  
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MsMpLics.dll"  
fsutil reparsepoint delete "C:\Program Files\Windows Defender\MsMpRes.dll"

CD \
DIR /S /A:L > %USERPROFILE%\Desktop\JunctionPoints.txt
start %USERPROFILE%\Desktop\JunctionPoints.txt .
EXIT
  • Go to File > Save As... and save it to your Desktop named fix.bat. Make sure you change the Save as type to All Files (*.*)
  • Locate fix.bat on your Desktop and right click then select Run as administrator
  • A log Junction.txt will be located on the desktop attach that

THEN

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:OTL
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001b116f749f
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\..\SearchScopes\{739012BF-D354-4AAA-BE20-A3AA23977047}: "URL" = http://search.condui...2256853422&UM=2
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...sa&d=2012-06-16 21:13:33&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-636956645-3179581871-4100211739-1000\..\SearchScopes\{AF684A3F-0B5A-4646-AF88-531B03410159}: "URL" = http://search.condui...q={searchTerms}
FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&CUI=UN21210456921707250&UM=2&SearchSource=3&q={searchTerms}"
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN21210456921707250&UM=2&q="
[2012/09/10 10:39:06 | 000,000,000 | ---D | M] (FLV Runner) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\tw54q74o.default-1347149686625\extensions\{3bbd3c14-4c16-4989-8366-95bc9179779d}
[2012/09/26 19:08:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\tw54q74o.default-1347149686625\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/07/18 20:21:33 | 000,003,752 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2013/05/27 18:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\OtShot

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#5
dumonm
Posted 18 June 2013 - 11:50 AM

dumonm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
Attached is the log:
Question: Windows Defender, better than Norton? and if so , should I go back to using Windows defender or continue using Norton?

LOG

OTL logfile created on: 6/18/2013 1:17:38 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.52 Gb Available Physical Memory | 50.74% Memory free
5.99 Gb Paging File | 4.47 Gb Available in Paging File | 74.66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149.01 Gb Total Space | 77.44 Gb Free Space | 51.97% Space Free | Partition Type: NTFS
Drive E: | 2.66 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive F: | 232.88 Gb Total Space | 154.04 Gb Free Space | 66.14% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/06/17 07:04:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\User\Downloads\OTL.exe
PRC - [2013/05/17 11:56:30 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/05/17 08:42:15 | 001,855,880 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
PRC - [2013/04/10 17:11:52 | 000,168,592 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
PRC - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/12/23 23:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\20.3.1.22\ccsvchst.exe
PRC - [2012/11/22 22:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/11/13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012/11/13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012/11/13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012/11/13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/17 11:56:30 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/05/17 08:42:15 | 016,033,160 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_202.dll
MOD - [2013/04/21 21:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 21:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012/11/13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012/11/13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012/11/13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012/11/13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012/05/30 02:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton 360\Engine\20.3.1.22\wincfi39.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2013/05/17 11:56:30 | 000,117,144 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/17 08:42:15 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/04/10 17:11:52 | 000,168,592 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/04/02 16:36:06 | 000,045,056 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2013/03/22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Disabled | Stopped] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/01/27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/18 17:10:18 | 000,577,536 | ---- | M] (Research In Motion Limited) [Disabled | Stopped] -- C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe -- (Blackberry Device Manager)
SRV - [2013/01/18 09:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/01/08 13:53:48 | 000,161,536 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/23 23:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\20.3.1.22\ccSvcHst.exe -- (N360)
SRV - [2012/09/20 14:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/06/25 22:11:03 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/06/25 21:46:04 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/06/15 20:52:36 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2009/07/23 23:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/02/23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\User\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/06/07 07:30:38 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130617.021\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/06/07 07:30:38 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20130617.021\NAVENG.SYS -- (NAVENG)
DRV - [2013/05/31 12:58:19 | 001,002,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130531.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/05/17 11:51:31 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/05/17 11:51:31 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/05/17 11:44:06 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2013/05/16 15:35:56 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130615.001\IDSvix86.sys -- (IDSVix86)
DRV - [2013/02/26 01:22:06 | 008,939,296 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2013/01/30 23:18:18 | 000,338,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symnets.sys -- (SymNetS)
DRV - [2013/01/30 23:18:06 | 000,934,488 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symefa.sys -- (SymEFA)
DRV - [2013/01/28 21:45:18 | 000,602,712 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\srtsp.sys -- (SRTSP)
DRV - [2013/01/28 21:45:18 | 000,032,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\srtspx.sys -- (SRTSPX)
DRV - [2013/01/21 22:15:32 | 000,367,704 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1403010.016\symds.sys -- (SymDS)
DRV - [2013/01/20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2013/01/03 04:18:04 | 000,040,200 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2013/01/03 04:18:04 | 000,030,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2013/01/03 04:18:00 | 000,044,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2013/01/03 04:18:00 | 000,044,296 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2013/01/03 04:18:00 | 000,012,808 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2012/11/15 22:22:01 | 000,175,264 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\ironx86.sys -- (SymIRON)
DRV - [2012/11/15 22:18:04 | 000,134,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1403010.016\ccsetx86.sys -- (ccSet_N360)
DRV - [2012/09/06 14:05:08 | 000,036,512 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2012/08/23 10:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 10:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2011/07/13 13:39:10 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/07/13 13:39:10 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/05/05 21:29:18 | 001,178,200 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2010/05/05 21:29:10 | 000,095,832 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2010/05/05 21:29:02 | 000,158,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2010/05/05 21:28:54 | 000,014,424 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2010/05/05 21:24:44 | 000,130,136 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2010/05/05 21:24:34 | 000,347,144 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2010/05/05 21:24:24 | 000,526,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2010/05/05 21:24:14 | 000,511,064 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV - [2010/05/05 21:24:04 | 001,324,120 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV - [2010/05/05 21:23:52 | 000,072,792 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV - [2010/05/05 21:23:46 | 000,171,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV - [2009/10/05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 19:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {739012BF-D354-4AAA-BE20-A3AA23977047}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 C6 32 54 D4 4B CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {739012BF-D354-4AAA-BE20-A3AA23977047}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "MixiDJ V30 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.startup.homepage: "http://ca.msn.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "http://search.condui...707250&UM=2&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\ [2013/05/17 11:44:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\ [2013/06/18 13:10:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/27 16:14:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/27 16:14:34 | 000,000,000 | ---D | M]

[2013/05/18 01:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2013/02/13 15:00:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\[email protected]
[2013/06/14 08:32:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\585f7z1p.default-1369884388276\extensions
[2013/06/14 08:35:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\tw54q74o.default-1347149686625\extensions
[2013/06/18 12:57:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\tw54q74o.default-1347149686625\extensions\{3bbd3c14-4c16-4989-8366-95bc9179779d}
[2013/05/18 01:02:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/04/28 10:05:52 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/17 11:56:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/04/28 10:05:54 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/17 11:56:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Norton Safe Search (Enabled)
CHR - default_search_provider: search_url = http://nortonsafe.se...ct=sb&qsrc=2869
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.condui...7251579930&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Java™ Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Windows Live? Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: MixiDJ V30 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.16.1.21_0\
CHR - Extension: MixiDJ V30 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdkednngfjmpnljkolbapdednncafhen\10.16.4.512_0\
CHR - Extension: Click&Clean = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0\
CHR - Extension: KeyBar 1.8 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb\10.16.2.12_0\
CHR - Extension: KeyBar 1.8 = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiibklhaneknloaoccoidbaffjjlnb\10.16.4.512_0\
CHR - Extension: Norton Identity Protection = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\
CHR - Extension: Click&Clean App = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0\

O1 HOSTS File: ([2013/06/18 12:57:11 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.3.1.22\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98982E72-BE15-4F59-A3FB-99CA4DE25267}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B26AB584-DC8D-4130-B6F9-0A004C021B8F}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\intu-help-qb5 {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\intu-tt2012 {02F985EF-502B-4597-993F-6BF9E004C138} - C:\Program Files\TurboTax 2012\ic2012pp.dll (Intuit Canada, a general partnership/une société en nom collectif.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/06/18 12:57:06 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/06/17 14:50:53 | 000,000,000 | ---D | C] -- C:\Windows\en
[2013/06/17 14:43:12 | 000,000,000 | R--D | C] -- C:\Users\User\SkyDrive
[2013/06/17 14:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SkyDrive
[2013/06/17 14:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft SkyDrive
[2013/06/17 13:51:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7D03CCA1-24A9-4091-AC3F-3F720CE101CD}
[2013/06/16 22:40:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{42BF93BD-844C-4F8E-B211-E6B62FB67600}
[2013/06/16 13:44:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{089BAD40-47BE-46B0-999F-CD4EDDC8874C}
[2013/06/16 11:33:18 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6744F6A0-050C-413A-8A31-0B2735A2B3C8}
[2013/06/16 05:49:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BC136183-F510-4F42-8400-4806940EB004}
[2013/06/15 09:31:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8AF4BCD7-687E-4B5E-8070-C41BCC6D7166}
[2013/06/14 12:53:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Curiolab
[2013/06/14 12:45:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\GetRightToGo
[2013/06/14 09:41:10 | 000,000,000 | ---D | C] -- C:\Users\User\New folder
[2013/06/14 09:33:53 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\New folder
[2013/06/14 08:30:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DD4DB9C0-3507-45BD-B63B-E7C2872D589B}
[2013/06/13 20:29:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DFFFD953-98D3-4F90-B720-9AEB1BE54287}
[2013/06/13 08:28:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{CA8A7965-E186-4689-A73B-B2AF7E892597}
[2013/06/12 20:17:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{543B02B5-FE92-4193-8FD0-1E267C0BC9C3}
[2013/06/12 06:20:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A02B3CF5-CA91-46D5-9AAC-F8A1670090E1}
[2013/06/11 23:13:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1D55FB6F-51EF-4C6B-8010-E1AD70EE1B5B}
[2013/06/11 10:22:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E07A77C2-1167-465E-A9B9-92BA7D4A59CE}
[2013/06/10 22:21:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{81ACCD27-FC9F-46FB-8EC4-8F2EE3639A3F}
[2013/06/10 06:16:49 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6ACBDEE8-8489-4CAB-9363-71714EBDBE96}
[2013/06/09 22:26:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{91B40416-F6F8-4B3E-9EA4-507E4C79D402}
[2013/06/09 07:14:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{00AE53C9-FF8D-44F0-9FFF-0674BB06B109}
[2013/06/08 19:14:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DB821A31-9599-40E5-968C-8A5BFAD7EB74}
[2013/06/08 06:46:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F76EA9ED-176D-4D98-830B-25751F88CD9D}
[2013/06/07 19:04:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BDD02D00-DBF1-413F-9B5B-1CE55DA22C92}
[2013/06/07 06:31:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{640F34F0-FFC5-41D6-A248-B3F492293DED}
[2013/06/06 16:00:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9627BD3A-5850-47E0-A201-3EF39F96D1FD}
[2013/06/05 23:01:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{B44876AA-43B8-44D7-8C58-39C965F65670}
[2013/06/05 22:06:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F8A6E4F0-B7EC-4446-A6B1-4FAD24592B3D}
[2013/06/05 09:32:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{5D1A6454-EAB7-4E91-8BAB-D3AE848DAFFA}
[2013/06/04 21:14:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AA988111-138F-4146-B232-BE111B0EBDB5}
[2013/06/04 06:38:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{969257D7-D05E-4C39-9D2B-CF3E00567BEF}
[2013/06/03 10:56:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{6B521DE8-7686-48C1-A2EE-B4688370BD91}
[2013/06/02 22:56:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{15C4CCE6-6037-4F89-9E7F-C1DFA649401D}
[2013/06/02 06:35:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{058D9782-03D4-4AA6-BFFD-C7BA63BC3844}
[2013/06/01 23:53:24 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4857C518-BE71-49E9-B841-2FA050B17422}
[2013/06/01 06:37:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{823DE536-8C04-46CF-9038-21DAA9653CF4}
[2013/05/31 23:21:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AA985180-9F51-4A60-93A6-8CC1254FC5A5}
[2013/05/31 10:44:14 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F06DBF1B-CCDD-40FC-996D-CDC221DC0554}
[2013/05/30 22:16:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{AAA6A185-41B0-4840-91F4-D28058518A83}
[2013/05/30 21:44:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{534FFF1C-2AAC-4A59-A224-3BAB724892EA}
[2013/05/30 16:44:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\redsn0w
[2013/05/30 15:08:39 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\Carl Lee
[2013/05/30 07:00:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\gree
[2013/05/30 06:29:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C60FD693-2EF9-4F9B-857E-222BB0478C27}
[2013/05/29 23:11:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3C49E558-822B-435A-8AE5-34A0647F09FD}
[2013/05/29 20:55:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/29 20:54:49 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/05/29 20:15:01 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F3E8D56D-3346-4EE8-8B45-91CEAF5FF3FB}
[2013/05/29 07:04:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F7A3E80C-33B2-4CC3-BD2B-A13149AF2823}
[2013/05/28 19:03:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A753F4B2-55CF-4ACB-B0E0-9652D279704F}
[2013/05/28 05:38:55 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BA036E22-1C67-4C5E-B448-F44CF2D79A62}
[2013/05/27 22:44:37 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{790E1FF5-FDB1-4178-ADB6-20041D8F2886}
[2013/05/27 21:10:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{345A9803-3210-4FA6-844E-348D9FB57D9E}
[2013/05/27 18:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot
[2013/05/27 18:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\ZalmanInstaller_52330
[2013/05/27 16:14:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/05/27 16:13:56 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2013/05/27 08:43:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{79E38CB5-9479-4463-950E-99CA1E2C58D2}
[2013/05/26 19:36:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{311B2384-2DAC-430C-907B-012F6A4F3CCE}
[2013/05/26 07:15:16 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{2C233E21-189F-438B-B58F-B57693E0DDC7}
[2013/05/25 09:42:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9FAA2AD5-9BE3-483E-9744-99061EEE0967}
[2013/05/25 07:59:12 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{84F525DA-9130-4F08-9A26-B985889F4CC4}
[2013/05/24 19:18:35 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E64B5A67-D47A-4B46-BC94-8133AF962CED}
[2013/05/24 07:18:09 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{9D9052D7-EF95-442A-8048-EA815DBDD4EC}
[2013/05/24 06:47:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{51F7FEFF-F352-4B06-A4E2-13ED51284D27}
[2013/05/23 18:30:47 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3EBC2DEA-D181-4B2F-9699-E29B98C43518}
[2013/05/23 14:25:30 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/05/23 14:18:18 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/05/23 14:16:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\temp
[2013/05/23 13:05:06 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/05/23 13:05:06 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/05/23 13:05:06 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/05/23 11:26:22 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/23 11:09:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/05/23 06:19:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{47F476A1-9EF8-4A7A-A7D9-0EFBB5579FA7}
[2013/05/22 18:12:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7F8F59FD-0104-4EEC-B488-31A9F5F3F7CE}
[2013/05/22 06:11:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BEE3E1CF-94A2-4EA9-9679-54148CA07F26}
[2013/05/21 11:30:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{65557CCC-3D9A-401D-B197-D03718394D2B}
[2013/05/20 23:13:51 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{1C9EDB7D-994F-4993-9712-B9ECE2AF2A45}
[2013/05/20 06:36:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{660B46B0-AC09-4085-A01B-D66879935E75}
[2013/05/19 23:48:36 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{417C476A-0394-4039-818D-E672A06AB86D}
[2013/01/04 19:08:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\User\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/06/18 13:17:43 | 000,041,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/18 13:17:43 | 000,041,968 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/18 13:10:19 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/06/18 13:10:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/06/18 13:10:00 | 2413,834,240 | -HS- | M] () -- C:\hiberfil.sys
[2013/06/18 13:09:06 | 000,055,084 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000002-00000000-00000005-00001102-00000005-002C1102}.rfx
[2013/06/18 13:09:06 | 000,055,084 | ---- | M] () -- C:\Windows\System32\BMXState-{00000002-00000000-00000005-00001102-00000005-002C1102}.rfx
[2013/06/18 13:09:06 | 000,000,788 | ---- | M] () -- C:\Windows\System32\DVCState-{00000002-00000000-00000005-00001102-00000005-002C1102}.rfx
[2013/06/18 12:57:11 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2013/06/18 12:41:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/06/18 12:37:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/06/17 22:51:20 | 000,001,057 | ---- | M] () -- C:\Users\User\AppData\Roaming\vso_ts_preview.xml
[2013/06/17 15:54:14 | 000,663,268 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/06/17 15:54:14 | 000,122,136 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/06/16 14:04:40 | 000,307,536 | ---- | M] () -- C:\Users\User\AppData\Local\census.cache
[2013/06/16 14:04:12 | 000,155,165 | ---- | M] () -- C:\Users\User\AppData\Local\ars.cache
[2013/06/16 13:54:31 | 000,000,036 | ---- | M] () -- C:\Users\User\AppData\Local\housecall.guid.cache
[2013/06/15 08:57:25 | 000,000,545 | ---- | M] () -- C:\Windows\wininit.ini
[2013/06/04 02:36:13 | 000,000,172 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\isolate.ini
[2013/05/30 16:37:20 | 000,000,884 | RHS- | M] () -- C:\Users\User\ntuser.pol
[2013/05/29 20:55:39 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/27 16:14:09 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2013/05/27 08:10:20 | 000,446,422 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130530-063344.backup
[2013/05/23 22:09:47 | 000,008,059 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symds.cat
[2013/05/23 14:49:24 | 000,442,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/23 14:18:12 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130527-081020.backup
[2013/05/23 01:25:28 | 000,934,488 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1404000.028\symefa.sys
[2013/05/23 01:25:28 | 000,007,583 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symefa.cat
[2013/05/23 01:25:28 | 000,003,434 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symefa.inf
[2013/05/21 01:02:00 | 000,367,704 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1404000.028\symds.sys
[2013/05/21 01:02:00 | 000,002,852 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\symds.inf
[2013/05/21 00:40:20 | 000,008,059 | ---- | M] () -- C:\Windows\System32\drivers\N360\1404000.028\srtsp.cat

========== Files Created - No Company Name ==========

[2013/06/17 14:49:40 | 000,001,251 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2013/06/17 14:49:19 | 000,001,320 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2013/06/17 14:48:07 | 000,002,432 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2013/06/17 14:43:08 | 000,002,152 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2013/06/16 14:04:40 | 000,307,536 | ---- | C] () -- C:\Users\User\AppData\Local\census.cache
[2013/06/16 14:04:12 | 000,155,165 | ---- | C] () -- C:\Users\User\AppData\Local\ars.cache
[2013/06/16 13:54:31 | 000,000,036 | ---- | C] () -- C:\Users\User\AppData\Local\housecall.guid.cache
[2013/06/15 08:57:25 | 000,000,545 | ---- | C] () -- C:\Windows\wininit.ini
[2013/05/29 20:55:37 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/05/27 18:55:07 | 000,000,884 | RHS- | C] () -- C:\Users\User\ntuser.pol
[2013/05/27 18:53:14 | 000,000,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OtShot.lnk
[2013/05/24 08:39:15 | 000,001,057 | ---- | C] () -- C:\Users\User\AppData\Roaming\vso_ts_preview.xml
[2013/05/23 13:05:06 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/05/23 13:05:06 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/05/23 13:05:06 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/05/23 13:05:06 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/05/23 13:05:06 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/28 10:14:30 | 000,000,154 | ---- | C] () -- C:\Windows\Reimage.ini
[2013/01/15 10:28:48 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2013/01/04 19:08:19 | 000,007,887 | ---- | C] () -- C:\Users\User\AppData\Roaming\pcouffin.cat
[2013/01/04 19:08:19 | 000,001,144 | ---- | C] () -- C:\Users\User\AppData\Roaming\pcouffin.inf
[2012/08/11 07:34:07 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/06/25 21:44:52 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012/06/25 21:44:52 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012/06/16 21:13:39 | 000,000,067 | ---- | C] () -- C:\Windows\Easy Video to DVD.INI
[2012/06/15 17:01:36 | 000,028,674 | ---- | C] () -- C:\Windows\System32\pr2kins.dll
[2012/06/15 17:01:31 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== ZeroAccess Check ==========

[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/06/17 21:07:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\.minecraft
[2012/06/16 17:06:14 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AnvSoft
[2013/06/17 17:16:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Azureus
[2013/06/14 12:53:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Curiolab
[2013/04/27 22:43:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DriverCure
[2012/09/29 09:50:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2012/09/26 19:08:49 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/07/20 18:26:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\eType
[2013/06/14 12:51:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GetRightToGo
[2012/06/18 19:24:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ImgBurn
[2013/05/13 16:38:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Individual Software
[2013/04/11 14:14:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2012/09/12 19:03:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nico Mak Computing
[2012/09/26 19:08:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\OpenCandy
[2013/04/27 22:43:36 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PC Utility Kit
[2013/05/10 14:59:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\QuickScan
[2013/05/30 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\redsn0w
[2012/10/06 18:33:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Research In Motion
[2012/06/16 21:49:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\systweak
[2013/02/13 15:00:46 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TomTom
[2013/06/17 22:51:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Vso
[2012/06/22 21:08:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WinAVI
[2012/06/24 15:13:45 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 166 bytes -> C:\ProgramData\TEMP:FB1B13D8

< End of report >
  • 0

#6
Essexboy
Posted 18 June 2013 - 11:54 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do you have the junction text please

Please download Junkware Removal Tool to your desktop.
  • Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • post the contents of JRT.txt into your next message.

  • 0

#7
dumonm
Posted 18 June 2013 - 12:24 PM

dumonm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x86
Ran by User on Tue 06/18/2013 at 14:19:53.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstallerstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstallerstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\giant savings_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\giant savings_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\quickshare_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\quickshare_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3286042
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3298566



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\gboxupdater"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\optimizerpro"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\etype"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\coupon caddy"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\searchqutoolbar"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\ilivid"
Successfully deleted: [Folder] "C:\Program Files\winzip registry optimizer"
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{003BDCC8-FA2E-491F-8DAD-4299C3482289}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0087D0FF-2422-4504-A998-3257B7E8CD25}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{00AE53C9-FF8D-44F0-9FFF-0674BB06B109}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{01AE5EC6-6332-44FF-ABED-9A33B55067AB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{01C9DB3C-AC9D-40D8-9AF8-5C1998D3E485}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{01D965A1-7642-4474-A089-E1078205163F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{022BF226-7EF8-424B-B5CD-DD9765C0828A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{02518CE6-6EFA-4F8D-802B-03B9D7852244}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{02BA1B86-20E1-4509-AF15-67A859F40920}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{02BEDC37-6607-4FBD-959C-8CC2FF9B38C9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{045C9AD9-49D8-442A-A958-7A0AD38D4D5C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{058D9782-03D4-4AA6-BFFD-C7BA63BC3844}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{05BFDACC-C827-4713-AFCE-1673DB7ABF7B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{06068D7C-0F9B-4B4F-849F-84CFEE07C9CD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{06102F1F-43FA-4A8B-BEB5-8022321FA98C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{06629BD1-9F11-426A-B892-079F9CE5A87A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{07B5A6CC-E4C1-4068-A410-227C1AA73D2C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{089BAD40-47BE-46B0-999F-CD4EDDC8874C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{08D92470-4629-4501-B6D5-9BA157901258}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{09576738-EAF1-4B97-91B6-7841EC40A926}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{096330E7-6960-4C9E-A777-CE3C8761D812}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{09A4DABF-307B-4FF2-AC61-00CE5F49038E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0A79421C-438B-4E02-BF19-944937816E10}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0B14FAA5-9F5F-4D1B-81ED-ADE851F41E74}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0B5E7683-DEAF-4F6E-90ED-157AC9092C18}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0B77EA55-D483-4A0B-95C7-F81BF2A4F670}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0BF95F88-AE52-46C0-ADEA-376BB98CEEBF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0C0E10E4-0F70-42B9-AA70-54D1C2112F71}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0C3A6B94-F111-4146-AD55-6F878B723BD9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0C8844BE-5894-4876-95F9-DE0D61C6BC6B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0CAD7A2D-5D80-4CED-9634-99914583AAFE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0CDB8D9D-B83D-4F4B-B90F-5E67B7B2C156}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0D30E482-7278-4897-9C04-43635FEA7BE2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0D7BEC73-FC6A-4D17-B684-D036B77CBB79}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0EBBED21-64C2-4C2D-924D-BC15653E092F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0EDB6A68-8862-4CF0-AF86-258C1F7950F9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1004206A-2EF1-4A12-BB46-CBE92946EC42}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{10AD2A64-CAFF-4C74-A234-3CDC0E09DE04}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1195FEA1-5275-43E7-9389-C0529FBAE889}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{123D26E6-4842-4C13-82E1-64BAA6FEFB8A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{12CAB4BF-FD35-42EC-A848-F73D9B98E1DB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{13B288C8-5F1E-4C3A-8218-C3CEE8BC7A98}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{13D937D6-A9DC-4F9C-98FD-7981FA8FE843}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1416339C-81AB-433E-9ECA-C1F07FACD192}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{141986A1-941D-4BBE-A352-D0CEE4210A4C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{142D9DA7-3007-489C-A8EF-1031F91C4844}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{146EB29A-874D-45EC-88A6-D9F0FA5997C7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{148E8CB9-6D79-4815-8950-D5FD9C705044}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{14B48AD5-3BFA-4C1E-B6D4-1A3A3A6BFF9E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{14B56B1C-303C-461F-9C72-45A41A1D88AA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{14B5705B-6DC3-47FC-B4BE-2F31A0AD2FCD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{14E96863-6FBB-4B6C-B965-12FBE2721D60}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{15880B2A-B40B-4424-B61C-451D066F4C35}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{15C4CCE6-6037-4F89-9E7F-C1DFA649401D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{160460A6-0AAF-4A3E-A776-16B60EF3DBBE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{16062487-49F3-4566-A690-5A9F9510F883}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{164EA86D-BC4D-4F4D-AFFE-3FE3EE67E5D3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{170DCC50-E6A2-4C31-AEE2-699831EFAD0C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{17D147AE-F5E8-4BE6-B80B-D76BFF966BD1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{17D2D31E-BB6A-4E96-873C-AE54AE7FE180}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{19903893-3430-4F15-ACCF-7A4AE6D62AD1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{19BD5DD2-F88D-47F0-9A25-65CD6ABAD792}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1A037C72-5585-41DD-840E-6B8A15ADB5EA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1B5E2099-BF3A-4E53-9B1B-5E715BE18AB5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1B618FB5-0403-42C3-BA8F-0E37C88B553C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1B9B781A-6BAE-474A-BAE9-522D5596FE20}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1C8BDB69-0ACB-41B6-B286-B5578AFDFC8B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1C9EDB7D-994F-4993-9712-B9ECE2AF2A45}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1CC40E80-DF59-4993-A904-EAA0F616D2A8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1CFC40B6-2711-469E-B7EF-8CB7C8B63B09}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1D1B8696-826B-4111-A23B-45BEBB14477F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1D55FB6F-51EF-4C6B-8010-E1AD70EE1B5B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1D9FE5FF-7728-497D-B497-C4D0E1F89DF9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1DEDCD3A-3265-440C-AA38-4D54983545BE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1E109843-B9CA-4E3C-BC25-AAA53980073F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1E65EBC8-B92C-47DA-A14E-5F9BE54B82CE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1EA618C3-187A-4B7B-9882-B8D2B4835F8F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1F465FEF-4B2B-4A04-B097-ECBE40CD955C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1F93C39C-9617-4659-9258-4870F14F338A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1FDC4769-7344-49F7-998F-308100F23CC9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{208558AD-628C-4BA2-AA15-8CE7D853F485}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2088BF07-06DB-47E8-9ED7-E24BB8A001A5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{208C4E8E-E126-4AB1-AFF2-CE7CB60DE187}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{20F4D34C-474E-4F17-8DA0-8B325D9777E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{21B76F33-0438-4C54-AD65-8115AE217BE1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{22891174-2BC8-4896-AB93-D2AAB553C5D4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{22B5F559-3097-494A-AD32-C4B044807D7C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{23106E9B-28E1-4829-8F7B-A561E0D57766}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2375C94B-EF3B-440E-9E06-5C4E2E821697}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{23C6E0D3-FC1F-40AD-A2BE-7FD10CB166D8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{24686F04-4537-4924-B8B4-32EE4A2EEFD5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2489D6A0-C036-4E6B-96BF-84366D2E915A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{257E693D-77F9-40A3-9EA0-E98CB15CF76A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{25A370B7-FDB0-4637-B5A9-C85E70C648CF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{25CBD704-26CF-48F4-88A0-BFBB285C070B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{25F5C859-5582-429C-8B72-FDCAA49B4BCF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{264A268F-8389-4852-988E-1A5C6B4D07F9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{26919D74-3498-490E-82E7-749F52DA7AFB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{273C8443-0E7D-43DD-91F7-55DF8AAE15A2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{274A9344-EF4B-4301-A405-8F1AAAB52A6D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{27BE59A9-D3B8-45C3-9684-90914D751515}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{27C98A35-C548-45D6-BA7F-E51AB329C96B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2853F5D8-C074-4391-9A95-035588FD4A92}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2861E44A-06E6-4BD0-8F99-39BBC3DB7F4A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{29403AD7-3B2D-4FB8-876F-B84735D7C12A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{29F32DDE-CB96-4A01-B0AA-36BD26DE8EED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2A80ADB6-2E12-4798-8FD5-733EF43B2E38}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2ABCD5ED-94F4-453D-B070-2D9098635034}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2B659F75-4307-4A47-9430-2E4D014ACBC2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2BAD9A27-511C-4154-8395-E964735CB9B3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2BCD3A68-DC1A-422D-B812-F8FD6A7C2EB0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2C233E21-189F-438B-B58F-B57693E0DDC7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2C573CD4-0C45-4851-B284-4916FBDE0E9A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2D0AA9FD-45D8-4598-A4AA-8CE6F7C08D95}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2D83D82D-0517-4C55-AAC8-AFBF7A398736}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2DC61587-FD39-48D7-B474-6E389D5B58BB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2DE7F526-3540-45A9-8302-804DA8C0535B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2E9AAE82-4161-4C6B-A6CE-F0CB71194D7D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2EA86248-1F37-44FA-9C83-07EA7434538C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2EDAE44E-135F-401C-9C3B-C778BC121D72}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2FBCDB04-69B8-4572-BC02-20251502ECD3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{30512BAE-0E43-4DAE-BDAF-71C025CA09E8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{310CBF16-B015-4FF7-8B9A-D582F00C908D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{311B2384-2DAC-430C-907B-012F6A4F3CCE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{31A20EE0-682B-49AA-8A59-A44DB5A8FD42}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{33512E0D-E697-4DF3-9D07-788D07F7FA41}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{339805FB-7490-4C13-919D-9CDAACE6EE75}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{33B8D665-6BD8-4C56-BE65-336519A050A7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{345A9803-3210-4FA6-844E-348D9FB57D9E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{34A8C169-EB43-48D1-9AAB-890BA58DFB8B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{34BFFF7F-FF49-4C6A-90FA-8D6209B56C06}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{34DC5D2E-AA2F-4E25-8F13-87D5C6F8DD76}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{34EFEA5D-0D69-4416-A4F8-82968C8187AD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{35213690-3584-4E88-A071-CFDF98777195}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{35C3E22A-DA3C-4149-B84E-C940CC7C6219}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{36037545-8CFE-4F70-B786-C44837251C64}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3645F374-417B-4F0D-8B04-D7DDA1259109}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{37AEE3C4-F53D-437C-819A-DFE1B0184638}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{37E31102-ADAF-42DF-9CBB-E145B9CA951C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{392CA7ED-4DD5-4E2E-9070-CFBB97609508}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{394EFB9C-1037-4732-8AA2-BB7768F26331}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{395669AA-4CA9-48D3-8471-0F7CB465E141}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3979E4C4-A677-4019-979B-C6C889701ADA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3A744EA2-5477-4DB0-AF2C-F8EDA37287B1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3A938BFB-F703-41D9-A40E-A57D17C2B4B0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3ADF2E9E-BF21-4D2D-A5BF-44F0246F74A8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3B39551D-4C55-4503-B5A4-8E943A76D0B5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3BC86433-E27D-4D5D-89A8-8537C8C0539E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3C49E558-822B-435A-8AE5-34A0647F09FD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3DC7F85A-F3C4-473F-A713-D26E5391DF0D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3DDF8197-8A86-4FDB-A79C-ECFB1199EDB1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3DE8B074-88F4-4518-9397-77A4D5614D43}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3EB13233-3E24-434B-9170-B85B256F0070}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3EBC2DEA-D181-4B2F-9699-E29B98C43518}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3EC1A0EB-2A43-4739-BCC9-3AE8A83B2307}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3F33D35F-2598-4353-9E22-EBC2C6116494}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3F8AB7F8-1CAE-4890-B634-955D6DAC07F1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4056794F-2A1F-464F-BB2D-152C56EC65B0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4147F5D5-2BDF-4477-931A-F78AACE0A280}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4171C3D6-6AB8-4722-8CE2-F149F7A672DC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{417C476A-0394-4039-818D-E672A06AB86D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{417FD0BD-F803-4A16-BBE3-341ABF1A4577}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4193C130-9782-4DED-86A0-AEA249DE06C7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{41E7AA65-DDAB-42EC-88F2-1DAB2CE6AD4B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{42BF93BD-844C-4F8E-B211-E6B62FB67600}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{42E6832D-27EE-4A3C-B96B-AAF6CBE463F5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{42E946C3-13BB-4176-BEC4-6FB37F82FCC3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{43045280-2CA4-431E-BEC1-FC7AAA12CB42}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{438720DB-610A-4151-BCA6-9E4F267648DC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{443D5989-5598-4DEC-A51A-2706AA52528D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{44776052-0E7F-4EF4-8D51-3CFE743BB105}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{449EFE1D-0EC4-4062-9D16-8F8EADE31590}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{45B5D66F-F29B-4C57-B1CF-DCF8C0530008}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{46BD2F7F-D2F6-474C-B3A6-24A1CCB9FC69}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{47F476A1-9EF8-4A7A-A7D9-0EFBB5579FA7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4843403C-2211-42D7-B6E2-B1B12C0B70D9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4857C518-BE71-49E9-B841-2FA050B17422}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{48A687BC-1A0B-45C8-BC8B-D4169C6CE588}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{49C59DE6-2C4B-47C6-9641-3E42C9934503}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{49E2CB26-EE71-462E-926D-69ACAEECBF22}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4A4EC7BD-5106-4C7A-984D-80707E36A0B4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4AC82149-645F-46F9-8F76-DF407F509D85}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4B50564C-8C8D-4510-B5BC-8BF868EA9093}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4BE0B450-94E6-4736-8DF8-AF48E18FF49D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4C1CF6F1-8276-4665-B41D-715303FA18C1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4C1EB705-5585-457E-84CC-C1EF267EABFA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4C47F0EB-FC57-45C1-9FFF-EF1C4D8462A7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4C5149AD-456F-4FBD-9E84-6E4E8706B944}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4D77173E-9542-42B1-ADB9-138385C0FA81}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4DF4C552-654C-4C17-96E3-8E556A564520}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4E17526F-0C96-438D-8A70-76964E606CC8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4E178408-2D8A-41D4-8A0F-4BDB1B783F51}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4EDED5F4-EFEA-4219-AD81-AA2AF2904C6F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4EF9701D-0AAC-4F25-8CD4-7DF8EF14FA76}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4F126F3F-FECB-4EEC-948A-A597D0679962}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4F8D63FD-FF21-4ECB-B0C0-B040B465110D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{50145FD6-3016-44CF-A304-23A728ACFC44}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{50EDC90C-AA82-4D64-9A16-E4E382609A74}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{51789FF4-3CD7-4D72-AD76-76A8D9EE859F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{51F7FEFF-F352-4B06-A4E2-13ED51284D27}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{52269E3D-4E35-4A7F-AC3A-0FE1236BF41B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{52B69C54-5FDC-46E1-82F6-932E928F566B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{534FFF1C-2AAC-4A59-A224-3BAB724892EA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{54083182-3616-479E-94B9-BB5E0F91A4DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{541B98C9-CE15-48F2-9799-6E6817CD2D58}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{543B02B5-FE92-4193-8FD0-1E267C0BC9C3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{557F6427-72FA-4F21-A31C-D1EECCAB422C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{566E60B5-DFD5-45C2-8950-5A80C65B162D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{56AD73D1-7910-4168-8755-D954FB4F04F3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{57181BD5-24FB-4572-B9D1-6F071FD4F35F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5769AD98-0755-4B63-8CBB-CA789E312446}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{581E5A9D-2452-4FFD-B5B5-E8FAEACC94A0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{583CB5CB-A022-4313-9CBE-7B8C7D27FA65}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{58AFA002-9792-47E5-80B3-3C688C3C159F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{59121DF5-1651-4164-A032-01889F6AF387}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{59AFABF1-C1FF-4AFD-AF0A-CADD45723E31}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{59BEB500-7BAC-4873-BD82-CF570A963BBD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5A18F54D-E4C8-4BCF-AD90-BD5B3DF5436A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5AF1682C-79AE-48B2-B172-458DBE559EBF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5B1B59A8-85A1-46F6-AF70-BB049556DA1C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5BB8DAC5-9581-4D0F-8202-6A48A3B89FEC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5BD9608E-B7FB-445D-BAE4-B27343E1401C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5C7D941E-5A85-4BA0-80C5-72DB70B21D83}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5C922E3E-B701-4159-9684-AF216CDC472B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5CCE2FD0-2703-49DE-A492-A3E3775E011E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5D1A6454-EAB7-4E91-8BAB-D3AE848DAFFA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5D4BEE1D-22C4-4B94-AD22-5AC7C07FD5B7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5DF173DD-8746-40B9-B1DF-3D1BB73B91A1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5E1436DA-72F1-4997-A9A8-8CF170A30D5D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5E5196D1-3A6D-46B4-85D2-012BC871E491}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5EF408BF-663F-43B9-81D0-CFCAA007DCFE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5EFD93A1-019A-4468-86FA-4EFF1BE35E9A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5F8D4748-D686-4A0E-8A91-1A44199D21A3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5F945113-CC82-4ECC-9544-76DEAFB0ACE3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5FD705F5-230D-4A2C-8338-4B9CCC291CD6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{60146C23-1F35-44A0-B124-0F1D8C7E51EE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{601B12D4-CF95-45AB-9E95-1630786DDA0B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{604E060E-1842-48AC-9D73-DD288D91D753}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6057C9D4-65AE-42BE-9345-19B061100AE3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{60E40A66-433A-4558-8F74-2B7E5B30560E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{612A282E-D3F1-4156-893D-19279B5775FE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{61314AE9-2E25-430D-8E11-AE10CF6CC54B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{618EC138-86E8-4B53-884F-9EB5EE7DCAB2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{61B3C21D-BE26-4BD1-AC34-E19D02D0E0C0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6230DA84-7471-4BC5-8A4C-52429ECA71E2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{62772036-01A8-4F55-A3BC-24FAA2D6AC60}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{62A28511-5994-431F-8932-9F312F7C86CA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6314DD9C-D7EA-4DFF-B024-460AA72BA7F4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{63A02BBA-3F4F-4B65-A3E8-1E1202631F81}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{640F34F0-FFC5-41D6-A248-B3F492293DED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{644B3753-ABC9-4177-ADBE-3EA2347E174B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{64864BA2-3C72-4FDE-AC98-A11574B88FD4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{64EB3337-A773-4814-978B-579879963F91}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{65143348-2315-44CD-B191-DAA5450EC4F3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{65557CCC-3D9A-401D-B197-D03718394D2B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{660B46B0-AC09-4085-A01B-D66879935E75}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{66ABFD8B-DD4D-4094-A061-6999E9F79477}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6743BE62-675E-40EF-B80A-B0069C877A40}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6744F6A0-050C-413A-8A31-0B2735A2B3C8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{67945C9E-EA37-488C-9A83-3249A01F2956}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{67A4A25F-082C-4A13-B2FF-AEBA985A41BF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{67EC9563-9C29-4712-938C-8B5ED38632EE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{689F710F-546C-4A8E-BF2B-EBCAA5FBA23C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{69C887AC-D67E-4257-A782-2183C4525610}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6A4F05B0-E3F8-450E-B5E0-413798049B6C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6ACBDEE8-8489-4CAB-9363-71714EBDBE96}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6B3365B4-FC46-4584-A7AE-2990AC478180}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6B4F5496-170D-43CA-BED2-7B72AF8D9299}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6B521DE8-7686-48C1-A2EE-B4688370BD91}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6B6B3D09-3205-4124-AE4E-501A080217D3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6B8EF68C-A124-46DC-A096-02DE62544283}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6BFADCB4-33F2-4692-B5F2-8F91187B269F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6C00B03A-8BFE-4C6F-8856-471815EB289C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6D47CFAB-35F7-42F7-B53F-7792447EB4F0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6D777F3D-F87C-4EC2-8F34-A75B324E6E2B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6DD8DA03-CF6E-4C12-B1CA-A3B72E273E0E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6FAC1C83-10E0-4E5B-9001-1DC6B798BA71}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7073F3CA-7890-4690-AE91-7C4ADD586042}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{70D442BE-0D80-4E6B-A1DF-0377B4A643B0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{70E408AD-8CF2-4363-B485-9E791785B3F0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{71A68219-4E7A-4494-8BC1-66647C2D2E8B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{73F62318-B2DA-4D33-90C5-C3801B73D1A8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{76060A23-6E09-4592-A9DE-84F4FCAFC6D4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{76342787-9560-4ADC-8246-DD7E9CD3194A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{76751A4B-0293-4506-B535-29AF29F5B020}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{778544E2-87A0-4FD4-80D9-974293F12643}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{783D6E18-82B2-41E5-8FCF-356BE7C03428}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7870D147-453A-4036-B0F3-D4B5D67E06C9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{790BBEAD-D635-4815-8577-37A2CD16D2B5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{790E1FF5-FDB1-4178-ADB6-20041D8F2886}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{791F0653-6D57-4D11-AAB8-80E73F561CD5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7954EF88-8B56-4CB3-BDFD-D77F0EC5EE28}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{79A819AC-87FD-49A1-ACAC-7218EADE7CB9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{79D34393-27D7-4D92-82C0-59C0464522F6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{79E38CB5-9479-4463-950E-99CA1E2C58D2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{79FC67D3-0BE8-417A-9E41-D1DD13CBD9B1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7AF5E219-607C-4B73-A499-0065B005FEF6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7B5B5672-2981-4CC6-9A76-CA0ABBA8EA42}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7CCC16B2-ADA0-4E7D-97B0-6B955C29C466}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7CE64BE4-04BA-42AF-87FB-2D0177C6C0F3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7D03CCA1-24A9-4091-AC3F-3F720CE101CD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7D8FDA62-4A21-471C-B1EF-2DD761182772}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7ED11C1F-CE7D-4B4E-BBEB-A10C9D0BBD31}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7EE5269A-F872-4524-8CFB-F3DF1E391433}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7F8F59FD-0104-4EEC-B488-31A9F5F3F7CE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7FA1DEFE-84D2-4592-B548-B705A477307C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{803DF16E-03D6-4096-9FCE-A3D950622C3D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{80A7DBA0-9400-4CE5-A23E-13FC447792E1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{80C32D65-1778-4337-83E4-736B07CCDE9F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{80DAC40A-C047-4257-8371-080045ABA17F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{80F580EF-D99E-4BA9-8F3F-708684402D00}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{81ACCD27-FC9F-46FB-8EC4-8F2EE3639A3F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{81EE2300-7733-4365-A6CD-22E81F14AB11}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{82123DD0-364F-4C55-B867-33B00FD43438}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{823DE536-8C04-46CF-9038-21DAA9653CF4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{827100BD-68D0-44E3-9062-2BC32CBF8763}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{82E0540E-432A-438D-8942-04E991263875}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8381EEF6-B6D6-4CDC-93AF-4D90B84FCD3C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{843AFF55-75E1-4D6A-8193-6A236B5B20D3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{84C2840C-7B71-4519-938C-EBD3468E8C09}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{84F525DA-9130-4F08-9A26-B985889F4CC4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8536F8DA-39C3-4FFA-B3D5-2D0F37A1990C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{859A64CD-D97B-42FD-89F8-81A7B5287925}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{85B0784D-2B51-4965-A1A2-49E436D4BB81}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{86031C84-7439-49F5-A1C6-4319728D2F5B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8616D8C3-4FAF-4662-BDB3-0C22402587DA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{865E1DD8-B579-4E6C-B60F-DD3A4E3F66F9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{869AF429-C4A6-46B4-B79F-DDCE79F527FD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{86DDE1B1-D01B-40A3-BD44-E6A0AF83D6A8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8703F7E5-F55B-4836-BC51-DA44B8A0EEB5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{87B69285-4650-48BA-9B9E-46EDAA5F4504}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{87D248DA-10A8-4ECE-9AFF-36543DC7841D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{87F07DE3-5A1C-4DD6-B510-D5EE81450487}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{881939F4-F7ED-44C4-8326-B84E5DAA7FA9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8838A7BE-208E-48FC-B1B1-DFD204A006C3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8863E597-6442-4034-8001-493C942248BF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{88E623A2-D32B-4EFA-BADC-FB8F63B97A0C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{89191006-8229-4114-87BB-ACEEC75F9924}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{89894BB9-8E12-46F9-BAF7-6583938E16AC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{898B32C1-99BB-4033-9D0C-F6F274351570}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8AF4BCD7-687E-4B5E-8070-C41BCC6D7166}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8B02A354-F949-40ED-A7B8-620EBE4F928E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8B1DA53C-1EF1-4D94-9B1C-1EA251FF3D37}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8BBA7396-5B37-4520-A2E2-61CCED0EDD6B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8C52884B-DF80-4A5C-A8AB-F24C2108F6E2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8D067DDA-BA2F-41EC-A0FC-3A6BC3CEC803}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8D6AD480-E986-4E04-8F9A-BA3B83310CCA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8DB7739B-270C-4B1C-B824-4B4AB306F9D7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8DF6F727-3374-4B7F-B0B4-C386AB089ED2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8E2BE369-D444-4FF9-A9EF-4A623D180626}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{901CD12D-7EE4-4705-8B34-DF4D43F8F68D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{90CD29AC-F4D0-44B8-8622-40087F79EAB5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{919998DF-F18A-43E3-A2E9-349191D4F036}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{91B40416-F6F8-4B3E-9EA4-507E4C79D402}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{91C778A2-530B-456A-9D90-C5945B832691}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{91C87A21-E19B-4F6A-B56C-9AACB113B3D0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{91F060A0-C204-4379-87AB-D55F8AE4B8A3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{924BDFD2-1006-45BE-AFFF-7481FDB2D503}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9273B0FA-45DB-4801-A1AC-A892ED8B7925}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{927D4946-47F0-42EB-B189-B1E1EB8CC7C5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{932C912E-09C0-4E98-85F4-36DAD213F1BB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{937024AA-FA3C-48A7-8A59-9B0CF3D94D23}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{93BD7A99-8AA0-4CEE-B5FA-3B8A391B7264}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{94BCE99B-7AB1-41B3-AA39-F34C99C5ED88}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{94E765CC-922D-408B-96F2-C68D47343E3C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{954305D6-8E2C-4897-B493-264778C840B6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{954EBD71-070E-4635-B02E-4C544E70B9EA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{95A2EE19-3BFC-4A93-B36C-A84A8A5D590F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{95DD9FC7-02F5-43B6-89F1-626B17A0BB3E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{95E9C0DA-8E10-4FF3-B702-B0D566490187}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9627BD3A-5850-47E0-A201-3EF39F96D1FD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9649CBEB-40FD-4F28-8A68-531165EA9E98}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{96730BE3-632A-42A3-B30C-D24BF48C240E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{969257D7-D05E-4C39-9D2B-CF3E00567BEF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{99AA1930-2888-4CC3-9012-433CC3F4DF15}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{99EDA1F3-7CE9-4397-808F-4A48D9201212}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9A178938-B0F6-4B5D-B164-05E13348D30E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9A6B943E-46A4-4335-B270-C39635C5717E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C34AFF5-5221-44D2-BEB2-92131A12B0DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C4ED5CD-6644-4B1B-88D5-C0A945D22662}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C68D81F-2707-4ED8-8485-E43CBCB54AE3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C71D476-6BDD-4DE1-8CB2-A0E14C28503D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9CB64C2F-6BFD-4A79-A9C5-F4C98ACA11E5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9CDBCCFA-CF19-45B9-930A-82100191465A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9D4568E5-3D51-4313-A269-15E29A381B82}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9D4F25D9-E33E-43B7-9793-EDCFFB9101E6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9D9052D7-EF95-442A-8048-EA815DBDD4EC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9E719EA1-6F1F-47F9-BD7E-B558053ACDA3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9EABF933-170A-42E1-8A2B-5BEEF5C079E5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9FAA2AD5-9BE3-483E-9744-99061EEE0967}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9FADBAB6-F95B-4CF0-AD92-6F20FC4FE2CA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A013346E-72AD-41C1-8325-665E7B30CB44}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A013E70A-7DBD-402A-BEA3-7F491A76AFB8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A02B3CF5-CA91-46D5-9AAC-F8A1670090E1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A0322C97-4A67-4E34-B0C9-37D48F065859}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A152EED8-072B-4801-B8F2-78F7166CEB1D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A1AB8CF2-FFBB-4FC4-AC71-8B450B8BB10B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A1BD1A85-D48E-4194-9A2D-95638E2D0912}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A20A6B38-B20E-48BF-8D41-F3A39A33F1E4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A2349774-0106-4314-8B91-DFACEE6943D0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A2712E47-3360-4A7F-B6FB-3EB5504C157F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A2E0893C-D2D6-4F01-B5C1-043F1788D342}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A3C8B351-61D1-4B71-BE42-BC4F0ACA9092}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A3CA98F8-6651-4CC9-B6E7-C11D9FB8DCB8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A3E4ADA2-E24E-4B57-9C46-DC88E67E3087}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A466D849-9756-4266-A075-3C4C3007B27A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A4840379-89F2-48D8-B54C-DE96A196D427}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A4DBE270-2C72-4B23-97FE-2F30599DFB80}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A4E907C8-7C39-4218-8B46-AD7DE950B03A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A541D56E-81B0-4335-A76D-8CA5ACF8AE30}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A57E2BA8-8429-4F32-A770-63297FEFFCCB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A62BB71C-7165-444F-9378-D0B7B20B0183}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A62C2ADC-0718-489C-8A06-3C94139E6D05}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A696E9EE-6633-430F-B3D3-E78724FD33CB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A6989863-7EF4-4F92-9922-7EF9768C2B12}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A6FD97CC-2710-4CA7-88FB-B9A1138353F9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A753F4B2-55CF-4ACB-B0E0-9652D279704F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A7A2EE51-EADB-42B6-B13C-51EFD7311365}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A8971B1C-9FBC-4CDF-9F41-88A040D11118}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A9843351-15A9-463F-8BE6-1CBC7B8EC707}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AA04E619-D838-45A0-BA54-E67CEF44838B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AA249E87-7EDB-40DE-9233-1C8CB9F5DC61}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AA3F7682-BEA1-4D71-96B4-03EAEF3363D5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AA91D167-0732-4144-B104-9F3268B0B253}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AA985180-9F51-4A60-93A6-8CC1254FC5A5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AA988111-138F-4146-B232-BE111B0EBDB5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AAA6A185-41B0-4840-91F4-D28058518A83}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AB3AF3DB-A486-4737-A841-D615F2C3F81C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AB606EA3-34C4-4BF8-B9A9-22B5C2AB13A4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ABB5ED98-3492-4F9B-9D91-A658E34BAB68}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AC08AE72-9F3A-4857-94BD-867CC3B7BE5F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AD2CF170-0613-4935-87C8-FA7F2824505F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AD99B394-D8F7-4B1B-BFD5-4AF82B121B8F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ADBE55ED-057A-402D-9B7D-9D372B35C84B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AF9F919D-380E-497D-BEF3-29DE6A28F125}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AFD75300-2834-4F8D-9B49-D665A6867CA4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B0E5BE61-E05D-4572-9149-1BADBBD7AFED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B14291C7-D414-4A0E-AB0B-974107CFF1E7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B145A759-6C05-4CF6-BC59-2BC2A63B5640}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B1652481-2E61-4186-84E0-888E97A9C924}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B28AD31B-CDCF-4106-806B-04AC100453D3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B304215A-0F36-4AA5-936E-7622767F647E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B42E2C05-38E5-4586-BB0B-BB4F5A4E7229}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B44876AA-43B8-44D7-8C58-39C965F65670}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B47B7A96-1BFB-4141-AC16-9D2FBC4859F1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B4F371D2-0EAB-43DC-A0A1-3711E480F6BA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B501CB89-4F68-449F-91AE-DC779678005E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B56715E0-680D-4FF8-8F8A-C79DDBEB9F1B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B570E9F8-1FE1-452F-99CA-042A2F26A4F1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B5CFCD1B-6867-4D40-8A34-8A3373D0A9AC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B62055E2-8C36-4876-8E2F-767DA2236161}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B64E6A5C-6E2C-47DD-BE10-0DC34696479C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B6E258C7-5651-470A-B181-4EC354D06A4A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B7008BE2-6DD1-4CB2-A5D8-FFB14DA35B12}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B795D2AC-3023-4942-8AA6-77CF17CEE157}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B86B46C4-5D37-4F4D-8D34-D9A343637280}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B8C771EA-8F20-4ECF-9AE9-49F53479D6B8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B9CE047A-F78A-4030-B625-5E66899343A3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BA036E22-1C67-4C5E-B448-F44CF2D79A62}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BAAFA665-5A58-4F1F-9BB7-1A49C4C2DD44}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BAD7FFD6-6A50-45C8-B8E0-B9B3EC8D9E8E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BB23B12D-A648-4820-80A6-F0D369DF585D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BB40FF90-1B1A-43D8-A381-A6D54EF0BC4B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BBE4CC17-74C5-441B-9311-541F1D6CA76A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BBFD43F2-F36E-4167-81B0-9E62528C9480}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BC136183-F510-4F42-8400-4806940EB004}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BC43A6D5-6F6F-401F-BD6C-A58FE94A451E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BC6181ED-F085-4F72-8387-AB43255D7687}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BD28532A-40D4-4AD5-9B9C-5CCFF7281BEF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BDC73259-8516-4430-A80E-AAB332462F6A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BDD02D00-DBF1-413F-9B5B-1CE55DA22C92}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BED23AAD-A071-4C91-B44D-A8F3715F03FD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BEE3E1CF-94A2-4EA9-9679-54148CA07F26}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BF672B65-98BA-4A8C-9FCB-E53CE11BFAB3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BFAACA19-9A2C-4F24-9CC4-89B641050BF7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C029B94E-EB64-4236-8D99-BA834B2A58AB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C0546676-E28C-4087-B012-53D681C251FC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C141C97C-5596-4F03-9AB1-090F4C22C9D1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C1C49C5D-6C9B-4DF5-8A9B-E91FD031FBCC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C1DB2909-770E-47ED-B968-940DB3AC3AAB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C2170279-F446-45B2-A1BA-F079CA4C70C1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C254A87C-EEAE-4807-9CAD-A45D9DE845A5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C2AE138E-4D97-4DA0-A157-E0A5DFB1F118}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C35E79A4-56FC-43FB-A20E-0FC79B5C948C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C38A79FD-7C55-481A-AA78-B096C007DDE4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C412F4B4-8332-4413-BD15-E8A4D65DD234}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C4A45637-7AFD-4A11-8C7F-059EB2FD5F05}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C527BFB6-9F87-42C5-BD9A-D756B001ACD7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C5371735-275E-4025-A844-6CD3DFA6A71F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C5949A14-9666-4426-B2BD-520D6CFF1894}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C60FD693-2EF9-4F9B-857E-222BB0478C27}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C618458D-37B8-4251-9BF0-FDA5B6CBB606}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C842E552-AF4B-4165-899A-30687FA1F8B6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C84DEB19-8CEC-425D-B922-71A033F08A94}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C863C43B-1343-4CB7-A684-8066AA4D8ADC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C8DB3D9D-48B4-487B-BA07-8B2FA937475B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C943C7AF-A1B0-4C85-BFF3-4F4503FCFC41}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C9534037-2062-45B3-A40E-CC864F0081AD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CA8A7965-E186-4689-A73B-B2AF7E892597}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CB2AB893-A1AF-49BF-9009-E8C59ABBB417}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CB2E8D9B-F5C9-46FA-93E9-6D6F609BB466}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CB30E079-55D7-4C30-A662-01EE470477EB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CB3A3C53-0F98-4736-B7FF-C29964B2A402}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CBA93A8E-3D3A-41B7-90B7-513517C64A09}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CC976574-1509-4D8A-BABB-984024B6C5FD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CCC1119B-813A-4E4A-BF0D-16989D6BE297}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CD42FEAA-C25F-4648-819D-CB0FDE354F0A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CE4233C7-0764-4A00-AEC2-B4D9ECB1435F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CE9CA2F4-68FC-4FF7-B301-C3C88FC8287C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CE9D44CB-705A-4585-BCFA-F745632C3A45}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CEF42580-5E42-41D4-856B-85CA77D5D92D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D0792ECE-17F8-404A-BCF7-1954C4619395}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D07B9695-E004-4972-A8D7-29904D90D0E9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D0B35807-7EE8-4B8C-8592-D9B66963EF53}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D24DD654-CC61-4B6B-BEA6-6D62F0F38D23}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D2A320C8-9F79-425F-8834-3A6364C7A11D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D2B8D7B1-6A63-4443-B1AE-650682C12FB1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D3776691-508C-40A7-B45E-07C58942F96E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D4375A40-A49D-4592-817C-C06F680D6C82}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D4A06DA7-FB86-41EF-8735-84A38D26CB5D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D4C4A614-C1BE-4641-8277-67BAABDB39EC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D4EE1E28-DB4E-48BD-9A80-A6DCA06FBFC5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D50CF8AC-A81E-4D84-BF0B-6212E1E9B0AB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D559E184-6A0F-4CA8-BCD3-87D257E5ADD6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D5EC60FD-CDBB-481F-8525-98D954230A0F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D62CD61E-11B2-45AE-B81F-8325AB1DD355}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D7192D7D-D684-48F7-BC22-1A5DBD2E320C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D74D775C-F1DC-4F6C-ABDB-9D59F5BC9C0E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D825262F-71A7-4039-BFFA-44CEE75032EB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D8737C88-0BBB-420B-8C6C-7418598DCCC3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DB556829-E028-4FFB-9A49-FA9CC2EC656E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DB7D9278-54F6-430B-81C6-5DEDA446F632}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DB821A31-9599-40E5-968C-8A5BFAD7EB74}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DB8876A2-2B5B-4222-8C1D-EB8B2750C1AC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DBF2B7DC-46B9-4902-A177-C660F1DA02DA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DC20FA58-8716-43E2-BA7A-06FAA379995D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DC315979-9AD9-4B1B-98D1-3872203792AC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DC64DC37-2364-4573-9D45-AF938E117D25}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DD4DB9C0-3507-45BD-B63B-E7C2872D589B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DD8F1AC3-BB14-4483-AC78-96F58E153100}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DE2AD8F5-0047-4438-8D77-3511F23A2BF5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DE40779C-17EC-49D5-B9F8-C7DFB7C14515}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DF8C7FEA-3029-4BB4-BB59-08780DF0184D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DFB88860-EB74-4A3B-89A4-FB9A19983DF1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DFFFD953-98D3-4F90-B720-9AEB1BE54287}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E02EFDEE-E4C5-437C-9DE0-4C931256400C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E0503122-AC2E-4644-AAC0-C4E947ED4E0E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E07A77C2-1167-465E-A9B9-92BA7D4A59CE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E0A8C5FD-9C2E-4768-B75F-81B3D0A6ABC9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E1BF8833-C9BA-4B3D-8A43-0A8ED3D9A7EF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E364B1C0-362E-4CD8-B6C1-C6F39E0F2CA7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E37A9A81-2C85-4644-9D3E-4EBD07A20EB0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E3A72550-DDBB-4F39-8291-6329475F6F52}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E3A93A7E-4DEA-466C-8AA9-7442ADA58D2D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E47B30FB-E06A-43F1-9629-D3A4ECEECECE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E47F0869-FBE1-44D7-A90A-717942985AFE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E4E4A6C0-6112-4602-A03F-A93AAE7B69BC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E5293BDD-FA0C-488D-B63B-40692B859377}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E64B5A67-D47A-4B46-BC94-8133AF962CED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E7C602F2-C9EA-4602-B747-D7A11F3D913F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E8F53767-734E-4DED-BD4F-E5E5695446A5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E9091C5D-AA9B-4357-8A9E-E41AEFEC141A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E90CEE60-84F2-4174-9E71-B5024D9B765A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E91F1A3D-7687-4C1D-937A-F7430F3FD0C4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E9BEB3EC-A0C6-4827-B1CC-29A287F28B20}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EB0A362E-26F5-40E8-9602-54F8F63B7C1D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EB545F36-9E93-49E5-9D94-20F9D3F1BC08}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EB91A366-2FAA-4685-8D12-62FA37BEF6A7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EBFEAA65-B5F6-49EC-AC9B-A5D16BA4E6CD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ECAF599D-6AC1-49FF-99C3-D2B20C3E15DB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ECD2AE39-549D-43E5-B1E8-7DEFF39C8CDE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ECDE4536-E03C-4E34-B202-BB797EB809B3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ECDEAACC-2CD6-43F2-9A98-023C59F90289}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ED4EBB1F-DB27-4EEF-99A6-EF915808BB36}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EDADF117-34E6-464B-98F4-EDDD3AA8D637}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EE9C2C68-7720-45A3-84E4-0DA24A14CB99}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EF2191C2-A69B-4E4A-9302-DDD390714DED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EF49E241-5520-47AE-80AC-334A7E38918A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EF728E5F-51AC-411D-BB59-E36FFD22C0B8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F00D5928-6463-4CC7-9546-6778BFCC960D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F04AAC79-12E3-47D4-BEBB-AF4E9C5E1037}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F057BA0C-3A5B-4FEF-83AA-D390B000A6C9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F06DBF1B-CCDD-40FC-996D-CDC221DC0554}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F088DAB5-0569-4C84-BE22-4D0D35E5D5D0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F0D99C21-B73B-42C9-95AC-5EF3C9935764}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F0EB6C3B-382C-410F-93D0-0A1BD0CE7F1B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F1564886-B174-4F45-AD6B-684D29DE8271}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F233E2F9-8FC8-4E81-AF98-DD0C0ED95B76}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F3E8D56D-3346-4EE8-8B45-91CEAF5FF3FB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F438C027-5537-4F97-9C35-52F897259891}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F446D68B-A8C5-41F9-A95B-E8FB255A9E1C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F54DEA00-2A23-4EE1-A3B6-00905006D9E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F58D82F2-D619-4A7C-9FE5-2AFF5DDC9435}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F5BF4788-4CEB-4FC9-B0C9-EBAB3D2D813B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F72B1311-2861-4D0A-9F06-7669F62E881D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F74EBF8F-E74B-4DBA-A49C-AD67CB56E132}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F76EA9ED-176D-4D98-830B-25751F88CD9D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F7A3E80C-33B2-4CC3-BD2B-A13149AF2823}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F81157CF-7ABD-4923-91DE-EE83393821BD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F87E7C10-E783-4426-870B-0F58B18DC424}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F8A6E4F0-B7EC-4446-A6B1-4FAD24592B3D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F8E2B788-0A77-43E6-928C-15D1841EB837}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F912171D-68A9-461D-B8E1-794F84F63BF1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F956D1B3-D7FE-4D77-83AC-48481B9CC271}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FA1C4A46-FEB7-423A-A6C8-FBED36A81785}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FA2CBC05-6E48-4D26-96C2-4D97EA7C4D7B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FA57C23D-00B8-4C90-A8E1-EFC93DCECA14}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FA98703B-E3AD-47CC-A964-FC0C9FC2756A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FB3E7DD6-298C-4E02-B70D-C43AEAB639BC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FB6EA5D1-12DF-41CD-9EF4-F42AFFF82A44}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FBF4F1DD-D007-4A59-B034-D29DC4A9248F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FC94FF85-67CA-4D42-85BC-C76FB4C3C7A6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FCD740CD-61A7-4362-A005-E516B64237C0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FE70295D-AC6D-40F0-8641-51C5CB1D362F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FF0ED269-5026-47AE-9869-CDD91F4FB60F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FF459002-EAB2-450D-8DF4-FAE264C973B1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FFB41551-E0EE-4141-9FCB-C9D5E9437AFD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FFBEA000-FD75-4A86-A8EA-5ACB3D980202}



~~~ FireFox

Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\585f7z1p.default-1369884388276\user.js
Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\585f7z1p.default-1369884388276\prefs.js

user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3298566&octid=CT3298566&SearchSource=61&CUI=UN21210456921707250&UM=2&UP=SPE26E07BA-B43F-486B-8E65
user_pref("Smartbar.ConduitSearchEngineList", "MixiDJ V30 Customized Web Search");
user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN21210456921707250&UM=2&q=");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3298566");
user_pref("browser.search.defaultthis.engineName", "MixiDJ V30 Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&CUI=UN21210456921707250&UM=2&SearchSource=3&q={searchTerms}");
user_pref("extensions.AMAZONNEW_NS_PH.searchconf", "{\n \"google\" : {\n \"urlexp\" : \"hxxp(s)?:\\\\/\\\\/www\\\\.google\\\\..*\\\\/.*[?#&]q=([^&]+)\",\n \"rankometer\
user_pref("extensions.crossrider.bic", "13f3f026ad6aacd80a8ef0ab7f5f066a");
user_pref("extensions.helperbar.SmartbarDisabled", false);
user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
user_pref("extensions.wajam.affiliate_id", "1401");
user_pref("extensions.wajam.firstrun", "false");
user_pref("extensions.wajam.log_send_info", "false");
user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\
user_pref("extensions.wajam.no_trace", "false");
user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM
user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_L
user_pref("extensions.wajam.trace_log", "1371151689781 - onFlagInfoReceived - No user current mapping version specified, set to '0'\n1371151689781 - onFlagInfoReceived - Uniqu
user_pref("extensions.wajam.unique_id", "BE17FCB34114C0809BA16620CC6ECA94");
user_pref("extensions.wajam.user_current_mapping_version", "0");
user_pref("extensions.wajam.version", "1.26");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN21210456921707250&UM=2&q=");
user_pref("smartbar.machineId", "JT0QRSU+KS2UHBEVRY30HULNBVOLNWXZTGAVFW5BXGLDFKVBEYUQKGB/PAR+ZTXZAHKDGRBCHYZ5P5VQR8FPLQ");
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\585f7z1p.default-1369884388276\minidumps [36 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 06/18/2013 at 14:22:04.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#8
Essexboy
Posted 18 June 2013 - 12:44 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you now able to download ?
  • 0

#9
dumonm
Posted 18 June 2013 - 12:47 PM

dumonm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
will give it a go..... thanks...can you tell me what happened? and Norton or Defender?
  • 0

#10
dumonm
Posted 18 June 2013 - 12:48 PM

dumonm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
was able to download Adobe reader...awesome thank you very much... will be making a donation!!!! you rock!!
  • 0

#11
Essexboy
Posted 18 June 2013 - 12:51 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK it was a new variant of Zero access/sirfef and it suborned MSES to report all downloads as infected, amongst other things http://blogs.technet...ef-plunder.aspx

As to which AV to use then the choice is yours and depends on which one you feel most comfortable with

On the desktop should be a text file called junction.txt could you post that please so that I can confirm it has gone
  • 0

#12
dumonm
Posted 18 June 2013 - 01:01 PM

dumonm

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts
thanks very much.... and here is the log. Is either one better than the other?

Volume in drive C has no label.
Volume Serial Number is A838-908A

Directory of C:\

07/14/2009 12:53 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes

Directory of C:\ProgramData

07/14/2009 12:53 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes

Directory of C:\System Volume Information\SystemRestore\FRStaging\Windows

08/11/2012 07:30 AM <SYMLINKD> $NtUninstallKB45116$ [..]
0 File(s) 0 bytes

Directory of C:\Users

07/14/2009 12:53 AM <SYMLINKD> All Users [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes

Directory of C:\Users\All Users

07/14/2009 12:53 AM <JUNCTION> Application Data [C:\ProgramData]
07/14/2009 12:53 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/14/2009 12:53 AM <JUNCTION> Documents [C:\Users\Public\Documents]
07/14/2009 12:53 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes

Directory of C:\Users\Default

07/14/2009 12:53 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 12:53 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 12:53 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/14/2009 12:53 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 12:53 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 12:53 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 12:53 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 12:53 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 12:53 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes

Directory of C:\Users\Default\AppData\Local

07/14/2009 12:53 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/14/2009 12:53 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 12:53 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes

Directory of C:\Users\Default\Documents

07/14/2009 12:53 AM <JUNCTION> My Music [C:\Users\Default\Music]
07/14/2009 12:53 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/14/2009 12:53 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes

Directory of C:\Users\Public\Documents

07/14/2009 12:53 AM <JUNCTION> My Music [C:\Users\Public\Music]
07/14/2009 12:53 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/14/2009 12:53 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes

Directory of C:\Users\User

06/15/2012 02:42 PM <JUNCTION> Application Data [C:\Users\User\AppData\Roaming]
06/15/2012 02:42 PM <JUNCTION> Cookies [C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies]
06/15/2012 02:42 PM <JUNCTION> Local Settings [C:\Users\User\AppData\Local]
06/15/2012 02:42 PM <JUNCTION> My Documents [C:\Users\User\Documents]
06/15/2012 02:42 PM <JUNCTION> NetHood [C:\Users\User\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
06/15/2012 02:42 PM <JUNCTION> PrintHood [C:\Users\User\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
06/15/2012 02:42 PM <JUNCTION> Recent [C:\Users\User\AppData\Roaming\Microsoft\Windows\Recent]
06/15/2012 02:42 PM <JUNCTION> SendTo [C:\Users\User\AppData\Roaming\Microsoft\Windows\SendTo]
06/15/2012 02:42 PM <JUNCTION> Start Menu [C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu]
06/15/2012 02:42 PM <JUNCTION> Templates [C:\Users\User\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes

Directory of C:\Users\User\AppData\Local

06/15/2012 02:42 PM <JUNCTION> Application Data [C:\Users\User\AppData\Local]
06/15/2012 02:42 PM <JUNCTION> History [C:\Users\User\AppData\Local\Microsoft\Windows\History]
06/15/2012 02:42 PM <JUNCTION> Temporary Internet Files [C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes

Directory of C:\Users\User\Documents

06/15/2012 02:42 PM <JUNCTION> My Music [C:\Users\User\Music]
06/15/2012 02:42 PM <JUNCTION> My Pictures [C:\Users\User\Pictures]
06/15/2012 02:42 PM <JUNCTION> My Videos [C:\Users\User\Videos]
0 File(s) 0 bytes

Directory of C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.1.7600.16385_none_579306edb982ae36

07/13/2009 09:14 PM <SYMLINK> MpCmdRun.exe [...]
07/13/2009 09:15 PM <SYMLINK> MpOAV.dll [...]
07/13/2009 09:15 PM <SYMLINK> MpRTP.dll [...]
07/13/2009 09:15 PM <SYMLINK> MpSvc.dll [...]
07/13/2009 09:15 PM <SYMLINK> MsMpRes.dll [...]
5 File(s) 1,533,440 bytes

Directory of C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_59c41ab5b67131d0

07/13/2009 09:14 PM <SYMLINK> MpCmdRun.exe [...]
11/20/2010 08:19 AM <SYMLINK> MpCommu.dll [...]
07/13/2009 09:15 PM <SYMLINK> MpOAV.dll [...]
07/13/2009 09:15 PM <SYMLINK> MpRTP.dll [...]
07/13/2009 09:15 PM <SYMLINK> MpSvc.dll [...]
11/20/2010 08:19 AM <SYMLINK> MsMpCom.dll [...]
07/13/2009 09:15 PM <SYMLINK> MsMpRes.dll [...]
7 File(s) 1,810,944 bytes

Total Files Listed:
12 File(s) 3,344,384 bytes
50 Dir(s) 83,144,892,416 bytes free
  • 0

#13
Essexboy
Posted 18 June 2013 - 01:49 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
In general I would go for Norton over MSES as the updates are more frequent with the downside that Norton is heavier on system resources


How is the computer behaving now ?

Please download Malwarebytes Anti-Malware to your desktop.

  • Right-click and Run as Administrator mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan as shown below.

    Posted Image
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.


The log can also be found here:

Windows 2000 & Windows XP:
C:\Documents and Settings\<USERNAME>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Windows Vista & Win7:
C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
----------
  • 0

#14
Essexboy
Posted 25 June 2013 - 03:09 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP