Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Having problems with Top Arcade Hits and Conuit Search [Closed]


  • This topic is locked This topic is locked

#1
Nsomniak

Nsomniak

    New Member

  • Member
  • Pip
  • 8 posts
It seems I have acquired some nasty malware that I can't seem to get rid of. The two that I have noticed are TopArcadeHits and Conduit search. Any help will be greatly appreciated. I have read all of the rules and have run the OTL here are my results:

OTL Extras logfile created on: 9/21/2013 2:54:55 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mom\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16688)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.90 Gb Total Physical Memory | 4.10 Gb Available Physical Memory | 51.88% Memory free
15.90 Gb Paging File | 11.77 Gb Available in Paging File | 74.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 676.46 Gb Total Space | 397.88 Gb Free Space | 58.82% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 163.36 Gb Free Space | 23.38% Space Free | Partition Type: NTFS
Drive E: | 21.87 Gb Total Space | 2.34 Gb Free Space | 10.71% Space Free | Partition Type: NTFS
Drive F: | 583.11 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 14.92 Gb Total Space | 14.91 Gb Free Space | 99.95% Space Free | Partition Type: FAT32
Drive H: | 410.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MOM- | User Name: Mom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- "${env:ProgramFiles(x86)}\Internet Explorer\iexplore.exe" -nohome
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- "${env:ProgramFiles(x86)}\Internet Explorer\iexplore.exe" -nohome

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "${env:ProgramFiles(x86)}\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "${env:ProgramFiles(x86)}\Internet Explorer\iexplore.exe" -nohome
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1521442C-5B3A-46A3-89D9-A3E09C8A149E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1A9CB5AB-54B1-4B2F-9C08-13430CED4D4E}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2C631FDD-E93D-45D6-AB0A-5A35E757D1A4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33469754-83F9-4F69-B636-EE5581237D70}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3B5BF528-ABF7-454D-A493-DE90986601AD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{55D1C4B7-94F9-4DB4-B2D7-7C997BFF26C2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6172D736-6524-41CD-B265-3419C67EF93B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{71233591-8BBC-469E-878A-7DF5FF75EC88}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7553D9B9-1188-4C30-82CD-567F34B5DBF5}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{84399A00-664D-466E-AF5B-60F966D23454}" = rport=2869 | protocol=6 | dir=out | app=system |
"{90047702-B077-4ED7-9E6C-7D979ABED993}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{936FA799-00BD-467A-A7BE-992EF45E55F4}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{96DE60D2-2D0E-40A9-A8E7-1914E6D77EEF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9F237905-62F5-4097-A858-0534174BAD42}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BD42A97D-1797-4BB3-83F7-72399159D9ED}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C70AFE95-889D-49E3-9D77-0B295105F0EA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CB86156A-CD61-449A-AA61-C367BE6186F8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E84007F5-67CC-4177-AA33-9A7B2003279C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FCC38FCD-9C64-4516-8C39-8A36842894CA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0038285E-45BB-47B7-819E-0BDA5EB1E435}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sam and max 305\sammax305.exe |
"{00B5CC17-EFB5-4C6F-B025-FEF1D5DBD6FA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{01A19C96-36AB-4DED-93AA-E30F869F6D27}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{01F1C334-5309-4200-91EF-6DEE8A242394}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{0779B7A8-A38D-4F06-9C22-FFFEA48F93A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{0AE161AF-672F-47DF-833E-950558DCDF80}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B0D51E5-230A-40EA-B3B4-39F15ADBAC92}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\back to the future ep 2\backtothefuture102.exe |
"{0C01D716-D7BF-4311-BE90-31FA69540C84}" = dir=out | [email protected]{microsoft.zunevideo_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{0C13B943-A771-4982-9EAD-706B216C1BCE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\back to the future 105\backtothefuture105.exe |
"{0D1806E9-8A58-425D-9C29-A39D5966CDBB}" = dir=out | name=ebay |
"{0DA45D09-C22D-45F6-A103-0C8C1FAA96F5}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{0EE5B40F-6A6B-4C16-9138-3B688B7BDADD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\poker night at the inventory\celebritypoker.exe |
"{0F7325F6-778C-41A2-A6D9-1FB07C6797D5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0F9032ED-B9C4-4144-8347-43B9069F883B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{103F6ED1-211C-4C6C-A5AD-DE7E3C8EB0DF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{1394A90B-60FB-4398-8170-3043282F43AF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{13969ECE-7DFD-4AEC-A21F-EECB74CED7E0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{13A78262-ADC1-496A-8C45-CA12F259EAE3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\back to the future 105\backtothefuture105.exe |
"{155DD65D-D917-48BB-AFC1-DE81A581F751}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\back to the future 104\backtothefuture104.exe |
"{15D9EC5F-B9FF-4509-ADB9-EEEB2400C913}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\faerie solitaire\faeriesolitaire.exe |
"{15F8335F-234A-4057-9A50-749B60570F74}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{1BDD7DCB-383F-4D43-86B4-64506E343E27}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\little inferno beta\little inferno.exe |
"{1F437FD9-2C66-43AC-864A-C80672082F47}" = protocol=6 | dir=out | app=c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe |
"{1FAFBCB6-A0D3-4E78-9E78-47CD4CD7730F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{22887A23-2069-4230-9C55-F81AABD2D88A}" = dir=in | [email protected]{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{22C3C40C-5586-4C02-8139-A8A55A070E77}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{230F397D-ABD5-4F94-9754-5924E2649ADE}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{240855EF-226A-4294-9D23-E50EEB94CD66}" = dir=in | [email protected]{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{24FAF065-8BC4-416C-9F73-B83CF3974B84}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sam and max 305\sammax305.exe |
"{2615203A-5545-429C-A348-C646DA27A05F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\back to the future 103\backtothefuture103.exe |
"{2A57A84D-CC44-4867-A838-649FBC663D9D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sam and max 302\sammax302.exe |
"{2A629F08-B116-4D94-8F14-FFD5D380A166}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the secret of monkey island special edition\mise.exe |
"{2B1ED8C1-F15E-409D-A89D-A36FDF9CB987}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep1\wallacegromit101.exe |
"{2D34FE17-7349-40B1-9C51-20062E34A133}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D495FF0-71A5-4980-9D47-CE47DD18900A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\back to the future 104\backtothefuture104.exe |
"{2F4E4163-C5C1-4301-AE24-52852E927186}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
"{30619996-2116-4374-B153-1BE5ECBA8500}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{318C0D4B-B520-4F3B-9448-47E82022F2BB}" = dir=out | [email protected]{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{31C24CCC-C96A-4F3B-AC63-23318A95F398}" = dir=out | [email protected]{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{3646978B-D7A4-45E0-828E-5ED07A0F04C6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\puzzle agent 2\grickle102.exe |
"{375A5EF9-8F53-4444-AB0F-47D62A581D42}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{38460D79-850E-4D5B-997B-F5255CF7B215}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{39B4C5C4-8626-4725-ACA5-BDD92EE95755}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hector ep 2\hector102.exe |
"{3A975365-475D-463A-BC75-CD6F0834A02F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sam and max 303\sammax303.exe |
"{3BC867F0-E783-4C35-B510-60E5D51379D8}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{3BE95FAC-F205-4867-908E-157025AA72F4}" = dir=in | name=overdrive media console |
"{3E8B707E-9393-41C6-A387-DB03121DDBE1}" = dir=in | app=c:\program files (x86)\rosettastoneltdservices\rosettastoneltdservices.exe |
"{3EFE6613-02E8-4C1F-B772-BEF43DE883B6}" = dir=out | name=google search |
"{44482DCF-A92A-4424-B921-4E45AF311352}" = dir=out | [email protected]{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{47D6F1E3-AD6E-4E26-86C5-8D17F158CEE6}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{4929BB6E-A8E5-4840-9737-8FDD5FD73FE2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hector episode 1\hector101.exe |
"{49C65AEB-C563-4FFB-A392-B0A1EFC38296}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{4A97C118-1D50-4412-BD35-B51B27B63CBA}" = dir=out | name=netflix |
"{4BD7FC9E-BBFD-4CC7-B677-B97C74967E2D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4F7A976A-F52F-4E56-B102-46E638706600}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{533FBF91-75AD-4EFE-AE8F-AEAFB32E8964}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{5596431A-55A9-41F6-A0C2-29C1BAD4B468}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{55F5AC79-7785-4217-8C11-005D22A57D2D}" = dir=out | [email protected]{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{567ECD1E-9340-4BDE-B2AF-6CA619B81F73}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5686A619-4430-4924-A86A-E71112E8BDCB}" = dir=out | name=amazon |
"{580566D2-8526-4814-ABE0-5DCF6886BA04}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\back to the future ep 2\backtothefuture102.exe |
"{58BAD345-D233-4FB5-9F04-57E728E379D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep4\wallacegromit104.exe |
"{5C1B0DD6-C5A4-4BEE-A32E-4216B7A0A542}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5C4CB396-6AEB-4A06-825A-FC96AED0AA95}" = dir=in | [email protected]{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5C9BA875-DDE0-4139-A03C-E76CBA13BD8F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sam and max 303\sammax303.exe |
"{5ED84A63-5F02-489B-8D08-B3EA1BE2CD03}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\faerie solitaire\faeriesolitaire.exe |
"{615F2253-55B0-4CB8-B5FF-987CA0B0AA3E}" = protocol=6 | dir=in | app=c:\users\mom\appdata\roaming\utorrent\utorrent.exe |
"{61BC8E9C-5D09-4AD0-9185-2F7CEB36D556}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{61EAA94A-5C9D-466E-9665-918B517F9844}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hector ep 3\hector103.exe |
"{64622FD1-EB38-4B16-ABBA-BB74239B935E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep1\wallacegromit101.exe |
"{65F18D9B-2747-4592-A910-43D4B2119591}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{66FD13DE-B196-44CB-856C-1FB14DC5D8BB}" = dir=out | [email protected]{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{67569741-6422-4EB2-A59C-2AD72BEC1541}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{68929439-89AA-461D-904E-58843D8FDF1A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6FAB4B58-ADA3-48A7-B34D-614D6100C7A7}" = protocol=58 | dir=in | [email protected],-148 |
"{74DD2F38-75A3-4087-A3C0-D4A6F1CC02BD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sam and max 301\sammax301.exe |
"{770D6962-EC83-4F41-B8C2-B0BB4E3E3ECA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\puzzle agent 2\grickle102.exe |
"{778EDEF1-80EF-4A84-9A55-E958439D419D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oblivion\oblivionlauncher.exe |
"{79741708-2B21-487D-AD9A-D6773858A7A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sam and max 304\sammax304.exe |
"{7B1A88BB-094F-475D-9241-E0B61E44838B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep2\wallacegromit102.exe |
"{7C9EECF7-3267-4D5A-8F51-DD38169685F2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\botanicula\botanicula.exe |
"{7E3DF80E-D417-47E0-B64B-EBF8C2A17465}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep3\wallacegromit103.exe |
"{7F5E44B3-722C-4A31-B041-98C29550627F}" = dir=in | name=ebay |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{83866D0A-CCD4-4412-8F35-3B9DA9371E25}" = dir=out | [email protected]{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{84AF1602-D977-495F-85BE-089D972A54EF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{87A6495B-6BC7-4C9D-89D4-B0C3E07B5A7B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\little inferno beta\little inferno.exe |
"{87FB9ABE-0C28-4B35-A008-12D5609B9DCF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe |
"{8A77BB35-7914-410E-BFDC-0216475BE0AF}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{8CC6B70F-EEBC-4C18-8BDF-14648279C22A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\back to the future ep 1\backtothefuture101.exe |
"{8CE68F49-BC73-4772-BE00-FC79C1F75F27}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\wiselinkpro.exe |
"{8DB4277A-01FE-422C-B9B5-AA439F099C68}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90555E04-E28B-401A-AA15-38C8FEE7325F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep3\wallacegromit103.exe |
"{9066F3A3-5BE1-49A5-A801-63321DC35485}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\back to the future 103\backtothefuture103.exe |
"{90DAD622-95A9-47A9-B601-4889B732DE4E}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{93860065-8586-474B-AFAC-4340041E6606}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ticket to ride\ticket to ride.exe |
"{93E80B52-1D0F-411A-803D-4CF820A943F6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{96C11EA2-7818-4BB7-A949-AB50EE8A8986}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{96D54512-6981-4EC9-91B1-326655B586C1}" = dir=out | [email protected]{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{976F84AA-58D5-4B1E-8C3A-742C238AE806}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amnesia the dark descent\launcher.exe |
"{986EF0BA-1D9A-417B-B4D4-1856C4C5A6F7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{9993E3AE-5148-4C0E-98BA-A91D0805EEE8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sam and max 302\sammax302.exe |
"{9B6FE289-DC3C-48B7-A5FD-8AB0370C52BE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{9CDCE1C8-195F-4559-B3A7-D89D094C10C4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the secret of monkey island special edition\mise.exe |
"{9DD38EF2-CFF0-482E-A4B0-BB1562EB3A12}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9FD7082E-ABCC-45E9-8112-4C6973C67ECD}" = dir=out | [email protected]{microsoft.xboxcompanion_1.2.160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxcompanion/resources/33279} |
"{A01DD6CA-EDB2-4DB6-8008-55EEFF7BBBF5}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{A0656578-1419-4A74-8715-A9DD6B549085}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sam and max 301\sammax301.exe |
"{A1447C8C-5903-48E0-8EC4-AA063190E4FA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wake\alanwake.exe |
"{A3F82141-1631-4839-99A9-4103B751B2FB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A8C2AA99-9D79-41FF-8994-351D7B8F2533}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{AA581457-22DF-4E49-90B9-25AC0FBA4D33}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thomaswasalone\thomaswasalone.exe |
"{AB1BD58F-5603-4DF3-9671-2D1A5015DA7D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AC920C3F-3663-48F6-8838-014F9D6F0816}" = dir=out | [email protected]{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{ADD54047-508F-4163-837C-36C191E308E8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\back to the future ep 1\backtothefuture101.exe |
"{B0A23496-5C14-4F48-B3AD-58078ECB1368}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\ticket to ride\ticket to ride.exe |
"{B0D394BF-8322-45F4-A059-0EDC713B6BDD}" = dir=out | name=kindle |
"{B1DC533E-3DDA-44E7-9294-111CAAFD3496}" = protocol=6 | dir=out | app=c:\program files (x86)\rosettastoneltdservices\rosettastoneltdservices.exe |
"{B6481107-77DA-4058-BED7-5DD1A0A5F145}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{B678F992-54D0-47B0-899F-272623A9BAF1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\puzzle agent\grickle101.exe |
"{BCC256CF-5262-4479-BDCA-129958944F8B}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{BD363A5A-18B3-41C3-BEAE-98602366E445}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BE45DB2D-4CC3-484E-BF1A-17FF27B073CE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BECC8774-6BFB-4E73-AA62-F9441667EFF4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hector ep 3\hector103.exe |
"{BF4CC9F2-879D-4405-BC4A-04A0518747C3}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{BFD5B348-BCB7-48E3-81DE-B8014BD8E50F}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung pc share manager\http_ss_win_pro.exe |
"{C0104F6F-70F6-436D-A6DA-1AA2C4D1AF76}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C03D1833-2303-4190-B4B4-BA0F58254167}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\oblivion\oblivionlauncher.exe |
"{C1869826-267E-4DE1-B287-F6BB6FE01CDB}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{C564F26E-600B-4E6D-A9B8-DCFF7728C282}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C6346479-AA9F-4F0C-BA6C-6750FEE77B66}" = protocol=17 | dir=in | app=c:\users\mom\appdata\roaming\utorrent\utorrent.exe |
"{CDAD179C-68AB-4850-95CF-B8B8101851D9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep4\wallacegromit104.exe |
"{CEDDB10B-4B09-4229-BEC1-2AB84BAF8C02}" = dir=out | name=windows_ie_ac_001 |
"{CF2F25A2-A586-48A5-B7AE-BFE611A61190}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\botanicula\botanicula.exe |
"{D0918BE5-4088-4CD6-B76D-608117674072}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\wallace and gromit ep2\wallacegromit102.exe |
"{D2F1A126-2839-4217-B3DE-E5DF2821976B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the walking dead\walkingdead101.exe |
"{D44D973D-B7BA-45A4-BDDC-47560CC1EA4A}" = dir=out | [email protected]{microsoft.zunemusic_1.1.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{D454444B-FBC2-4D57-97B1-093852B81131}" = dir=out | [email protected]{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{D4E9B4AB-249D-4C75-AF66-4BDCC2852CB8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5798595-B761-4611-A762-EAD6CC5FEA60}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{D67D9887-98E6-4522-80DF-99A09855ED36}" = dir=in | [email protected]{microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D9F25810-412D-4EA0-95E2-5249B265BAF4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hector episode 1\hector101.exe |
"{DEC3DC6B-5E6D-4C14-A802-EF1A4E7569DE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hector ep 2\hector102.exe |
"{DFD32ECF-A555-4BBA-AA4F-88F968150C14}" = dir=out | [email protected]{microsoft.bingnews_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E2CC867A-C052-4CF7-9440-979E548DD4AF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\puzzle agent\grickle101.exe |
"{E3ADF7A4-FB76-49BA-A449-4A7EBDE257A7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe |
"{E57E25BF-8DC8-4216-AA94-3F4BAC27B09F}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | [email protected]{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EA71B6E4-B43A-4CC1-9A32-457C452FD415}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\indivdrm.exe |
"{ED9912D0-E205-4BD9-B405-C728AA28827B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EDAF0E33-E936-42F1-80CA-72097CAF6B58}" = dir=in | app=c:\program files (x86)\rosettastoneltdservices\rosettastonedaemon.exe |
"{EF4B8B76-B9B0-4EE1-8302-9F33B35B9AD0}" = dir=out | name=overdrive media console |
"{F15EFC01-BF61-4F28-A61E-0B6D45D0A30A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{F3B6B19E-E752-4D27-AE7A-C32AD8F3E0CC}" = dir=in | name=amazon |
"{F67EC505-0A6A-4F77-9DB9-03DFE284750A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\thomaswasalone\thomaswasalone.exe |
"{F85C2614-2C6E-4FCB-B504-B36BA9661BA7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sam and max 304\sammax304.exe |
"{F9238997-5A8C-4D33-BBD6-C05D419F81DA}" = protocol=6 | dir=out | app=system |
"{F9771E56-0018-4B89-AB7D-98F84CCE31BB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FAC581DF-A3B8-404B-9D95-60FD6D5A73F3}" = dir=out | [email protected]{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{FD751AAC-375F-4E2D-91CB-5D56DF6277C7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\alan wakes american nightmare\alan_wakes_american_nightmare.exe |
"{FDE2CAEA-6FC9-42B0-9A83-AC9495BBC394}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"TCP Query User{460A61CC-6491-4F85-9A38-D67ABE37F772}C:\program files (x86)\torrent opener\torrent opener.exe" = protocol=6 | dir=in | app=c:\program files (x86)\torrent opener\torrent opener.exe |
"UDP Query User{DEADEFAD-6355-4490-899C-123C81D698D3}C:\program files (x86)\torrent opener\torrent opener.exe" = protocol=17 | dir=in | app=c:\program files (x86)\torrent opener\torrent opener.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0CE7EBAF-157D-4111-9146-057CB2A4023E}" = HP Application Assistant
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F91C200-8F0F-4009-A75E-DB6CE151BD4E}" = Validity WBF DDK
"{26A24AE4-039D-4CA4-87B4-2F86416037FF}" = Java™ 6 Update 37 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{4169B8AC-D144-4E38-A9CA-637EA44129ED}" = Intel® Wireless Music device driver
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}" = HP 3D DriveGuard
"{5A847522-375C-4D05-BD3D-88C450CC047F}" = HP Launch Box
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{bda3368d-37bf-4e4a-84b3-3cc1b2155e46}" = Intel® PRO/Wireless Driver
"{C1135974-554F-476D-B04F-0B79CFE49364}" = Box Sync (64 bit)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DD1AF090-041E-4403-B27A-AC6FA4B985E8}" = Intel® PROSet/Wireless WiFi Software
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EBC0CC3F-B7A1-4FC8-8014-4C7BFD3925E8}" = AuthenTec TrueAPI 64-bit
"{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}" = HP Security Assistant
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F73A118B-8271-47E2-8790-0C636B2539C5}" = iTunes
"{FEA1590B-540A-41FC-A95C-664493C82A21}" = Classic Shell
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"CCleaner" = CCleaner
"EPSON WorkForce 645 Series" = EPSON WorkForce 645 Series Printer Uninstall
"GIMP-2_is1" = GIMP 2.8.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02F5BEE7-0AB6-4E42-9BF8-2588AAECC7F2}" = EZ Fonts
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}" = HP CoolSense
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{18FBAEE6-8AF9-4138-A6EE-0675845B254A}" = LeapFrog LeapPad Explorer Plugin
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1DFA0C99-6E2E-46F4-B242-51C7CF41DDE5}" = HP Software Framework
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{293FE8CE-376E-4F5E-B129-D3A2065F2EA7}" = Amazon Cloud Drive
"{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C821CA-6B55-44A0-8A9B-2EF471D6019E}" = HP SimplePass
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}" = opensource
"{3C22981C-5C14-4176-B0E8-C2BE71174C41}" = HP Product Detection
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4010ADCB-1347-D570-FCF1-3002CABEBD2F}" = Rosetta Stone TOTALe
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51071D66-D034-4239-94E0-723FCA10B6FE}" = OpenOffice.org 3.4
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{574F0207-8E98-46CD-8F79-318348C98C46}" = HP Quick Start
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{698AC01B-DF0C-4BCE-940C-EB29AD23A560}" = Stamps.com
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{702b0b5f-bcbb-44fc-b613-e96f2a3006ed}" = Intel® PROSet/Wireless Software
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74852D78-260B-0612-89EE-D414414CFF60}" = GameFly
"{768A6276-5822-489C-8A2B-67190F745655}" = ESU for Microsoft Windows 7 SP1
"{779EB69C-6DD9-4CB0-B316-2BEE4361755A}" = calibre
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BB2EF8A-5376-4BAE-96D0-38BE49501F40}" = Rosetta Stone Ltd Services
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87F54A80-158E-436C-9B09-FFFD27F81BD4}" = Community Clips from Microsoft Office Labs
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A1FEA5E-8DB8-AD80-5C14-AEF33D16EF5A}" = Rosetta Stone TOTALe
"{8C0FCCB4-F0E2-4585-8166-EB7488CD1E88}" = LeapFrog Connect
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F018A9E-56DE-4A79-A5EF-25F413F1D538}" = WeatherBug
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93F34C5C-ACAA-48F3-9B26-70359A117F12}" = Intel® WiDi
"{941DE69D-6CEE-4171-8F1F-3D7E352AA498}" = HP Wireless Button Driver
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A23AADDA-3DBF-11E2-A6F2-984BE15F174E}" = Evernote v. 4.6
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.8) MUI
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B288E426-9954-451C-B811-B0F234CF0EDD}" = HP Documentation
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BA30996C-FB03-4395-BB50-727008597E5B}_is1" = Hotline Miami version v1.0
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D07205E7-F6D3-4333-AFCC-782A07685B72}" = OverDrive Media Console
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D3D39D29-432D-4151-BA0E-77FB6A115CD3}" = Little Inferno 1.2
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = HP Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5823036-6F09-4D0A-B05C-E2BAA129288A}" = HP Quick Launch
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EFEDD205-43FE-4208-B682-0937E803E19E}_is1" = NexusFont 2.5 (ver 2.5.8.1582)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}" = HP Setup
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"7-zip" = 7-zip v9.20
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"am-fishdom3platinumedition" = Fishdom 3 Platinum Edition
"AnyDVD" = AnyDVD
"BFGC" = Big Fish: Game Manager
"BFG-Skeleton Pirates" = Skeleton Pirates
"Capsule" = Capsule
"Catan - Cities and Knights" = Catan - Cities and Knights
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"com.rosettastone.rosettastonetotale" = Rosetta Stone TOTALe
"Coupon Printer for Windows5.0.0.3" = Coupon Printer for Windows
"DAEMON Tools Lite" = DAEMON Tools Lite
"Digital Editions" = Adobe Digital Editions
"DivX Setup" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 8 Qt_is1" = DVDFab 8.1.9.8 (27/07/2012) Qt
"EPSON Scanner" = EPSON Scan
"GameFly" = GameFly
"GOGPACKSTARGUNNER_is1" = Stargunner
"Google Chrome" = Google Chrome
"ImgBurn" = ImgBurn
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"KindleDRMRemoval" = Kindle DRM Removal
"LastPass" = LastPass(uninstall only)
"LeapPadExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"myibay eBay bid sniper_is1" = Myibidder Auction Bid Sniper for eBay 1.1.4
"N360" = Norton Security Suite
"NortonPCCheckup" = Norton PC Checkup
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"OpenAL" = OpenAL
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"Rapport_msi" = Trusteer Endpoint Protection
"smart-e-software 20090310" = smart-e-software 0.6.8.3 (20090310)
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"Stamps.com" = Stamps.com
"Steam App 108200" = Ticket to Ride
"Steam App 108710" = Alan Wake
"Steam App 202750" = Alan Wake's American Nightmare
"Steam App 207610" = The Walking Dead
"Steam App 207690" = Botanicula
"Steam App 220780" = Thomas Was Alone
"Steam App 221260" = Little Inferno
"Steam App 22330" = The Elder Scrolls IV: Oblivion
"Steam App 31100" = Wallace & Gromit Ep 1: Fright of the Bumblebees
"Steam App 31110" = Wallace & Gromit Ep 2: The Last Resort
"Steam App 31120" = Wallace & Gromit Ep 3: Muzzled!
"Steam App 31130" = Wallace & Gromit Ep 4: The Bogey Man
"Steam App 31220" = Sam & Max 301: The Penal Zone
"Steam App 31230" = Sam & Max 302: The Tomb of Sammun-Mak
"Steam App 31240" = Sam & Max 303: They Stole Max's Brain!
"Steam App 31250" = Sam & Max 304: Beyond the Alley of the Dolls
"Steam App 31260" = Sam & Max 305: The City that Dares not Sleep
"Steam App 31270" = Puzzle Agent
"Steam App 31280" = Poker Night at the Inventory
"Steam App 31290" = Back to the Future: Ep 1 - It's About Time
"Steam App 32360" = The Secret of Monkey Island: Special Edition
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"Steam App 38600" = Faerie Solitaire
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 65800" = Dungeon Defenders
"Steam App 8980" = Borderlands
"Steam App 94500" = Back to the Future: Ep 2 - Get Tannen!
"Steam App 94510" = Back to the Future: Ep 3 - Citizen Brown
"Steam App 94520" = Back to the Future: Ep 4 - Double Visions
"Steam App 94530" = Back to the Future: Ep 5 - OUTATIME
"Steam App 94590" = Puzzle Agent 2
"Steam App 94600" = Hector: Ep 1
"Steam App 94610" = Hector: Ep 2
"Steam App 94620" = Hector: Ep 3
"Torrent Opener" = Torrent Opener
"UPCShell" = LeapFrog Connect
"VLC media player" = VLC media player 2.0.8
"WildTangent hp Master Uninstall" = HP Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WTA-00ada7cc-f17f-4ebe-90b9-77c0224a4c5d" = Torchlight
"WTA-0d29098d-535d-4a16-9a74-04f9ced0ed5b" = Poker Superstars III
"WTA-108b7fe8-e299-4a9b-81c3-6408e0cd7b2c" = Mah Jong Medley
"WTA-15d0e09d-ee26-47d7-8a61-c0c7957fb6dc" = Polar Bowler
"WTA-1f95e72a-73de-497d-ac3b-01e755a5c5f9" = Dora's World Adventure
"WTA-2c0548c3-c14f-4343-b09d-96038e4b3f9b" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-3e508514-1eba-49d6-b06c-cf2d3cdc2c97" = Luxor HD
"WTA-3ecbf827-5b35-4469-8a0c-ad26025165c2" = Bejeweled 3
"WTA-464ce38e-b445-4df4-9e00-4cec57644732" = Final Drive Fury
"WTA-498ad2d7-ad48-48aa-acdb-84aa7c7a62c1" = Penguins!
"WTA-50f5e074-c6cb-47e0-a2f0-e499667e4cb2" = Farmscapes
"WTA-5adc7fc4-c504-4681-b15d-9a2f7f43f4ff" = Virtual Villagers 4 - The Tree of Life
"WTA-67b4e5c8-a2a5-40f4-a0ba-491211841ae1" = Zuma's Revenge
"WTA-81b9b33d-2c1f-4d0e-a0da-19830bb6ec9d" = The Treasures of Mystery Island: The Ghost Ship
"WTA-8b2c5017-ecad-463b-b635-c6163bd73b3b" = FATE
"WTA-9721e4a9-a0e2-471f-a928-cc2428d9f6c1" = Plants vs. Zombies - Game of the Year
"WTA-99c60d94-aacb-462e-95d7-6c748d26e799" = Polar Golfer
"WTA-9ada8ca7-9d40-42e1-a921-febaaff1d611" = Letters from Nowhere 2
"WTA-a156ef82-63c9-4058-a435-b40b2387dc79" = Blackhawk Striker 2
"WTA-a2b85580-a3ad-4d33-9f3a-a95cb2c09417" = John Deere Drive Green
"WTA-ad36cb5c-69f2-4ef8-9a85-5c2db7d0c042" = Hoyle Card Games
"WTA-bbcc10c4-aa38-4377-b033-9f194e0667bf" = Chuzzle Deluxe
"WTA-c6f5b468-a99b-4543-b9ed-7781613acb99" = RollerCoaster Tycoon 3: Platinum
"WTA-df96d72f-6ea7-46ec-9466-9d3fc24c794f" = Jewel Match 3
"WTA-e3eb62fb-1f5f-429f-b4fa-207acd132570" = Cradle of Rome 2
"WTA-f85b4d05-60ec-46fd-83cc-ed1a3d4def70" = Farm Frenzy
"ZENcast Organizer" = ZENcast Organizer

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{C1C3E833-420E-4D78-9BA7-86AEBB272384}" = TopArcadeHits
"Amazon Kindle" = Amazon Kindle
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"MyFreeCodec" = MyFreeCodec
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 3/26/2013 1:22:19 PM | Computer Name = Mom- | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3437

Error - 3/26/2013 5:14:18 PM | Computer Name = Mom- | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/26/2013 5:14:18 PM | Computer Name = Mom- | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1078

Error - 3/26/2013 5:14:18 PM | Computer Name = Mom- | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1078

Error - 3/26/2013 5:14:20 PM | Computer Name = Mom- | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/26/2013 5:14:20 PM | Computer Name = Mom- | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2266

Error - 3/26/2013 5:14:20 PM | Computer Name = Mom- | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2266

Error - 3/26/2013 5:14:21 PM | Computer Name = Mom- | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 3/26/2013 5:14:21 PM | Computer Name = Mom- | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3391

Error - 3/26/2013 5:14:21 PM | Computer Name = Mom- | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3391

[ Hewlett-Packard Events ]
Error - 11/28/2012 9:05:36 AM | Computer Name = Mom- | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8091
Ram
Utilization: TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 11/28/2012 1:38:11 PM | Computer Name = Mom- | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8091
Ram
Utilization: 70 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 11/28/2012 2:38:23 PM | Computer Name = Mom- | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8091
Ram
Utilization: 70 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 11/28/2012 4:33:34 PM | Computer Name = Mom- | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8091
Ram
Utilization: TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 11/28/2012 4:47:17 PM | Computer Name = Mom- | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8091
Ram
Utilization: 80 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 6/4/2013 11:24:55 AM | Computer Name = Mom- | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8087
Ram
Utilization: 30 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 6/4/2013 11:25:16 AM | Computer Name = Mom- | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8087
Ram
Utilization: 30 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 6/4/2013 11:25:21 AM | Computer Name = Mom- | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8087
Ram
Utilization: 30 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 6/4/2013 4:32:42 PM | Computer Name = Mom- | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8087
Ram
Utilization: 40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 6/4/2013 8:56:51 PM | Computer Name = Mom- | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Utilities.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportFramework.Utilities Name: HPSF.exe Version: 07.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 8087
Ram
Utilization: TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


[ System Events ]
Error - 11/19/2012 10:38:59 AM | Computer Name = Mom- | Source = ipnathlp | ID = 31004
Description =

Error - 11/19/2012 11:36:03 AM | Computer Name = Mom- | Source = ipnathlp | ID = 31004
Description =

Error - 11/19/2012 4:33:36 PM | Computer Name = Mom- | Source = ipnathlp | ID = 31004
Description =

Error - 11/19/2012 7:13:04 PM | Computer Name = Mom- | Source = ipnathlp | ID = 31004
Description =

Error - 11/19/2012 8:08:04 PM | Computer Name = Mom- | Source = ipnathlp | ID = 31004
Description =

Error - 11/19/2012 9:55:35 PM | Computer Name = Mom- | Source = ipnathlp | ID = 31004
Description =

Error - 11/19/2012 9:55:35 PM | Computer Name = Mom- | Source = ipnathlp | ID = 31004
Description =

Error - 11/20/2012 11:19:28 AM | Computer Name = Mom- | Source = ipnathlp | ID = 31004
Description =

Error - 11/20/2012 1:58:36 PM | Computer Name = Mom- | Source = ipnathlp | ID = 31004
Description =

Error - 11/20/2012 1:58:39 PM | Computer Name = Mom- | Source = ipnathlp | ID = 31004
Description =


< End of report >
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Nsomniak

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

When they are complete let me have the two reports and let me know how things are running.

Gringo
  • 0

#3
Nsomniak

Nsomniak

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Thank you for your reply. Here is the results of the AdwCleaner:

# AdwCleaner v3.004 - Report created 21/09/2013 at 18:44:17
# Updated 15/09/2013 by Xplode
# Operating System : Windows 8 Pro (64 bits)
# Username : Mom - MOM-
# Running from : C:\Users\Mom\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Users\Mom\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Mom\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\rwngxfm0.default\jetpack
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\rwngxfm0.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\rwngxfm0.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16688

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v13.0.1 (en-US)

[ File : C:\Users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\rwngxfm0.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3305500&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPD8F47D78-4A96-45E2-BE4D-0A1BFC152567");

-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7620 octets] - [21/09/2013 18:42:25]
AdwCleaner[S0].txt - [6868 octets] - [21/09/2013 18:44:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6928 octets] ##########
  • 0

#4
Nsomniak

Nsomniak

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
This is the results of the next scan:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 8 Pro x64
Ran by Mom on Sat 09/21/2013 at 18:56:46.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2971913362-442856429-175217216-1001\Software\Wajam
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\firstsearch
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\firstsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4FB6EA43-A0BA-40D0-8BE2-474270EABD9F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{4FB6EA43-A0BA-40D0-8BE2-474270EABD9F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{4FB6EA43-A0BA-40D0-8BE2-474270EABD9F}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{4FB6EA43-A0BA-40D0-8BE2-474270EABD9F}



~~~ Files

Failed to delete: [File] C:\WINDOWS\Tasks\toparcadehits.job
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npmozcouponprinter.dll"



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\Users\Mom\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Folder] "C:\Users\Mom\AppData\Roaming\software informer"
Successfully deleted: [Folder] "C:\Users\Mom\appdata\local\big fish"
Successfully deleted: [Folder] "C:\Users\Mom\appdata\local\toparcadehits"
Failed to delete: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Users\Mom\AppData\Roaming\microsoft\windows\start menu\programs\toparcadehits"
Successfully deleted: [Folder] "C:\bigfishcache"
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{00174C62-23CD-4573-88A4-5BB68DACA15C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{00617EFD-5E2C-4389-974E-C6569B7BC478}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{006346B1-FC13-4300-B8C0-EDE025B1885D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{00AB51C6-EF29-4C23-98D8-952E59E8A564}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{00B6125A-A319-463B-A5D2-F8D9D3916812}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{00EEB5B8-9960-42FC-8B19-C26AA2668FEF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{01ABB01B-1848-4D5B-BE37-5FDEEA609EB3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{01FF9DAD-26D1-4EF5-B3D2-666876F36727}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0217EECD-DDDD-47C7-9FE1-8F312B649EE5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{028B9B94-58ED-4597-93EA-B71920B083F0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{03BD4363-D9FF-4B47-A8F0-3A7EB1BCF13B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{03DDE653-7E50-4A3A-BD5F-1543E867617A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{040D4F0D-EA10-421C-B3EA-C1C10879042E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{04BC559B-9511-4B79-A470-7C341D3D2AA8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0505126E-6B41-4149-B0DC-6748A760D758}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{050BCD67-BB25-491D-84B7-8A9EF4726E9A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{051DF4A3-75EA-4DAC-B8F0-6F9388D9C688}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0537FFEE-E98B-4B36-8D18-A2693D6D0184}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{05731654-31AC-4D29-8DE3-C5DD843DEE9C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{05AD4C96-6F3E-4FE7-B0A2-EA0F5C459BC5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{05EEC6A1-8139-44C4-B8B5-95A99A70A6FD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0608FD22-E378-4EB9-A99B-CC36CDFF46BA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{068AB588-7F15-4D4F-9666-D97EDB1C93AD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{068D94BD-0828-4CFF-8CA8-E574156422F8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{069663B2-438B-461E-9CA4-376BC545A436}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{069D06CB-4BFD-4B1E-B654-9268B4A4E75F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{06E58DBC-2A0F-44C4-A5C7-16981874B263}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{07234674-9D91-4FDD-8A57-985449FC9A3B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0731191B-F959-4FD7-871E-DD06F2012F0F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{076BD416-71BD-45A2-9038-F9D53DA154B5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{07A0A082-CC66-4BDE-9AAC-E5DD375E09BD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{082746FB-24BA-49F4-B578-04D1C228DB9B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0863B0BA-8A6C-4F9F-9711-706707EEAE4A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{08841F8E-1868-4EE0-B87B-8911697425C7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{08FD977D-B554-4283-A570-AD0DAB201DCD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{09C98170-B190-43A2-86AF-E600EC33280D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0A43B72A-827F-48F9-B8EB-C03CCC14E3A7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0AC1B7D6-2F98-4136-B2D0-E20DEFABA4B4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0ADEE37B-5224-439E-92CC-F937A27BD7E0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0B3E65B6-BB34-4392-A081-7B87DA3E06F8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0BA4195E-0878-49B8-81FC-B3E4A11A7687}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0C1D30F7-7CD5-4596-8CA5-D3F4585F277E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0CAEB33F-9B4F-43CD-A178-7673634E5E1A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0D65EF91-6925-4F25-B75F-EEDB197B0F2F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0D7FA0F7-41FC-4997-A836-26F43D417FFB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0DA35E73-9963-4FF9-BB1F-D77E57736B3B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0DC4B873-4DC3-452F-831F-AF14B11960E2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0DF51296-0A13-4727-BBC7-0A12D7D237C7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0E14BC63-CDE5-4490-A03D-6738FF7A53CD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0E405AF8-27FB-498F-93A3-DC8DFD1CBF44}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0E9EC3CB-5137-4B73-BAC3-3658C2AB34CB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0ED051DC-6F73-490A-8A60-99311E2D4D91}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0F136B27-940F-4136-8B28-D32A9ADA86F7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{0F403E3D-C073-425F-AA06-33034D67A840}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{103A4E56-EA4E-423B-950F-07774E632103}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1054CB9E-13BC-4D72-BEDF-1343E73079F7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1057C2E2-B530-4ABF-A669-8DFEE46645E4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{10EB22A5-C0A3-482B-8841-F15FA6A037B3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1130C2E6-F15F-425D-8AEB-B7FA48D1E0FC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1136E5DB-258E-40C7-9732-84DD232B3A40}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1147BEAD-EF24-48EE-997E-8A43B775D3CC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{115C8157-019F-4C12-B65A-436D6B59A0F4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1163F9BF-D49E-4FCC-AF27-F51E27A4093C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{11D3DA0D-C7CC-415F-A953-E780D2903411}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{138C6988-C379-43F3-A4D4-DD23FF9C6EC4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{139BB215-0F7A-49E7-B83C-119A07E3FC9D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{14288FE8-A535-4A76-B7F7-56A4A835C22C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{14530738-16E6-4AEE-B2E6-446E073BE471}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1470845F-B681-424E-83E3-E05F4AA26B56}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{14A08584-3EAD-45FE-B92F-D0520B4EB6DF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{14B748EC-F062-4BD9-A3D0-5C2141682795}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{14F02181-603D-4214-8A0B-ABF59FDBB9D0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{14F040DD-B781-4351-9CB3-170B93F3465E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{154296F5-F402-4450-A827-270D4CFFC177}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{156446B3-1DED-4C12-ABBA-84A1A37F50E5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1580CA79-3572-45D8-B192-0D0C6EB4C686}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1580EAE4-36F8-4953-A817-232B4D7411B8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{15B50E36-EAD5-4B89-A1D9-ECEE6A38DF21}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{16194745-789C-403D-A8CA-17F33A403B70}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{166408CB-EFFD-4016-BBC0-290F690064DB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{16D507F1-07DB-45D4-B835-0DF8D55B6874}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{16ECCB00-AA7C-4372-B703-1CE2EAC78FC1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{178218C0-0CB1-4603-AE76-132AFFB12742}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{179E8843-31B4-4C77-A560-DA7AA2495C5B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{17F0A8BC-FF42-4F73-999F-711CACEB8C3A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{17FCFAB8-282E-4810-BD32-25BFB514DC9C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1948AE7A-3D8F-4FD9-9C34-B8E753DD3E2F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{197A128A-FF4C-465B-B7E2-A26C94BD7C96}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{199C75D0-1BD0-42FA-B4FC-D67927EF1EC6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{19D92A73-FF1F-45C9-A69C-B1D6872B8357}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1A5F8671-EC8C-4375-AE2D-EAD5962E70B2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1B2D6318-96F0-48BE-A6AA-27930698A898}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1B63F791-359E-48F6-8053-CE647CF42115}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1BBFCA18-C685-45E1-A0C0-7694DF64C736}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1BF30AA4-6AFC-4D1A-8729-EEFC729F0F39}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1C21CB25-0CA5-4EED-A147-6F16A0E5E5D5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1C4C7C00-1C7F-4A5C-B0BD-23A450F8848D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1C7505E2-0CCD-4FA0-9344-FF53D5B95051}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1D4E4668-1BCF-4342-A9DF-9BFB3D73988D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1DFF17B8-D8AA-473A-A709-98180A27C2B2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1E170D81-D24D-4771-814D-1F7BC78E642D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1E8ED0C3-2510-4BE7-81C0-0E5C433C586D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1F4D7BAE-AB92-4B36-A017-5F0AFB4389C1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1F4F6C6E-4ABF-4845-A204-08BB399ACB6E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{1FA7C6BB-5C6E-4809-8786-0A10EA985DDB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{205E416B-C0E0-4DE6-8C0A-BD647151A166}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2093FFA5-9ECB-43C7-B880-48BCB39A4688}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{20A160EF-358B-4F75-A09E-3FA6820223FC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{20E08534-3C57-424D-B187-06033061C1A3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{210D8D2B-3EB4-47D6-B25F-A3E5AF710B23}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2122ED6F-4FFA-4185-9C28-15D8FBA37BDE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{21256D0A-8013-4F76-97D0-4F8044ED54F2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2143A1EC-C28E-482D-BFEF-8701ABBA2982}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{215D109F-80E5-48DA-AC22-DDC7BEF1063D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{217C5FC9-201C-4131-99F2-FD9BA32797FB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{21DB00ED-5B8D-4CC2-ABE1-1C8F0DE9CF00}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{21E47CBB-6264-4D26-B75E-93498BF89EDF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{223391C2-16F7-4A24-B8B8-6347AD8DC31D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{238EFE19-52E5-4F92-B4AB-9B811E546C8B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{256AB876-3214-470F-9CB0-AFBE13E743E2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{25816387-1627-479D-84A1-D8482BA8F9B6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{25E4E3BA-455C-48F2-99A4-882BE7015F80}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{26145B76-BF17-4920-901F-90FBF424B38F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2622C231-5416-42A7-B9AD-F0D57471D442}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{263D3A29-1256-41D1-AF93-7020D93BDCAD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{264BFE07-E1ED-43C2-B221-F5A673AD5329}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{268D782C-10D6-496E-AA79-1CD2B5CC8BA7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{268E6DB4-D80B-4780-B40B-DB798D5318B7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{26F1110E-49F5-4880-9DD8-65650AA6B665}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{26FCACF0-A03D-489A-A024-357E1BBCF046}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2713A9A8-3D93-4647-BFDA-A3407DB4D442}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2792DD10-32AB-4A6B-ABF2-368973B6903B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{27AD0001-5AA5-4D08-89CA-B64569940071}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{283BC3B8-32CC-46A7-8A8C-72CC39BE0483}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{28604914-56DB-4ADF-A77A-DBB2C9D29FB5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2862B696-0D99-40C4-A95F-B022772D9A11}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2875E169-FC14-4FD1-AC9A-E9B960560A57}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{288F4793-E1CA-42A4-9522-10A0991BD35C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{28C021A0-4B8C-4AC4-B50E-203852CF980B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2917012C-73F5-443F-A3F7-79B7821F6A85}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{291AE398-8633-4DAD-88C5-BBA567BA9AFD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2B2AF781-C779-4853-9C90-6BF3555761F3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2BF355F5-FEE3-4B88-BAB7-508F09FE0D5F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2C67FFB6-944F-441C-9831-6AC9162D4F4F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2CC381F2-ABFC-4879-A711-DFFF1992C572}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2D74BA6E-F293-4C59-B801-B6FFF941B975}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2D943500-1634-4F82-8C8E-A6F5FC0543C4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2DFB9F10-62F6-4669-AE06-D4D8D1CF38D3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2E3763B2-F6E5-440F-BF48-914B3C8E83D9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2E801EBA-E96D-4BCD-A7C7-ACBA4D05CF35}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2EE56660-BCE8-4A56-8056-7EDEE136A384}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2F3C13C4-E54D-4203-ABA6-8595ECF36472}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2FA8602A-51E8-4C8A-9E1C-E0EC91B73D29}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2FBCA22A-2CF2-4DCF-9317-321A6FA2A42F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{2FF83A34-BBDA-43A4-A31A-19A6CBE639F3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3053FD45-F331-4D8A-8B53-E54702EE319A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{30F1AAFC-44BB-47E5-97DD-2D8B14C98D58}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3108F75B-B641-4BA0-A3A4-93432DDD7A64}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{31604E9B-8ECB-4EA2-B77C-D1F8249BB6A2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{316DE0B8-9525-4212-BD79-83B28D12FA80}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{32CE162D-3D74-4178-B76C-1BA44E6BE399}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{32D63FCF-B275-45CC-8CA3-9FEAF3F29481}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{32F03AB2-B24C-4661-A1D8-C3E0518EBC19}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{33402ACF-8449-418B-B8F1-98AFC74D679C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3369F7CE-A3CE-4FC7-A976-64275288A091}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{34230125-484F-4013-86DF-2165880A9FE5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{342E58BC-6498-4937-83BB-A4EB4702A1EA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{344D8798-3DDA-4D16-9FC7-A080DFFFD0A5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{34FA899F-8A9B-4A48-A662-E3C3B7EA6D9E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{356CDFDE-3D1D-4E65-B4E9-EF0A42122600}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3574AFB5-988B-46A3-A3FF-58CC7E73F263}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{35D126C2-8809-4641-88F5-531F1EE6D878}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{35D14F52-4510-4B7E-80E3-319381EB4E6E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{368EFB25-4131-42D4-BD66-7096E856EF0A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{372293C5-AE97-495A-9D75-06E232151528}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{37D523B7-E298-4A3A-A0D2-21F4D00F74F6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{383DAF16-7576-4594-AF8A-08ECADFC8EA2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{388816A7-49C5-4FAB-9DF6-10CC065561F4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3917941F-4788-470F-B6C8-8CB831C8242F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{398DB628-352D-4689-8412-332622EAB9A2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3A5376A4-76E3-42D0-BE5E-704B80865A35}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3B1A3293-D59A-470A-972E-2799F6DA8463}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3B32E9B6-E87B-4E3E-B9AE-7B41F204845F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3B5B3F77-5BB3-4215-A329-21B9EFE83683}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3BF30784-8598-4B32-9762-B13F9CB879E6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3C33DF45-B3E8-4A31-993D-DC51A3F4E2A7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3C613684-25FA-49DB-9E43-D0466ADEAB71}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3C6DF85D-18D5-4571-8AC1-ACD27FFB94A0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3C9F384A-441D-4C93-8D8C-1FCAFC9C926B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3D209A57-7A16-4F53-9F92-B2798F1EFD59}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3E130D6D-B540-4D87-8CBD-2002B5ED08CA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3E51FC82-F65B-4371-8BBF-2AA40B30885A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3E5D5E81-793E-4BE4-AACF-36C3DA7FCD4E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3E6E9E35-B5DD-4023-AB33-0286A67280A5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3EED7B0F-743F-4FD3-BE4C-6B251616DAE6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{3F317A44-3FDE-4009-92D7-9E0B418DE5E9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{403CD2D4-72BB-4A53-AD74-B9F06DD6B25B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{40E8C154-5BB9-4C10-A134-3AC8B787BEE9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4121EB9D-AFBA-4FED-9F08-4CF9F57B94F0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{41B775B3-7261-49A9-8D8C-452DB909D7DF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{424FF464-194A-4B0D-8CDA-AFE10FB70F09}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{42B9BB98-AB5C-4942-968F-C15E34A537A9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{42CB7394-6FED-46C8-B889-4BC1F32045AA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4329C094-4F31-42FE-8167-9D4BBF17832D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{43E60CAF-9388-4D0D-8A97-53A018617B94}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{444399C0-F2C3-4508-B031-484A238465B9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{44453A40-32DE-44F3-81C6-B0C788DDBF05}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4461F5DB-C529-4C55-B32F-DC8D1A05BCA2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{44856E18-FA45-46C1-951F-60688E109C52}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{44D1E9BC-9F5D-4746-9BEF-62572EA844D1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{44EDF692-0F74-4564-83D6-0EE865D9F595}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{44F299B3-7875-4128-9640-0D3ABA81E4AA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{44FCC152-2327-401D-A5AB-21FBA5CD04EC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{453FC7E5-2E1F-4B7B-BEB1-1A4C92703F51}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{455846CA-0851-4116-8E07-0FD5060A3ECE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{45834846-72F2-4F18-84D1-D770DCD706EF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4586EE2D-4CF6-4777-A3F2-20F33FFB9A1B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{45FDC0B3-E4AA-4701-99A0-2C4FE1A2225B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{462B6244-C9B1-4422-9E33-D7C1754EF1B2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{462C155E-8884-42AA-8782-D4C09BF30161}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{46DAB796-6B30-43DE-91B0-8C926CA7465B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{476EB941-FE80-4A1A-A756-E7F5BCDEF07A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{477136F6-390B-43A0-A32C-228297A6506E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4822B835-AD67-4257-BCA4-A13AEAB49B23}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{491954A2-D48C-4531-8D64-8A50137DBAE2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{494A529D-6222-4840-996E-3A886FB61864}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{494B99AA-6730-41B6-B901-92F0F90BDE82}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4981FBBA-EB9F-4ECE-A57A-56EC048C3B46}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{49E094FD-FFE5-4683-B1B5-8509084B306D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4A505172-EB87-4B79-A296-625570B682D1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4A6D6056-B750-4D5C-BA28-C2CB52161393}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4A71EC09-0595-4E8D-871F-CB0A68C824DF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4A86A6F3-4D09-4DD4-B5B0-742D9A5BA637}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4AB56229-97B4-4F88-873A-2D47724D0324}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4B019CCA-6655-4E0D-B13A-ADE738BCAC5B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4B4D6BA6-A231-483C-92D9-DABC2A1C1AC8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4B9826D5-F1A6-4D90-BF9B-5D8A1CF999A9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4BD7BA84-E645-4AF9-8C80-A1D581C6C128}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4C0B5768-F995-4089-928F-A8455D86F3C6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4C3C7AFA-6BC9-46D6-9FF8-F5CE9CEA4CEA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4C49129D-7794-4A21-A5BF-F2C1F6C822B7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4C972361-1514-4441-A943-2633E5B01B90}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4C9A3FD3-AFA2-4631-A80B-984953D27A79}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4CB677A1-A77A-4B3B-9740-8235647952E0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4CCC2220-C564-42BD-A8F7-8A226AD15457}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4CD63257-70DD-4D21-BD1F-B5AE377AD3E4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4CFFCA9E-C263-4458-98C9-2B5252D6E918}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4D227A2B-B00D-44BD-B6EB-B2133D25423D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4D2E8FB3-7222-4748-A47F-48BAAA485527}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4D3BD14B-E746-4DBA-96CF-FE2D15903FE9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4D913ECF-631B-4AF5-A6DA-4C3CAD086B4C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4D988C1F-B03C-4C84-B704-1C8F29351916}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4DA3CFDC-56D2-488F-8E6A-B35298E06FE9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4DACF25C-1E0F-44C3-BDB7-7CDFF01DC13C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4E4475FF-1D45-4CFA-976F-4282E2CE4D33}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4E4477F5-693D-4C0D-B0DF-548EEE9CAE6E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4E4AEBF0-33A7-4317-95BD-0FB7BF808D71}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4E4C4111-1457-44E2-A298-63D5843B8285}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4E59ADA8-C921-4096-9E8E-48AFFAC67AC4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4EFC7AFE-F724-4B6C-8A50-2736657F7D5F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4F1D135D-7DF5-476D-8BCF-A350CEFDDA30}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4F332D5D-5631-4E9B-908D-071C2279331E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4F49E306-DEFA-480D-8E43-54B55E828CD8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4F6036FB-733D-4158-94EA-6825D75460F5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{4FE47C52-A95B-49F0-B61B-D06B9BB6D0C4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{50366E27-A2FB-4373-93AE-60FF5304CE47}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{50F2F447-E531-4D1D-AC55-FF9878693916}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{510F2FEE-AA78-4C61-B047-B0F788C2D7C4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{512CAB5C-C479-42D0-A36F-E6A7BC60BF51}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5165409A-8BB1-445D-A21D-569DE6520DC7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{51EA5718-AEF4-4DED-B400-64117BC5B3C8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{520D9C14-64E4-4B4A-9571-C0E312AF62D1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{52639888-6998-4B8C-AD74-6D0A9D2410B2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{527743DF-E889-441C-9513-6AE6E6696CA9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{53B420BE-CD11-48AA-8173-841A0123045C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{53F7AF1E-0A28-44C9-A5E2-56C5822D8613}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5402BF65-2EA4-46A9-9F77-4F91A962ECDE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{540B4CD5-F600-4F45-9638-E66E3252E8AE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5421BF63-262A-4B65-8E5B-95236F772DBF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{547E668A-0E91-4312-AC35-A9DC489F584E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{54BC38F7-C7B6-449A-B296-2416D7F8E488}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{55BF67D7-CEB1-44AE-9C44-41B64827F46D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{56742A57-C3DF-4D50-AA59-D0F4893CE118}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{57224D8C-6BAA-4D65-B876-18FC4EF38A4D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{572AD431-50F7-4842-85EA-336AB4ABDF20}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{577F7EF2-0FF4-41D7-963B-4B54AE7BC551}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{579D3DD2-47A6-400A-8425-E2D9265CD82A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{587ED333-FD77-41A2-82ED-82F77C5B4740}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{58D1C5B0-8D6D-497A-B07B-9DFE0BDAB3B9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{59049881-D0EC-4E67-AC69-D0938DAA2BD0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{59F32E03-C2AC-4D8C-A539-EDBBDB8E45A4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5A152A69-C783-4B64-9B8A-810E33A92597}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5A6A9AC3-ADFD-4A74-BE17-089900768FB9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5B46D9C8-00C3-431F-A433-C7C66C251C12}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5B53A0BD-CDEC-4462-9590-DE1ECF433119}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5BC6B687-E948-4FE4-9FCE-B523D33C4EBF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5C86BE2E-32B5-4DF6-89CD-B547F21C0B21}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5D20E81A-D4E5-4FFF-873E-B1A19E9D611D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5D88D2D9-76CA-4D58-87E1-CB1FC280CC34}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5DA9E7EF-441E-462F-B48B-FE188D22A835}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5DD1A20A-1CD9-45FA-B70F-6B7F8DFAA863}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5DD8D019-9144-47AC-9034-8F3900707775}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5E3000AB-9785-4A08-8E71-DE398C25831D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5E9C7121-FB8B-421B-B18D-E00C11D9D62E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5EC71D77-AF6A-4CFC-847D-F2DF179C510C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5EDDAEA5-F705-445C-B24A-A9443BF47A09}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5EE14BFD-3B71-47FE-9865-C46B323BF535}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{5F1EF4B1-C5E7-4E0C-8CE0-F6E610E73E12}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6041DF89-6870-4FB1-A573-0D9C79B8A6A9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{60D7CDB9-5553-4F9D-8955-D264B5565965}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6157371F-40C0-4087-8B24-2877E5F98B14}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6162F786-C5A9-4A7C-A021-75B2B29B2634}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{61A052FA-A901-4AE6-879C-5C717AF34142}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{622983B5-B663-4912-888E-4E0070436D89}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{623691A3-7D40-4B46-A02F-6C8AA3EBBA35}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{625F9777-67F3-4FF2-9AFA-A593D6AAC43A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{62A55E9D-F0BF-4CFE-BF22-F5955F9D98A3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{62A6B2C2-747E-4955-824D-965E6EC50AE3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{62D05EC5-2342-4344-8E99-04CB830F77BF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{63A11B8C-AF8F-4908-805D-47B39A56AFED}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{63B07283-6E29-46C3-A150-9F25D0A1F661}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{63B74AF9-6384-4F96-9095-74B5675D9A1B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{64BB92A1-F5DD-4F88-95CA-E648877CCEB8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{64C1683B-36C9-4B45-B3C2-A54F7950C436}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{65559E3E-2843-4C27-8B09-E8204ACA984F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{658A1C47-3E3C-43CF-A5E1-D946B4E54EA2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{65FC9B27-6928-44B1-9AC7-60AD467BC254}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{65FFE44E-91FF-4FCB-9BE9-EF520F5EDB71}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{660ADC33-B2D4-405E-B809-69CB48783C27}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{661E16E3-7C00-407D-A588-619032C557B0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{667E07B3-3953-49D3-8806-59AF031538B0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{66853EC4-18E9-43E1-B278-70D4ED874883}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{66AEB1A9-5707-4BF2-BC01-B9E03A6C9B46}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6795511C-17D3-4166-B513-2B58A6F589C6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{67C8F6B2-A958-4271-8D18-F787911709B6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{67EAE9C4-823F-4A18-8728-827071590038}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{690A7E71-D441-492C-AFE6-91418CACD3DA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6933254B-C027-4C78-8643-03EE7F6944E4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{693FC079-1B1C-4F4C-9600-6283DF776D11}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{69C5FC05-6B31-4DE6-B2E1-1ACB31986F0B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6B883F46-8BA5-4DF5-9CD0-12E87909E10B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6CE8B102-597F-4DB2-B645-6B99A27B5095}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6D809FF9-B0FC-426C-A0B4-D5859DA3AC40}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6D9B4AB9-941D-413F-9633-0DD9047D1242}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6DBEABC9-FD33-40A5-B36D-6611242DCB8E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6E5C6E1D-A9B5-461F-8D1E-C49BDB0304D4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6EDDB553-9585-468C-9C30-72B1CCCBB5FF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6F60D997-2B86-4D43-8F0A-EDFB0E9E8520}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6F698868-6CDA-4EC4-BD43-BD4F91116BD3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{6FE16D50-AF11-4068-9691-E470F47983AB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7151E4F3-79A7-4E1E-8F2C-5CC2F1B48B62}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{71760663-F395-47C0-882F-A23975636A5B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{71B52F54-D2F1-4FDA-A184-F1D97C86124F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{71F00A73-C935-4615-A499-810932CDD8C8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{71FC080F-6870-462A-A7CC-0A59587768DD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7270032B-5F83-4CE6-BAC6-96CAAF7E3D5E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{73C7C6FD-A133-4B9C-84E4-622F541BAB64}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{74593084-881C-4CC1-8D0B-9AB6565577BD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{75911705-D676-407D-8827-0AF8AF58425A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{75CB18A1-171C-458F-BEB4-F14904B94000}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{75F2D1C6-5E7B-45E9-B523-A94D873140A3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{76E9BE6C-7B5E-4D79-B5A7-F6900EF71311}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7713B536-CE02-4C81-B809-66424CCEFE71}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{775D0401-CD62-46A8-88EE-40C6AABE94B5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{776747C4-A5EE-43E9-A6BF-88E005F92AA7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{778BCC30-34EC-4122-AFA8-5111A0093F46}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{77C3D2E9-4E76-4AE8-8237-7DFBF10458B9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{78142D51-F0EC-4547-8ED5-3E0E98BBBAB9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7888EBF3-6130-41C4-A785-B2031AF2B331}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{789839B0-60E1-463F-80FD-F6B797673A08}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{789E2402-2311-4562-B3BC-BE52A3CBFBFC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{78B5A019-02BD-4C3F-A81D-554814469376}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{78D55116-AA06-4103-AC5F-576A0858D123}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{78F416AF-7189-494C-B3C8-1D6B031B5654}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{793A91C9-38D0-402A-9A14-8A952F96C19F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{79B7BCF2-7F3E-4D08-BBC6-E1E8CF685C50}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7A673634-ECCD-49D6-8765-B47F77E657B8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7AB39A35-0BF6-4B16-B38F-440E53F6166C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7ABF3FC6-E2DA-4EC2-8D8A-ECC8E78D8638}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7B219349-B304-415D-9565-29DF6D676675}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7B3B9725-E60D-4B58-9561-06C683D3A812}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7C9A0109-5981-4C44-8263-A84E762F1EA2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7C9F18F9-4C42-48C6-885B-7D56591D280F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7CE9D1A6-70B2-4CA4-927B-0BB1C9E556C2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7DCE2B0D-ED7A-4FC5-9A00-573202A4D022}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7DE23045-C984-47B2-9E64-941F270DF5BB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7E146982-AC90-4AAB-B081-1BDA202C06EB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7E473109-15A3-4525-8E84-FCAEEAC298D6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7E5AE492-ADB3-44E1-9863-23F2DFAD275A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7E60E0ED-4743-4532-A535-D9088FA88CC5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7E85710A-C4F6-4EDA-9399-52DBB72BC12A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7EA24EC9-8DA7-434B-985F-D118A278F9BC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7EAD6964-D3A1-42E2-9207-26D011AFA231}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7EC898D4-6775-434F-AB81-F79CFEAF9D7C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7EE35DCB-2145-41FB-A642-A500B256EAE9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7F33105B-1555-4508-97EF-9E9F5652A233}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7F370FA3-ED90-470D-98A6-8C7A581758A7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{7FC27226-4228-4310-91F0-721274D42C72}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8066AB48-81B5-43ED-9111-E2E5248C0A28}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8094BEB0-B20E-4C7A-80A9-09ECB6FC8D26}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{80B4D8C3-FA2E-4516-8F46-679DF96C6F7C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{80C4E632-93BF-4C84-85E5-EACB56AC9787}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{80EB83C7-C2B7-4F97-85A9-AADE817A696F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{815F999B-D442-42FF-8936-744978841CE3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8167DB87-E17E-4CF0-9737-44AF51C2802D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{81AD284C-BEB0-40D5-B505-A0648643BF3A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{81ECD9DC-AB23-405C-9767-840BE72719C4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{82006B8F-5B79-4B66-9F39-D9B0727F46DD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{82C14976-81CF-416A-AD22-038564AF8F55}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{830E2958-7B0F-4326-BC7F-B4DFFD2DA9DF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{83175581-17E2-44D3-BF23-B632EF50DFCC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{838DA76E-CED1-4AF7-BB85-20BF7CC890CB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8404DC10-2BFF-4A16-8E42-1C4DFB4EA7F9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{840B7411-5231-4A0A-8658-2C01376F32D0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8432D5B3-F6E7-468B-8F9C-36B604C205D8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{84E59B37-BEA0-45C9-B6F6-BDB284FEBF05}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{84EE21A3-F2B3-4118-B024-23B73BE6D1B8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{859BE87C-8E18-4F96-82F3-1FB77D27C571}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{85CF6F3E-6FE1-468B-9E2F-8B25D38EDA2D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{861A546D-C199-4A9E-A7B4-586288C20350}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{86F021B4-FDB7-4A8E-B455-D3C3F2B49418}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{872D3A20-3B88-4CEB-9A5B-5AA97551B57B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{875B3F0F-C343-44EA-B08B-20227BF5CE4D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8761BF30-F6B4-48D1-A30F-FB9656636E59}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{877B1D17-4FBE-478C-A756-185576CB9F71}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{878947D9-60BA-451F-8167-4BE0F13438A7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{888D6807-4DE8-4823-8F9B-24EAE47B7490}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{88C27D2D-8161-47D3-82B9-8400259D7522}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{893D83FC-3F35-4494-8FB9-52B2B2687957}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{898A0646-5ABA-482D-9FA9-37557BB14C59}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{89B2CD59-EA01-4EF8-9E56-B74EB952E0FD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{89C1D6AF-1264-4BFD-A11A-E0B8678693A5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{89CA9C90-4F9D-42A0-B90E-89F84D0C74B0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{89EADD5D-82B5-4F29-973F-040E098F84F0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8A03E719-8AF5-40B6-9291-2E0E0C5FD442}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8A1091FE-F31D-49AA-8A69-79137A666F35}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8A525C4E-5F9B-4873-8092-93FBA6102D93}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8ABBE521-7739-446C-BF4F-84540520F93C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8B5FD3FF-3F88-4498-9D9D-F23F33CAB1C6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8C48F3C3-D655-4684-8300-1965523D627B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8C94ED84-BA6B-4827-88B5-D1BF890C3516}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8C98B6BD-5C67-4199-AF8B-58DB5F6E78CE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8CB83B8E-3254-4F3D-A425-235E86ECBFC4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8CD90AB9-4E3E-40A2-A44C-DEB7D4B103FC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8D326DF9-D3CA-4752-A199-3D352C0C2079}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8D61DE98-3B80-4375-9112-B96456F036C1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8D97DE25-295F-438A-91CE-C3BCD039FD2F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8DC30D98-D029-47A5-A624-2691BF6447FF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8DD0DBEE-ACAA-43AD-ACA6-5B8136987410}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8E1C79E3-4D5F-46B0-B91C-2EA642C90CA2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8E61F86B-4F80-4525-BE83-0B7332353930}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8EFBB1A5-3B7B-4BBF-8165-F4810998E5DD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8F0EC01B-214D-4366-BE12-2F21F7AD28DA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8F35BDB0-9D31-4DEB-BDDE-38C0F7931549}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8F39B02D-8CAC-4DFE-A077-5C7BFC9701D4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{8FDADB94-98AA-47B4-96AD-3F447EDADDE8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{90004EA0-E2A8-4B9E-B199-92B0CB92F5AE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{908AEA39-87D6-4551-ABCB-2198CDE50EE0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{90A74BAA-D5EE-45E4-BACB-79CAB8F60016}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{91402E25-176C-478E-BC18-300DA983817B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{91FA6AC0-EE1D-40BA-959D-B8B2FCDCEC1F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{92050DA5-FAEE-4EC3-B451-B147B15F2F31}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{92639380-3A4C-4899-946C-0D3F55193D8E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9355AB08-24A8-4FE6-B645-DA96D2AEC45D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{935A8339-5E98-40B7-96BC-AD9F3C529779}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{938B78B3-C918-4D39-8A9B-CE682B4E609B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{93CCFB8B-4A8E-45B9-BE79-8171721B3467}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{93CDED37-3DB5-4B2B-B0E0-803FFB26B512}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{949AC340-152E-4DA9-B410-C8541214145C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{958F7791-A3D7-426E-A8AB-4D9E863EF9F0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{960C0C29-60D4-4FD8-80C0-05F4BE5467A1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9681D0F7-2178-483C-B98D-2015E7FDBE79}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{981C1AB7-FCB2-4B25-8B37-79B18BEFA83B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{98D6D06D-2C2A-4B9F-AD4D-5F606ABD034E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{98F6D778-9F0D-473C-9B71-3420E82735C4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{99103641-E689-4B56-B847-73B1F9DD4CEE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9928F0B5-9211-48E9-AE1B-A88C0F285245}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{99A86C94-2822-4029-98F4-6E63D0EC9DDA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{99C00E15-BD52-48C9-A419-DE1963E838CC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{99C58BA0-0C65-422B-8432-4FA96F0E942B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9A032CF5-ABF4-4870-AD24-422E94CE65C1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9A8B4027-DF3F-4FCE-8BD2-983E811C70DD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9AAA7B54-971F-4D1D-96C9-9E17C9690CA2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9BD9F1BD-CE79-4B30-9165-B3E7F6586937}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9BE74A0E-2146-4950-ADFF-D7B3F2E5FB65}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9C6D6E1E-BBF3-4D77-A109-B2AE4D18F8B4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9CDFD82E-7739-4BB4-ACA9-1556E10319CC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9CEAD965-8B04-4DAE-893F-A20D181C3307}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9D150E91-297F-4078-9DFF-345DFEAE7853}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9D541034-05DF-4383-BD21-D7E0058DD845}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9DE71055-6BC0-487B-AE39-599334374CAE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9E417099-BF1E-4EEF-852E-C08C1956C89C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9E643BBC-B4E8-4A33-AB57-F6CBF29A681D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9E9C6138-64EF-462A-98E2-3620A995894A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9EA8E60D-4814-4DD2-A24E-2FED42DA39CF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9F5216E2-BAB9-4219-8522-3CAB91FDBE9C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9FA0CB5B-9C5C-44A0-87CC-5B3B9B9B44CC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9FC73DCE-DF6E-4951-8B56-0709A80128CD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9FCB2183-0C5D-406E-924B-9920C8DF7F95}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{9FCCB55A-1F10-4451-8138-B812EEA09C31}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A0058225-C47F-4108-8781-67018E5A8152}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A0063721-FB6D-4272-B3EA-E4366555CE9F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A00F7606-34E8-435B-83F2-B7B6439864C4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A0F850E9-00AE-4903-9924-A7CB50933543}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A1D850A8-8445-4C48-965C-A4BEC7B103D5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A21DBA70-9CE3-41B9-AED4-242538F36B0C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A2423C9B-745D-4442-80FC-F42D66BBC9B6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A2513278-6DE5-4995-8F89-D961C797A209}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A2643103-BDF5-45AF-86C4-93961727D8AC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A271B803-97AD-4965-AF9D-F88090A4FD20}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A2C3390E-A20F-4668-B67B-9F9679DF9F98}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A2EBCE56-0A52-46C1-93DC-04DA7962847B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A30DD1A8-D926-4DD2-BE3D-F2FCC6929FD4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A39437E3-7075-400A-B8F9-A5745B5DCE83}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A3A6F411-2568-410F-B1C1-C26B16F8E5B0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A5DA57A3-85D4-4346-BB3C-D12BFD69712D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A7314CD2-102F-49D1-9937-9B7A6FE464A2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A7465830-97DB-46D5-851F-EA3A330447EB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A754215E-F757-4814-8339-BBEAEAE17422}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A78F5BAE-F2E3-4698-8625-74E65D627784}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A799A938-CD96-44E3-AFAB-A43E2EFD3CDF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A8022ECE-8A4C-4562-876A-3F4CF8360C01}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A8164772-6CC3-4A80-A177-3B2B78AEA37B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A8352A30-0778-4547-9B24-6FE1C1B2272A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A8414A2C-449E-4271-9C9C-5E64546628E4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A8741924-C5C5-4D2A-9B30-F52F304CB45F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A8941422-42BF-4616-A2AC-B1F4D7EB042C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A938890C-D6A3-4AE4-B997-AEC902F1EFED}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{A99A9B23-EEA2-4024-8C66-C9B61D6BF8B8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AA317C8E-D990-455C-A5C3-806216CB813E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AA455306-191E-4114-BDD9-602F1D923746}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AAE56095-7C21-4EA7-ADFF-F9945301EDA7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AB5279CA-C108-43B7-A701-E0C9C7E30D3E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AB611C5B-E333-4A93-B781-3761026D4738}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AB98DBA7-888A-4E80-B242-654E96A04BA5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{ABED4266-D584-4356-82B5-C6E7998E74AE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AC1E5B24-AC16-4C08-8EB2-289DDF28AE7A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AC4F4FD1-455C-49BC-949D-FA9184638303}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{ADF4884B-E122-4C3C-A77D-C9B666146172}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AED792B2-1D5A-40C2-9733-AC2D5F4E016E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AF52AB4E-1DA3-403A-86B4-C702CE447333}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{AFBEFD5B-F7B9-4280-B92D-89A09B225611}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B0129C25-0223-4495-B980-1849F127F5CF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B03BC6D8-83BC-439C-803C-BE004CF43260}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B06AC402-B02F-480E-9117-19B1EB0A6A1F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B0B11BF6-E368-440B-8038-4C643F68F6F4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B10C1D31-078F-46AA-B478-FCEFE811B0B9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B139BBDE-9BFF-4A2E-9570-488BDF12063B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B154C439-0710-4CB7-B5A9-25979CF93263}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B1645329-9092-4A25-B591-3A66C005800F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B1975AF0-EF38-4DAE-9AF4-9D3160C0D0EA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B1C04B13-1DF8-458D-86A9-6DB06C74D8ED}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B23AB7C8-0FC1-4A80-9804-3EBFD7FE0087}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B2D9AC87-E3FE-47B6-947B-5656614A40A7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B2E54215-EA0D-45C3-9B17-9B30E94AB1EF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B34707DC-B584-453A-B886-9B75FEFF4462}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B3EB7D74-AE3D-469F-9D4B-BBDB1F74ACA1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B3F3810D-876C-4267-A219-635284290074}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B4050F3F-F3C6-4794-942C-9033E2A594E0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B428C037-AB1C-4AAA-BEDA-B4138C5ED443}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B45FAF60-2628-4CA2-9B6A-26E6B8668B19}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B50BF3EB-49A7-45D3-918E-F6997F9F348B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B58772E6-C6F3-45F3-8F61-E98C542147B9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B5A23190-53F2-4658-86E3-3A30DF8AEAB6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B5C99143-F81F-4F65-B3E9-18E2D18FEF4A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B5DE7053-188D-470E-AAE9-C7EA62AF1ADC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B5E21A4B-5F7E-4BB9-9FC2-CC8CFC8F6F8A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B6198AB1-0D23-4EAC-B3EC-F0D8346D8397}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B6901F43-65F7-4F88-A2DE-82F908FD259A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B6C779FE-6454-4D62-A325-DEC0A1315FC3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B6E2F948-37C7-4987-BB0B-0BB255FC7050}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B76CC85D-1CDC-4CAA-B69C-DB53E309F3F1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B77399F6-3770-490C-8738-2AEDE1E9AE41}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B789B0E8-A594-4524-9C48-52A25BCC3CD6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B849ED49-5596-4BC0-A33D-5DB93E15A66A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B8857A0B-6E5C-46CF-B383-9CF365549A34}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B8BECDC6-6D83-4C68-BC8E-08ED30703EFA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B91AF78A-B99F-4403-9AC2-48A285A93B79}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B92D47D1-919E-4662-83BE-944EA659E629}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B9508B1A-ABD4-47A0-AAE8-D16EA2628353}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{B9ACC0F2-36A9-4D71-97F0-585B13F4377B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BA382DF7-E579-4304-BE30-163C9C36B71E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BAA42974-F31B-428D-9C49-57AC6C28F2AC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BABD57F0-7F16-4E24-862E-E9E763F7EC87}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BB508B6B-D65B-47BF-8511-C7D4FC6048A3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BC5F7609-2812-4856-BC30-36CEFBD5910D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BCAD9FA7-BF36-4E8E-B974-10348A9725A8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BD3E61BF-B75E-4623-A71B-55D74A1A4833}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BD763716-D0BC-43AC-AB8F-6305366F3776}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BDCA710C-E709-4284-A4A0-C2DF77436119}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BE184765-BDB8-488E-99B1-83EB2E67AEF1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BF919B68-BD28-45C3-ABB6-204D4E2BFE78}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BFCBDCB6-8306-4306-B76A-D6F579CB3B2A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BFE57BF4-EB51-4AB7-B7C2-7B49474A6959}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{BFEC14CE-ADE5-40E9-A05C-A84BF23967B6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C02C33AF-2C03-4CDD-95C5-5ABEFB8731AE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C0779035-256D-43D8-B1FC-59F9DBAD9784}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C13C45E4-5E6F-4B9A-8063-4CD164F7DB81}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C19A84B3-7663-43EB-9B8A-0BEAA5CE8695}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C19B169E-8275-41A8-B839-B6BD98584E36}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C19B2888-4F34-4C18-AF1E-7EF62A9168A2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C24DF273-5C5B-4C55-AE27-1AB83F74B227}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C2771682-2015-4D28-90F0-36481027AD4E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C317AB33-B582-40BA-B03E-360002A5C750}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C3272F08-FAB3-4EEB-9BBC-6E5E235C9E73}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C35529C7-8E1F-4279-9EAE-B04D60EE5A4E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C3649250-A227-44BD-B1FD-06B1F7DF8812}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C46B9537-6ABD-4B8B-841D-BDD174DDD356}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C4CBCD67-BBF2-4214-932D-14D19E0EF7C9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C4FD9B5D-C5A1-4BCC-98A0-B6665349159D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C546B675-7890-4B21-935B-B3C7882E0288}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C57E830C-CB90-4464-B7E9-F8FE7DD0C4DD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C5EDFFDC-8D09-4125-928F-261DD2087B18}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C6346A4C-0CC8-444F-B77A-88EF92171F9E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C6444A1C-FA22-4B3C-A1F0-B736F4C8871D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C6767F52-BA5C-4C98-A8DE-C651BF7BBE20}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C6AFEEFF-2D91-4937-A677-25B9038512CE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C6CB65E2-DB30-45E4-8776-0F96C59FD4BA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C72A7746-5EA5-478B-8DF0-647B0EDBEAC1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C79860D5-A816-4FC5-8BE3-28283BD1D4C5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C7A26BC9-A985-47F7-8E1D-F1F94D8DA893}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C7E86B42-7E86-4F72-968A-31A187172215}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C825C685-821C-4100-85F8-F6BBF30F8F2F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C895EE99-8A2F-40AD-8D20-0F176F3A07CD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C92CFFF0-FE7E-400B-AF25-43433431FADF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C9302E02-2BBE-48E4-8DD0-F6000C870702}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C973BFC2-E3B4-4982-B2A0-610E05835616}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C98F5809-9119-4AE1-9F43-5A70FBFC298C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{C99A9429-28FD-4E77-B085-DCA65E7974F1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CA4F68A3-9868-43CC-8D23-991C6A1F29D0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CA651584-38D9-4505-8DFD-4C986B66FFB7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CA708CFF-3E7D-4275-B038-DC91EAFE6E74}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CA78D66C-BD3A-41C9-8615-CBEABFC94EB0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CA9E9A87-E214-44E2-A65C-30573221BC17}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CAF91DA1-83AE-4B0D-ABF1-25167972C296}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CB52A25B-CE1C-4344-89E5-B208C5ECE5E7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CB778C0E-2363-4E91-9053-C7503E68B01A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CB97CA1D-C47B-47D3-8733-136ECEB406F7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CC829300-F829-4945-97EA-3257B61AB3AF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CC9E44DB-5EF4-4B61-8C93-58B6A26C546F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CCA551F4-9B0D-4191-9F7E-221631DE253F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CCC891DB-BAD5-4157-BCF2-C5E2B44140FE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CD4B91C5-D57E-459E-B538-6D4EB9E4FE81}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CDBB4B90-2696-465D-8F44-EE72C3A3F8B5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CE2C48A4-8013-43D7-BC3C-676C77FD470C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CEE5AFF1-BBC7-41E0-BFA7-533E23441CCA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CF7AE535-683B-4C9E-86D2-BBFA04F0242E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{CFD66B0A-3B79-40B4-8A14-3A841670FE9A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D00BB4C9-F31E-422F-AA08-8039A8234A1B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D05FC471-2175-47BB-A23B-EE4E30DA4766}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D0A3F45A-550B-483D-B78A-8ACA9923731C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D12A0573-0BA0-4D88-AE69-318CABE0FEBB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D156751F-27A3-4476-A327-20BDDFDF47B7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D1BEA4EC-2246-48AC-9194-6E47F0318D4A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D1E76EDF-480C-4CB0-BEAA-2C5B98526DEB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D1F247CC-4AA9-4443-B1CE-B5B386F28B7E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D27D094A-01BD-466F-BF7F-B2E9CB95DB09}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D28EF447-27DB-4510-97B8-1C357D7D6DC1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D2D72676-41B7-4455-B9F1-4F20ABE1658E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D33C2CF7-28B9-49D0-A033-4137D5F2EAAE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D341A2D1-5C00-4803-9727-1593B8885E82}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D34CF328-5BD8-4410-A31B-B3AF91BB0873}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D3E57476-A71D-4B40-AED3-CEABFF804BAD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D430A4BC-145C-43B3-B7C3-0BFB30C0E199}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D4416DF0-0109-4780-B930-2AF674BABE01}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D445805A-A217-4650-A002-6733CF3936F6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D47AF487-2D04-4E32-B9D4-79F20EF28514}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D481F0DE-0201-4419-A74F-BC8B6F81B8A9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D4C76173-563D-4497-82A1-148B7E09949B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D5024FF9-2F8A-4900-A211-C43CB27596B9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D52F87F6-88B2-4E2F-91DA-606780AA8B2B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D546E3B0-C18E-4099-AF1C-B959787D0745}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D58060B6-2BC1-4863-B45D-A8CAA1524AB2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D581A83F-39ED-4B6D-A2AA-701571EF3F5B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D5DE480B-34FD-4DCC-BCCE-589A0593821E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D61EE99F-5A27-4680-B287-DA530B1A5383}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D6254AB7-1646-4844-8537-85EE68C1106D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D6EED7D4-4AD6-4AE6-92B9-33D6D4902BA2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D76D9A54-FBDA-4F7B-A2F3-50347FF5D3D5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D79A1129-0516-4365-8B3C-08601F9579AA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D8B58C17-0343-4BB6-AB92-D2A670D4B878}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D97AD21D-61F7-4500-8E81-9DF8CCE5D9D6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{D9D751F7-5EEC-4F1D-A4F7-197FC2407389}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DA1635B1-29F8-4E9F-B620-5E08BD35F188}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DA9A2288-DE8E-4D54-8060-FE021EB4F4BF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DACFD007-503A-4275-AFDA-036B27F24819}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DB8A180E-725D-4ACD-A6CE-CC2E366A48E5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DBFB7658-3F75-44F8-8635-ABCF9046BC2D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DC0F180F-1BEC-4B4D-A55A-8A35E7969B3F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DC5D73C8-CD8D-404A-917A-377BD5589C24}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DC79B470-A233-41BF-B512-6B807C1DBF8A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DCFA9AC6-2963-49EF-9E06-B4E26ABD1EA2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DD56D4CC-358D-4962-A147-C1188B717E95}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DD73C46D-C420-4783-BBBE-6D680A33768C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DE1843AE-976C-4F49-B20C-B5060A99F76D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DEA2EA26-F3DC-4DAD-85F3-99C072D87AE2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{DF188901-8E53-4293-A747-D5164CB8CAAE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E0920539-EDBD-443F-AC60-AF01E312CB39}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E12EEC44-5A15-48A0-83FA-B224BBDCD42B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E13B9F84-EF5C-450C-883E-3A12B1D66F97}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E17FD146-148C-4ADA-87A9-6425D1C72682}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E1E395AC-598B-441F-87FB-99957F417205}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E21DEF93-52F8-47B0-99CA-B99865CAEF84}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E28C3D44-7B32-42DD-8B54-30B77EE298CE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E36C3A16-D713-4DA1-9FA1-303BCF1FE897}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E42D6B39-5421-4E85-819D-BB2B7AE1A02A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E466C7DE-F270-4117-B7BF-7ADC26FD05C2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E507AA82-DD17-42D4-B6EF-DFC71247CB29}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E5385E61-5F88-428B-945D-324F034893EF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E544578D-51FB-47AC-83EF-321F85AEE1DD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E54F073E-E089-4D32-839E-533FED8CD8BA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E566A621-00F2-40BE-8E54-0663EF08801D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E5AC3F19-93DB-4088-8011-6E372310DEE8}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E5EF2753-9361-4583-8DED-367BDAA849D5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E6053FA4-5A86-4BEC-9B30-947BE68363A1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E6A6BC19-F498-44B9-93AD-4DC924DD03F5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E6B28EFF-4815-45E7-8D37-B3D5BAC1A3DD}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E6E56F29-8355-43D5-8A84-670E4F4D47C9}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E7CD6CDB-B4D5-4125-B19F-A747D8953CA7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E8624E89-6D79-435B-BA90-A380D79B9548}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E8F2DC11-43F4-4090-A9F3-E2E211E12FC4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E935B1B6-7341-47DD-BFEC-DAEE71108A88}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E992ECCF-C667-4E1E-9A7B-F94D2951A7BF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E9DDA4C3-006D-4A0A-9D64-BF002672486B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E9EF2BC8-06C3-4153-BDAD-54639A2B641D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{E9FA35AA-AE66-4E9D-AB8E-55FD62986879}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EA1B5FDC-DAB6-44F6-ABBD-CD2268AA0A89}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EABE33C2-CA48-4F0F-83CC-946A0EDCC49B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EAC0E04C-5826-4E1D-B298-F46EC53F6968}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EACC4D74-8BE4-4A7F-9C1A-9EE0464F64DB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EADD6846-E9E7-4ABB-9C10-0ED7602AF4DC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EB1A6BF4-21EF-40C2-AE10-53138642042B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EB4B8890-7DF4-46A4-8508-1A4C8D79E555}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EB954D8E-C2D1-44CC-9CEC-BF52F2C98685}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EBA6B23F-D543-4957-A2F9-4F84D165C0BB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EBE4339A-27AA-4FBA-94D4-359AA42A09A3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EBF897BA-8514-4687-96DB-74713931A175}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EC3A047C-09E6-4494-A5AD-CDD050D30A5D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{ECC2C67A-33BC-4B85-B84F-B61ADB3FC2AC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{ED2C9BBA-BDE9-4774-AA7C-CCA1D4955C1E}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{ED2FD27F-2CA1-4E23-AB8C-80090E72E6AF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{ED5E4A75-FCED-4364-B227-C3BE516B25EB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{ED707A73-D596-4D59-B61E-B8B9C26C0B57}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EDCFEDFA-3767-4B72-B944-49B7D5E6115C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EE10CAE9-2545-43C2-8A44-F6A0F830037B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EE44639E-A541-440F-AABA-AFC311CCA925}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EE7566A5-7509-4C5B-92C5-F7093037B659}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EE8B17DC-8657-4831-8390-59068B6E34B3}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EEC9DFD6-2BCD-44EF-8A15-AE4013DA217B}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{EEEB18D5-1730-44BF-B6AE-29E9E67A8828}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F06B9719-123F-47BB-BCC5-884B70910567}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F0A72957-B55E-4229-992F-93C38D3FFF7F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F0B98643-581E-437B-AF45-881252617236}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F0FC9679-1240-472E-8183-8F6EAE036D63}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F10AF57F-003F-4699-AF09-97383DDBD1BB}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F10B8365-C342-493A-A19C-38985693C6DF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F17204A7-72C8-4E30-96FC-EF030C3A3C6A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F1FA3ADE-D495-4A09-AF1B-314C1A666A1C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F2753F11-1205-42DB-A285-CBE443061F3F}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F2A2F45F-AECE-47D1-A88A-DB5C7A3B8A7D}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F2EA1DE3-2520-4AD7-849C-D8EF38B7AA8C}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F3090DAA-2DB0-4EA9-A863-DF2F676A3BF4}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F31A9556-C9E6-4489-8BAC-B38693930BDF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F4277EDB-CB80-4FFD-A0AC-4A68B968A6DC}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F441200C-C22A-40EB-979F-BD03674A59F7}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F47B30A7-F1D4-4D1C-A3AE-77C01F86458A}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F4C1E735-CA39-4CA8-9CB5-01C8FA72BBA2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F4CEB3E0-1EEE-47BC-970F-94AF86EAD261}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F5B130C2-0379-493F-A882-2EDB04E77382}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F6A63C3E-52B7-4FC8-B0AF-2B0917046A22}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F6FDCBDE-6106-4C12-97B6-05799684DB18}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F726CE29-0829-408E-8A67-07D1E9536B89}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F77A02E0-30B9-409A-A40F-1C9C144A3C74}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F79018F1-1A19-4C1A-9B4B-E3304854E406}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F7BEB8B5-5380-4F10-A2B4-52B9917FEFE5}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F858309C-3FC2-4C22-B655-A2AAE1E9FEA6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F8A506FC-E843-4326-8A4F-03E7167569FE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{F9BF6FD7-2C0E-4829-AC60-954F350E54CA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FA1C0ACC-65EF-4ADD-B4DB-553A66483431}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FA2654D8-65F7-49EA-90B8-72CD005D25F1}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FB5FFB7C-72F4-458C-BBC7-B0BBB13D1914}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FB73D651-5673-446B-8B13-4C2E9E0E48C2}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FB854795-83CE-4E7B-8087-52A0467CD8C6}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FBEE9715-A91C-49EF-8865-FCA7D73655A0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FC2FB8D2-B778-4478-909A-7C7DD705A1CF}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FCE2E818-4C97-4DDA-8100-E9E2C0024931}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FE10CD8E-4BE4-4875-AB65-C2EC8D2DB1F0}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FE258BC8-7517-48E8-B2EC-F3757000B317}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FE2BA731-6FC0-4306-B715-BC9A818D0317}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FF2BFD6B-97C8-4466-AAD2-19C3D715D7DA}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FF393445-64D8-4007-B91B-EEE9F88AB350}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FF3B81ED-B29B-4FAC-9F8A-4FA1D9E46DAE}
Successfully deleted: [Empty Folder] C:\Users\Mom\appdata\local\{FF6ECE17-F620-4E2A-B78C-E1B7413A1F53}



~~~ FireFox

Successfully deleted: [File] C:\Users\Mom\AppData\Roaming\mozilla\firefox\profiles\rwngxfm0.default\extensions\[email protected]
Emptied folder: C:\Users\Mom\AppData\Roaming\mozilla\firefox\profiles\rwngxfm0.default\minidumps [8 files]



~~~ Chrome

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy]
Successfully deleted: [Folder] C:\Users\Mom\appdata\local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 09/21/2013 at 19:01:45.42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#5
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Nsomniak

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#6
Nsomniak

Nsomniak

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
So far, so good. I am not seeing any signs of the malware. The only problem I had with the Combofix was that it detect that Norton was still running although I disabled it. This is the results.


ComboFix 13-09-19.01 - Mom 09/21/2013 21:21:52.1.8 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.8087.6124 [GMT -4:00]
Running from: c:\users\Mom\Desktop\ComboFix.exe
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Roaming
c:\users\Mom\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Mom\AppData\Roaming\Local
c:\users\Mom\AppData\Roaming\Local\Microsoft\Office Labs\CommunityClips\Video\ScreenCast1.wmv
c:\windows\Tasks\TopArcadeHits.job
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-08-22 to 2013-09-22 )))))))))))))))))))))))))))))))
.
.
2013-09-22 01:29 . 2013-09-22 01:29 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-22 01:29 . 2013-09-22 01:29 -------- d-----w- c:\users\Mom\AppData\Local\temp
2013-09-22 01:29 . 2013-09-22 01:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-21 22:56 . 2013-09-21 22:56 -------- d-----w- c:\windows\ERUNT
2013-09-21 22:41 . 2013-09-21 22:44 -------- d-----w- C:\AdwCleaner
2013-09-20 21:06 . 2013-09-20 21:06 -------- d-----w- c:\program files\iPod
2013-09-20 21:06 . 2013-09-20 21:06 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-20 21:06 . 2013-09-20 21:06 -------- d-----w- c:\program files\iTunes
2013-09-20 21:06 . 2013-09-20 21:06 -------- d-----w- c:\program files (x86)\iTunes
2013-09-20 01:08 . 2013-09-20 01:08 -------- d-----w- c:\programdata\RosettaStoneLtdServices
2013-09-20 01:08 . 2013-09-20 01:08 -------- d-----w- c:\program files (x86)\RosettaStoneLtdServices
2013-09-19 18:38 . 2013-09-19 18:38 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-09-19 18:38 . 2013-09-20 03:41 -------- d-----w- c:\users\Mom\AppData\Roaming\DAEMON Tools Lite
2013-09-19 18:38 . 2013-09-19 18:38 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-09-19 18:37 . 2013-09-19 23:40 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-09-19 03:17 . 2013-09-19 03:17 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2013-09-19 03:09 . 2013-09-20 00:43 -------- d-----w- c:\programdata\Rosetta Stone
2013-09-19 03:09 . 2013-09-19 03:09 -------- d-----w- c:\programdata\Rosetta Stone Backups
2013-09-19 03:08 . 2013-09-20 01:08 -------- d-----w- c:\program files (x86)\Rosetta Stone
2013-09-19 03:08 . 2013-09-20 00:43 -------- d-----w- c:\programdata\FLEXnet
2013-09-14 18:27 . 2013-09-14 18:27 -------- d-----w- C:\GOG Games
2013-09-14 17:58 . 2013-09-14 17:59 -------- d-----w- c:\users\Mom\AppData\Roaming\vlc
2013-09-12 15:44 . 2013-09-20 03:53 -------- d-----w- c:\program files (x86)\Free PDF Solutions
2013-09-12 15:43 . 2013-09-12 15:43 -------- d--h--w- c:\programdata\Common Files
2013-09-12 15:42 . 2013-09-14 17:42 -------- d-----w- c:\users\Mom\AppData\Local\WebPlayer
2013-09-11 14:10 . 2013-08-03 04:30 4038144 ----a-w- c:\windows\system32\win32k.sys
2013-09-11 14:10 . 2013-08-07 05:15 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-09-10 14:43 . 2013-09-10 14:43 -------- d-----w- c:\program files (x86)\Cisco
2013-09-10 14:43 . 2013-09-10 14:43 -------- d-----w- c:\programdata\Intel.sav
2013-09-10 14:41 . 2013-09-10 14:41 -------- d-----w- c:\programdata\Package Cache
2013-09-08 19:52 . 2013-09-08 20:37 -------- d-----w- c:\users\Mom\AppData\Local\gtk-2.0
2013-09-08 19:52 . 2013-09-08 19:52 -------- d-----w- c:\users\Mom\.thumbnails
2013-09-08 19:47 . 2013-09-08 21:06 -------- d-----w- c:\users\Mom\.gimp-2.8
2013-09-08 19:47 . 2013-09-08 19:47 -------- d-----w- c:\users\Mom\AppData\Local\gegl-0.2
2013-09-08 17:24 . 2013-09-08 17:24 -------- d-----w- c:\program files\GIMP 2
2013-09-03 13:53 . 2013-09-03 13:53 187248 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
2013-09-03 13:53 . 2013-09-03 13:53 187248 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-08-30 21:40 . 2013-08-30 21:40 -------- d-----w- c:\users\Mom\AppData\Roaming\Independent
2013-08-30 21:40 . 2013-08-30 21:40 -------- d-----w- c:\program files (x86)\Skeleton Pirates
2013-08-30 21:35 . 2013-09-21 22:57 -------- d-----w- c:\programdata\Big Fish
2013-08-30 21:35 . 2013-08-30 21:38 -------- d-----w- c:\program files (x86)\bfgclient
2013-08-24 20:09 . 2013-08-24 20:09 -------- d-----w- c:\users\Mom\AppData\Local\calibre-cache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 15:33 . 2012-06-25 19:37 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-05 20:09 . 2013-05-18 03:03 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-05 20:09 . 2013-05-18 03:03 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-25 13:46 . 2012-12-15 14:31 266928 ----a-w- c:\windows\system32\drivers\RapportHades64.sys
2013-07-25 13:46 . 2012-09-03 16:41 295696 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2013-07-16 21:05 . 2012-07-05 22:19 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-15 17:00 . 2013-03-22 22:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-13 06:18 . 2013-08-15 00:58 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-07-13 06:16 . 2013-08-15 00:58 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-13 06:16 . 2013-08-15 00:58 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-07-13 06:15 . 2013-08-15 00:58 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-07-13 06:15 . 2013-08-15 00:58 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-07-13 04:24 . 2013-08-15 00:58 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-13 04:23 . 2013-08-15 00:58 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-13 04:23 . 2013-08-15 00:58 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23 . 2013-08-15 00:58 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-07-09 06:07 . 2013-08-15 00:59 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-02 00:44 . 2013-08-15 00:59 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys
2013-07-01 22:08 . 2013-08-15 00:59 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys
2013-06-26 23:21 . 2013-06-26 23:21 23208 ----a-w- c:\windows\system32\drivers\Sftvollh.sys
2013-06-26 23:21 . 2013-06-26 23:21 28840 ----a-w- c:\windows\system32\drivers\Sftredirlh.sys
2013-06-26 23:21 . 2013-06-26 23:21 273576 ----a-w- c:\windows\system32\drivers\Sftplaylh.sys
2013-06-26 23:21 . 2013-06-26 23:21 1777320 ----a-w- c:\windows\system32\sftldr.dll
2013-06-26 23:21 . 2013-06-26 23:21 1130664 ----a-w- c:\windows\SysWow64\sftldr_wow64.dll
2013-06-26 23:21 . 2013-06-26 23:21 767144 ----a-w- c:\windows\system32\drivers\Sftfslh.sys
2013-06-24 17:32 . 2013-06-24 17:32 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-24 17:32 . 2012-11-18 04:25 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-24 17:32 . 2012-11-18 04:25 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-13 19:34 . 2012-06-26 04:17 14880256 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-06-29 14:49 594432 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C77B34DEB73DE0849E4BE289D36231EA4CA83D43._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-09-17 829392]
"Weather"="c:\program files (x86)\AWS\WeatherBug\Weather.exe" [2010-04-29 1652736]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2013-04-01 298616]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-28 91432]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2012-12-18 78352]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-09-07 581024]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-09-18 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE" [2013-01-19 241280]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Box Sync.lnk - c:\program files\Box Sync\BoxSync.exe -hidden [2013-6-7 7959552]
Install LastPass FF RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -q -name=LastPass -ffuuid [email protected] [2012-6-26 14880256]
Install LastPass IE RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -p -name=LastPass -ffuuid [email protected] [2012-6-26 14880256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R0 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\N360x64\1404000.028\SymELAM.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SymELAM.sys [x]
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/12/18 12:02;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AllShare;SAMSUNG AllShare Service;c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe;c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [x]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 RapportHades64;RapportHades64;c:\windows\System32\Drivers\RapportHades64.sys;c:\windows\SYSNATIVE\Drivers\RapportHades64.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130903.002\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [x]
S1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130921.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130921.001\IDSvia64.sys [x]
S1 RapportCerberus_56758;RapportCerberus_56758;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 valWBFPolicyService;Validity WBF Policy Service;c:\windows\system32\valWBFPolicyService.exe;c:\windows\SYSNATIVE\valWBFPolicyService.exe [x]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 NETwNe64;@oem47.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]
S3 WSDScan;WSD Scan Support;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-20 21:07 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-24 16:51]
.
2013-09-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-26 03:29]
.
2013-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-26 03:29]
.
2013-09-03 c:\windows\Tasks\HPCeeScheduleForMOM-$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
2013-09-19 c:\windows\Tasks\HPCeeScheduleForMom.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]
@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"
[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]
2012-06-02 20:25 445512 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]
@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"
[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]
2012-06-02 20:25 445512 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]
@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"
[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]
2012-06-02 20:25 445512 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]
@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"
[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]
2012-06-02 20:25 445512 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]
@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"
[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]
2012-06-02 20:25 445512 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-06-29 14:50 724992 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3933496]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-20 44880]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-04 1664000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-06-04 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-06-04 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-06-04 441152]
"BoxSyncHelper"="c:\program files\Box Sync\BoxSyncHelper.exe" [2013-06-08 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LastPass - file://c:\users\Mom\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://c:\users\Mom\AppData\LocalLow\LastPass\context.html?cmd=fillforms
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\rwngxfm0.default\
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} - c:\users\Mom\AppData\Local\TopArcadeHits\Toparcadehits.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-KiesTrayAgent - c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-{C1C3E833-420E-4D78-9BA7-86AEBB272384} - c:\users\Mom\AppData\Local\TopArcadeHits\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_UserSession2_4852"="{B712CEDF-752C-4C63-8E71-BBDAB537FB01}"
"ccSvcHst_UserSession2_4604"="{02DBCDC9-BED2-4122-862B-622FF1677C95}"
"ccSvcHst_UserSession_52"="{88F248BA-AE8B-4DAC-88D9-55FE3C09DBE3}"
"_IPCChannel_PerformAutoLogin_1_"="{1EC9B303-48F8-4D74-8028-AAEC06ADABEE}"
"ccSvcHst_UserSession_4952"="{1EC9B303-48F8-4D74-8028-AAEC06ADABEE}"
"ccSvcHst_UserSession_4580"="{C9FDAD6F-1EB4-4CC2-8FD7-A42B560D1A9D}"
"ccSvcHst_UserSession_9692"="{F93740D8-F9AC-43EA-A506-609A3F04C6B2}"
"ccSvcHst_UserSession2_9652"="{245343EC-9AE6-4F02-8FBD-0B26ACF0F18D}"
"ccSvcHst_UserSession2_7660"="{06589572-FFF7-4F57-BC21-2E6A67FCD99F}"
"ccSvcHst_UserSession_4932"="{1E8ECCC7-05B7-4E93-B520-25000C1C5C8A}"
"ccSvcHst_UserSession2_3096"="{D48D0FE3-D770-4D7C-9DD6-D92684463868}"
"ccSvcHst_UserSession_5016"="{76EDE90C-011A-47FE-9B43-6724D960E858}"
"ccSvcHst_UserSession2_5152"="{E8E31C12-B914-465A-9F47-9164CAB6E905}"
"ccSvcHst_UserSession2_3720"="{791A3322-6F46-489F-9A4B-F6764E3ADF7F}"
"ccSvcHst_UserSession_5408"="{575F0EC0-3138-47A9-81C2-125E3D30C3F2}"
"ccSvcHst_UserSession2_5024"="{A0113EB9-F3DC-42CF-87EB-0BEB88993E32}"
"ccSvcHst_UserSession2_5020"="{CACBB9A3-9138-4026-940E-CE5120F7AC47}"
"ccSvcHst_UserSession2_5176"="{D1ED8E08-C954-4AD7-A2AC-9CD3FAF014AD}"
"ccSvcHst_UserSession2_3740"="{DCEFB2B3-CC38-4E6E-9FE3-5300A13D8F34}"
"ccSvcHst_UserSession2_5144"="{1DBF7C08-B137-43F6-8CE6-902F7DB19AB0}"
"ccSvcHst_UserSession_3568"="{9E4E9508-1532-4A5D-B44F-1A78690091F8}"
"ccSvcHst_UserSession2_5156"="{BAA79C8A-6481-4612-BB6D-E44A93CA4FD5}"
"ccSvcHst_UserSession2_4556"="{2987FBBE-C442-47CC-96C7-A26969ABF6CF}"
"ccSvcHst_UserSession_5696"="{FF1F98AA-9343-466A-9E0B-9BE1CCD5DA57}"
"ccSvcHst_UserSession2_1812"="{FDB7AC86-EF26-41BE-9C77-F67F639B6573}"
"ccSvcHst_UserSession_5924"="{F5779BD0-9C34-435E-91DC-55EEECE7859B}"
"ccSvcHst_UserSession_4872"="{BFF08604-7D76-48E8-AA4B-C194FCC7B7C6}"
"ccSvcHst_UserSession_5304"="{3D686B59-4EEB-42A7-951A-E56DA7985E27}"
"ccSvcHst_UserSession2_2500"="{5FFC25A5-5441-4116-B869-8CC6C143B76D}"
"ccSvcHst_N360"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"DING_{4467AB8F-68C8-4ab5-9B48-B3E6EB65F6A1}"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"ccSvcHst_UserSession2_4240"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}1"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"{0D147FE7-1045-46ED-8F96-06DDA32C157B}.MClientTaskNoficiation"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"ccGenericEvent_Global_EM"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"ccGenericEvent_Global_LM"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"ccGenericLog_Manager"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"{A2DE0E79-877C-485b-B604-78B170313E9E}_IronIPC"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_buSvcComm_"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"SymRedirSvcRequestChannel"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"SNDServiceRequestChannel"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"SNDLocationChannel"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_isDataPrComm_"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"ncw_performance_IPC"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"NortonNetServiceIPC"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_NCWSvcComm_NortonCommunityWatchConfiguration"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"NetMapServiceIPC"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_ProcessDetection_"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"isError_Service_IPC"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_AvProdSvcComm_"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"QuickStart{4302D82E-BA29-4be2-A0EF-72589D61BCD3}"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"BashIPCChannel"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"Tuneup_Context_Switch_Channel"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_IDataStoreMgr_"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"CommListener"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_ISPOCClient_"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_IEventServiceMgr_"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"MClientTask.{15F2F1FF-F37B-4673-BCAA-FEB6EB7FB72A}"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"{FEC3E60C-6AB6-4C7F-B7BA-22794EE4EF0F}"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_buVssComm_"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_HSPlayerCommand_"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"{C4A09495-F6BC-4166-B717-F3F3250462BB}"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"IPS_COMMAND_CHANNEL"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"{9BBA000F-092F-432f-B9DF-9D64FD1C2978}"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"FWAlert"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"AvProdSession_01"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"AvProdSession_Options_01"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"AvProdSession_MessageCenter_01"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"AvProdSession_Scanless_01"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"AvProdSession_IPUA_01"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"AvProdSession_CanIRun_01"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"{A1B48937-0778-4e7c-885B-271F65B485D2}"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"_buUIComm_S-1-5-21-2971913362-442856429-175217216-1001"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"{D9D79767-CD29-487E-9729-730A5CA33689}"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"g_coUserCommandChannel_S-1-5-21-2971913362-442856429-175217216-1001"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"clt::AlertChannel2_01"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_1"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"AVModule_ExclusionManager_{C6198C0B-693E-4CE5-BDED-C1C7ABE5E22C}"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"3171AE8E-C48D-4AFC-AF37-45011C17CBE6:Mom"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}1"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"TRUSTCHANNEL"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"SDKCHANNEL1"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"ToasterNotify\\SessionID_1"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{C9CF8CD2-5A39-4770-B562-067BB8999A12}"
"_ReputationSvcComm_ReputationPublisher"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
"ncw_reputation_scan_server_IPC"="{1C48A068-5110-401D-9102-3A056E9BEC2E}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{94A33893-82BD-4600-819B-F2587568B59D}"=""
"{B712CEDF-752C-4C63-8E71-BBDAB537FB01}"=""
"{0EFA4B44-BA56-495F-8666-D91B7C8CD867}"=""
"{4FAEDEC5-08D6-461E-841D-C14F3F46BFC3}"=""
"{9ECAD3CD-BBBA-4172-A5C5-D307CF08248B}"=""
"{3A71C465-DC05-4701-94D3-A20CB6C1CBBE}"=""
"{A4F554BE-C941-4F2E-9FCB-10F735AD3A47}"=""
"{6849AED3-8E7F-4E93-AF29-CD7E7C84EFE7}"=""
"{187222C7-4EF7-45C4-8352-CD56A9E5533F}"=""
"{7AB6BCE8-63D9-48BC-8057-7880CCA0A2B4}"=""
"{CF03194A-3B72-4412-8012-3D10A1E5B78C}"=""
"{A15BEA9F-D6ED-45D3-86D4-FFB03CED32D2}"=""
"{0F0D8911-5D6E-48EF-95EB-7051C9A7EF5C}"=""
"{111E0C64-9D50-46D6-BA5F-A4885F2E0582}"=""
"{CA717C99-6DB1-452B-AE66-52CF26F79DEC}"=""
"{96250B9A-27A8-4EE0-AD8D-96427F14218B}"=""
"{7AA006C4-ECF8-4A5B-ACCF-6390838F245A}"=""
"{62F38963-5E45-4F8C-9D61-E0E7C8865E93}"=""
"{C49C56C5-71EE-4302-8AF9-BAF8CDB5EF3C}"=""
"{85FDE8E8-3730-486F-9121-3EA448872C6D}"=""
"{02DBCDC9-BED2-4122-862B-622FF1677C95}"=""
"{AABCEB6F-BC8F-461D-841B-774EAA35D440}"=""
"{36770E41-D529-4821-BD68-C2DFDB3F994A}"=""
"{CD9BB0F4-CBFC-4C80-BB20-F4D8E11FD406}"=""
"{972C3B71-B76A-4A99-BD79-F538764F7D2A}"=""
"{AD16CA64-B918-4C1E-BF9A-25316F9D7192}"=""
"{4E942261-E4BE-462B-AFD7-1F20EEBED8DF}"=""
"{10918DE2-1057-4515-8B04-113FC030666B}"=""
"{CD725C11-D9C7-4F65-86A5-D819E96EC000}"=""
"{52CC1141-951D-41A2-9B0A-D296E9526A77}"=""
"{A2F591BD-C3D6-4448-B6B4-98E93619CE1D}"=""
"{1159EF98-B37C-4914-A9E7-B02A41ADF536}"=""
"{AFCCCB7F-FED4-4BAB-8E67-42655C884059}"=""
"{2C515F28-F808-4ACB-A359-93F61F29C321}"=""
"{8FA1DE6F-91E9-4A6E-BCCE-052080C6AC2F}"=""
"{09E21F44-5300-414F-A43D-3BC220473D12}"=""
"{40600C64-EE3F-491D-B259-62062E4B672F}"=""
"{18C16F44-D1BE-40FE-BDEB-E595B0D31922}"=""
"{AFC4FCF3-8841-42A5-9908-95B4A8AEF5DB}"=""
"{4750FF2E-3ACC-4818-9B4E-9134FF8F6A82}"=""
"{1B0FBFA9-7798-487C-B5A1-32F5721BCC15}"=""
"{7ABAEAAC-DDF0-473E-96CE-62399B0175EA}"=""
"{7AFC9308-8A97-4692-BA25-B8AA8D03AAE8}"=""
"{7045B692-3025-4AE0-AE87-9541E0F0F925}"=""
"{19A73366-6A52-41B1-9FA1-31EBF1FCDB38}"=""
"{22536853-2B78-4A64-889E-28ECB64ABF7F}"=""
"{9162803F-9090-4FEE-9E29-AD9A3400A68A}"=""
"{5FF0358F-F91E-4940-BBC2-277E748566A8}"=""
"{399D1D3E-A494-44C1-9D71-3F2025058174}"=""
"{52B98A5A-3DB8-48DE-8379-C7CB5D162786}"=""
"{E838B83E-66C8-4BBB-B722-69CD781CD6A7}"=""
"{88F248BA-AE8B-4DAC-88D9-55FE3C09DBE3}"=""
"{28012C05-6828-4447-B337-FE1548ACB8D7}"=""
"{1EC9B303-48F8-4D74-8028-AAEC06ADABEE}"=""
"{2BD71F37-D675-4089-AC6E-AE95FB7378DA}"=""
"{C9FDAD6F-1EB4-4CC2-8FD7-A42B560D1A9D}"=""
"{69B0CA58-97A4-46AE-A53D-41936AA6687E}"=""
"{F93740D8-F9AC-43EA-A506-609A3F04C6B2}"=""
"{0DCECFAD-E591-467C-8D6C-C4F195DB4244}"=""
"{245343EC-9AE6-4F02-8FBD-0B26ACF0F18D}"=""
"{CF95BAC7-320A-468D-BD9C-E1BD3E369555}"=""
"{06589572-FFF7-4F57-BC21-2E6A67FCD99F}"=""
"{D8650030-57C5-4A0F-BAF5-5E36FF00BEDD}"=""
"{1E8ECCC7-05B7-4E93-B520-25000C1C5C8A}"=""
"{6BEC8A4E-94F8-4E85-95FC-6BCFD57B60C7}"=""
"{D48D0FE3-D770-4D7C-9DD6-D92684463868}"=""
"{6BB07B65-CA2F-473B-A51D-2D1C1C1A1D09}"=""
"{F9E0409A-62A3-4BBD-AB8D-7844AE996CDC}"=""
"{DC51CE3F-9BBC-4ECC-BB66-ECCE57B298AB}"=""
"{76EDE90C-011A-47FE-9B43-6724D960E858}"=""
"{7A49A008-5C33-4A6F-8A6F-004C142BFF8E}"=""
"{75B4FDFF-7836-4744-8FA9-8CDCA2F11734}"=""
"{E8E31C12-B914-465A-9F47-9164CAB6E905}"=""
"{989E7BD4-0477-4134-BCF2-78D9872C3477}"=""
"{F62F6DB1-E4EF-4443-82B7-B4472E52150F}"=""
"{8EBA0C09-E7BF-467E-820C-CD0B30E7EEF5}"=""
"{791A3322-6F46-489F-9A4B-F6764E3ADF7F}"=""
"{3E3A5BE5-32A9-4E74-8B01-C9F3F9C267DB}"=""
"{232A21A4-BB23-4F2E-A755-3A201401CA0E}"=""
"{8687FD17-0C14-495A-884E-804B655CB67F}"=""
"{575F0EC0-3138-47A9-81C2-125E3D30C3F2}"=""
"{3E4D3C08-AA97-46F3-B053-EAA057AF17B0}"=""
"{A0113EB9-F3DC-42CF-87EB-0BEB88993E32}"=""
"{F4F89469-2128-4EC2-9C14-EDF348FB0EEB}"=""
"{B0EF5C4E-50C8-4AD1-A108-27232E2CBD70}"=""
"{CACBB9A3-9138-4026-940E-CE5120F7AC47}"=""
"{EC51D0CC-92E3-4B7B-A430-C9E451D19DAB}"=""
"{D1ED8E08-C954-4AD7-A2AC-9CD3FAF014AD}"=""
"{168C254A-F3A8-4D8D-9885-D35947BDD0C8}"=""
"{30CE9B9F-E2A2-41EC-968B-387FCF29714B}"=""
"{DCEFB2B3-CC38-4E6E-9FE3-5300A13D8F34}"=""
"{F901800F-98BD-45FE-A192-D5A296411753}"=""
"{1DBF7C08-B137-43F6-8CE6-902F7DB19AB0}"=""
"{AC2C6CE9-79E2-4A04-99B2-55A95E29FA97}"=""
"{AFFCC4B6-40E0-4168-9ECE-B0DB124CF439}"=""
"{9E4E9508-1532-4A5D-B44F-1A78690091F8}"=""
"{32E6D0BC-B9DA-44B5-85BF-7BA5669DE7A5}"=""
"{8C1AD3F4-033B-4775-8A1B-DF4861B886C0}"=""
"{7278382C-0B6D-4BBB-AE2C-087B40C40F59}"=""
"{E97CC7EB-0A28-4FE0-A9D7-D5B2DF1082F9}"=""
"{600970EF-8D78-42BD-BDC2-5413F2768FCA}"=""
"{BAA79C8A-6481-4612-BB6D-E44A93CA4FD5}"=""
"{ED013BE9-47D3-4449-8384-4E7D498D277E}"=""
"{2987FBBE-C442-47CC-96C7-A26969ABF6CF}"=""
"{7E008399-1EDA-4263-AFE3-5B7E9AB7867B}"=""
"{FF1F98AA-9343-466A-9E0B-9BE1CCD5DA57}"=""
"{E6CD0B83-9867-4788-ADFE-DB3FC631B0E7}"=""
"{FDB7AC86-EF26-41BE-9C77-F67F639B6573}"=""
"{E389B653-C01C-4AB7-8753-BC368FD62869}"=""
"{F5779BD0-9C34-435E-91DC-55EEECE7859B}"=""
"{C3E7D89B-94C2-43F6-BF4F-196BCC8C3E90}"=""
"{95455E8A-6F2C-45A6-B0A7-A0D9153134B0}"=""
"{1A39EBBD-680A-48B5-B850-A3CA18A57CBA}"=""
"{BFF08604-7D76-48E8-AA4B-C194FCC7B7C6}"=""
"{BD735C8A-F752-4D21-B29E-35A61A114FEB}"=""
"{24502503-0927-4294-85E1-155B38CFADCC}"=""
"{0DA45B9D-AD91-4682-96CF-EA6BB53CA2A5}"=""
"{7433E571-63EB-4468-9E7A-FEFB8042C8BD}"=""
"{18C218BD-CBDE-4B80-AE75-6F47C874E155}"=""
"{C5DB616A-5A42-4DBF-B6E5-69B30CDBFEA1}"=""
"{23BDE641-6DBC-4C32-B294-3EF25F50AA38}"=""
"{7A1811F8-D580-40C6-9FC7-EBB91B59D05A}"=""
"{01F02AF6-80CF-4AC4-A664-141EDEFC1383}"=""
"{0E0F84FB-A1ED-434C-95D1-EE3445E99ADB}"=""
"{4BF3FCCE-1769-419E-81AF-288027CB47C2}"=""
"{3B12B3B1-D85C-4006-A959-DCCC50BB8B4B}"=""
"{003B2748-98A4-4D41-A292-217681AB7B59}"=""
"{49B390A2-E55E-4301-8EAD-4AD599A33A3A}"=""
"{A4D0FC22-8C4B-4525-8B52-162A2A1E3898}"=""
"{0A145E00-07EF-4F04-8F73-8F42D23FA564}"=""
"{A23FEB06-9A21-49E4-BDC0-5212E92AA332}"=""
"{2EFAF1AF-F2C6-4817-ACF1-EB2B7741BD91}"=""
"{D9E5F369-E34C-4EEA-8FB6-8C58EC9363D7}"=""
"{9822EECB-34BD-44D5-901D-CDFD4A196FB2}"=""
"{FFA8580B-38BA-454A-B1F7-49ACA25F982E}"=""
"{3FC4F6F7-447C-4ED9-9260-8D2FF47AA561}"=""
"{68FE975F-9CE9-474B-8385-9B5D006D1C1B}"=""
"{57B01AA0-7CB9-4FC9-A8BD-4E6847AABA60}"=""
"{D7AF13B7-45C2-438B-B283-AD054C0E4312}"=""
"{AFAA52CF-ABB2-4259-86E2-1320784A240E}"=""
"{4D9400B5-1C18-47D7-A46A-36FAD19A5B16}"=""
"{7348470F-C170-406C-8602-B03329D2D95A}"=""
"{2FE4C51C-1B2F-4D16-BA89-F27FD8729804}"=""
"{089D0EC5-F08B-4133-9F6B-6879000AFA75}"=""
"{EC8CD06E-8443-4B86-835E-F1D2A3D403A5}"=""
"{154945EB-F7F9-4164-8EFD-F5FDF7BE582C}"=""
"{A43D1B9E-CD07-4C54-ACA6-E282E7A684E6}"=""
"{B35FA860-E600-4CA0-90B9-038B38607D80}"=""
"{B949B926-086A-4F0F-B680-C23B1E99F84F}"=""
"{32A7E3CD-72EF-41CB-9F43-5BC8B9F962E4}"=""
"{6C672E7D-3A96-4945-93AA-3C564018D657}"=""
"{3D686B59-4EEB-42A7-951A-E56DA7985E27}"=""
"{F538B4A1-EE0A-4DEF-94A0-8458DFFBCD7D}"=""
"{5FFC25A5-5441-4116-B869-8CC6C143B76D}"=""
"{BEAAB2CF-D36D-4D7A-AEDD-F9365A14C9D4}"=""
"{49223A2F-8D5A-4D18-93FA-CBD8E9A7FDA5}"=""
"{1A1DC34B-ED95-40C7-9D34-553C9F1EB676}"=""
"{B294B4E4-9FF9-495E-ABCD-949498974E60}"=""
"{4FAB9C0C-0C05-41A9-96A2-CC7EA8E22254}"=""
"{34CA752B-844B-410A-AE8D-5E11BB03DE5E}"=""
"{3424DF1D-8C34-426D-A99E-468E677155E9}"=""
"{2752ADA4-48DA-4E9B-B9E6-6D97DA0D6AB5}"=""
"{C4328E17-E7CA-4DC3-A4C8-80DE11C6D51D}"=""
"{AFED8EC7-9BBB-41E0-A71C-964F4D1444D6}"=""
"{F348C5A4-8CA2-47B1-AE1B-3933D19D7610}"=""
"{EF08487F-F77F-4ED8-9828-F793A8061DC5}"=""
"{75028AAB-7324-4B76-82F3-DDA6BE251572}"=""
"{F4EF9888-7A77-4CBD-9F0C-0D224829316F}"=""
"{62885957-BE2C-4A17-BC65-F953E0760B5A}"=""
"{45859C85-CD78-44C2-BC8D-FBBD26EA39A4}"=""
"{ABCBC8B8-2154-4A29-8BC1-51769D6283B6}"=""
"{307B771C-B8D7-436C-B031-6E1039CA16A7}"=""
"{0DFBB768-19C0-46BE-8DAA-5BE90668FCA0}"=""
"{3AACEEF0-402B-4B46-8802-00E60A68EDE5}"=""
"{F9A13532-593B-4245-A344-54E1F16C7B2D}"=""
"{71DBE2C5-6AAB-45C9-BB8F-39B31569871F}"=""
"{D030CD51-5435-4DED-88A9-850AD5242A97}"=""
"{1C48A068-5110-401D-9102-3A056E9BEC2E}"=""
"{C9CF8CD2-5A39-4770-B562-067BB8999A12}"=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{170fa89a-6886-4c9e-b17b-12bccdd80788}\Common Client\ccIPC]
@Denied: (C D) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{170fa89a-6886-4c9e-b17b-12bccdd80788}\Common Client\ccIPC\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_UserSession_4844"="{D8930314-2D52-4005-9A17-68EDE037D044}"
"ccSvcHst_UserSession_3672"="{258FCD26-C4D3-4D4A-8CA0-651B03D243C0}"
"ccSvcHst_PCCUJobMgr"="{1D3ED99F-8EC7-49B1-9809-6E8F5EEE04DC}"
"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{1D3ED99F-8EC7-49B1-9809-6E8F5EEE04DC}"
"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{1D3ED99F-8EC7-49B1-9809-6E8F5EEE04DC}"
"ccSettingsService"="{1D3ED99F-8EC7-49B1-9809-6E8F5EEE04DC}"
"ccSvcHst_UserSession_4252"="{F19E38D1-0DF4-4E4C-937D-2EED389F6FF5}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{170fa89a-6886-4c9e-b17b-12bccdd80788}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{B38BE355-04BE-4977-895C-AED6D4B7CA56}"=""
"{D8930314-2D52-4005-9A17-68EDE037D044}"=""
"{1D3ED99F-8EC7-49B1-9809-6E8F5EEE04DC}"=""
"{F19E38D1-0DF4-4E4C-937D-2EED389F6FF5}"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2013-09-21 21:32:19
ComboFix-quarantined-files.txt 2013-09-22 01:32
.
Pre-Run: 428,319,686,656 bytes free
Post-Run: 427,909,853,184 bytes free
.
- - End Of File - - F0BE4B2455D24DD6D44E6CA902B20FC1
  • 0

#7
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Nsomniak

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::



Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

  • 0

#8
Nsomniak

Nsomniak

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
So Top arcade Hits has reared it's ugly head again on Firefox. Here's the next report:

ComboFix 13-09-19.01 - Mom 09/22/2013 0:15.2.8 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.8087.6116 [GMT -4:00]
Running from: c:\users\Mom\Desktop\ComboFix.exe
Command switches used :: c:\users\Mom\Desktop\CFScript.txt
AV: Norton Security Suite *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Mom\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
((((((((((((((((((((((((( Files Created from 2013-08-22 to 2013-09-22 )))))))))))))))))))))))))))))))
.
.
2013-09-22 04:26 . 2013-09-22 04:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-09-22 04:26 . 2013-09-22 04:26 -------- d-----w- c:\users\Mom\AppData\Local\temp
2013-09-22 04:26 . 2013-09-22 04:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-22 04:03 . 2013-09-22 04:07 -------- d-----w- c:\program files\Classic Shell
2013-09-21 22:56 . 2013-09-21 22:56 -------- d-----w- c:\windows\ERUNT
2013-09-21 22:41 . 2013-09-21 22:44 -------- d-----w- C:\AdwCleaner
2013-09-20 21:06 . 2013-09-20 21:06 -------- d-----w- c:\program files\iPod
2013-09-20 21:06 . 2013-09-20 21:06 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-20 21:06 . 2013-09-20 21:06 -------- d-----w- c:\program files\iTunes
2013-09-20 21:06 . 2013-09-20 21:06 -------- d-----w- c:\program files (x86)\iTunes
2013-09-20 01:08 . 2013-09-20 01:08 -------- d-----w- c:\programdata\RosettaStoneLtdServices
2013-09-20 01:08 . 2013-09-20 01:08 -------- d-----w- c:\program files (x86)\RosettaStoneLtdServices
2013-09-19 18:38 . 2013-09-19 18:38 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-09-19 18:38 . 2013-09-20 03:41 -------- d-----w- c:\users\Mom\AppData\Roaming\DAEMON Tools Lite
2013-09-19 18:38 . 2013-09-19 18:38 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-09-19 18:37 . 2013-09-19 23:40 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-09-19 03:17 . 2013-09-19 03:17 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2013-09-19 03:09 . 2013-09-20 00:43 -------- d-----w- c:\programdata\Rosetta Stone
2013-09-19 03:09 . 2013-09-19 03:09 -------- d-----w- c:\programdata\Rosetta Stone Backups
2013-09-19 03:08 . 2013-09-20 01:08 -------- d-----w- c:\program files (x86)\Rosetta Stone
2013-09-19 03:08 . 2013-09-20 00:43 -------- d-----w- c:\programdata\FLEXnet
2013-09-14 18:27 . 2013-09-14 18:27 -------- d-----w- C:\GOG Games
2013-09-14 17:58 . 2013-09-14 17:59 -------- d-----w- c:\users\Mom\AppData\Roaming\vlc
2013-09-12 15:44 . 2013-09-20 03:53 -------- d-----w- c:\program files (x86)\Free PDF Solutions
2013-09-12 15:43 . 2013-09-12 15:43 -------- d--h--w- c:\programdata\Common Files
2013-09-12 15:42 . 2013-09-14 17:42 -------- d-----w- c:\users\Mom\AppData\Local\WebPlayer
2013-09-11 14:10 . 2013-08-03 04:30 4038144 ----a-w- c:\windows\system32\win32k.sys
2013-09-11 14:10 . 2013-08-07 05:15 144896 ----a-w- c:\windows\system32\tssdisai.dll
2013-09-10 14:43 . 2013-09-10 14:43 -------- d-----w- c:\program files (x86)\Cisco
2013-09-10 14:43 . 2013-09-10 14:43 -------- d-----w- c:\programdata\Intel.sav
2013-09-10 14:41 . 2013-09-10 14:41 -------- d-----w- c:\programdata\Package Cache
2013-09-08 19:52 . 2013-09-08 20:37 -------- d-----w- c:\users\Mom\AppData\Local\gtk-2.0
2013-09-08 19:52 . 2013-09-08 19:52 -------- d-----w- c:\users\Mom\.thumbnails
2013-09-08 19:47 . 2013-09-08 21:06 -------- d-----w- c:\users\Mom\.gimp-2.8
2013-09-08 19:47 . 2013-09-08 19:47 -------- d-----w- c:\users\Mom\AppData\Local\gegl-0.2
2013-09-08 17:24 . 2013-09-08 17:24 -------- d-----w- c:\program files\GIMP 2
2013-09-03 13:53 . 2013-09-03 13:53 187248 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
2013-09-03 13:53 . 2013-09-03 13:53 187248 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-08-30 21:40 . 2013-08-30 21:40 -------- d-----w- c:\users\Mom\AppData\Roaming\Independent
2013-08-30 21:40 . 2013-08-30 21:40 -------- d-----w- c:\program files (x86)\Skeleton Pirates
2013-08-30 21:35 . 2013-09-21 22:57 -------- d-----w- c:\programdata\Big Fish
2013-08-30 21:35 . 2013-08-30 21:38 -------- d-----w- c:\program files (x86)\bfgclient
2013-08-24 20:09 . 2013-08-24 20:09 -------- d-----w- c:\users\Mom\AppData\Local\calibre-cache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-11 15:33 . 2012-06-25 19:37 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-05 20:09 . 2013-05-18 03:03 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-05 20:09 . 2013-05-18 03:03 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-25 13:46 . 2012-12-15 14:31 266928 ----a-w- c:\windows\system32\drivers\RapportHades64.sys
2013-07-25 13:46 . 2012-09-03 16:41 295696 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2013-07-16 21:05 . 2012-07-05 22:19 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
2013-07-15 17:00 . 2013-03-22 22:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-07-13 06:18 . 2013-08-15 00:58 337408 ----a-w- c:\windows\system32\wintrust.dll
2013-07-13 06:16 . 2013-08-15 00:58 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-13 06:16 . 2013-08-15 00:58 1889280 ----a-w- c:\windows\system32\crypt32.dll
2013-07-13 06:15 . 2013-08-15 00:58 98304 ----a-w- c:\windows\system32\apprepsync.dll
2013-07-13 06:15 . 2013-08-15 00:58 124416 ----a-w- c:\windows\system32\apprepapi.dll
2013-07-13 04:24 . 2013-08-15 00:58 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-13 04:23 . 2013-08-15 00:58 1568256 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-13 04:23 . 2013-08-15 00:58 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2013-07-13 04:23 . 2013-08-15 00:58 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2013-07-09 06:07 . 2013-08-15 00:59 2233168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-02 00:44 . 2013-08-15 00:59 36288 ----a-w- c:\windows\system32\drivers\WdBoot.sys
2013-07-01 22:08 . 2013-08-15 00:59 247216 ----a-w- c:\windows\system32\drivers\WdFilter.sys
2013-06-26 23:21 . 2013-06-26 23:21 23208 ----a-w- c:\windows\system32\drivers\Sftvollh.sys
2013-06-26 23:21 . 2013-06-26 23:21 28840 ----a-w- c:\windows\system32\drivers\Sftredirlh.sys
2013-06-26 23:21 . 2013-06-26 23:21 273576 ----a-w- c:\windows\system32\drivers\Sftplaylh.sys
2013-06-26 23:21 . 2013-06-26 23:21 1777320 ----a-w- c:\windows\system32\sftldr.dll
2013-06-26 23:21 . 2013-06-26 23:21 1130664 ----a-w- c:\windows\SysWow64\sftldr_wow64.dll
2013-06-26 23:21 . 2013-06-26 23:21 767144 ----a-w- c:\windows\system32\drivers\Sftfslh.sys
2013-06-24 17:32 . 2013-06-24 17:32 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-24 17:32 . 2012-11-18 04:25 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-24 17:32 . 2012-11-18 04:25 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-13 19:34 . 2012-06-26 04:17 14880256 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA}]
c:\users\Mom\AppData\Local\TopArcadeHits\Toparcadehits.dll [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-06-29 14:49 594432 ----a-w- c:\program files\Classic Shell\ClassicExplorer32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C77B34DEB73DE0849E4BE289D36231EA4CA83D43._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2013-09-17 829392]
"Weather"="c:\program files (x86)\AWS\WeatherBug\Weather.exe" [2010-04-29 1652736]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP CoolSense"="c:\program files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" [2012-11-05 1343904]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2013-04-01 298616]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-03-28 91432]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2012-12-18 78352]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-09-07 581024]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-09-18 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIHVA.EXE" [2013-01-19 241280]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Box Sync.lnk - c:\program files\Box Sync\BoxSync.exe -hidden [2013-6-7 7959552]
Install LastPass FF RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -q -name=LastPass -ffuuid [email protected] [2012-6-26 14880256]
Install LastPass IE RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -p -name=LastPass -ffuuid [email protected] [2012-6-26 14880256]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R0 SymELAM;Symantec ELAM Driver;c:\windows\system32\drivers\N360x64\1404000.028\SymELAM.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SymELAM.sys [x]
R2 CLKMSVC10_38F51D56;CyberLink Product - 2012/12/18 12:02;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AllShare;SAMSUNG AllShare Service;c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe;c:\program files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [x]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TrueService;TrueAPI Service component;c:\program files\Common Files\AuthenTec\TrueService.exe;c:\program files\Common Files\AuthenTec\TrueService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 RapportHades64;RapportHades64;c:\windows\System32\Drivers\RapportHades64.sys;c:\windows\SYSNATIVE\Drivers\RapportHades64.sys [x]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys;c:\windows\SYSNATIVE\Drivers\RapportKE64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000.028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1404000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130903.002\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [x]
S1 ccSet_N360;Norton Security Suite Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys;c:\windows\SYSNATIVE\drivers\dtsoftbus01.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130921.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130921.001\IDSvia64.sys [x]
S1 RapportCerberus_56758;RapportCerberus_56758;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [x]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [x]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass\TrueSuiteService.exe [x]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 N360;Norton Security Suite;c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 valWBFPolicyService;Validity WBF Policy Service;c:\windows\system32\valWBFPolicyService.exe;c:\windows\SYSNATIVE\valWBFPolicyService.exe [x]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 NETwNe64;@oem47.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 WirelessButtonDriver;HP Wireless Button Driver Service;c:\windows\System32\drivers\WirelessButtonDriver64.sys;c:\windows\SYSNATIVE\drivers\WirelessButtonDriver64.sys [x]
S3 WSDScan;WSD Scan Support;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-20 21:07 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-02-24 16:51]
.
2013-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-26 03:29]
.
2013-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-26 03:29]
.
2013-09-03 c:\windows\Tasks\HPCeeScheduleForMOM-$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
2013-09-19 c:\windows\Tasks\HPCeeScheduleForMom.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]
@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"
[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]
2012-06-02 20:25 445512 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]
@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"
[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]
2012-06-02 20:25 445512 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]
@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"
[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]
2012-06-02 20:25 445512 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]
@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"
[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]
2012-06-02 20:25 445512 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]
@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"
[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]
2012-06-02 20:25 445512 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 20:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ShareOverlay]
@="{594D4122-1F87-41E2-96C7-825FB4796516}"
[HKEY_CLASSES_ROOT\CLSID\{594D4122-1F87-41E2-96C7-825FB4796516}]
2013-06-29 14:50 724992 ----a-w- c:\program files\Classic Shell\ClassicExplorer64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3933496]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-20 44880]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-04 1664000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-06-04 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-06-04 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-06-04 441152]
"BoxSyncHelper"="c:\program files\Box Sync\BoxSyncHelper.exe" [2013-06-08 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: LastPass - file://c:\users\Mom\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://c:\users\Mom\AppData\LocalLow\LastPass\context.html?cmd=fillforms
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Mom\AppData\Roaming\Mozilla\Firefox\Profiles\rwngxfm0.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton Security Suite\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_UserSession2_4852"="{B712CEDF-752C-4C63-8E71-BBDAB537FB01}"
"ccSvcHst_UserSession2_4604"="{02DBCDC9-BED2-4122-862B-622FF1677C95}"
"ccSvcHst_UserSession_52"="{88F248BA-AE8B-4DAC-88D9-55FE3C09DBE3}"
"_IPCChannel_PerformAutoLogin_1_"="{1EC9B303-48F8-4D74-8028-AAEC06ADABEE}"
"ccSvcHst_UserSession_4952"="{1EC9B303-48F8-4D74-8028-AAEC06ADABEE}"
"ccSvcHst_UserSession_4580"="{C9FDAD6F-1EB4-4CC2-8FD7-A42B560D1A9D}"
"ccSvcHst_UserSession_9692"="{F93740D8-F9AC-43EA-A506-609A3F04C6B2}"
"ccSvcHst_UserSession2_9652"="{245343EC-9AE6-4F02-8FBD-0B26ACF0F18D}"
"ccSvcHst_UserSession2_7660"="{06589572-FFF7-4F57-BC21-2E6A67FCD99F}"
"ccSvcHst_UserSession_4932"="{1E8ECCC7-05B7-4E93-B520-25000C1C5C8A}"
"ccSvcHst_UserSession2_3096"="{D48D0FE3-D770-4D7C-9DD6-D92684463868}"
"ccSvcHst_UserSession_5016"="{76EDE90C-011A-47FE-9B43-6724D960E858}"
"ccSvcHst_UserSession2_5152"="{E8E31C12-B914-465A-9F47-9164CAB6E905}"
"ccSvcHst_UserSession2_3720"="{791A3322-6F46-489F-9A4B-F6764E3ADF7F}"
"ccSvcHst_UserSession_5408"="{575F0EC0-3138-47A9-81C2-125E3D30C3F2}"
"ccSvcHst_UserSession2_5024"="{A0113EB9-F3DC-42CF-87EB-0BEB88993E32}"
"ccSvcHst_UserSession2_5020"="{CACBB9A3-9138-4026-940E-CE5120F7AC47}"
"ccSvcHst_UserSession2_5176"="{D1ED8E08-C954-4AD7-A2AC-9CD3FAF014AD}"
"ccSvcHst_UserSession2_3740"="{DCEFB2B3-CC38-4E6E-9FE3-5300A13D8F34}"
"ccSvcHst_UserSession2_5144"="{1DBF7C08-B137-43F6-8CE6-902F7DB19AB0}"
"ccSvcHst_UserSession_3568"="{9E4E9508-1532-4A5D-B44F-1A78690091F8}"
"ccSvcHst_UserSession2_5156"="{BAA79C8A-6481-4612-BB6D-E44A93CA4FD5}"
"ccSvcHst_UserSession2_4556"="{2987FBBE-C442-47CC-96C7-A26969ABF6CF}"
"ccSvcHst_UserSession_5696"="{FF1F98AA-9343-466A-9E0B-9BE1CCD5DA57}"
"ccSvcHst_UserSession2_1812"="{FDB7AC86-EF26-41BE-9C77-F67F639B6573}"
"ccSvcHst_UserSession_5924"="{F5779BD0-9C34-435E-91DC-55EEECE7859B}"
"ccSvcHst_UserSession_4872"="{BFF08604-7D76-48E8-AA4B-C194FCC7B7C6}"
"ccSvcHst_UserSession_5304"="{3D686B59-4EEB-42A7-951A-E56DA7985E27}"
"ccSvcHst_UserSession2_2500"="{5FFC25A5-5441-4116-B869-8CC6C143B76D}"
"ccSvcHst_N360"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"Tuneup_Context_Switch_Channel"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"DING_{4467AB8F-68C8-4ab5-9B48-B3E6EB65F6A1}"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"ccSvcHst_UserSession2_3324"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}1"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"{0D147FE7-1045-46ED-8F96-06DDA32C157B}.MClientTaskNoficiation"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"ccGenericEvent_Global_EM"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"ccGenericEvent_Global_LM"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"ccGenericLog_Manager"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"g_coVistaProxyChannel"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"{A2DE0E79-877C-485b-B604-78B170313E9E}_IronIPC"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"ipcChannel_ShastaServer"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"_buSvcComm_"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"SymRedirSvcRequestChannel"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"SNDServiceRequestChannel"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"SNDLocationChannel"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"NortonNetServiceIPC"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"NetMapServiceIPC"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"_isDataPrComm_"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"ncw_performance_IPC"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"_NCWSvcComm_NortonCommunityWatchConfiguration"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"_ProcessDetection_"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"_AvProdSvcComm_"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"isError_Service_IPC"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"QuickStart{4302D82E-BA29-4be2-A0EF-72589D61BCD3}"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"BashIPCChannel"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"_IDataStoreMgr_"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"_ISPOCClient_"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"CommListener"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"_IEventServiceMgr_"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"MClientTask.{15F2F1FF-F37B-4673-BCAA-FEB6EB7FB72A}"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"{FEC3E60C-6AB6-4C7F-B7BA-22794EE4EF0F}"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"_buVssComm_"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"IPS_COMMAND_CHANNEL"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"_HSPlayerCommand_"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"{C4A09495-F6BC-4166-B717-F3F3250462BB}"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"{9BBA000F-092F-432f-B9DF-9D64FD1C2978}"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"FWAlert"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"AvProdSession_01"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"AvProdSession_Options_01"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"AvProdSession_MessageCenter_01"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"AvProdSession_Scanless_01"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"_buUIComm_S-1-5-21-2971913362-442856429-175217216-1001"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"{A1B48937-0778-4e7c-885B-271F65B485D2}"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"{D9D79767-CD29-487E-9729-730A5CA33689}"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"AvProdSession_IPUA_01"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"AvProdSession_CanIRun_01"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"clt::AlertChannel2_01"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_1"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"g_coUserCommandChannel_S-1-5-21-2971913362-442856429-175217216-1001"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"3171AE8E-C48D-4AFC-AF37-45011C17CBE6:Mom"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}1"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"TRUSTCHANNEL"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"SDKCHANNEL1"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"ToasterNotify\\SessionID_1"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"AVModule_ExclusionManager_{C6198C0B-693E-4CE5-BDED-C1C7ABE5E22C}"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"
"_ReputationSvcComm_ReputationPublisher"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
"ncw_reputation_scan_server_IPC"="{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{94A33893-82BD-4600-819B-F2587568B59D}"=""
"{B712CEDF-752C-4C63-8E71-BBDAB537FB01}"=""
"{0EFA4B44-BA56-495F-8666-D91B7C8CD867}"=""
"{4FAEDEC5-08D6-461E-841D-C14F3F46BFC3}"=""
"{9ECAD3CD-BBBA-4172-A5C5-D307CF08248B}"=""
"{3A71C465-DC05-4701-94D3-A20CB6C1CBBE}"=""
"{A4F554BE-C941-4F2E-9FCB-10F735AD3A47}"=""
"{6849AED3-8E7F-4E93-AF29-CD7E7C84EFE7}"=""
"{187222C7-4EF7-45C4-8352-CD56A9E5533F}"=""
"{7AB6BCE8-63D9-48BC-8057-7880CCA0A2B4}"=""
"{CF03194A-3B72-4412-8012-3D10A1E5B78C}"=""
"{A15BEA9F-D6ED-45D3-86D4-FFB03CED32D2}"=""
"{0F0D8911-5D6E-48EF-95EB-7051C9A7EF5C}"=""
"{111E0C64-9D50-46D6-BA5F-A4885F2E0582}"=""
"{CA717C99-6DB1-452B-AE66-52CF26F79DEC}"=""
"{96250B9A-27A8-4EE0-AD8D-96427F14218B}"=""
"{7AA006C4-ECF8-4A5B-ACCF-6390838F245A}"=""
"{62F38963-5E45-4F8C-9D61-E0E7C8865E93}"=""
"{C49C56C5-71EE-4302-8AF9-BAF8CDB5EF3C}"=""
"{85FDE8E8-3730-486F-9121-3EA448872C6D}"=""
"{02DBCDC9-BED2-4122-862B-622FF1677C95}"=""
"{AABCEB6F-BC8F-461D-841B-774EAA35D440}"=""
"{36770E41-D529-4821-BD68-C2DFDB3F994A}"=""
"{CD9BB0F4-CBFC-4C80-BB20-F4D8E11FD406}"=""
"{972C3B71-B76A-4A99-BD79-F538764F7D2A}"=""
"{AD16CA64-B918-4C1E-BF9A-25316F9D7192}"=""
"{4E942261-E4BE-462B-AFD7-1F20EEBED8DF}"=""
"{10918DE2-1057-4515-8B04-113FC030666B}"=""
"{CD725C11-D9C7-4F65-86A5-D819E96EC000}"=""
"{52CC1141-951D-41A2-9B0A-D296E9526A77}"=""
"{A2F591BD-C3D6-4448-B6B4-98E93619CE1D}"=""
"{1159EF98-B37C-4914-A9E7-B02A41ADF536}"=""
"{AFCCCB7F-FED4-4BAB-8E67-42655C884059}"=""
"{2C515F28-F808-4ACB-A359-93F61F29C321}"=""
"{8FA1DE6F-91E9-4A6E-BCCE-052080C6AC2F}"=""
"{09E21F44-5300-414F-A43D-3BC220473D12}"=""
"{40600C64-EE3F-491D-B259-62062E4B672F}"=""
"{18C16F44-D1BE-40FE-BDEB-E595B0D31922}"=""
"{AFC4FCF3-8841-42A5-9908-95B4A8AEF5DB}"=""
"{4750FF2E-3ACC-4818-9B4E-9134FF8F6A82}"=""
"{1B0FBFA9-7798-487C-B5A1-32F5721BCC15}"=""
"{7ABAEAAC-DDF0-473E-96CE-62399B0175EA}"=""
"{7AFC9308-8A97-4692-BA25-B8AA8D03AAE8}"=""
"{7045B692-3025-4AE0-AE87-9541E0F0F925}"=""
"{19A73366-6A52-41B1-9FA1-31EBF1FCDB38}"=""
"{22536853-2B78-4A64-889E-28ECB64ABF7F}"=""
"{9162803F-9090-4FEE-9E29-AD9A3400A68A}"=""
"{5FF0358F-F91E-4940-BBC2-277E748566A8}"=""
"{399D1D3E-A494-44C1-9D71-3F2025058174}"=""
"{52B98A5A-3DB8-48DE-8379-C7CB5D162786}"=""
"{E838B83E-66C8-4BBB-B722-69CD781CD6A7}"=""
"{88F248BA-AE8B-4DAC-88D9-55FE3C09DBE3}"=""
"{28012C05-6828-4447-B337-FE1548ACB8D7}"=""
"{1EC9B303-48F8-4D74-8028-AAEC06ADABEE}"=""
"{2BD71F37-D675-4089-AC6E-AE95FB7378DA}"=""
"{C9FDAD6F-1EB4-4CC2-8FD7-A42B560D1A9D}"=""
"{69B0CA58-97A4-46AE-A53D-41936AA6687E}"=""
"{F93740D8-F9AC-43EA-A506-609A3F04C6B2}"=""
"{0DCECFAD-E591-467C-8D6C-C4F195DB4244}"=""
"{245343EC-9AE6-4F02-8FBD-0B26ACF0F18D}"=""
"{CF95BAC7-320A-468D-BD9C-E1BD3E369555}"=""
"{06589572-FFF7-4F57-BC21-2E6A67FCD99F}"=""
"{D8650030-57C5-4A0F-BAF5-5E36FF00BEDD}"=""
"{1E8ECCC7-05B7-4E93-B520-25000C1C5C8A}"=""
"{6BEC8A4E-94F8-4E85-95FC-6BCFD57B60C7}"=""
"{D48D0FE3-D770-4D7C-9DD6-D92684463868}"=""
"{6BB07B65-CA2F-473B-A51D-2D1C1C1A1D09}"=""
"{F9E0409A-62A3-4BBD-AB8D-7844AE996CDC}"=""
"{DC51CE3F-9BBC-4ECC-BB66-ECCE57B298AB}"=""
"{76EDE90C-011A-47FE-9B43-6724D960E858}"=""
"{7A49A008-5C33-4A6F-8A6F-004C142BFF8E}"=""
"{75B4FDFF-7836-4744-8FA9-8CDCA2F11734}"=""
"{E8E31C12-B914-465A-9F47-9164CAB6E905}"=""
"{989E7BD4-0477-4134-BCF2-78D9872C3477}"=""
"{F62F6DB1-E4EF-4443-82B7-B4472E52150F}"=""
"{8EBA0C09-E7BF-467E-820C-CD0B30E7EEF5}"=""
"{791A3322-6F46-489F-9A4B-F6764E3ADF7F}"=""
"{3E3A5BE5-32A9-4E74-8B01-C9F3F9C267DB}"=""
"{232A21A4-BB23-4F2E-A755-3A201401CA0E}"=""
"{8687FD17-0C14-495A-884E-804B655CB67F}"=""
"{575F0EC0-3138-47A9-81C2-125E3D30C3F2}"=""
"{3E4D3C08-AA97-46F3-B053-EAA057AF17B0}"=""
"{A0113EB9-F3DC-42CF-87EB-0BEB88993E32}"=""
"{F4F89469-2128-4EC2-9C14-EDF348FB0EEB}"=""
"{B0EF5C4E-50C8-4AD1-A108-27232E2CBD70}"=""
"{CACBB9A3-9138-4026-940E-CE5120F7AC47}"=""
"{EC51D0CC-92E3-4B7B-A430-C9E451D19DAB}"=""
"{D1ED8E08-C954-4AD7-A2AC-9CD3FAF014AD}"=""
"{168C254A-F3A8-4D8D-9885-D35947BDD0C8}"=""
"{30CE9B9F-E2A2-41EC-968B-387FCF29714B}"=""
"{DCEFB2B3-CC38-4E6E-9FE3-5300A13D8F34}"=""
"{F901800F-98BD-45FE-A192-D5A296411753}"=""
"{1DBF7C08-B137-43F6-8CE6-902F7DB19AB0}"=""
"{AC2C6CE9-79E2-4A04-99B2-55A95E29FA97}"=""
"{AFFCC4B6-40E0-4168-9ECE-B0DB124CF439}"=""
"{9E4E9508-1532-4A5D-B44F-1A78690091F8}"=""
"{32E6D0BC-B9DA-44B5-85BF-7BA5669DE7A5}"=""
"{8C1AD3F4-033B-4775-8A1B-DF4861B886C0}"=""
"{7278382C-0B6D-4BBB-AE2C-087B40C40F59}"=""
"{E97CC7EB-0A28-4FE0-A9D7-D5B2DF1082F9}"=""
"{600970EF-8D78-42BD-BDC2-5413F2768FCA}"=""
"{BAA79C8A-6481-4612-BB6D-E44A93CA4FD5}"=""
"{ED013BE9-47D3-4449-8384-4E7D498D277E}"=""
"{2987FBBE-C442-47CC-96C7-A26969ABF6CF}"=""
"{7E008399-1EDA-4263-AFE3-5B7E9AB7867B}"=""
"{FF1F98AA-9343-466A-9E0B-9BE1CCD5DA57}"=""
"{E6CD0B83-9867-4788-ADFE-DB3FC631B0E7}"=""
"{FDB7AC86-EF26-41BE-9C77-F67F639B6573}"=""
"{E389B653-C01C-4AB7-8753-BC368FD62869}"=""
"{F5779BD0-9C34-435E-91DC-55EEECE7859B}"=""
"{C3E7D89B-94C2-43F6-BF4F-196BCC8C3E90}"=""
"{95455E8A-6F2C-45A6-B0A7-A0D9153134B0}"=""
"{1A39EBBD-680A-48B5-B850-A3CA18A57CBA}"=""
"{BFF08604-7D76-48E8-AA4B-C194FCC7B7C6}"=""
"{BD735C8A-F752-4D21-B29E-35A61A114FEB}"=""
"{24502503-0927-4294-85E1-155B38CFADCC}"=""
"{0DA45B9D-AD91-4682-96CF-EA6BB53CA2A5}"=""
"{7433E571-63EB-4468-9E7A-FEFB8042C8BD}"=""
"{18C218BD-CBDE-4B80-AE75-6F47C874E155}"=""
"{C5DB616A-5A42-4DBF-B6E5-69B30CDBFEA1}"=""
"{23BDE641-6DBC-4C32-B294-3EF25F50AA38}"=""
"{7A1811F8-D580-40C6-9FC7-EBB91B59D05A}"=""
"{01F02AF6-80CF-4AC4-A664-141EDEFC1383}"=""
"{0E0F84FB-A1ED-434C-95D1-EE3445E99ADB}"=""
"{4BF3FCCE-1769-419E-81AF-288027CB47C2}"=""
"{3B12B3B1-D85C-4006-A959-DCCC50BB8B4B}"=""
"{003B2748-98A4-4D41-A292-217681AB7B59}"=""
"{49B390A2-E55E-4301-8EAD-4AD599A33A3A}"=""
"{A4D0FC22-8C4B-4525-8B52-162A2A1E3898}"=""
"{0A145E00-07EF-4F04-8F73-8F42D23FA564}"=""
"{A23FEB06-9A21-49E4-BDC0-5212E92AA332}"=""
"{2EFAF1AF-F2C6-4817-ACF1-EB2B7741BD91}"=""
"{D9E5F369-E34C-4EEA-8FB6-8C58EC9363D7}"=""
"{9822EECB-34BD-44D5-901D-CDFD4A196FB2}"=""
"{FFA8580B-38BA-454A-B1F7-49ACA25F982E}"=""
"{3FC4F6F7-447C-4ED9-9260-8D2FF47AA561}"=""
"{68FE975F-9CE9-474B-8385-9B5D006D1C1B}"=""
"{57B01AA0-7CB9-4FC9-A8BD-4E6847AABA60}"=""
"{D7AF13B7-45C2-438B-B283-AD054C0E4312}"=""
"{AFAA52CF-ABB2-4259-86E2-1320784A240E}"=""
"{4D9400B5-1C18-47D7-A46A-36FAD19A5B16}"=""
"{7348470F-C170-406C-8602-B03329D2D95A}"=""
"{2FE4C51C-1B2F-4D16-BA89-F27FD8729804}"=""
"{089D0EC5-F08B-4133-9F6B-6879000AFA75}"=""
"{EC8CD06E-8443-4B86-835E-F1D2A3D403A5}"=""
"{154945EB-F7F9-4164-8EFD-F5FDF7BE582C}"=""
"{A43D1B9E-CD07-4C54-ACA6-E282E7A684E6}"=""
"{B35FA860-E600-4CA0-90B9-038B38607D80}"=""
"{B949B926-086A-4F0F-B680-C23B1E99F84F}"=""
"{32A7E3CD-72EF-41CB-9F43-5BC8B9F962E4}"=""
"{6C672E7D-3A96-4945-93AA-3C564018D657}"=""
"{3D686B59-4EEB-42A7-951A-E56DA7985E27}"=""
"{F538B4A1-EE0A-4DEF-94A0-8458DFFBCD7D}"=""
"{5FFC25A5-5441-4116-B869-8CC6C143B76D}"=""
"{BEAAB2CF-D36D-4D7A-AEDD-F9365A14C9D4}"=""
"{49223A2F-8D5A-4D18-93FA-CBD8E9A7FDA5}"=""
"{1A1DC34B-ED95-40C7-9D34-553C9F1EB676}"=""
"{B294B4E4-9FF9-495E-ABCD-949498974E60}"=""
"{4FAB9C0C-0C05-41A9-96A2-CC7EA8E22254}"=""
"{34CA752B-844B-410A-AE8D-5E11BB03DE5E}"=""
"{3424DF1D-8C34-426D-A99E-468E677155E9}"=""
"{2752ADA4-48DA-4E9B-B9E6-6D97DA0D6AB5}"=""
"{C4328E17-E7CA-4DC3-A4C8-80DE11C6D51D}"=""
"{AFED8EC7-9BBB-41E0-A71C-964F4D1444D6}"=""
"{F348C5A4-8CA2-47B1-AE1B-3933D19D7610}"=""
"{EF08487F-F77F-4ED8-9828-F793A8061DC5}"=""
"{75028AAB-7324-4B76-82F3-DDA6BE251572}"=""
"{F4EF9888-7A77-4CBD-9F0C-0D224829316F}"=""
"{62885957-BE2C-4A17-BC65-F953E0760B5A}"=""
"{45859C85-CD78-44C2-BC8D-FBBD26EA39A4}"=""
"{ABCBC8B8-2154-4A29-8BC1-51769D6283B6}"=""
"{307B771C-B8D7-436C-B031-6E1039CA16A7}"=""
"{0DFBB768-19C0-46BE-8DAA-5BE90668FCA0}"=""
"{3AACEEF0-402B-4B46-8802-00E60A68EDE5}"=""
"{F9A13532-593B-4245-A344-54E1F16C7B2D}"=""
"{71DBE2C5-6AAB-45C9-BB8F-39B31569871F}"=""
"{D030CD51-5435-4DED-88A9-850AD5242A97}"=""
"{1C48A068-5110-401D-9102-3A056E9BEC2E}"=""
"{C9CF8CD2-5A39-4770-B562-067BB8999A12}"=""
"{53D3E7A8-576A-4097-8E38-A1C84DE28B7E}"=""
"{83B27767-F06D-4AE6-B6A6-8EFEE4BA40D4}"=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{170fa89a-6886-4c9e-b17b-12bccdd80788}\Common Client\ccIPC]
@Denied: (C D) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{170fa89a-6886-4c9e-b17b-12bccdd80788}\Common Client\ccIPC\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_UserSession_4844"="{D8930314-2D52-4005-9A17-68EDE037D044}"
"ccSvcHst_UserSession_3672"="{258FCD26-C4D3-4D4A-8CA0-651B03D243C0}"
"ccSvcHst_PCCUJobMgr"="{035F844F-1F5D-499F-906D-7CB7414F1FEF}"
"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{035F844F-1F5D-499F-906D-7CB7414F1FEF}"
"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{035F844F-1F5D-499F-906D-7CB7414F1FEF}"
"ccSettingsService"="{035F844F-1F5D-499F-906D-7CB7414F1FEF}"
"ccSvcHst_UserSession_4412"="{14DB3353-9D9A-47C8-B963-FD56963B87E5}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{170fa89a-6886-4c9e-b17b-12bccdd80788}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{B38BE355-04BE-4977-895C-AED6D4B7CA56}"=""
"{D8930314-2D52-4005-9A17-68EDE037D044}"=""
"{035F844F-1F5D-499F-906D-7CB7414F1FEF}"=""
"{14DB3353-9D9A-47C8-B963-FD56963B87E5}"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Completion time: 2013-09-22 00:28:18
ComboFix-quarantined-files.txt 2013-09-22 04:28
ComboFix2.txt 2013-09-22 01:32
.
Pre-Run: 426,302,742,528 bytes free
Post-Run: 426,241,777,664 bytes free
.
- - End Of File - - 5CD2117C974A37A1245E7EBF8CBDA18B
  • 0

#9
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Nsomniak

I want you to reset firefox back to defaults, this will remove everything from Firefox

I will let you keep your bookmarks so to do that you can go here - Export BookMarks

Now to reset firefox do the following.

  • At the top of the Firefox window, click the "Firefox" button,
  • go over to the "Help" sub-menu
    • (on Windows XP, click the Help menu at the top of the Firefox window) and select "Troubleshooting Information".
  • Click the "Reset Firefox" button in the upper-right corner of the Troubleshooting Information page.
  • click "Reset Firefox" in the confirmation window that opens.
  • Firefox will close and be reset. When it's done. Click "Finish" and Firefox will open.

restart the computer and check firefox for me now

Gringo
  • 0

#10
Nsomniak

Nsomniak

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Ok, so I reset Firefox and and I haven't seen any pop-ups yet. Is there anything else that I need to do? Your help has been greatly appreciated!
  • 0

Advertisements


#11
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Nsomniak

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0

#12
Nsomniak

Nsomniak

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
This is the next report:

µTorrent
7-zip v9.20
Adobe AIR
Adobe Digital Editions
Adobe Digital Editions 2.0
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.8) MUI
Adobe Shockwave Player 11.6
Alan Wake
Alan Wake's American Nightmare
Amazon Cloud Drive
Amazon Kindle
Amazon MP3 Downloader 1.0.17
Amnesia: The Dark Descent
AnswerWorks 5.0 English Runtime
AnyDVD
Apple Application Support
Apple Software Update
Back to the Future: Ep 1 - It's About Time
Back to the Future: Ep 2 - Get Tannen!
Back to the Future: Ep 3 - Citizen Brown
Back to the Future: Ep 4 - Double Visions
Back to the Future: Ep 5 - OUTATIME
Bejeweled 3
Big Fish: Game Manager
Blackhawk Striker 2
Borderlands
Botanicula
calibre
Capsule
Catan - Cities and Knights
Chuzzle Deluxe
CloneCD
CloneDVD2
Community Clips from Microsoft Office Labs
Coupon Printer for Windows
Cradle of Rome 2
CyberLink PowerDVD
CyberLink YouCam
D3DX10
DAEMON Tools Lite
DivX Setup
Dora's World Adventure
Dungeon Defenders
DVD Shrink 3.2
DVDFab 8.1.9.8 (27/07/2012) Qt
EPSON Scan
ESU for Microsoft Windows 7 SP1
Evernote v. 4.6
EZ Fonts
Faerie Solitaire
Farm Frenzy
Farmscapes
FATE
Final Drive Fury
Fishdom 3 Platinum Edition
GameFly
Google Chrome
Google Drive
Hector: Ep 1
Hector: Ep 2
Hector: Ep 3
Hewlett-Packard ACLM.NET v1.2.1.1
Hotline Miami version v1.0
Hoyle Card Games
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MovieStore
HP On Screen Display
HP Power Manager
HP Product Detection
HP Quick Launch
HP Quick Start
HP Recovery Manager
HP Setup
HP Setup Manager
HP SimplePass
HP Software Framework
HP Support Assistant
HP Wireless Button Driver
IDT Audio
ImgBurn
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® WiDi
Intel® PROSet/Wireless Software
Java 7 Update 25
Java Auto Updater
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
John Deere Drive Green
Junk Mail filter update
Kindle DRM Removal
LastPass(uninstall only)
LeapFrog Connect
LeapFrog LeapPad Explorer Plugin
Letters from Nowhere 2
Little Inferno
Little Inferno 1.2
Luxor HD
Mah Jong Medley
Mesh Runtime
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyFreeCodec
Myibidder Auction Bid Sniper for eBay 1.1.4
NexusFont 2.5 (ver 2.5.8.1582)
Norton PC Checkup
Norton Security Suite
NVIDIA PhysX
OpenAL
OpenOffice.org 3.4
opensource
OverDrive Media Console
Penguins!
PhotoScape
Picasa 3
Plants vs. Zombies - Game of the Year
Plants vs. Zombies: Game of the Year
PlayReady PC Runtime x86
Poker Night at the Inventory
Poker Superstars III
Polar Bowler
Polar Golfer
Puzzle Agent
Puzzle Agent 2
Quicken 2009
QuickTime
Rapport
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RollerCoaster Tycoon 3: Platinum
Rosetta Stone Ltd Services
Rosetta Stone TOTALe
Sam & Max 301: The Penal Zone
Sam & Max 302: The Tomb of Sammun-Mak
Sam & Max 303: They Stole Max's Brain!
Sam & Max 304: Beyond the Alley of the Dolls
Sam & Max 305: The City that Dares not Sleep
SAMSUNG PC Share Manager
Samsung Story Album Viewer
Skeleton Pirates
Skype™ 5.10
smart-e-software 0.6.8.3 (20090310)
Stamps.com
Stargunner
Steam
swMSM
The Elder Scrolls IV: Oblivion
The Secret of Monkey Island: Special Edition
The Treasures of Mystery Island: The Ghost Ship
The Walking Dead
Thomas Was Alone
Ticket to Ride
Torchlight
Torrent Opener
Trusteer Endpoint Protection
Unity Web Player
Update Installer for WildTangent Games App
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin)
VC80CRTRedist - 8.0.50727.6195
Virtual Villagers 4 - The Tree of Life
VLC media player 2.0.8
Wallace & Gromit Ep 1: Fright of the Bumblebees
Wallace & Gromit Ep 2: The Last Resort
Wallace & Gromit Ep 3: Muzzled!
Wallace & Gromit Ep 4: The Bogey Man
WeatherBug
WildTangent Games App (HP Games)
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
ZENcast Organizer
Zuma's Revenge
  • 0

#13
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
USAToday
infoworld



These logs are looking allot better. But we still have some work to do.


uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (it does allot better of a job

Programs to remove


µTorrent
Adobe Reader X (10.1.8) MUI
Coupon Printer for Windows
Java 7 Update 25
WeatherBug


[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.


Update Adobe reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com.../readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

Note: When installing FoxitReader, be careful not to install anything to do with AskBar.
[/list]


Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.


: Malwarebytes' Anti-Malware :

  • Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.




Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic




"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

  • 0

#14
Nsomniak

Nsomniak

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
I am still working on your last request. Please be patient because I homeschool my children and it takes up most of my day. Thank you for understanding.
  • 0

#15
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
No problem and I will see you when you are ready


gringo
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP