Suspicious ads and page pop ups
Started by
DawnsShadow
, Jan 24 2014 04:19 PM
#1
Posted 24 January 2014 - 04:19 PM
DawnsShadow
-
- Member
-
- 24 posts
Member
#2
Posted 24 January 2014 - 06:14 PM
zep516
-
- Malware Removal
-
- 8,090 posts
Trusted Helper
Hi! My name is zep516 and Welcome to geekstogo
I'll do the best I can to resolve your computer issue
Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue. Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!
First
Please download OTL to your Desktop
I'll do the best I can to resolve your computer issue
Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue. Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!
First
Please download OTL to your Desktop
- Double click on the
to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it. - Make sure all other windows are closed and to let it run uninterrupted.
- Click the Scan All Users checkbox
and - Check the option for All under the Extra Registry section
- Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic
- OTL.txt <-- Will be opened, maximized
- Extras.txt <-- Will be minimized on task bar.
Edited by zep516, 24 January 2014 - 06:16 PM.
#3
Posted 24 January 2014 - 07:45 PM
DawnsShadow
- Topic Starter
-
- Member
-
- 24 posts
Member
OTL logfile created on: 1/24/2014 8:21:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dawn\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: MM/dd/yyyy
7.68 Gb Total Physical Memory | 3.53 Gb Available Physical Memory | 46.03% Memory free
15.35 Gb Paging File | 9.95 Gb Available in Paging File | 64.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.07 Gb Total Space | 35.40 Gb Free Space | 6.12% Space Free | Partition Type: NTFS
Drive D: | 14.87 Gb Total Space | 7.48 Gb Free Space | 50.30% Space Free | Partition Type: FAT32
Drive E: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: DAWN-PC | User Name: Dawn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2014/01/24 20:19:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dawn\Downloads\OTL.exe
PRC - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2013/12/19 23:06:39 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/12/11 22:35:04 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 14:56:54 | 005,537,136 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/18 15:14:52 | 000,297,560 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/12/05 07:34:56 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2010/12/03 09:49:40 | 000,083,792 | R--- | M] (Storage Appliance Corp.) -- C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe
PRC - [2010/10/27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/06/03 14:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) -- C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/03/07 21:36:42 | 004,204,400 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
PRC - [2010/03/07 21:36:28 | 003,577,712 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
PRC - [2010/03/07 21:36:24 | 003,456,880 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2010/03/07 21:35:54 | 003,367,792 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
PRC - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 22:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/03 08:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/03/03 08:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/03/03 08:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/02/09 13:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2010/02/01 13:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/13 12:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009/12/24 20:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009/12/24 20:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
========== Modules (No Company Name) ==========
MOD - [2013/12/19 23:06:39 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/12/11 22:35:03 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013/02/19 23:26:20 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\22c60ca3c2b18e041ebff2578c90cba3\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/02/19 23:26:19 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\62d047ff6c2865139d95eb19545b1cc6\SMDiagnostics.ni.dll
MOD - [2013/02/19 23:26:18 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\48ee0e1de873152ec7e85d7456c1cc09\System.Runtime.Serialization.ni.dll
MOD - [2013/02/19 16:56:55 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a00aab40bdf5aed84b4d4294965cf20d\System.Web.ni.dll
MOD - [2013/02/19 16:56:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll
MOD - [2013/02/19 16:56:44 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll
MOD - [2013/02/19 16:56:40 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll
MOD - [2013/02/19 16:56:36 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013/02/19 16:56:27 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013/02/19 16:56:06 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
MOD - [2013/02/19 16:56:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013/02/19 16:56:00 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013/02/19 16:55:52 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2013/02/18 16:58:00 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll
MOD - [2013/02/18 16:57:55 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb72ac8478a5ea7e2d570bb710ecb1c1\System.Configuration.ni.dll
MOD - [2013/02/18 16:57:52 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll
MOD - [2013/02/18 16:57:42 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll
MOD - [2013/02/18 16:57:35 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
MOD - [2013/01/24 06:25:02 | 001,044,480 | ---- | M] () -- c:\Program Files (x86)\WebSearch\sprotector.dll
MOD - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/01/13 12:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/05/20 01:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/20 18:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/10 11:36:42 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/11/02 14:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/02/12 03:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2013/12/11 22:35:05 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/10/08 07:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2013/07/01 14:42:02 | 004,569,856 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/12/05 07:34:56 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/12/03 09:49:40 | 000,083,792 | R--- | M] (Storage Appliance Corp.) [Auto | Running] -- C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe -- (CFUACProxy_hddv2usb3)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/06/03 14:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe -- (RogersSelfHelpService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/03/07 21:36:24 | 003,456,880 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/03 08:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/01 13:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/11/09 12:00:12 | 000,169,936 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe -- (RogersUpdateManager)
SRV - [2009/10/09 21:59:08 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/11/01 14:07:04 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/09/26 22:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013/09/26 21:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/26 21:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/09/25 22:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/09/25 21:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 21:47:43 | 000,078,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2013/09/09 21:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/09/09 20:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/02/12 09:02:24 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/09/19 09:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 09:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/25 12:57:50 | 000,030,720 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/12/19 23:32:45 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011/12/19 23:32:44 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011/09/15 06:02:40 | 000,036,656 | ---- | M] (Egis Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/04/20 20:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/20 17:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/20 17:08:04 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/04/14 05:39:40 | 000,315,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/07 15:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/01 03:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/03/05 01:38:20 | 000,075,624 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)
DRV:64bit: - [2010/03/03 21:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/18 02:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/01/11 05:48:00 | 000,050,976 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR)
DRV:64bit: - [2010/01/06 08:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 14:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/09 21:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/31 17:36:18 | 000,006,656 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidshim.sys -- (hidshim)
DRV:64bit: - [2009/08/31 17:36:16 | 000,026,624 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvotonhidcir.sys -- (nuvotonhidcir)
DRV:64bit: - [2009/08/31 15:45:20 | 000,068,096 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotonir.sys -- (nuvotonir)
DRV:64bit: - [2009/08/31 14:42:04 | 000,048,128 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotoncir.sys -- (nuvotoncir)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 21:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 21:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 21:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/05 03:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 03:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/12/17 19:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131218.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/12/13 08:53:29 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140106.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/12/11 05:19:07 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140107.001\ex64.sys -- (NAVEX15)
DRV - [2013/12/11 05:19:07 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/12/11 05:19:07 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/12/11 05:19:07 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140107.001\eng64.sys -- (NAVENG)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...03z195t56n1l461
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur...794&lg=EN&cc=CA
IE - HKLM\..\SearchScopes,DefaultScope = {AB384A20-ECD2-4B40-B4B3-619FE39ACD23}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AB384A20-ECD2-4B40-B4B3-619FE39ACD23}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.pur...794&lg=EN&cc=CA
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.ca...AW_enCA398CA398
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...AW_enCA398CA398
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{AB384A20-ECD2-4B40-B4B3-619FE39ACD23}: "URL" = http://www.google.ca...AW_enCA398CA398
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{BDFCC79C-1038-46B4-BE6D-1E36044D02A1}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Privitize VPN"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaulturl: "http://websearch.pur...N&cc=CA&l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: firefox%40mega.co.nz:1.0.3
FF - prefs.js..extensions.enabledAddons: isreaditlater%40ideashower.com:3.0.4
FF - prefs.js..extensions.enabledAddons: pinterest%40robertnyman.com:1.1
FF - prefs.js..extensions.enabledAddons: %7Bdd3d7613-0246-469d-bc65-2a3cc1668adc%7D:1.1.8
FF - prefs.js..extensions.enabledAddons: client%40anonymox.net:2.1.1
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.4.5%20-%201
FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..keyword.URL: "http://websearch.pur...N&cc=CA&l=1&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/01/03 20:06:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/11/02 01:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/19 23:06:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/03 20:21:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/19 23:06:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/03 20:21:24 | 000,000,000 | ---D | M]
[2012/03/10 18:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions
[2012/01/04 12:42:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/03/10 18:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/01/20 21:40:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions
[2014/01/01 19:45:40 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/12/21 21:55:09 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/06/27 11:00:10 | 000,000,000 | ---D | M] (Pocket) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/11/23 00:02:48 | 000,000,000 | ---D | M] (Slick Savings) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2011/03/20 17:43:17 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/11/23 00:06:32 | 000,000,000 | ---D | M] (YoutubeAdblocker) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/03 20:25:25 | 000,355,782 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/16 00:20:13 | 001,267,418 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/03/22 09:32:40 | 000,004,366 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/12/04 20:10:17 | 000,018,590 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/03 19:04:33 | 000,011,318 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi
[2014/01/10 11:26:18 | 000,007,641 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[2014/01/20 21:40:22 | 000,287,587 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/03/20 23:37:30 | 000,002,090 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\Searchou.xml
[2012/11/25 02:49:47 | 000,003,915 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\sweetim.xml
[2013/11/23 00:08:03 | 000,007,838 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\WebSearch.xml
[2013/11/22 23:39:34 | 000,000,905 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\yahoo_ff.xml
[2013/12/19 23:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/19 23:06:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/02 01:23:01 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
[2012/12/06 18:22:25 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
O1 HOSTS File: ([2012/07/31 15:01:33 | 000,000,872 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 192.168.142.1 APP01
O1 - Hosts: 192.168.0.200 SDS-srv2008
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001..\Run: [Akamai NetSession Interface] C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanne..._IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39E48105-21F8-418C-8275-9614EA130AE0}: DhcpNameServer = 192.168.0.1 192.168.142.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81786BD6-2FE3-4552-9B04-4CCED78A4511}: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91985F56-65F5-4E3E-AFF0-0F1DE39ECF5D}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D154A320-F2DD-4615-ADD0-26AF1F504DEA}: DhcpNameServer = 64.71.255.204 64.71.255.198
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\websea~1\sprote~1.dll) - c:\Program Files (x86)\WebSearch\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\StartClickfreeBackup.exe
O33 - MountPoints2\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\Startme.exe
O33 - MountPoints2\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true
O33 - MountPoints2\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\StartClickFreeBackup.exe
O33 - MountPoints2\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true
O33 - MountPoints2\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true
O33 - MountPoints2\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\Shell\AutoRun\command - "" = F:\StartClickfreeBackup.exe
O33 - MountPoints2\{d5778093-1864-11e1-88b0-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{d5778093-1864-11e1-88b0-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\Startme.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/24 19:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Nalpeiron
[2014/01/24 19:36:45 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/01/24 19:36:40 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/01/03 20:20:47 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Documents\Misc stuff from desktop
[2014/01/03 19:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/01/24 20:20:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/24 20:15:02 | 005,430,312 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/24 20:15:02 | 002,540,036 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/24 20:15:02 | 000,006,434 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/24 20:12:34 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/24 20:12:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/24 19:40:25 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/01/24 15:45:58 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/01/21 22:11:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/21 22:11:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/21 21:56:56 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/01/21 21:54:43 | 1886,769,151 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/21 20:59:58 | 004,974,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/20 13:32:26 | 000,023,663 | ---- | M] () -- C:\Users\Dawn\Desktop\Capture LR.JPG
[2014/01/18 21:35:06 | 000,109,323 | ---- | M] () -- C:\Users\Dawn\Desktop\Large_.jpeg
[2014/01/18 19:01:17 | 001,656,964 | ---- | M] () -- C:\Users\Dawn\Desktop\maternity.psd
[2014/01/18 18:59:35 | 000,201,767 | ---- | M] () -- C:\Users\Dawn\Desktop\maternity.jpg
[2014/01/18 18:52:57 | 000,048,195 | ---- | M] () -- C:\Users\Dawn\Desktop\1517418_10153714307425293_1429156455_n.jpg
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/01/24 19:40:25 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/01/20 13:32:22 | 000,023,663 | ---- | C] () -- C:\Users\Dawn\Desktop\Capture LR.JPG
[2014/01/18 21:35:05 | 000,109,323 | ---- | C] () -- C:\Users\Dawn\Desktop\Large_.jpeg
[2014/01/18 18:59:32 | 000,201,767 | ---- | C] () -- C:\Users\Dawn\Desktop\maternity.jpg
[2014/01/18 18:58:36 | 001,656,964 | ---- | C] () -- C:\Users\Dawn\Desktop\maternity.psd
[2014/01/18 18:52:56 | 000,048,195 | ---- | C] () -- C:\Users\Dawn\Desktop\1517418_10153714307425293_1429156455_n.jpg
[2013/08/06 21:11:51 | 000,000,182 | ---- | C] () -- C:\Windows\wininit.ini
[2013/05/12 20:28:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2013/02/27 00:02:14 | 000,004,509 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\CamStudio.cfg
[2013/01/09 00:31:48 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2012/12/06 02:50:07 | 000,000,132 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/11/04 00:45:34 | 000,003,072 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Photobook Designer Prefsv3
[2012/10/24 22:41:23 | 000,000,132 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012/10/20 12:58:49 | 000,000,218 | ---- | C] () -- C:\Users\Dawn\.recently-used.xbel
[2012/08/21 14:18:20 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2012/08/21 14:18:08 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\hpcc3130.dll
[2012/08/16 10:52:35 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/08/16 10:52:35 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/08/09 10:57:42 | 000,103,272 | ---- | C] () -- C:\Users\Dawn\GoToAssistDownloadHelper.exe
[2012/08/08 18:26:55 | 000,060,304 | ---- | C] () -- C:\Users\Dawn\g2mdlhlpx.exe
[2012/06/28 22:04:29 | 000,006,416 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/27 01:01:21 | 000,000,126 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/08/18 23:08:00 | 000,865,117 | ---- | C] () -- C:\Users\Dawn\AppData\Local\census.cache
[2011/08/18 23:06:42 | 000,131,064 | ---- | C] () -- C:\Users\Dawn\AppData\Local\ars.cache
[2011/08/18 22:19:52 | 000,000,036 | ---- | C] () -- C:\Users\Dawn\AppData\Local\housecall.guid.cache
[2011/06/19 23:35:23 | 000,001,456 | ---- | C] () -- C:\Users\Dawn\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/06/07 16:53:41 | 000,001,940 | ---- | C] () -- C:\Users\Dawn\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/29 10:38:57 | 000,007,618 | ---- | C] () -- C:\Users\Dawn\AppData\Local\resmon.resmoncfg
[2011/05/16 11:34:11 | 000,002,736 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\wklnhst.dat
[2010/12/24 00:25:38 | 000,004,982 | ---- | C] () -- C:\ProgramData\xjrxrpty.cte
[2010/12/24 00:25:37 | 000,004,983 | ---- | C] () -- C:\ProgramData\pyknfeyt.slj
[2010/12/03 11:55:20 | 000,061,440 | ---- | C] () -- C:\Users\Dawn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 320 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:7631EA83
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dawn\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: MM/dd/yyyy
7.68 Gb Total Physical Memory | 3.53 Gb Available Physical Memory | 46.03% Memory free
15.35 Gb Paging File | 9.95 Gb Available in Paging File | 64.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.07 Gb Total Space | 35.40 Gb Free Space | 6.12% Space Free | Partition Type: NTFS
Drive D: | 14.87 Gb Total Space | 7.48 Gb Free Space | 50.30% Space Free | Partition Type: FAT32
Drive E: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: DAWN-PC | User Name: Dawn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2014/01/24 20:19:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dawn\Downloads\OTL.exe
PRC - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2013/12/19 23:06:39 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/12/11 22:35:04 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 14:56:54 | 005,537,136 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/18 15:14:52 | 000,297,560 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/12/05 07:34:56 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2010/12/03 09:49:40 | 000,083,792 | R--- | M] (Storage Appliance Corp.) -- C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe
PRC - [2010/10/27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/06/03 14:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) -- C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/03/07 21:36:42 | 004,204,400 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
PRC - [2010/03/07 21:36:28 | 003,577,712 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
PRC - [2010/03/07 21:36:24 | 003,456,880 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2010/03/07 21:35:54 | 003,367,792 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
PRC - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 22:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/03 08:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/03/03 08:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/03/03 08:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/02/09 13:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2010/02/01 13:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/01/13 12:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009/12/24 20:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009/12/24 20:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
========== Modules (No Company Name) ==========
MOD - [2013/12/19 23:06:39 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/12/11 22:35:03 | 016,242,056 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013/02/19 23:26:20 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\22c60ca3c2b18e041ebff2578c90cba3\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/02/19 23:26:19 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\62d047ff6c2865139d95eb19545b1cc6\SMDiagnostics.ni.dll
MOD - [2013/02/19 23:26:18 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\48ee0e1de873152ec7e85d7456c1cc09\System.Runtime.Serialization.ni.dll
MOD - [2013/02/19 16:56:55 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a00aab40bdf5aed84b4d4294965cf20d\System.Web.ni.dll
MOD - [2013/02/19 16:56:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll
MOD - [2013/02/19 16:56:44 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll
MOD - [2013/02/19 16:56:40 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll
MOD - [2013/02/19 16:56:36 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013/02/19 16:56:27 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013/02/19 16:56:06 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
MOD - [2013/02/19 16:56:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013/02/19 16:56:00 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013/02/19 16:55:52 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2013/02/18 16:58:00 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll
MOD - [2013/02/18 16:57:55 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb72ac8478a5ea7e2d570bb710ecb1c1\System.Configuration.ni.dll
MOD - [2013/02/18 16:57:52 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll
MOD - [2013/02/18 16:57:42 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll
MOD - [2013/02/18 16:57:35 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
MOD - [2013/01/24 06:25:02 | 001,044,480 | ---- | M] () -- c:\Program Files (x86)\WebSearch\sprotector.dll
MOD - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/01/13 12:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/05/20 01:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/20 18:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/10 11:36:42 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/11/02 14:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/02/12 03:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2013/12/11 22:35:05 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/10/08 07:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2013/07/01 14:42:02 | 004,569,856 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/12/05 07:34:56 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/12/03 09:49:40 | 000,083,792 | R--- | M] (Storage Appliance Corp.) [Auto | Running] -- C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe -- (CFUACProxy_hddv2usb3)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/06/03 14:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe -- (RogersSelfHelpService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/03/07 21:36:24 | 003,456,880 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/03 08:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/01 13:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/11/09 12:00:12 | 000,169,936 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe -- (RogersUpdateManager)
SRV - [2009/10/09 21:59:08 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/11/01 14:07:04 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/09/26 22:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013/09/26 21:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/26 21:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/09/25 22:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/09/25 21:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 21:47:43 | 000,078,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2013/09/09 21:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/09/09 20:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/02/12 09:02:24 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/09/19 09:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 09:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/25 12:57:50 | 000,030,720 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/12/19 23:32:45 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011/12/19 23:32:44 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011/09/15 06:02:40 | 000,036,656 | ---- | M] (Egis Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/04/20 20:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/20 17:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/20 17:08:04 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/04/14 05:39:40 | 000,315,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/07 15:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/01 03:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/03/05 01:38:20 | 000,075,624 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)
DRV:64bit: - [2010/03/03 21:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/18 02:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/01/11 05:48:00 | 000,050,976 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR)
DRV:64bit: - [2010/01/06 08:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 14:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/09 21:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/31 17:36:18 | 000,006,656 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidshim.sys -- (hidshim)
DRV:64bit: - [2009/08/31 17:36:16 | 000,026,624 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvotonhidcir.sys -- (nuvotonhidcir)
DRV:64bit: - [2009/08/31 15:45:20 | 000,068,096 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotonir.sys -- (nuvotonir)
DRV:64bit: - [2009/08/31 14:42:04 | 000,048,128 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotoncir.sys -- (nuvotoncir)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 21:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 21:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 21:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/05 03:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 03:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/12/17 19:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131218.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/12/13 08:53:29 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140106.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/12/11 05:19:07 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140107.001\ex64.sys -- (NAVEX15)
DRV - [2013/12/11 05:19:07 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/12/11 05:19:07 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/12/11 05:19:07 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140107.001\eng64.sys -- (NAVENG)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...03z195t56n1l461
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur...794&lg=EN&cc=CA
IE - HKLM\..\SearchScopes,DefaultScope = {AB384A20-ECD2-4B40-B4B3-619FE39ACD23}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AB384A20-ECD2-4B40-B4B3-619FE39ACD23}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.pur...794&lg=EN&cc=CA
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.ca...AW_enCA398CA398
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...AW_enCA398CA398
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{AB384A20-ECD2-4B40-B4B3-619FE39ACD23}: "URL" = http://www.google.ca...AW_enCA398CA398
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\SearchScopes\{BDFCC79C-1038-46B4-BE6D-1E36044D02A1}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Privitize VPN"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaulturl: "http://websearch.pur...N&cc=CA&l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: firefox%40mega.co.nz:1.0.3
FF - prefs.js..extensions.enabledAddons: isreaditlater%40ideashower.com:3.0.4
FF - prefs.js..extensions.enabledAddons: pinterest%40robertnyman.com:1.1
FF - prefs.js..extensions.enabledAddons: %7Bdd3d7613-0246-469d-bc65-2a3cc1668adc%7D:1.1.8
FF - prefs.js..extensions.enabledAddons: client%40anonymox.net:2.1.1
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:12.0.4.5%20-%201
FF - prefs.js..extensions.enabledAddons: %7B58d2a791-6199-482f-a9aa-9b725ec61362%7D:2.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..keyword.URL: "http://websearch.pur...N&cc=CA&l=1&q="
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/01/03 20:06:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/11/02 01:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/19 23:06:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/03 20:21:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/19 23:06:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/03 20:21:24 | 000,000,000 | ---D | M]
[2012/03/10 18:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions
[2012/01/04 12:42:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/03/10 18:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/01/20 21:40:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions
[2014/01/01 19:45:40 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/12/21 21:55:09 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/06/27 11:00:10 | 000,000,000 | ---D | M] (Pocket) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/11/23 00:02:48 | 000,000,000 | ---D | M] (Slick Savings) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2011/03/20 17:43:17 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/11/23 00:06:32 | 000,000,000 | ---D | M] (YoutubeAdblocker) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/03 20:25:25 | 000,355,782 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/16 00:20:13 | 001,267,418 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/03/22 09:32:40 | 000,004,366 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/12/04 20:10:17 | 000,018,590 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/03 19:04:33 | 000,011,318 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi
[2014/01/10 11:26:18 | 000,007,641 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[2014/01/20 21:40:22 | 000,287,587 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/03/20 23:37:30 | 000,002,090 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\Searchou.xml
[2012/11/25 02:49:47 | 000,003,915 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\sweetim.xml
[2013/11/23 00:08:03 | 000,007,838 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\WebSearch.xml
[2013/11/22 23:39:34 | 000,000,905 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\yahoo_ff.xml
[2013/12/19 23:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/19 23:06:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/02 01:23:01 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
[2012/12/06 18:22:25 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
O1 HOSTS File: ([2012/07/31 15:01:33 | 000,000,872 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 192.168.142.1 APP01
O1 - Hosts: 192.168.0.200 SDS-srv2008
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001..\Run: [Akamai NetSession Interface] C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanne..._IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39E48105-21F8-418C-8275-9614EA130AE0}: DhcpNameServer = 192.168.0.1 192.168.142.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81786BD6-2FE3-4552-9B04-4CCED78A4511}: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91985F56-65F5-4E3E-AFF0-0F1DE39ECF5D}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D154A320-F2DD-4615-ADD0-26AF1F504DEA}: DhcpNameServer = 64.71.255.204 64.71.255.198
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\websea~1\sprote~1.dll) - c:\Program Files (x86)\WebSearch\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\StartClickfreeBackup.exe
O33 - MountPoints2\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\Startme.exe
O33 - MountPoints2\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true
O33 - MountPoints2\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\StartClickFreeBackup.exe
O33 - MountPoints2\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true
O33 - MountPoints2\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true
O33 - MountPoints2\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\Shell\AutoRun\command - "" = F:\StartClickfreeBackup.exe
O33 - MountPoints2\{d5778093-1864-11e1-88b0-c80aa9b11f16}\Shell - "" = AutoRun
O33 - MountPoints2\{d5778093-1864-11e1-88b0-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\Startme.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\unlock.exe autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/24 19:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Nalpeiron
[2014/01/24 19:36:45 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/01/24 19:36:40 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/01/03 20:20:47 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Documents\Misc stuff from desktop
[2014/01/03 19:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/01/24 20:20:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/24 20:15:02 | 005,430,312 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/24 20:15:02 | 002,540,036 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/24 20:15:02 | 000,006,434 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/24 20:12:34 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/24 20:12:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/24 19:40:25 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/01/24 15:45:58 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/01/21 22:11:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/21 22:11:16 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/21 21:56:56 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/01/21 21:54:43 | 1886,769,151 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/21 20:59:58 | 004,974,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/20 13:32:26 | 000,023,663 | ---- | M] () -- C:\Users\Dawn\Desktop\Capture LR.JPG
[2014/01/18 21:35:06 | 000,109,323 | ---- | M] () -- C:\Users\Dawn\Desktop\Large_.jpeg
[2014/01/18 19:01:17 | 001,656,964 | ---- | M] () -- C:\Users\Dawn\Desktop\maternity.psd
[2014/01/18 18:59:35 | 000,201,767 | ---- | M] () -- C:\Users\Dawn\Desktop\maternity.jpg
[2014/01/18 18:52:57 | 000,048,195 | ---- | M] () -- C:\Users\Dawn\Desktop\1517418_10153714307425293_1429156455_n.jpg
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/01/24 19:40:25 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/01/20 13:32:22 | 000,023,663 | ---- | C] () -- C:\Users\Dawn\Desktop\Capture LR.JPG
[2014/01/18 21:35:05 | 000,109,323 | ---- | C] () -- C:\Users\Dawn\Desktop\Large_.jpeg
[2014/01/18 18:59:32 | 000,201,767 | ---- | C] () -- C:\Users\Dawn\Desktop\maternity.jpg
[2014/01/18 18:58:36 | 001,656,964 | ---- | C] () -- C:\Users\Dawn\Desktop\maternity.psd
[2014/01/18 18:52:56 | 000,048,195 | ---- | C] () -- C:\Users\Dawn\Desktop\1517418_10153714307425293_1429156455_n.jpg
[2013/08/06 21:11:51 | 000,000,182 | ---- | C] () -- C:\Windows\wininit.ini
[2013/05/12 20:28:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2013/02/27 00:02:14 | 000,004,509 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\CamStudio.cfg
[2013/01/09 00:31:48 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2012/12/06 02:50:07 | 000,000,132 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/11/04 00:45:34 | 000,003,072 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Photobook Designer Prefsv3
[2012/10/24 22:41:23 | 000,000,132 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012/10/20 12:58:49 | 000,000,218 | ---- | C] () -- C:\Users\Dawn\.recently-used.xbel
[2012/08/21 14:18:20 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2012/08/21 14:18:08 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\hpcc3130.dll
[2012/08/16 10:52:35 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/08/16 10:52:35 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/08/09 10:57:42 | 000,103,272 | ---- | C] () -- C:\Users\Dawn\GoToAssistDownloadHelper.exe
[2012/08/08 18:26:55 | 000,060,304 | ---- | C] () -- C:\Users\Dawn\g2mdlhlpx.exe
[2012/06/28 22:04:29 | 000,006,416 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/27 01:01:21 | 000,000,126 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/08/18 23:08:00 | 000,865,117 | ---- | C] () -- C:\Users\Dawn\AppData\Local\census.cache
[2011/08/18 23:06:42 | 000,131,064 | ---- | C] () -- C:\Users\Dawn\AppData\Local\ars.cache
[2011/08/18 22:19:52 | 000,000,036 | ---- | C] () -- C:\Users\Dawn\AppData\Local\housecall.guid.cache
[2011/06/19 23:35:23 | 000,001,456 | ---- | C] () -- C:\Users\Dawn\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/06/07 16:53:41 | 000,001,940 | ---- | C] () -- C:\Users\Dawn\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/29 10:38:57 | 000,007,618 | ---- | C] () -- C:\Users\Dawn\AppData\Local\resmon.resmoncfg
[2011/05/16 11:34:11 | 000,002,736 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\wklnhst.dat
[2010/12/24 00:25:38 | 000,004,982 | ---- | C] () -- C:\ProgramData\xjrxrpty.cte
[2010/12/24 00:25:37 | 000,004,983 | ---- | C] () -- C:\ProgramData\pyknfeyt.slj
[2010/12/03 11:55:20 | 000,061,440 | ---- | C] () -- C:\Users\Dawn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 320 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:7631EA83
< End of report >
#4
Posted 24 January 2014 - 07:46 PM
DawnsShadow
- Topic Starter
-
- Member
-
- 24 posts
Member
OTL Extras logfile created on: 1/24/2014 8:21:46 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dawn\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: MM/dd/yyyy
7.68 Gb Total Physical Memory | 3.53 Gb Available Physical Memory | 46.03% Memory free
15.35 Gb Paging File | 9.95 Gb Available in Paging File | 64.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.07 Gb Total Space | 35.40 Gb Free Space | 6.12% Space Free | Partition Type: NTFS
Drive D: | 14.87 Gb Total Space | 7.48 Gb Free Space | 50.30% Space Free | Partition Type: FAT32
Drive E: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: DAWN-PC | User Name: Dawn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A89724F-304F-44B0-B679-585E8A4A2E20}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0E2FE203-61FA-4EE4-B825-8B254CF7A8BD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0FAF9990-5D0B-4773-B7E8-D56DFEA551E5}" = lport=138 | protocol=17 | dir=in | app=system |
"{134D2EB0-23CE-41B8-AAD1-EF410DA20B0B}" = lport=445 | protocol=6 | dir=in | app=system |
"{19CD7235-E993-4605-8931-0460306E7810}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{1B3349A0-51B8-4227-B4DB-7A056C8ACAC7}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{29062BF0-C2EA-4ECA-BC67-3F0B3D106683}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{32C1C00D-9A6A-4C74-8CA1-55AF0C63E885}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{36F626B2-1AB2-42D7-896C-D034BC3D5F6D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{37B9032A-4D05-4168-9AA6-6CA9ED726F94}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3CFBFB7B-410D-4768-A5B6-12BF23E199AE}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{426A9955-7777-4AF2-9AF6-537091D30EEE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{44025567-7892-482B-937D-0118466AB60F}" = rport=139 | protocol=6 | dir=out | app=system |
"{442D4A0F-4F5D-417B-A402-216A668839D1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4492BC6B-4D74-4C4D-8DE2-0D8F89223A68}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5229CA79-9C27-4C3B-8495-D3999955CC8A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{53A8F447-495E-4E99-A577-18B9829331E7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{688AE109-67E9-4195-8C04-21105C143B06}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6DA10910-143A-4CFA-A07A-DECB0F0B3A75}" = lport=2869 | protocol=6 | dir=in | app=system |
"{75692399-4AA3-463B-914E-CC36D4B671C9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{767B5FE5-AA67-4093-ABA1-AB52EEEC6209}" = rport=137 | protocol=17 | dir=out | app=system |
"{770B61EB-72C9-408C-A82E-DD6E11CFA669}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{86EA04BD-17C6-4DC7-8C98-E832EA85E8CA}" = lport=137 | protocol=17 | dir=in | app=system |
"{A23706BE-4E23-4214-A218-7DF60F203197}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B07A31C1-31A5-46CE-BFD2-388FA6686F09}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B3A111B2-AA4B-45B1-B87C-BD9A40C20EE3}" = rport=138 | protocol=17 | dir=out | app=system |
"{B6B56FD6-09C8-4CFC-BB88-6F76C24E8BC0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BBEC8D98-34DC-40C4-94AE-C0AB10CA61C2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2DD5029-496B-434C-8340-7B55D107BF1A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CA9E73FD-187A-4CD8-AF9F-96A89DF5F618}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D58AB637-1C48-43CB-9AAD-DF99711B241D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D74018FE-CDE7-4468-9A27-BF8BB09ADC20}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DD61F582-05FD-4670-91C1-14D7381F0923}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDBA6209-F1EE-4531-885D-EBCE506D512C}" = lport=139 | protocol=6 | dir=in | app=system |
"{E855E80E-AA64-4EC2-8C50-4AFFA4C5631B}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{EA5C7778-6C91-4CDB-8D10-A84991F306F2}" = rport=445 | protocol=6 | dir=out | app=system |
"{EFF98DC2-5505-4F10-B192-8CD6F35DCB6F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA4F54B-0DE9-4D48-B6C7-25FACB5D6A4A}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{0EE34019-4BD2-4535-80FB-FEB5A6CF7C7F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{14249881-CBC2-4C55-91CB-A693C79ED198}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{15B9F227-9205-4EA5-B5DC-C84F58924904}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{16FC0F63-10BD-48E8-890D-E50F1EC5C4C4}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{1B3F5281-DFF0-430C-846B-4512801A288D}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{1B699181-7A8B-4FA2-BB0A-A51A2F37E068}" = protocol=1 | dir=out | [email protected],-28544 |
"{22F9CBBA-71BE-42B0-A484-4C71C57C6083}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\arcade movie\touchmovie.exe |
"{283C76DC-ABDA-430A-9262-19B9CCE3967E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2A0E6B63-8EC7-402A-89DD-20ED0B461820}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{2AAE8894-06F1-44E0-8F79-A6CA9A7DAF3D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2FBF007E-AB97-451E-98FA-2764F6305A1E}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{311E2370-079D-4B0C-8C2D-6E1317ADB792}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3341FFC3-CD35-44AD-889D-0087377E0F1C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{338EFFC7-B5E4-4092-8E91-58FEC2687F9F}" = protocol=1 | dir=in | [email protected],-28543 |
"{37274834-DD43-4EE4-92F6-73E8B2FCC763}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{377EC8EA-B564-45B2-8331-9B66BFFED0CC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3944CFCE-744B-4313-9889-3BAC88833372}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{3CF5EC45-BA98-419C-B6FB-A6CE0D53A116}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{3F88E8CD-6E21-4494-B1FD-82DA884C8729}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{44B795D9-9B71-4209-A965-FDCEEFC3730A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{459A81A1-804C-4261-85CB-56FF18BDA366}" = protocol=58 | dir=out | [email protected],-28546 |
"{47F2B6FD-4999-4BD4-A5CB-E5C2B6940624}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{490BA769-FBC0-4904-BB40-A30C794C3F49}" = protocol=6 | dir=out | app=system |
"{4B3E8A7C-7C1C-429F-BA56-A26DE19431CB}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\pcmservice.exe |
"{4E666674-7562-46B3-A9A0-49C14BD0F3B2}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\arcade movie\touchmovieservice.exe |
"{5CCFBC2B-EB1E-4120-8AC3-74FC4ACFD4DC}" = dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe |
"{601F3CA8-A988-4C60-9817-171519E6AF26}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{67488AF4-7ECB-4929-989C-0045C3F55B9A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{689BE641-AF83-4611-9E6C-5E6E5EADA626}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{6D1B6758-EE24-4668-85FF-B6EDEC0EF04E}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{6D2A59DC-5612-4999-8924-44D8EF0FD259}" = protocol=17 | dir=in | app=c:\users\dawn\appdata\roaming\dropbox\bin\dropbox.exe |
"{6F587E01-D237-4D34-B451-A7F879402E23}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7379D5A0-BC29-4F13-83C5-DC544B9F1A39}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{744C1C70-33D7-41D5-A863-03AEE4650F18}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7C5294F9-B937-4F93-9E98-C0FB4FC92B47}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{83CB3072-BB91-4FE9-8A2D-BF790467D495}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{83DCFDFE-F766-496F-84EB-804E47E052DE}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\kernel\dms\clmsservice.exe |
"{847CEBE9-42FB-4628-A897-C5D54A1E524A}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{86CBE8D0-8414-447C-B6FD-43B0FE95A197}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{87030159-F9F9-4681-8924-DCEDEE587A58}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{883560A8-B74F-4DF6-A7D8-8A4E0C46B189}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{8B2471D8-850A-406C-8219-A8B1A952D5D4}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{A0A87A01-8AAB-4297-823F-E16CE0F01CF3}" = protocol=58 | dir=in | [email protected],-28545 |
"{A2E5CFE7-4D4D-4186-B00E-B1E2D4F1FDD1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1EFAAEE-AA7E-4E05-964E-317BB0EE838F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B36BDF25-F3A1-4C63-A049-3EA963792BE6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7A52296-3D4D-4899-B52A-A09A70CA1D20}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB53F6EF-1549-4669-8632-0A41097BF73D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6A3A6D5-C889-4896-88BD-CB7E70AAFDED}" = protocol=6 | dir=in | app=c:\users\dawn\appdata\roaming\dropbox\bin\dropbox.exe |
"{E0C5250C-40DE-4277-863D-F4E185AF030E}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{E8B7A33F-3A7F-45A0-82E3-9CA72AAF6BE7}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{ED33732A-44BD-4618-B366-FB3E26BD86B0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F05299C7-6D6C-4A26-92DA-2E11F7E73F87}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4D89AEE-7BE8-459B-9AC2-EBDCEB96DBF2}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\kernel\dmp\clbrowserengine.exe |
"{F50181B5-8875-4D6D-A081-5E222985467F}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\powercinema.exe |
"{FBBF8AFB-C3D0-4104-913F-8B81C8FDDEE3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FF0B62C6-959D-492E-AC14-2362266EDAF6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{AFB42822-84A9-4C08-9597-DFE3EBF99B96}C:\users\dawn\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dawn\appdata\local\akamai\netsession_win.exe |
"TCP Query User{C60040D0-E872-40C6-9801-A528D070A8A3}C:\users\dawn\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dawn\appdata\local\akamai\netsession_win.exe |
"UDP Query User{A0C9FB00-38D5-4F4B-9936-D8D855E4FDAF}C:\users\dawn\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dawn\appdata\local\akamai\netsession_win.exe |
"UDP Query User{AEA1B070-8662-4880-B801-2BCB1AD0CB1A}C:\users\dawn\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dawn\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series" = Canon MG5300 series MP Drivers
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{54E6C675-3AD4-42E4-957F-31666ABF1603}" = Adobe Photoshop Lightroom 5.2 64-bit
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249}" = O2Micro Flash Memory Card Windows Driver
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61C3230C-D69D-44E7-B974-F8BBADB49EE6}" = Motorola Mobile Drivers Installation 5.5.0
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{669A82E0-43E2-4645-8A2E-1A3DE78F8312}" = Adobe Photoshop Lightroom 4 64-bit
"{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9822326F-410C-96A5-2F58-65E58F65D63B}" = ccc-utility64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A7C403DA-B8D9-4CA0-93D9-6C7F00772240}" = WD SmartWare
"{AFC44A23-E6A8-4625-B6B1-23D438525D59}" = O2Micro 1394 OHCI Compliant Host Controller Driver
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5816A09-786E-C91D-3D99-8A8C92648750}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD868C71-6CCF-42E2-B90D-0504AB0036FE}" = 64 Bit HP CIO Components Installer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0AFECCA6-61A0-409F-9205-67613984209D}" = Dynex All-in-1 Card Reader
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B148875-7C4D-A5A7-79FA-82D679939663}" = CCC Help Danish
"{0D49143F-5710-6EAF-986F-86306C54D9F7}" = CCC Help Dutch
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0DCE424F-F4A8-A3EA-3416-7A4CA189A164}" = CCC Help Czech
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{193B70F8-D757-B1D6-B2B0-826E92D889CC}" = CCC Help Polish
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B50F09A-CDE0-4F33-A428-2E459CED07EF}" = WD Software Upgrader
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23640476-5D3A-F071-A40F-345E16C91301}" = CCC Help Hungarian
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{27996809-446F-7261-6C69-6B654C656F6E}" =
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3890215D-D18A-43EF-AE0C-0C6B084F652D}" = WD Software Upgrader
"{39BE50E7-8059-C383-D8D0-3EC7B9A0B2C2}" = CCC Help Turkish
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{4394B319-1CA6-9535-5A97-3407DE7B2865}" = CCC Help Chinese Traditional
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E242AB2-86A7-4231-82A9-1E4226D23CA8}" = Catalyst Control Center - Branding
"{4E2AC91C-090D-C0BE-98E0-35480A693D53}" = CCC Help Russian
"{507B1304-194A-4204-A9D9-9BAAF51EF760}" = WD Quick View
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59679381-3F22-4A40-A7AD-890242D74DF4}" = Perfect Photo Suite 6.0.1
"{59A58CB1-5177-4AF7-DC09-886DC5175561}" = CCC Help Thai
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B70AFEB-18E9-0BBA-C876-50E61D2F1585}" = CCC Help Korean
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76509C2C-6A9E-1DDD-7169-2F61337350CA}" = PASS
"{76E2A1A0-CE72-48A0-8D8E-767A1B0C2191}" = PhotoFrame 4.5.3 Free
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BBEA5FB-5BDA-5568-F370-66934F5862F8}" = Catalyst Control Center Graphics Light
"{7C3E29B2-038E-312D-938C-DED2C6451411}" = CCC Help German
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FB1F881-0AA3-4181-A6E6-208FDC8B4DFE}" = PhotoPresets Wow Effects for Adobe Camera Raw
"{800E5862-A2A2-B903-6B6E-660F5DFB1BFF}" = CCC Help Norwegian
"{804D666C-1FB8-F116-358B-15F297113547}" = CCC Help English
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90497F91-64AA-6732-266E-4B7023989E5C}" = ccc-core-static
"{90573AE3-E7FC-4A5C-A7FB-D2E1482BA84A}" = Acer Arcade Instant On
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4D3FF6-FFDD-4E4E-B887-4BF378174F04}" = ArcSoft PhotoStudio 6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A990CB5E-6951-12C0-6B29-4C0102E80827}" = CCC Help Portuguese
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAB17558-7189-1415-2370-D689FDD44B33}" = PX Profile Update
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABC74AD3-8488-2D59-71CA-FE1FDBD99293}" = CCC Help Greek
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B399B936-CDED-C8E5-D621-E6323855CF5B}" = Catalyst Control Center Graphics Full New
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{ba99df5b-3e46-419e-81e2-544352772fda}" = WD SmartWare Installer
"{BE985F96-BFD5-BCE2-97F6-B73BBF122943}" = CCC Help Japanese
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C314EA94-9FAF-969D-544F-816FE102EAFD}" = Catalyst Control Center InstallProxy
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C40DCE3C-E042-2DEE-4F77-8725E18BAE17}" = CCC Help Spanish
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}" = Perfect Effects 8
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D07205E7-F6D3-4333-AFCC-782A07685B72}" = OverDrive Media Console
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1F8C3EA-8274-90C1-460B-EE2DFA7B492B}" = CCC Help French
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E2B31B67-9795-4EF9-9AC6-B683E7B11BE6}_is1" = FotoFusion v4
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E573FE55-5A89-F7CC-0A00-A9E79BB20C3B}" = CCC Help Finnish
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E75093FD-D74A-D7D0-AE15-BA89B30D9E54}" = Catalyst Control Center Localization All
"{E92EAA89-9597-E7DF-6EB6-F21655D245F2}" = Catalyst Control Center Graphics Previews Vista
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EB083118-49ED-4CD7-8CE8-241C1F958E2C}" = PhotoPresets with One-Click WOW! for Adobe Camera Raw
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EEEDE742-915B-2D3F-5763-E7375BE7B144}" = CCC Help Chinese Standard
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F9B82B36-5FC0-1E0D-0D56-066D1EDAC9E8}" = Catalyst Control Center Graphics Full Existing
"{FBC79D04-051E-4367-8051-1DB0C893FBE0}" = Nuvoton CIR Device Drivers
"{FC3CCF4F-ABE4-1CF6-347B-DEAFC9D82F1C}" = Catalyst Control Center Core Implementation
"{FC4AAE94-A221-0725-4FD8-56262B0262BA}" = CCC Help Italian
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FFAC99FD-DDF8-E138-E8F4-538B639C6984}" = CCC Help Swedish
"Acer Game Console" = Acer Game Console
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Illustrator CS2" = Adobe Illustrator CS2
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Akamai" = Akamai NetSession Interface Service
"Canon MG5300 series On-screen Manual" = Canon MG5300 series On-screen Manual
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Canon Setup Utility 2.3" = Canon Setup Utility 2.3
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.showitfast.pass.desktop.PASS" = PASS
"Connect" = Connect
"DPP" = Canon Utilities Digital Photo Professional 3.9
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"Flickr Uploadr" = Flickr Uploadr 3.2.1
"FotoFusionV4" = FotoFusionV4
"Free RAR Extract Frog" = Free RAR Extract Frog
"HaaliMkx" = Haali Media Splitter
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{0AFECCA6-61A0-409F-9205-67613984209D}" = Dynex All-in-1 Card Reader
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{AFC44A23-E6A8-4625-B6B1-23D438525D59}" = O2Micro 1394 OHCI Compliant Host Controller Driver
"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection
"LManager" = Launch Manager
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MotoHelper" = MotoHelper 2.1.40 Driver 5.5.0
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"N360" = Norton 360
"Nik Collection" = Nik Collection
"OpenRGB_is1" = OpenRGB Version 2.10
"PhotoRescue PC_is1" = PhotoRescue PC v3.3.4.13350
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PortraitProfessional10_is1" = Portrait Professional 10.1
"Red Light Center 3D Client" = Red Light Center 3D Client
"Rogers Self Help Software" = Rogers Self Help Software 4059
"Rogers Update Manager" = Rogers Update Manager
"RSH Home Networking Wizard" = RSH Home Networking Wizard
"SP_4e24eecb" = Search Assistant WebSearch 1.74
"TomTom HOME" = TomTom HOME 2.8.3.2458
"Update Engine" = Sony Ericsson Update Engine
"WFTK" = Canon Utilities WFT Utility
"WildTangent acer Master Uninstall" = Acer Games
"WinLiveSuite" = Windows Live Essentials
"WT078749" = Bejeweled 2 Deluxe
"WT079017" = Faerie Solitaire
"WT079021" = FATE - The Traitor Soul
"WT079065" = Jewel Quest Solitaire 3
"WT079101" = Mystery P.I. - Lost in Los Angeles
"WT079109" = Plants vs. Zombies
"WT079117" = Polar Golfer
"WT079149" = Scrabble Plus
"WT079179" = Yahtzee
"WT079218" = Escape Rosecliff Island
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 5.1.0.880
"Screencast-O-Matic" = Screencast-O-Matic
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 1/24/2014 9:12:19 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1380001
Error - 1/24/2014 9:12:20 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/24/2014 9:12:20 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1380999
Error - 1/24/2014 9:12:20 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1380999
Error - 1/24/2014 9:12:21 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/24/2014 9:12:21 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1381998
Error - 1/24/2014 9:12:21 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1381998
Error - 1/24/2014 9:14:00 PM | Computer Name = Dawn-PC | Source = Application Hang | ID = 1002
Description = The program Lightroom.exe version 5.2.0.10 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 84c Start
Time: 01cf196742d8bfce Termination Time: 10 Application Path: C:\Program Files\Adobe\Adobe
Photoshop Lightroom 5.2\Lightroom.exe Report Id: e9f37154-855d-11e3-8928-c80aa9b11f16
Error - 1/24/2014 9:14:58 PM | Computer Name = Dawn-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.
Error - 1/24/2014 9:14:58 PM | Computer Name = Dawn-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.
[ Media Center Events ]
Error - 12/2/2010 12:32:00 PM | Computer Name = Dawn-PC | Source = MCUpdate | ID = 0
Description = 11:31:31 AM - Failed to retrieve SportsSchedule (Error: The operation
has timed out)
[ System Events ]
Error - 1/21/2014 10:01:22 PM | Computer Name = DAWN-PC | Source = DCOM | ID = 10016
Description =
Error - 1/21/2014 10:02:30 PM | Computer Name = Dawn-PC | Source = DCOM | ID = 10010
Description =
Error - 1/21/2014 10:03:51 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Rogers Update Manager service hung on starting.
Error - 1/21/2014 10:08:01 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Font Cache Service service hung on starting.
Error - 1/21/2014 10:10:26 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Intel® Management & Security Application User Notification Service
service hung on starting.
Error - 1/21/2014 10:55:01 PM | Computer Name = Dawn-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:52:52 PM on ?21/?01/?2014 was unexpected.
Error - 1/21/2014 10:57:04 PM | Computer Name = Dawn-PC | Source = DCOM | ID = 10016
Description =
Error - 1/21/2014 10:57:34 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Rogers Update Manager service hung on starting.
Error - 1/21/2014 11:01:46 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Font Cache Service service hung on starting.
Error - 1/21/2014 11:05:11 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Intel® Management & Security Application User Notification Service
service hung on starting.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dawn\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: MM/dd/yyyy
7.68 Gb Total Physical Memory | 3.53 Gb Available Physical Memory | 46.03% Memory free
15.35 Gb Paging File | 9.95 Gb Available in Paging File | 64.83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.07 Gb Total Space | 35.40 Gb Free Space | 6.12% Space Free | Partition Type: NTFS
Drive D: | 14.87 Gb Total Space | 7.48 Gb Free Space | 50.30% Space Free | Partition Type: FAT32
Drive E: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Computer Name: DAWN-PC | User Name: Dawn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A89724F-304F-44B0-B679-585E8A4A2E20}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0E2FE203-61FA-4EE4-B825-8B254CF7A8BD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0FAF9990-5D0B-4773-B7E8-D56DFEA551E5}" = lport=138 | protocol=17 | dir=in | app=system |
"{134D2EB0-23CE-41B8-AAD1-EF410DA20B0B}" = lport=445 | protocol=6 | dir=in | app=system |
"{19CD7235-E993-4605-8931-0460306E7810}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{1B3349A0-51B8-4227-B4DB-7A056C8ACAC7}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{29062BF0-C2EA-4ECA-BC67-3F0B3D106683}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{32C1C00D-9A6A-4C74-8CA1-55AF0C63E885}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{36F626B2-1AB2-42D7-896C-D034BC3D5F6D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{37B9032A-4D05-4168-9AA6-6CA9ED726F94}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3CFBFB7B-410D-4768-A5B6-12BF23E199AE}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |
"{426A9955-7777-4AF2-9AF6-537091D30EEE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{44025567-7892-482B-937D-0118466AB60F}" = rport=139 | protocol=6 | dir=out | app=system |
"{442D4A0F-4F5D-417B-A402-216A668839D1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{4492BC6B-4D74-4C4D-8DE2-0D8F89223A68}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5229CA79-9C27-4C3B-8495-D3999955CC8A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{53A8F447-495E-4E99-A577-18B9829331E7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{688AE109-67E9-4195-8C04-21105C143B06}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6DA10910-143A-4CFA-A07A-DECB0F0B3A75}" = lport=2869 | protocol=6 | dir=in | app=system |
"{75692399-4AA3-463B-914E-CC36D4B671C9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{767B5FE5-AA67-4093-ABA1-AB52EEEC6209}" = rport=137 | protocol=17 | dir=out | app=system |
"{770B61EB-72C9-408C-A82E-DD6E11CFA669}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{86EA04BD-17C6-4DC7-8C98-E832EA85E8CA}" = lport=137 | protocol=17 | dir=in | app=system |
"{A23706BE-4E23-4214-A218-7DF60F203197}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B07A31C1-31A5-46CE-BFD2-388FA6686F09}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B3A111B2-AA4B-45B1-B87C-BD9A40C20EE3}" = rport=138 | protocol=17 | dir=out | app=system |
"{B6B56FD6-09C8-4CFC-BB88-6F76C24E8BC0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{BBEC8D98-34DC-40C4-94AE-C0AB10CA61C2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2DD5029-496B-434C-8340-7B55D107BF1A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CA9E73FD-187A-4CD8-AF9F-96A89DF5F618}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D58AB637-1C48-43CB-9AAD-DF99711B241D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D74018FE-CDE7-4468-9A27-BF8BB09ADC20}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DD61F582-05FD-4670-91C1-14D7381F0923}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDBA6209-F1EE-4531-885D-EBCE506D512C}" = lport=139 | protocol=6 | dir=in | app=system |
"{E855E80E-AA64-4EC2-8C50-4AFFA4C5631B}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |
"{EA5C7778-6C91-4CDB-8D10-A84991F306F2}" = rport=445 | protocol=6 | dir=out | app=system |
"{EFF98DC2-5505-4F10-B192-8CD6F35DCB6F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA4F54B-0DE9-4D48-B6C7-25FACB5D6A4A}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{0EE34019-4BD2-4535-80FB-FEB5A6CF7C7F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{14249881-CBC2-4C55-91CB-A693C79ED198}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{15B9F227-9205-4EA5-B5DC-C84F58924904}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{16FC0F63-10BD-48E8-890D-E50F1EC5C4C4}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{1B3F5281-DFF0-430C-846B-4512801A288D}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{1B699181-7A8B-4FA2-BB0A-A51A2F37E068}" = protocol=1 | dir=out | [email protected],-28544 |
"{22F9CBBA-71BE-42B0-A484-4C71C57C6083}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\arcade movie\touchmovie.exe |
"{283C76DC-ABDA-430A-9262-19B9CCE3967E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2A0E6B63-8EC7-402A-89DD-20ED0B461820}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{2AAE8894-06F1-44E0-8F79-A6CA9A7DAF3D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2FBF007E-AB97-451E-98FA-2764F6305A1E}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{311E2370-079D-4B0C-8C2D-6E1317ADB792}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3341FFC3-CD35-44AD-889D-0087377E0F1C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{338EFFC7-B5E4-4092-8E91-58FEC2687F9F}" = protocol=1 | dir=in | [email protected],-28543 |
"{37274834-DD43-4EE4-92F6-73E8B2FCC763}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{377EC8EA-B564-45B2-8331-9B66BFFED0CC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3944CFCE-744B-4313-9889-3BAC88833372}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{3CF5EC45-BA98-419C-B6FB-A6CE0D53A116}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{3F88E8CD-6E21-4494-B1FD-82DA884C8729}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{44B795D9-9B71-4209-A965-FDCEEFC3730A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{459A81A1-804C-4261-85CB-56FF18BDA366}" = protocol=58 | dir=out | [email protected],-28546 |
"{47F2B6FD-4999-4BD4-A5CB-E5C2B6940624}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{490BA769-FBC0-4904-BB40-A30C794C3F49}" = protocol=6 | dir=out | app=system |
"{4B3E8A7C-7C1C-429F-BA56-A26DE19431CB}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\pcmservice.exe |
"{4E666674-7562-46B3-A9A0-49C14BD0F3B2}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\arcade movie\touchmovieservice.exe |
"{5CCFBC2B-EB1E-4120-8AC3-74FC4ACFD4DC}" = dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe |
"{601F3CA8-A988-4C60-9817-171519E6AF26}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{67488AF4-7ECB-4929-989C-0045C3F55B9A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{689BE641-AF83-4611-9E6C-5E6E5EADA626}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{6D1B6758-EE24-4668-85FF-B6EDEC0EF04E}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{6D2A59DC-5612-4999-8924-44D8EF0FD259}" = protocol=17 | dir=in | app=c:\users\dawn\appdata\roaming\dropbox\bin\dropbox.exe |
"{6F587E01-D237-4D34-B451-A7F879402E23}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7379D5A0-BC29-4F13-83C5-DC544B9F1A39}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{744C1C70-33D7-41D5-A863-03AEE4650F18}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{7C5294F9-B937-4F93-9E98-C0FB4FC92B47}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{83CB3072-BB91-4FE9-8A2D-BF790467D495}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{83DCFDFE-F766-496F-84EB-804E47E052DE}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\kernel\dms\clmsservice.exe |
"{847CEBE9-42FB-4628-A897-C5D54A1E524A}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{86CBE8D0-8414-447C-B6FD-43B0FE95A197}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{87030159-F9F9-4681-8924-DCEDEE587A58}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{883560A8-B74F-4DF6-A7D8-8A4E0C46B189}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{8B2471D8-850A-406C-8219-A8B1A952D5D4}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{A0A87A01-8AAB-4297-823F-E16CE0F01CF3}" = protocol=58 | dir=in | [email protected],-28545 |
"{A2E5CFE7-4D4D-4186-B00E-B1E2D4F1FDD1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1EFAAEE-AA7E-4E05-964E-317BB0EE838F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B36BDF25-F3A1-4C63-A049-3EA963792BE6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7A52296-3D4D-4899-B52A-A09A70CA1D20}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB53F6EF-1549-4669-8632-0A41097BF73D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6A3A6D5-C889-4896-88BD-CB7E70AAFDED}" = protocol=6 | dir=in | app=c:\users\dawn\appdata\roaming\dropbox\bin\dropbox.exe |
"{E0C5250C-40DE-4277-863D-F4E185AF030E}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{E8B7A33F-3A7F-45A0-82E3-9CA72AAF6BE7}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{ED33732A-44BD-4618-B366-FB3E26BD86B0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F05299C7-6D6C-4A26-92DA-2E11F7E73F87}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F4D89AEE-7BE8-459B-9AC2-EBDCEB96DBF2}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\kernel\dmp\clbrowserengine.exe |
"{F50181B5-8875-4D6D-A081-5E222985467F}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\powercinema.exe |
"{FBBF8AFB-C3D0-4104-913F-8B81C8FDDEE3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FF0B62C6-959D-492E-AC14-2362266EDAF6}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{AFB42822-84A9-4C08-9597-DFE3EBF99B96}C:\users\dawn\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dawn\appdata\local\akamai\netsession_win.exe |
"TCP Query User{C60040D0-E872-40C6-9801-A528D070A8A3}C:\users\dawn\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\dawn\appdata\local\akamai\netsession_win.exe |
"UDP Query User{A0C9FB00-38D5-4F4B-9936-D8D855E4FDAF}C:\users\dawn\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dawn\appdata\local\akamai\netsession_win.exe |
"UDP Query User{AEA1B070-8662-4880-B801-2BCB1AD0CB1A}C:\users\dawn\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\dawn\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series" = Canon MG5300 series MP Drivers
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{3C28BFD4-90C7-3138-87EF-418DC16E9598}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{54E6C675-3AD4-42E4-957F-31666ABF1603}" = Adobe Photoshop Lightroom 5.2 64-bit
"{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
"{5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249}" = O2Micro Flash Memory Card Windows Driver
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61C3230C-D69D-44E7-B974-F8BBADB49EE6}" = Motorola Mobile Drivers Installation 5.5.0
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{669A82E0-43E2-4645-8A2E-1A3DE78F8312}" = Adobe Photoshop Lightroom 4 64-bit
"{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9822326F-410C-96A5-2F58-65E58F65D63B}" = ccc-utility64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A7C403DA-B8D9-4CA0-93D9-6C7F00772240}" = WD SmartWare
"{AFC44A23-E6A8-4625-B6B1-23D438525D59}" = O2Micro 1394 OHCI Compliant Host Controller Driver
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5816A09-786E-C91D-3D99-8A8C92648750}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FD868C71-6CCF-42E2-B90D-0504AB0036FE}" = 64 Bit HP CIO Components Installer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0AFECCA6-61A0-409F-9205-67613984209D}" = Dynex All-in-1 Card Reader
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B148875-7C4D-A5A7-79FA-82D679939663}" = CCC Help Danish
"{0D49143F-5710-6EAF-986F-86306C54D9F7}" = CCC Help Dutch
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0DCE424F-F4A8-A3EA-3416-7A4CA189A164}" = CCC Help Czech
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{193B70F8-D757-B1D6-B2B0-826E92D889CC}" = CCC Help Polish
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B50F09A-CDE0-4F33-A428-2E459CED07EF}" = WD Software Upgrader
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23640476-5D3A-F071-A40F-345E16C91301}" = CCC Help Hungarian
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{27996809-446F-7261-6C69-6B654C656F6E}" =
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{30075A70-B5D2-440B-AFA3-FB2021740121}" = Backup Manager Advance
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3890215D-D18A-43EF-AE0C-0C6B084F652D}" = WD Software Upgrader
"{39BE50E7-8059-C383-D8D0-3EC7B9A0B2C2}" = CCC Help Turkish
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{4394B319-1CA6-9535-5A97-3407DE7B2865}" = CCC Help Chinese Traditional
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E242AB2-86A7-4231-82A9-1E4226D23CA8}" = Catalyst Control Center - Branding
"{4E2AC91C-090D-C0BE-98E0-35480A693D53}" = CCC Help Russian
"{507B1304-194A-4204-A9D9-9BAAF51EF760}" = WD Quick View
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59679381-3F22-4A40-A7AD-890242D74DF4}" = Perfect Photo Suite 6.0.1
"{59A58CB1-5177-4AF7-DC09-886DC5175561}" = CCC Help Thai
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B70AFEB-18E9-0BBA-C876-50E61D2F1585}" = CCC Help Korean
"{6e8f74e0-43bd-4dce-8477-6ff6828acc07}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76509C2C-6A9E-1DDD-7169-2F61337350CA}" = PASS
"{76E2A1A0-CE72-48A0-8D8E-767A1B0C2191}" = PhotoFrame 4.5.3 Free
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BBEA5FB-5BDA-5568-F370-66934F5862F8}" = Catalyst Control Center Graphics Light
"{7C3E29B2-038E-312D-938C-DED2C6451411}" = CCC Help German
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FB1F881-0AA3-4181-A6E6-208FDC8B4DFE}" = PhotoPresets Wow Effects for Adobe Camera Raw
"{800E5862-A2A2-B903-6B6E-660F5DFB1BFF}" = CCC Help Norwegian
"{804D666C-1FB8-F116-358B-15F297113547}" = CCC Help English
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90497F91-64AA-6732-266E-4B7023989E5C}" = ccc-core-static
"{90573AE3-E7FC-4A5C-A7FB-D2E1482BA84A}" = Acer Arcade Instant On
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4D3FF6-FFDD-4E4E-B887-4BF378174F04}" = ArcSoft PhotoStudio 6
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A990CB5E-6951-12C0-6B29-4C0102E80827}" = CCC Help Portuguese
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAB17558-7189-1415-2370-D689FDD44B33}" = PX Profile Update
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABC74AD3-8488-2D59-71CA-FE1FDBD99293}" = CCC Help Greek
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}" = Adobe Illustrator CS2
"{B399B936-CDED-C8E5-D621-E6323855CF5B}" = Catalyst Control Center Graphics Full New
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{ba99df5b-3e46-419e-81e2-544352772fda}" = WD SmartWare Installer
"{BE985F96-BFD5-BCE2-97F6-B73BBF122943}" = CCC Help Japanese
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C314EA94-9FAF-969D-544F-816FE102EAFD}" = Catalyst Control Center InstallProxy
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C40DCE3C-E042-2DEE-4F77-8725E18BAE17}" = CCC Help Spanish
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}" = Perfect Effects 8
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D07205E7-F6D3-4333-AFCC-782A07685B72}" = OverDrive Media Console
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1F8C3EA-8274-90C1-460B-EE2DFA7B492B}" = CCC Help French
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E2B31B67-9795-4EF9-9AC6-B683E7B11BE6}_is1" = FotoFusion v4
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E573FE55-5A89-F7CC-0A00-A9E79BB20C3B}" = CCC Help Finnish
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E75093FD-D74A-D7D0-AE15-BA89B30D9E54}" = Catalyst Control Center Localization All
"{E92EAA89-9597-E7DF-6EB6-F21655D245F2}" = Catalyst Control Center Graphics Previews Vista
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EB083118-49ED-4CD7-8CE8-241C1F958E2C}" = PhotoPresets with One-Click WOW! for Adobe Camera Raw
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EEEDE742-915B-2D3F-5763-E7375BE7B144}" = CCC Help Chinese Standard
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.165
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F9B82B36-5FC0-1E0D-0D56-066D1EDAC9E8}" = Catalyst Control Center Graphics Full Existing
"{FBC79D04-051E-4367-8051-1DB0C893FBE0}" = Nuvoton CIR Device Drivers
"{FC3CCF4F-ABE4-1CF6-347B-DEAFC9D82F1C}" = Catalyst Control Center Core Implementation
"{FC4AAE94-A221-0725-4FD8-56262B0262BA}" = CCC Help Italian
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FFAC99FD-DDF8-E138-E8F4-538B639C6984}" = CCC Help Swedish
"Acer Game Console" = Acer Game Console
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Illustrator CS2" = Adobe Illustrator CS2
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Akamai" = Akamai NetSession Interface Service
"Canon MG5300 series On-screen Manual" = Canon MG5300 series On-screen Manual
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Canon Setup Utility 2.3" = Canon Setup Utility 2.3
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.showitfast.pass.desktop.PASS" = PASS
"Connect" = Connect
"DPP" = Canon Utilities Digital Photo Professional 3.9
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EOS Utility" = Canon Utilities EOS Utility
"Flickr Uploadr" = Flickr Uploadr 3.2.1
"FotoFusionV4" = FotoFusionV4
"Free RAR Extract Frog" = Free RAR Extract Frog
"HaaliMkx" = Haali Media Splitter
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{0AFECCA6-61A0-409F-9205-67613984209D}" = Dynex All-in-1 Card Reader
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}" = Acer Backup Manager
"InstallShield_{5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{AFC44A23-E6A8-4625-B6B1-23D438525D59}" = O2Micro 1394 OHCI Compliant Host Controller Driver
"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection
"LManager" = Launch Manager
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"MotoHelper" = MotoHelper 2.1.40 Driver 5.5.0
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MP Navigator EX 5.0" = Canon MP Navigator EX 5.0
"N360" = Norton 360
"Nik Collection" = Nik Collection
"OpenRGB_is1" = OpenRGB Version 2.10
"PhotoRescue PC_is1" = PhotoRescue PC v3.3.4.13350
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PortraitProfessional10_is1" = Portrait Professional 10.1
"Red Light Center 3D Client" = Red Light Center 3D Client
"Rogers Self Help Software" = Rogers Self Help Software 4059
"Rogers Update Manager" = Rogers Update Manager
"RSH Home Networking Wizard" = RSH Home Networking Wizard
"SP_4e24eecb" = Search Assistant WebSearch 1.74
"TomTom HOME" = TomTom HOME 2.8.3.2458
"Update Engine" = Sony Ericsson Update Engine
"WFTK" = Canon Utilities WFT Utility
"WildTangent acer Master Uninstall" = Acer Games
"WinLiveSuite" = Windows Live Essentials
"WT078749" = Bejeweled 2 Deluxe
"WT079017" = Faerie Solitaire
"WT079021" = FATE - The Traitor Soul
"WT079065" = Jewel Quest Solitaire 3
"WT079101" = Mystery P.I. - Lost in Los Angeles
"WT079109" = Plants vs. Zombies
"WT079117" = Polar Golfer
"WT079149" = Scrabble Plus
"WT079179" = Yahtzee
"WT079218" = Escape Rosecliff Island
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1640631956-789530371-1737118854-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"GoToMeeting" = GoToMeeting 5.1.0.880
"Screencast-O-Matic" = Screencast-O-Matic
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 1/24/2014 9:12:19 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1380001
Error - 1/24/2014 9:12:20 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/24/2014 9:12:20 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1380999
Error - 1/24/2014 9:12:20 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1380999
Error - 1/24/2014 9:12:21 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 1/24/2014 9:12:21 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1381998
Error - 1/24/2014 9:12:21 PM | Computer Name = DAWN-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1381998
Error - 1/24/2014 9:14:00 PM | Computer Name = Dawn-PC | Source = Application Hang | ID = 1002
Description = The program Lightroom.exe version 5.2.0.10 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 84c Start
Time: 01cf196742d8bfce Termination Time: 10 Application Path: C:\Program Files\Adobe\Adobe
Photoshop Lightroom 5.2\Lightroom.exe Report Id: e9f37154-855d-11e3-8928-c80aa9b11f16
Error - 1/24/2014 9:14:58 PM | Computer Name = Dawn-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.
Error - 1/24/2014 9:14:58 PM | Computer Name = Dawn-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
failed. The first DWORD in the Data section contains the error code.
[ Media Center Events ]
Error - 12/2/2010 12:32:00 PM | Computer Name = Dawn-PC | Source = MCUpdate | ID = 0
Description = 11:31:31 AM - Failed to retrieve SportsSchedule (Error: The operation
has timed out)
[ System Events ]
Error - 1/21/2014 10:01:22 PM | Computer Name = DAWN-PC | Source = DCOM | ID = 10016
Description =
Error - 1/21/2014 10:02:30 PM | Computer Name = Dawn-PC | Source = DCOM | ID = 10010
Description =
Error - 1/21/2014 10:03:51 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Rogers Update Manager service hung on starting.
Error - 1/21/2014 10:08:01 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Font Cache Service service hung on starting.
Error - 1/21/2014 10:10:26 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Intel® Management & Security Application User Notification Service
service hung on starting.
Error - 1/21/2014 10:55:01 PM | Computer Name = Dawn-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:52:52 PM on ?21/?01/?2014 was unexpected.
Error - 1/21/2014 10:57:04 PM | Computer Name = Dawn-PC | Source = DCOM | ID = 10016
Description =
Error - 1/21/2014 10:57:34 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Rogers Update Manager service hung on starting.
Error - 1/21/2014 11:01:46 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Windows Font Cache Service service hung on starting.
Error - 1/21/2014 11:05:11 PM | Computer Name = Dawn-PC | Source = Service Control Manager | ID = 7022
Description = The Intel® Management & Security Application User Notification Service
service hung on starting.
< End of report >
#5
Posted 24 January 2014 - 08:49 PM
zep516
-
- Malware Removal
-
- 8,090 posts
Trusted Helper
Hello DawnsShadow,
Thanks for posting those 2 log reports. I'm currently working through the log and it will take some time to prepare a fix for you. You will receive a set of instructions early tomorrow morning.
Please don't try an fix anything on your own, install or uninstall anything and don't run any scanners.
Thanks
Joe
Thanks for posting those 2 log reports. I'm currently working through the log and it will take some time to prepare a fix for you. You will receive a set of instructions early tomorrow morning.
Please don't try an fix anything on your own, install or uninstall anything and don't run any scanners.
Thanks
Joe
#7
Posted 25 January 2014 - 06:21 PM
zep516
-
- Malware Removal
-
- 8,090 posts
Trusted Helper
Hello Dawnshadow,
First
Lets Remove a program:
==> Click > Start > Control Panel > Programs & Features. We find:
Search Assistant WebSearch 1.74 <---Please remove that program from the list of installed programs.
Next
We need to do a fix using OTL
Next
Please download Junkware Removal Tool to your Desktop.
Please close your security software to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.
Next
Please download AdwCleaner by Xplode onto your Desktop.
Last
Download Security Check by screen317 from Here or Here
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Please post the following logs in your next reply:
How is the computer now? Anything still popping up?
Thanks
Joe
First
Lets Remove a program:
==> Click > Start > Control Panel > Programs & Features. We find:
Search Assistant WebSearch 1.74 <---Please remove that program from the list of installed programs.
Next
We need to do a fix using OTL
- Double click on the to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
- Under the Custom Scans/Fixes box at the bottom, paste in the following
:COMMANDS [CREATERESTOREPOINT] :OTL IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pur...794&lg=EN&cc=CA IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.pur...794&lg=EN&cc=CA FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch" FF - prefs.js..browser.search.defaulturl: "http://websearch.pur-esult.info/?pid=724&r=2013/11/23&hid=11525153692750452794&lg=EN&cc=CA&l=1&q=" FF - prefs.js..browser.search.order.1: "WebSearch" FF - prefs.js..browser.search.order.1,S: S", "WebSearch" FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch" FF - prefs.js..keyword.URL: "http://websearch.pur-esult.info/?pid=724&r=2013/11/23&hid=11525153692750452794&lg=EN&cc=CA&l=1&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found [2012/11/25 02:49:47 | 000,003,915 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\sweetim.xml [2013/11/23 00:08:03 | 000,007,838 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\WebSearch.xml O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKU\S-1-5-21-1640631956-789530371-1737118854-1001..\Run: [AdobeBridge] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O20 - AppInit_DLLs: (c:\progra~2\websea~1\sprote~1.dll) - c:\Program Files (x86)\WebSearch\sprotector.dll () O33 - MountPoints2\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\Shell - "" = AutoRun O33 - MountPoints2\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\StartClickfreeBackup.exe O33 - MountPoints2\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\Shell - "" = AutoRun O33 - MountPoints2\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\Startme.exe O33 - MountPoints2\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\Shell - "" = AutoRun O33 - MountPoints2\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true O33 - MountPoints2\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\Shell - "" = AutoRun O33 - MountPoints2\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\StartClickFreeBackup.exe O33 - MountPoints2\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true O33 - MountPoints2\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\Shell - "" = AutoRun O33 - MountPoints2\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true O33 - MountPoints2\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\Shell - "" = AutoRun O33 - MountPoints2\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\Shell\AutoRun\command - "" = F:\StartClickfreeBackup.exe O33 - MountPoints2\{d5778093-1864-11e1-88b0-c80aa9b11f16}\Shell - "" = AutoRun O33 - MountPoints2\{d5778093-1864-11e1-88b0-c80aa9b11f16}\Shell\AutoRun\command - "" = D:\Startme.exe O33 - MountPoints2\D\Shell - "" = AutoRun O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\unlock.exe autoplay=true O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\unlock.exe autoplay=true @Alternate Data Stream - 320 bytes -> C:\Windows:nlsPreferences @Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:7631EA83 :Files ipconfig /flushdns /c netsh advfirewall reset /c netsh advfirewall set allprofiles state off /c :Commands [resethosts] [emptytemp] - Make sure all other windows are closed.
- Click the Run Fix button at the top
- Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
- Post the log that is found in C:\_OTL\Moved Files in your next reply.
- Open OTL again and click the Quick Scan button.
Next
Please download Junkware Removal Tool to your Desktop.Please close your security software to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.
Next
Please download AdwCleaner by Xplode onto your Desktop.
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click the Scan button and wait for the process to complete.
- Click the Report button and the report will open in Notepad.
- NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
- Click on the Clean button follow the prompts.
- A log file will automatically open after the scan has finished and the PC has rebooted.
- Please post the content of that log file with your next answer.
- You can find the log file at C:\AdwCleaner
Last
Download Security Check by screen317 from Here or Here
Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Please post the following logs in your next reply:
- OTL Fix Log located here--> C:\_OTL\Moved Files
- OTL.txt After Quick scan was run.
- JRT.txt Log.
- checkup.txt Log.
How is the computer now? Anything still popping up?
Thanks
Joe
#8
Posted 28 January 2014 - 09:08 PM
zep516
-
- Malware Removal
-
- 8,090 posts
Trusted Helper
Hi DawnsShadow,
I understand things can get busy, just checking if you're still with us
Joe
I understand things can get busy, just checking if you're still with us
Joe
#9
Posted 28 January 2014 - 10:54 PM
DawnsShadow
- Topic Starter
-
- Member
-
- 24 posts
Member
Yes, sorry... been having a couple of crazy days, sick kids.
#10
Posted 01 February 2014 - 12:22 AM
DawnsShadow
- Topic Starter
-
- Member
-
- 24 posts
Member
Sorry about that! OK I am back on it...
here is the file from C:\_OTL\Moved Files
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Prefs.js: S", "WebSearch" removed from browser.search.defaultenginename,S
Prefs.js: "http://websearch.pur...N&cc=CA&l=1&q=" removed from browser.search.defaulturl
Prefs.js: "WebSearch" removed from browser.search.order.1
Prefs.js: S", "WebSearch" removed from browser.search.order.1,S
Prefs.js: S", "WebSearch" removed from browser.search.selectedEngine,S
Prefs.js: "http://websearch.pur...N&cc=CA&l=1&q=" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "" removed from sweetim.toolbar.previous.keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\sweetim.xml moved successfully.
C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\WebSearch.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1640631956-789530371-1737118854-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\websea~1\sprote~1.dll deleted successfully.
File c:\Program Files (x86)\WebSearch\sprotector.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\ not found.
File D:\StartClickfreeBackup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\ not found.
File D:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\ not found.
File D:\unlock.exe autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\ not found.
File D:\StartClickFreeBackup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\ not found.
File D:\unlock.exe autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\ not found.
File D:\unlock.exe autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\ not found.
File F:\StartClickfreeBackup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5778093-1864-11e1-88b0-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d5778093-1864-11e1-88b0-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5778093-1864-11e1-88b0-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d5778093-1864-11e1-88b0-c80aa9b11f16}\ not found.
File D:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ not found.
File D:\unlock.exe autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\unlock.exe autoplay=true not found.
ADS C:\Windows:nlsPreferences deleted successfully.
ADS C:\ProgramData\Temp:7631EA83 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Dawn\Downloads\cmd.bat deleted successfully.
C:\Users\Dawn\Downloads\cmd.txt deleted successfully.
< netsh advfirewall reset /c >
Ok.
C:\Users\Dawn\Downloads\cmd.bat deleted successfully.
C:\Users\Dawn\Downloads\cmd.txt deleted successfully.
< netsh advfirewall set allprofiles state off /c >
Ok.
C:\Users\Dawn\Downloads\cmd.bat deleted successfully.
C:\Users\Dawn\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Dawn
->Temp folder emptied: 3941361395 bytes
->Temporary Internet Files folder emptied: 279816679 bytes
->Java cache emptied: 28368674 bytes
->FireFox cache emptied: 452332124 bytes
->Flash cache emptied: 85755 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57616 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 48435972 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67697 bytes
RecycleBin emptied: 86719209 bytes
Total Files Cleaned = 4,613.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02012014_002747
Files\Folders moved on Reboot...
C:\Users\Dawn\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
here is the file from C:\_OTL\Moved Files
All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Prefs.js: S", "WebSearch" removed from browser.search.defaultenginename,S
Prefs.js: "http://websearch.pur...N&cc=CA&l=1&q=" removed from browser.search.defaulturl
Prefs.js: "WebSearch" removed from browser.search.order.1
Prefs.js: S", "WebSearch" removed from browser.search.order.1,S
Prefs.js: S", "WebSearch" removed from browser.search.selectedEngine,S
Prefs.js: "http://websearch.pur...N&cc=CA&l=1&q=" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "" removed from sweetim.toolbar.previous.keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\sweetim.xml moved successfully.
C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\WebSearch.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1640631956-789530371-1737118854-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\websea~1\sprote~1.dll deleted successfully.
File c:\Program Files (x86)\WebSearch\sprotector.dll not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0733a5a4-f084-11e1-bf04-c80aa9b11f16}\ not found.
File D:\StartClickfreeBackup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7f4e02d2-ed1e-11e2-9eef-c80aa9b11f16}\ not found.
File D:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{81105dd5-39ea-11e2-8167-c80aa9b11f16}\ not found.
File D:\unlock.exe autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{887fe130-5883-11e0-8aa7-c80aa9b11f16}\ not found.
File D:\StartClickFreeBackup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95af64d3-1d5d-11e2-8f94-806e6f6e6963}\ not found.
File D:\unlock.exe autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95af6530-1d5d-11e2-8f94-c80aa9b11f16}\ not found.
File D:\unlock.exe autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d421274c-cba8-11e0-8ce8-c80aa9b11f16}\ not found.
File F:\StartClickfreeBackup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5778093-1864-11e1-88b0-c80aa9b11f16}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d5778093-1864-11e1-88b0-c80aa9b11f16}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5778093-1864-11e1-88b0-c80aa9b11f16}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d5778093-1864-11e1-88b0-c80aa9b11f16}\ not found.
File D:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ not found.
File D:\unlock.exe autoplay=true not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\ not found.
File F:\unlock.exe autoplay=true not found.
ADS C:\Windows:nlsPreferences deleted successfully.
ADS C:\ProgramData\Temp:7631EA83 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Dawn\Downloads\cmd.bat deleted successfully.
C:\Users\Dawn\Downloads\cmd.txt deleted successfully.
< netsh advfirewall reset /c >
Ok.
C:\Users\Dawn\Downloads\cmd.bat deleted successfully.
C:\Users\Dawn\Downloads\cmd.txt deleted successfully.
< netsh advfirewall set allprofiles state off /c >
Ok.
C:\Users\Dawn\Downloads\cmd.bat deleted successfully.
C:\Users\Dawn\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Dawn
->Temp folder emptied: 3941361395 bytes
->Temporary Internet Files folder emptied: 279816679 bytes
->Java cache emptied: 28368674 bytes
->FireFox cache emptied: 452332124 bytes
->Flash cache emptied: 85755 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 57616 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 48435972 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67697 bytes
RecycleBin emptied: 86719209 bytes
Total Files Cleaned = 4,613.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02012014_002747
Files\Folders moved on Reboot...
C:\Users\Dawn\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
#11
Posted 01 February 2014 - 12:38 AM
DawnsShadow
- Topic Starter
-
- Member
-
- 24 posts
Member
I forgot to run the OTL Quick scan after the fix! sorry
This is the JRT...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Dawn on 02/01/2014 at 1:27:17.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\privitizevpninstalldates
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1640631956-789530371-1737118854-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\Users\Dawn\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Dawn\appdata\local\slick savings"
Successfully deleted: [Folder] "C:\Users\Dawn\appdata\local\software"
Successfully deleted: [Folder] "C:\Program Files (x86)\websearch"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{002857AB-DFD5-4C5E-ABCF-1AF0B29B1CF0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{00542CAA-E2DB-4167-B62B-2DFD62C41369}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{00D4988F-41A8-4D3C-A5B7-1320D8254F74}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{010BC818-C8CB-4ABD-B758-B8844593FB1F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0116153B-1C3A-49F1-8026-166E4125B352}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{01193F08-4D15-4232-93E3-417505C51EE3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{013948ED-7088-4947-9EC4-654C3723EBB9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{01498729-B691-4C78-947A-0899608F465C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{01EA87AC-A83A-4EE8-BED2-9A67C9103722}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{02152A30-DA93-446D-9AA7-C51C6135A41C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0263414A-D285-4D6F-AC26-67260C4DDD11}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0268D171-FB2F-4ABE-8174-B95011E5419E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{03241996-1888-4968-BDA6-91B25ECCF993}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0417B9F9-4A0F-42F1-AA72-188DA5AEDA64}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0423F97F-E6F9-45FC-B7AC-0B9832A533AB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{044D2249-1358-4FE6-B6E7-DA89550F12C3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{04A8CCFD-2F65-4596-857C-CC8FA660EC9D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{050AAF08-7C5C-416C-A9B8-804CFDD79A63}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{05276745-4B29-463A-8800-F9B95F148B6C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0583E5F3-15D1-47B5-AC88-42E389D96FBC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{058D1792-6570-41C7-8E7E-231A2DC587CC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{05A70068-9184-42D7-86D1-B281C3DFAE61}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{06682FF6-9908-4EDD-84FB-80D33D03E0F4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{066BF604-6AA1-4005-933A-EDD1DF478AE4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{067199B6-392E-4410-9BDF-3D563D4C3AE3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{08522973-38B2-4824-BFEE-39ACD9C07B4C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{088ABD38-0DE4-4759-B2D2-F5132AC6F67B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{091A343D-A580-4FEF-9EE6-C566D779B65D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{092EC6FD-1DAB-4EE8-86B6-2051884AE220}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{09F7FA56-C7CB-457F-BB3F-FD14C7AF5E26}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0A3FE9B9-4169-4648-9CFA-94A0CE004235}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0A679EA2-6B6C-42F1-BE8C-4B503352B34F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0BF5681F-2350-4B11-9983-AD8A19398F4B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0C7F1909-7387-486E-9C56-633C54D20124}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0C94F9D1-33EC-4B0F-979F-E01CDB3E8279}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0D6D993B-AB06-4F88-952F-CA77AA7EC54E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0DB0E38B-FA49-45D2-AF2C-8A31955848D5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0DDF60EB-1AE1-47B8-8217-381A346CD67B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0E0C3D1F-EC91-4CE1-886C-130871171F8B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0EDAEDF4-03E4-4E35-AAE0-125FE103BA21}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0F656145-792D-44CE-8626-06003A50E727}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0F6BEBB8-02D1-4D44-88CA-580DDF50BF96}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{10CFFD83-AB40-4336-AFC7-1D6536A61EDD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{112DD24A-21AD-4116-9DD0-E19478F3CE45}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{11DFCBAD-AF83-409E-8AC9-6263FDF69FA3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{123C9E1E-7598-4422-982F-513325679583}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{12492E71-E4A8-42BF-9F1F-1E8D0396D550}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1292F503-49E6-49B9-AF51-980207C3D7E1}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{12DE5B5A-DB37-41D1-9643-FF3495044CBB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{143A537D-D61C-4143-8896-F52C6366EEFC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{148205B8-B754-4C84-AAAF-646D89E86DAD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1487828D-F407-47EF-B874-5398E0C35F78}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{14C574D7-78CE-4276-826F-78A2EA6FBBD9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{14E23CA1-7C70-40BF-A610-E89B806688BA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{150BD721-FF6C-4EED-9E85-ADEEF04F4136}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{175DBAA2-6720-4DFF-ADAE-0097821845E8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{17D8A3E2-AE4C-475A-9D49-907DD34C02FB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{182EBDAF-6B58-471C-A8C7-73BA2F777045}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{18528FF5-A399-4704-A3D7-238DE835482B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{18F76800-34D0-4864-9923-C2D59D747358}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{19229328-F8E9-4523-94E5-EDDC7EA7C2A3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1A070B43-8F35-4BE6-8E9A-EAA13F01A18A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1B40571C-F0E9-4F32-87E8-2504829B46BA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1B72D152-C72B-4B11-B3F3-C897FAAC0930}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1C2FF7BF-A1C8-4589-BC38-5F2BF1E851CD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1C65F6A6-4CD8-4C29-9F4A-01448A1D2F9E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1D2CB060-35CF-4154-87E5-007456E86B61}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1D5E61E3-4B64-4296-9E05-1529938F0605}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1DF911DF-8EE9-4F90-99B3-C21A19CBA677}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1E2107F7-D965-4F57-B4A0-E29F9B3D3363}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1E529BC0-AB86-4AA4-AED2-07B08E2C00F5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1E7038C6-CA1D-4AD2-85F0-2C8FB3C7182B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1FEF631C-9354-4A45-8824-D277DC122A4F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1FF0E69A-91D9-4A2E-81B6-BD92E9052BF7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2012AAC9-7A8E-4A00-8C2D-AA19538B9598}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2017183E-D8B3-4117-88FE-780F6845C6A2}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{20D68BE3-D1AC-4FD9-809C-B88B111A5268}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{20E2EF26-0B7F-4A12-BB9F-7E62659F7BB3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{21057836-9A01-4CDF-86A2-6B081FBE5B7A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{212BE096-7295-4847-BD60-27B7B9ABE512}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{216097A4-FD69-4BFE-BE40-DDF5050BCBEA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{21CD1E9C-B60D-408F-B8A0-E99BA0D4BFA6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{22931418-920E-4C4A-83BF-FA84F4C9EAC0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{235B67FD-856E-4D32-8E25-27F120BE2EA5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{24740427-D675-458B-8217-BB223BFA0A13}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{248302ED-4083-4B25-BAB2-9D71DD36A995}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{25119E71-A308-4F7B-86C9-BC12EBC08954}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2654E787-96F1-42E8-BEF9-B19FEC8A076B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2697E303-2007-440B-A791-7408C1FAB9C6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{26AF9DAC-1BD4-4D7F-8441-3565157B106F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{26E9C09F-062D-4B2B-A4F4-3ABCFA369BF5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{28694144-311E-4658-9C98-65288A443B2C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{29057240-CCD7-4469-B6BC-BA3983E70BB2}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{294E053B-7897-462E-BE19-5399DC6AFD90}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{294E6234-FDC6-40F0-9D65-A4FDD5A01BA4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2958824F-64F6-4E35-90E3-7AC0F00463A5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2A043D13-8E72-4AC1-A9DD-2FADDACA2BD6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2AA95BA2-045F-4954-B00C-D11CAEFED29C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2B1D7755-2D60-42BB-A11B-7874EC8AEEFD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2B22CE4B-0D9A-41F7-9B78-F639096E76F9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2CB1C708-406B-4872-81B7-510E618D7232}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2CB43D72-64EB-4603-9865-0448C8982AA8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2D9C459C-AB46-4FD6-ADB3-90F7E090E26F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2E121C64-6666-4CF2-A76F-F0EFF4E3E8F0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2EBA2F1F-B844-4E48-A078-F9A83F513CD3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2F8F34E5-44CC-44CB-ABE4-9B478CC4EF44}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3009729A-FC13-4C9D-AE92-AF5ACDD82BEF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{30D54938-527D-46C9-9897-DA9905DC8034}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3168A589-04D7-46CD-BE75-62BE0695C540}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{31FCE37F-233A-49B5-B2F7-C151A02BE7E8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{343C755C-0D4D-48EC-ABD4-B9F88A09974C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{355A15FE-7C48-4D83-9774-97C2951D4F7A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3775E008-CB23-4A85-BFAA-4D757F1AE067}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{38145212-0E00-446B-8622-05EC2A1DB61B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{386AFAF4-21A8-4C19-8045-9729065628A4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{38725D0A-4F3E-441C-B53D-7745282E7214}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{389940A2-911C-4237-85A0-945B32DC9133}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{38DDB0CD-6A00-450F-A902-02CAE1331AF4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{39F56AE4-A6AB-4EAA-B3E6-03A75DE32B04}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3A71E939-0BC0-4426-82A5-E6968980C58C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3C0B7140-45C8-47B3-8083-F58D09BF298E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3D1284C6-3554-45C1-8465-04C7CC1D5D06}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3D30DD35-0027-41FF-86F5-E26B8842EFE1}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3F072CAD-198A-409D-B4CF-81F8944FB074}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3F9BE0F3-B18D-4239-AA62-C06981F6D225}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{408A7F6F-6ED2-4814-8491-C784B0F812F0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{422498B6-13D9-40A0-8D73-DBC2DE8E280D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{426B5763-A9FE-40AE-B186-ADD115579F28}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{42A65233-AD90-4389-BFC4-8529BCAB03E5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{433A6847-8801-4824-B2D1-E01C92BF1B61}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{436CB0F2-95C1-4E6A-8B06-D672AB645CCA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{450FE751-60EF-4C98-8761-1A2371840639}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{456E908F-2A06-416B-AD7B-F61BAA6C363D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{457ABE46-0D70-48A4-8C61-3F2D4DF0FA54}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{45CF4AEF-1843-40E0-A283-302C2239A70A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{45D59852-8180-401A-AA68-8E2260DF290E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{460A3674-4DB2-46A4-B308-9729E0B9CE64}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{468F798C-0998-4018-8756-3B91491873C4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{47D51EDE-B20C-481A-A354-541025657CC8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4820500E-AFE5-4655-9159-816DC0DBE973}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4857F227-2FD9-40CE-9729-D27F7F828526}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{48968B8B-274E-4BCB-9933-8847AAFE36C3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{48DBA371-D140-46E8-82E4-21AB077857E5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{48E780BB-518F-498D-9267-8ECA06C9ACBD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4A091638-8435-4AA2-BCA8-E4E441FD16B2}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4A2CF478-D139-40BD-92D4-85D82334DA61}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4A57B4BB-F29C-407D-88C2-A2146778F653}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4B0C2777-BEB1-4019-9A4A-359EA6C9CFB4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4BA3326E-040B-4C2D-B85E-7C310BFFD603}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4BEF1EF7-3B41-4DBD-8C84-0F0606E6EA21}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4CB70A88-1B25-478A-B8EF-67BF94B1899E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4D336782-083A-4ACC-BAC1-6E217CA312AB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4E15A908-A69B-4F1B-827F-305D9ABD100D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{50DD866E-026A-45B3-BA86-091BBCD68A67}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{50E6D75D-EFA5-4749-91FF-044D266BC7B9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5155C37A-716F-42BB-8174-F9CABFB7C5A9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{51D92368-F524-4DD1-AE08-BBFFC68FA0FD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{525744D6-4B50-4D89-BBC2-A142B6DBC391}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{530F38E6-D339-4140-9669-BB36B6C53516}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{532703DF-FF48-407C-AB10-2BBBA9F34987}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5481A949-7D1A-4DEA-8D9A-DFE830E26E50}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5556BB0B-4D90-4F56-86DA-13B69CA1247B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{568E363D-7788-46F1-85C1-6E66762DEC44}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{56A9DA01-520C-47E5-8530-9B97EE768984}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{582DCAFB-6437-4E7A-A9E8-0FE249223C8F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5852CF0C-6949-448A-A40D-E0469B7029A3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{58B67E65-390D-4985-BA7F-2E997F1E84A7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5A560D82-FAF1-4421-8828-B3BE298B0C77}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5B5068FF-424A-4DCD-8DA0-268A453E8B7B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5BD9400F-2FD1-4D64-9224-389275104B3F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5C7D8738-03CC-4318-A8FA-FA8933522D46}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5DF689E6-B36F-4E06-9486-13E2BDD287E9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5DFCE829-8D2A-456B-B374-950C6F6D9725}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5EC37A41-0C44-4005-863A-B5150C5768CE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{60814EF1-5291-4F76-ADA1-3E287A760AD4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{609FCB68-7151-4263-972F-F419145CA695}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{611D9F88-A788-4B48-9A3E-810CDF78BF5B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{63057350-0687-4747-9635-DB5C2B37F522}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6312CFB9-9DDA-44C7-86AF-42E7A8ECE155}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{63D97C1D-5C02-47E8-A0CA-1284A3A982FD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6452CD43-88E2-4BFC-B645-24E224E7E463}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{64A897DA-9DAA-4714-9F22-62FCEC648950}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{64D1BB68-12C8-45CC-9E1E-B215930DCAFA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{651524C1-BB63-4B50-BF63-2B94991ABF35}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{65871BD3-F0D5-4927-B93B-B3DD097CD35B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{65D9645D-919E-4B2C-92C1-CAFEE982506F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{66214523-D0D5-4234-B85B-DECA40A26B38}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6699A1B0-82A9-470B-B202-B29689200E5A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{66BF3AD1-F1A9-4453-B441-700C9F3E3EC3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{66ED5207-7508-4D5B-B78B-2CB76C3CD7B3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{677882D3-DC61-4714-8901-492EC43EB3A0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{67D965A8-E39F-4817-BC79-69EFB5BF2458}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{681DECAE-FA4B-40DE-AD90-7F1D1A8C557B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{68B17C18-93DF-4503-9B68-EFE1E362B66D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6997F6E0-1A75-4925-8657-1D4BA0CEF83F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{69B789E0-3CE4-4897-AC75-3A31A46DDB56}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6A78C82C-BF8E-4652-95DC-2F705B8ABFD7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6B20838B-0943-48FA-88E5-B19700569204}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6BFF8296-D3D2-4F50-B978-E205F6F01FFF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6D0AB75C-7CB3-4D90-9C10-A342DAEBC496}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6D668E8A-3783-43DA-A60D-1AB6449D5447}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6E8FBEA8-0B2D-4F52-B9D9-749117371AE3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6E9C5F60-FF6B-4A56-8A82-EA3D9FED39D6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6F6565C6-554A-477C-A0B6-F6894328446F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6FB51FFC-8883-4665-830C-E256151839C0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{70545CEB-0FED-435C-991E-A607C3ABC4F9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7086FAC1-F596-41E7-B019-3E476ACEC14D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{710C7615-DF5C-41F6-9A3F-D9DB0C86FFE4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{71F85321-7B16-4BA7-930F-FA887B179CCD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{72E663DE-1379-4DC8-A5E2-AE6BC0C50831}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{73B65682-CF1F-4C70-A2AB-53784C269216}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{73B735B6-95F5-48FB-833E-7254DC0DC926}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{73E306E9-AFE3-48E3-B033-7C4AF2D5B50A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{73F92F6A-9371-4DCF-8B04-9625E2A078CB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{73FD519F-39B6-4096-BBD6-95F75B1B5A31}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{74C5584B-3334-4822-BFA2-C83C9C021654}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7564C10F-8AFB-42C9-95CC-A844D1C7912D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{75CCFA25-6D9B-466F-A461-22AF8303B10B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{75D4897E-4C19-4615-BF4F-E90132232514}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{76913DA4-F8B6-47AC-919C-6214CEB7FE0C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{77B156D4-A0E1-4B4C-976A-C42620748B78}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7835061C-923E-4396-963C-DECBB14808A9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{78851B6C-BDF2-4F73-8EFA-BC3AEDC2AD44}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{799DD9ED-8040-4334-B3D2-D9BD48399A97}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7A25A810-6D58-4195-8A95-2698FBAC8747}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7B1CBB17-D713-4C84-A8E1-741580B16187}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7B3A260E-6708-4E58-8A26-599F7DCAEFE8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7B5707DE-D0EE-44C3-B3A8-8F555FF2F103}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7B7E8CD2-60F2-4676-BC9E-DE72088A62EF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7C2B34DE-E03F-4486-A8CF-43B313546E95}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7C2FA5D7-221C-4B9B-BCE2-8E46E5C48497}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7CB73E4E-D567-4CC9-AB44-514B0C7FBF9B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7DDABE9B-C0A9-4738-B8B6-A10BD8626096}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7E2C1269-DD64-4ED7-909E-954F16453BCA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7F395672-3A64-4182-989C-27AD6A9C10C3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8214BF1B-1620-4E80-B714-D8ABE50B4631}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{823AC1E3-FB1D-4B3F-9068-0F8F53F8DA79}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{82588AB2-3A9A-4556-856B-98EED3A8B121}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8357D98A-04C4-4C44-89F7-5B5B8598D8CE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{835DAE55-2658-4365-8841-A8B54FB3040F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{83D13AA5-C1DC-450E-A7AB-E0FEB41A3F1A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{83EC351A-584E-4E44-94BD-9699DDC946FD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{842C5486-AD44-400B-8546-9AE9C243718D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{84E797A5-E37A-42B4-9E9D-B75CDFB6368F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8561421A-7122-4676-AD43-0F46161B0BF0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8585FA53-5065-462D-BDA9-A243FDBD99E1}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{85C389D7-672C-414A-9220-86B9746022DD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8607D140-A3A7-4BC6-8F7A-634D4224EA5F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{87B0C770-F917-4314-8E5C-C5C58C366796}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{87B94894-F075-4868-BA9A-CE022EF07AC8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{88EC56C2-91D2-4B9B-BB24-9733F9151BB0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{89334C85-BC6A-494B-81B5-FD5A6B33CCD5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8AA7B8B0-04CA-4BED-84F8-A9303633ABD7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8B6EBBA3-632E-4BD2-B1E4-BB96372C1D0F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8BE02C31-CB7D-49D0-BF92-A0559BFE0255}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8DE3CBF5-0A23-444F-AF25-35FEABC79A4D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8F3E890B-EDA5-48F2-8ABC-3887ECB0F998}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8FAFC86A-F379-4021-B320-A980F5B5C099}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{901EF42F-7F8C-46B5-85A4-BF147E2D557F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9093BCAC-FF5B-4EB6-B104-86329221F3F4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9151CA66-1883-412E-AC38-AB0B01E9C522}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{91BA29E4-307D-4C64-9991-8F4706FBBD1A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{91C4DEE1-FEF6-4DBF-A036-728FAC2983CD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{923451AD-6A04-4D1D-BE55-EB912F8E6212}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{94782DFC-78CF-4D4F-A073-B1979ADF29DD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{94806C50-AB08-4348-A882-F7514C868805}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{95041EBC-EB02-47C3-A194-85B195BDEB8F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{950AE407-64F2-4957-9927-91FDD5BA2700}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{959F6BB0-1983-4850-8720-798B1C6CC440}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{95B31445-2F6D-4DB2-9F74-15ACCEB080CC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9726F100-A1AF-4311-A47B-B75C0D15057E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{97897336-2A78-4506-9BD4-A740B458B0B4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{97F056D3-44A4-442A-AE31-907D3681C973}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{983E9D7F-B18A-480C-92F8-3CD513BCF9CC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{98B9DB28-2F16-4BE2-945E-8DB256F3DE47}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9907C22D-ACF6-4AC7-8762-9572E7ABDC6D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9943E838-8CAB-4ED9-8D85-7307B8DC6AF2}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{99649A23-28BB-4133-B0BD-1FEBC3ED5230}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{997A56C2-C908-4BE8-A18B-9BA29BBC13EE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{997DE054-9E68-4D30-8430-6BB670457F98}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9A064F27-F04F-464B-A09B-20D942E1FA5C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9AA1A89A-ACC5-4D5D-A499-D7626F55621A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9AC8F3B5-EA12-4D15-926A-CD22D8F8684D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9B83FC4B-625B-4EA6-996B-F2127B497F3D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9D50FF1C-7A91-4360-8876-F713926B532B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9DAA0D6D-6A6A-4CC0-9040-BB07328FDC6F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9EF74E9D-C14B-41B2-8423-F44F891EAFD0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9F635335-0311-46C3-B329-67C100312089}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A09D2E18-B7DC-48B9-A60A-DBCA598E142A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A0C666DF-912B-4AF8-9330-FFEBB669F5B3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A155A1A3-A91A-401A-917C-9D8806E495FC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A26D30A9-B7F2-4969-91AB-9F2C78E065C0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A3007C21-8AE4-4E0C-8958-8DE49D225B0E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A300BF95-CADB-4FD6-9BA5-B9CA8133D31E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A37C195A-AF91-4609-947D-D0E9464DE89A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A3EF5D5A-2CEE-4790-8BD3-699F6F40E30F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A43F01A8-9E0A-43F4-9DB2-2830B99FB090}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A52D0DD0-8189-4BF6-938A-31E596CCDA5B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A5734C4B-7D28-457A-A54C-90A1CE13DCFC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A67CD607-938E-4BFF-B395-F84FABBD84F7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A708ED67-4F93-44AC-96DD-2F6E0BF22C5E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A72D4EBC-816A-480F-A250-F491B4FFC368}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A730A98F-550A-44E7-A3F5-6A9A0671635A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A7475A97-26D4-4574-9165-59FF92CFEEE0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A75B6D27-4DBC-4D18-B5AB-B50231C817F8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A7BFAF25-671C-4026-8ADE-4ACFAA1FE410}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A9C82A02-4088-4BFB-A67B-BEB45E89F142}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A9E0BE33-F967-4ECC-B4E6-3304222BD299}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AA099173-0ED1-4E94-9339-FC96E1385DF5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AA2888A7-5D5A-47E1-9C1D-26130F0B2822}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AA583D56-34BB-4BA8-A209-74AAD6550C3A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AB344BED-BBB7-4FA6-BC27-B7D60E83CFCE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ABA4FAFB-A786-4855-9E84-A033DC39AFD6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AC10E139-2C2F-4A5D-B6C3-6F00F77DD0F8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AC4F1207-C556-49AB-ABE3-E0D8BEAA14CD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AC6485A0-E548-4929-B01D-5526E8CBD138}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AD762B60-5464-4D0C-A57D-D30753534BAB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ADAA4975-C1F5-424E-8652-41DBAB33BA05}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AE0D6992-60D2-4885-A8AC-50C09D37614E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AE91E946-6753-4F73-86D3-2F959B448F69}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AF6F1602-D1C8-4A13-9846-0435DAB627FC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AFB76DA6-567C-4791-AC90-E0A9A925A5CF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B03A24FF-3C0C-45D5-80A8-FA2503B1E8F7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B0FD1FF0-61E4-43F6-AC4D-BFE9A2A429B5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B155EC4B-B5D2-4DD6-913B-AFED5AEAFDC3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B15A90D8-60F9-4FE2-9367-F24B182DF712}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B2E3EF0F-653A-44D0-9968-26CD400A225A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B2F78E73-C1B9-4F8E-85B6-83A47CA445D8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B3019A56-0837-40FF-B647-F5914F0687DD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B340C8DC-111B-42E1-8004-5158379B0F46}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B3910685-AA81-4502-9D56-3A7E2573F090}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B3F41A18-7A5C-499A-87EC-DF1C9D842FB2}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B4250BAC-5AA3-4393-BC37-2230A5FCBDD0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B4B8F312-DD4D-472A-9002-56E345C93C54}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B4DD360B-0809-454E-91C2-8CCBF42AEAA6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B540C51E-1D40-4AE0-B3B4-F1C92DA3287E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B6C85127-FFD6-438F-B8E5-1425F27D55B5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B6FC35A9-1497-487D-B8AA-16F736DCB9AE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B76A0B78-00E8-45D6-8178-25FBD562AA33}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B86DA067-7BE6-4367-86E3-E7F72E732023}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{BBCE1FCA-316C-47F8-BB42-434DE0F99065}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{BE56506D-F7CB-423F-9F12-CD7D6F59E855}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{BE616CD5-3C37-493F-B6FE-CF2916BFEA05}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C00CF31E-FD2E-4991-BEEF-665FB8C2B487}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C171E981-409E-431C-8F7C-54EC618C3786}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C2F62D09-41A2-4D44-8288-FC87C761356F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C3963C47-A254-4685-A08D-D7FEE5098D1C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C3E077E8-EF92-47E5-BEB1-CA1CAE0FE4F5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C4225EA9-A7C4-4D40-806F-E41226E854A6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C4BD4AB7-D698-400C-B20F-083241A27B21}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C526AF99-FB35-4231-92A0-8376761CEC2D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C570C7AA-472F-40E7-A29D-E63732CDA87D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C5839527-B289-4FCE-85C4-BB4C2596DDE7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C5A06CAC-B086-4491-B7D6-9BC83A591B29}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C650472D-5399-4074-A106-96543751B851}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C69859EA-07EF-428A-AEF1-0DB911749C22}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C6BCFE57-D5B0-4991-9516-A1805A3D1EA1}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C7A2A0D8-9BB8-4B3C-943A-E14EE75AAF17}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C831FABB-8DE9-4EBE-A66E-6A10426A1F19}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C8B92773-7EE1-4C72-BAEA-54A174EE70BC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C91DD331-3FB5-41F5-A884-8F727E74D68F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C9AC5ADE-2F21-466B-8309-49F0A9489F18}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CA1EBB9E-F5B2-4B13-8D79-AEFFFD247244}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CAB60946-2907-4EE3-A0A3-8D01BAC8E4BB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CAD9F250-F7BC-4B76-8867-C3102015DBBB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CB8FF0D2-1F7F-4B76-9261-44666469FFF7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CCB54EE4-DDA7-4A83-A8C5-F0E8105B30A8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CCC49E1A-4A0C-478B-BC1C-45C926175265}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CD866148-9782-4569-939C-3A7B35630FCA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CDEAFF40-E6C0-49B3-A075-ED9B18DA3C9F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CE8D30AD-192E-4D4B-AC1F-609FDAE23AB5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CEC73C28-ABE5-4B3D-B962-92084FF182EB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CEEB7A50-3809-48BA-BA1C-7220F3D3B9FA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CF110F44-5E8C-47E2-8849-2D672F325C42}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CFCD957F-6D7E-48B3-A882-088BC31D81EC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CFD4DA7A-925E-4763-B74B-62EBBB6A1DF9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D0155729-84CF-4A6F-BDC0-726F55C87159}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D0A1B948-1D38-405F-BFD9-003B81D80B5A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D1413FC3-17CB-4D0A-865C-3616F42FF4FD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D1F66570-048D-42EE-A40A-5434A9FDE3FA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D2E95217-F022-431D-BF28-46DFBA9DD093}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D3A08370-5F8F-4573-B4F3-B8C1D4A51440}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D3EC1B1E-D355-491B-BB45-1CC154455DD3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D40FD350-F825-4BF7-94ED-84EE9E78C5A8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D441C9FA-E855-444C-B25B-33BEE4D6B753}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D4F9DFDF-A245-4DA2-9D25-5F987B35896A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D62DD611-490E-4646-A375-6EF7D7556AB3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D68F97B2-05F4-4B60-9E8F-AC8D02FABC76}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D732D274-9978-411C-BB1B-5E73117405B4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D736B0D8-E655-4262-A5A5-9FD945AD091C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D79694CB-59C6-4E78-B159-E6C634D70D38}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D7C29808-BCB4-4E1F-B83B-90D6A989F0E3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D7D9DA41-47FA-4905-BEC9-C3B4EABA52A6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D7E1FAB9-74DA-412D-8D9D-55BA3D797B5A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D9B68DDE-5040-45A0-887E-7E077AD9D05E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DA53343A-0545-40B2-BC27-25F6B5F97FEF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DB0BF560-32B9-4AAD-83BD-FABE2A7E064E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DCACCAC0-5F00-49F9-B0E5-2426DE84A5DD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DDEEB43B-A4ED-443C-95C5-CA7DD749812A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DE215CA6-B6C0-4A20-9381-1EE039883A4A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DEF7BA97-6494-4E64-8E54-94EF8976D02D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DFCD6E77-1713-4417-B092-6176986A234D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E20EF2F9-2346-4629-86BD-35B2EFEB9239}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E2E03F86-C494-4847-AA81-4920BC67058C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E415F2D4-18D8-43A8-80A6-48D47A91140C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E4E31726-D4A0-4BBE-9E86-6EACBBE3B14A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E5116C86-7ADF-42FB-9F22-50FBC8EE4A4A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E5122DDF-91A5-495A-B252-F102F67A5776}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E53B2D65-1375-4663-BDE3-1F60C942DEF6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E5C72337-33C3-4123-8F8B-2737E59155A6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E5C9443E-633F-4071-9C6A-670780E0F724}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E61D3293-F961-4EE6-8194-10C14DA715BE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E6A17028-424F-4DE5-AAB8-9445A2D1A10A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E76C4FFC-9FC2-4D57-A4F4-EE69E4FA6E6C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E7E64BC2-9770-48E1-B1DB-17C9B4B7F904}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E7EF229B-6F57-4AE0-A721-6656D41B3A72}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E8DFDF8B-BFC5-4E12-BD83-5AA95392E5FD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E9AC4522-2179-4531-B395-05410D797568}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EA9E0165-BEB6-472C-B1B3-8D80F8CED2BD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EB76850B-C173-423C-A5A3-AAADD6E50DBD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EC43718C-EEEA-4E7D-9065-D890A281FBAF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ECC70E83-1156-4968-A34E-11EA6C1274AA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ED1728EF-663B-4731-9F56-D8DB17BA7BC5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ED350417-7CCC-42C0-93F6-2722B1EB694A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ED4C66DD-DE68-4FE2-8F71-876FD1F4AAC6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EDAEB99C-081E-4B49-B37A-E26A69D34ABB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EDEB8E33-A191-4DFA-BB6A-137BEEB1716B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EE7A1C6C-5677-4567-8806-A31830EA8DC0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EE93C842-52D2-458B-AF9B-88F585EFC2DA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EEB6C244-0377-460C-A5FA-8AB495ADCE3B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EED62A62-6899-49CA-A050-C1A2617BD11E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EEEDB508-FCAD-4E48-A1C9-A08E92AE7E12}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EF771CB2-75B4-4232-A25B-56C377656EA8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F1054A4B-42A7-49F2-B463-B1B2A8CEF541}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F23F68DF-614C-4088-BC86-DDA9E7E05C1F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F2EB872A-08A1-4FBA-9887-F8D044D08903}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F3331AC1-5CB3-4CC9-B0DA-9293C66928CB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F422E5D6-9471-4D2D-81BF-31E3AE2EB129}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F5561608-BF07-4D4A-95D9-69CD80D26929}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F5D4481D-5B91-4DC8-B6E4-735B8E883BED}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F831B1F4-8442-4B83-9C1B-F9DBC86A5A65}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F85AA972-9681-47CC-812C-15F4F70D3C9E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F96B4EDD-21E5-4BBD-BD0D-147B344241DB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FAB7B301-2F89-4CDC-9888-88F7C7FF727E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FAB9DFE8-B2B6-4BA6-9C74-ECFE1DCB5160}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FB5BB4E4-682B-4560-8B0C-94BCFBE5C973}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FB9CBADD-953F-414A-B8FD-1A53F7810491}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FCBAF4C7-22A4-4808-9CA4-C3975C7C91F5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FCBED56F-1766-414C-8DB6-121314067370}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FCD66FC2-2489-46E9-9267-83745004F5D3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FD141E2D-A795-440E-978B-C2FF63ACB362}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FEC47CA5-1341-4615-910F-ECFC83FB742C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FFCD29E3-B3E5-4C0B-9DCE-DE618390E767}
~~~ FireFox
Successfully deleted: [File] C:\Users\Dawn\AppData\Roaming\mozilla\firefox\profiles\lvo7s835.default\invalidprefs.js
Successfully deleted: [Folder] C:\Users\Dawn\AppData\Roaming\mozilla\firefox\profiles\lvo7s835.default\extensions\[email protected]
Successfully deleted the following from C:\Users\Dawn\AppData\Roaming\mozilla\firefox\profiles\lvo7s835.default\prefs.js
user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("browser.search.defaultengine", "Privitize VPN");
user_pref("extensions.uXJ7HqxJMXZ.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.match(/ressbar.com[^f]+fid=65017/)||url.indexO
user_pref("extensions.uXJ7HqxJMXZ.url", "hxxp://transferbookmy.info/sync2/?q=hfZ9ofV9CShEAen0qHs9tMqLDe49CNU0jUEMCMlNhd9FrHwFrTrEqja9qjgMBzqUojw9rdsErja8qjsFrSh7hfs0pihPBMn0rj
Emptied folder: C:\Users\Dawn\AppData\Roaming\mozilla\firefox\profiles\lvo7s835.default\minidumps [51 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/01/2014 at 1:35:17.66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is the JRT...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Dawn on 02/01/2014 at 1:27:17.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\privitizevpninstalldates
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\startsearch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1640631956-789530371-1737118854-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sp global
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\Users\Dawn\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Dawn\appdata\local\slick savings"
Successfully deleted: [Folder] "C:\Users\Dawn\appdata\local\software"
Successfully deleted: [Folder] "C:\Program Files (x86)\websearch"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{002857AB-DFD5-4C5E-ABCF-1AF0B29B1CF0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{00542CAA-E2DB-4167-B62B-2DFD62C41369}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{00D4988F-41A8-4D3C-A5B7-1320D8254F74}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{010BC818-C8CB-4ABD-B758-B8844593FB1F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0116153B-1C3A-49F1-8026-166E4125B352}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{01193F08-4D15-4232-93E3-417505C51EE3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{013948ED-7088-4947-9EC4-654C3723EBB9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{01498729-B691-4C78-947A-0899608F465C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{01EA87AC-A83A-4EE8-BED2-9A67C9103722}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{02152A30-DA93-446D-9AA7-C51C6135A41C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0263414A-D285-4D6F-AC26-67260C4DDD11}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0268D171-FB2F-4ABE-8174-B95011E5419E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{03241996-1888-4968-BDA6-91B25ECCF993}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0417B9F9-4A0F-42F1-AA72-188DA5AEDA64}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0423F97F-E6F9-45FC-B7AC-0B9832A533AB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{044D2249-1358-4FE6-B6E7-DA89550F12C3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{04A8CCFD-2F65-4596-857C-CC8FA660EC9D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{050AAF08-7C5C-416C-A9B8-804CFDD79A63}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{05276745-4B29-463A-8800-F9B95F148B6C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0583E5F3-15D1-47B5-AC88-42E389D96FBC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{058D1792-6570-41C7-8E7E-231A2DC587CC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{05A70068-9184-42D7-86D1-B281C3DFAE61}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{06682FF6-9908-4EDD-84FB-80D33D03E0F4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{066BF604-6AA1-4005-933A-EDD1DF478AE4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{067199B6-392E-4410-9BDF-3D563D4C3AE3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{08522973-38B2-4824-BFEE-39ACD9C07B4C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{088ABD38-0DE4-4759-B2D2-F5132AC6F67B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{091A343D-A580-4FEF-9EE6-C566D779B65D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{092EC6FD-1DAB-4EE8-86B6-2051884AE220}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{09F7FA56-C7CB-457F-BB3F-FD14C7AF5E26}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0A3FE9B9-4169-4648-9CFA-94A0CE004235}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0A679EA2-6B6C-42F1-BE8C-4B503352B34F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0BF5681F-2350-4B11-9983-AD8A19398F4B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0C7F1909-7387-486E-9C56-633C54D20124}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0C94F9D1-33EC-4B0F-979F-E01CDB3E8279}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0D6D993B-AB06-4F88-952F-CA77AA7EC54E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0DB0E38B-FA49-45D2-AF2C-8A31955848D5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0DDF60EB-1AE1-47B8-8217-381A346CD67B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0E0C3D1F-EC91-4CE1-886C-130871171F8B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0EDAEDF4-03E4-4E35-AAE0-125FE103BA21}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0F656145-792D-44CE-8626-06003A50E727}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{0F6BEBB8-02D1-4D44-88CA-580DDF50BF96}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{10CFFD83-AB40-4336-AFC7-1D6536A61EDD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{112DD24A-21AD-4116-9DD0-E19478F3CE45}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{11DFCBAD-AF83-409E-8AC9-6263FDF69FA3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{123C9E1E-7598-4422-982F-513325679583}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{12492E71-E4A8-42BF-9F1F-1E8D0396D550}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1292F503-49E6-49B9-AF51-980207C3D7E1}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{12DE5B5A-DB37-41D1-9643-FF3495044CBB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{143A537D-D61C-4143-8896-F52C6366EEFC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{148205B8-B754-4C84-AAAF-646D89E86DAD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1487828D-F407-47EF-B874-5398E0C35F78}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{14C574D7-78CE-4276-826F-78A2EA6FBBD9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{14E23CA1-7C70-40BF-A610-E89B806688BA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{150BD721-FF6C-4EED-9E85-ADEEF04F4136}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{175DBAA2-6720-4DFF-ADAE-0097821845E8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{17D8A3E2-AE4C-475A-9D49-907DD34C02FB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{182EBDAF-6B58-471C-A8C7-73BA2F777045}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{18528FF5-A399-4704-A3D7-238DE835482B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{18F76800-34D0-4864-9923-C2D59D747358}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{19229328-F8E9-4523-94E5-EDDC7EA7C2A3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1A070B43-8F35-4BE6-8E9A-EAA13F01A18A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1B40571C-F0E9-4F32-87E8-2504829B46BA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1B72D152-C72B-4B11-B3F3-C897FAAC0930}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1C2FF7BF-A1C8-4589-BC38-5F2BF1E851CD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1C65F6A6-4CD8-4C29-9F4A-01448A1D2F9E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1D2CB060-35CF-4154-87E5-007456E86B61}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1D5E61E3-4B64-4296-9E05-1529938F0605}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1DF911DF-8EE9-4F90-99B3-C21A19CBA677}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1E2107F7-D965-4F57-B4A0-E29F9B3D3363}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1E529BC0-AB86-4AA4-AED2-07B08E2C00F5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1E7038C6-CA1D-4AD2-85F0-2C8FB3C7182B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1FEF631C-9354-4A45-8824-D277DC122A4F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{1FF0E69A-91D9-4A2E-81B6-BD92E9052BF7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2012AAC9-7A8E-4A00-8C2D-AA19538B9598}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2017183E-D8B3-4117-88FE-780F6845C6A2}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{20D68BE3-D1AC-4FD9-809C-B88B111A5268}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{20E2EF26-0B7F-4A12-BB9F-7E62659F7BB3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{21057836-9A01-4CDF-86A2-6B081FBE5B7A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{212BE096-7295-4847-BD60-27B7B9ABE512}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{216097A4-FD69-4BFE-BE40-DDF5050BCBEA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{21CD1E9C-B60D-408F-B8A0-E99BA0D4BFA6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{22931418-920E-4C4A-83BF-FA84F4C9EAC0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{235B67FD-856E-4D32-8E25-27F120BE2EA5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{24740427-D675-458B-8217-BB223BFA0A13}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{248302ED-4083-4B25-BAB2-9D71DD36A995}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{25119E71-A308-4F7B-86C9-BC12EBC08954}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2654E787-96F1-42E8-BEF9-B19FEC8A076B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2697E303-2007-440B-A791-7408C1FAB9C6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{26AF9DAC-1BD4-4D7F-8441-3565157B106F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{26E9C09F-062D-4B2B-A4F4-3ABCFA369BF5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{28694144-311E-4658-9C98-65288A443B2C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{29057240-CCD7-4469-B6BC-BA3983E70BB2}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{294E053B-7897-462E-BE19-5399DC6AFD90}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{294E6234-FDC6-40F0-9D65-A4FDD5A01BA4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2958824F-64F6-4E35-90E3-7AC0F00463A5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2A043D13-8E72-4AC1-A9DD-2FADDACA2BD6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2AA95BA2-045F-4954-B00C-D11CAEFED29C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2B1D7755-2D60-42BB-A11B-7874EC8AEEFD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2B22CE4B-0D9A-41F7-9B78-F639096E76F9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2CB1C708-406B-4872-81B7-510E618D7232}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2CB43D72-64EB-4603-9865-0448C8982AA8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2D9C459C-AB46-4FD6-ADB3-90F7E090E26F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2E121C64-6666-4CF2-A76F-F0EFF4E3E8F0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2EBA2F1F-B844-4E48-A078-F9A83F513CD3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{2F8F34E5-44CC-44CB-ABE4-9B478CC4EF44}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3009729A-FC13-4C9D-AE92-AF5ACDD82BEF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{30D54938-527D-46C9-9897-DA9905DC8034}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3168A589-04D7-46CD-BE75-62BE0695C540}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{31FCE37F-233A-49B5-B2F7-C151A02BE7E8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{343C755C-0D4D-48EC-ABD4-B9F88A09974C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{355A15FE-7C48-4D83-9774-97C2951D4F7A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3775E008-CB23-4A85-BFAA-4D757F1AE067}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{38145212-0E00-446B-8622-05EC2A1DB61B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{386AFAF4-21A8-4C19-8045-9729065628A4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{38725D0A-4F3E-441C-B53D-7745282E7214}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{389940A2-911C-4237-85A0-945B32DC9133}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{38DDB0CD-6A00-450F-A902-02CAE1331AF4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{39F56AE4-A6AB-4EAA-B3E6-03A75DE32B04}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3A71E939-0BC0-4426-82A5-E6968980C58C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3C0B7140-45C8-47B3-8083-F58D09BF298E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3D1284C6-3554-45C1-8465-04C7CC1D5D06}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3D30DD35-0027-41FF-86F5-E26B8842EFE1}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3F072CAD-198A-409D-B4CF-81F8944FB074}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{3F9BE0F3-B18D-4239-AA62-C06981F6D225}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{408A7F6F-6ED2-4814-8491-C784B0F812F0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{422498B6-13D9-40A0-8D73-DBC2DE8E280D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{426B5763-A9FE-40AE-B186-ADD115579F28}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{42A65233-AD90-4389-BFC4-8529BCAB03E5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{433A6847-8801-4824-B2D1-E01C92BF1B61}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{436CB0F2-95C1-4E6A-8B06-D672AB645CCA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{450FE751-60EF-4C98-8761-1A2371840639}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{456E908F-2A06-416B-AD7B-F61BAA6C363D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{457ABE46-0D70-48A4-8C61-3F2D4DF0FA54}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{45CF4AEF-1843-40E0-A283-302C2239A70A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{45D59852-8180-401A-AA68-8E2260DF290E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{460A3674-4DB2-46A4-B308-9729E0B9CE64}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{468F798C-0998-4018-8756-3B91491873C4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{47D51EDE-B20C-481A-A354-541025657CC8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4820500E-AFE5-4655-9159-816DC0DBE973}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4857F227-2FD9-40CE-9729-D27F7F828526}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{48968B8B-274E-4BCB-9933-8847AAFE36C3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{48DBA371-D140-46E8-82E4-21AB077857E5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{48E780BB-518F-498D-9267-8ECA06C9ACBD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4A091638-8435-4AA2-BCA8-E4E441FD16B2}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4A2CF478-D139-40BD-92D4-85D82334DA61}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4A57B4BB-F29C-407D-88C2-A2146778F653}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4B0C2777-BEB1-4019-9A4A-359EA6C9CFB4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4BA3326E-040B-4C2D-B85E-7C310BFFD603}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4BEF1EF7-3B41-4DBD-8C84-0F0606E6EA21}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4CB70A88-1B25-478A-B8EF-67BF94B1899E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4D336782-083A-4ACC-BAC1-6E217CA312AB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{4E15A908-A69B-4F1B-827F-305D9ABD100D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{50DD866E-026A-45B3-BA86-091BBCD68A67}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{50E6D75D-EFA5-4749-91FF-044D266BC7B9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5155C37A-716F-42BB-8174-F9CABFB7C5A9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{51D92368-F524-4DD1-AE08-BBFFC68FA0FD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{525744D6-4B50-4D89-BBC2-A142B6DBC391}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{530F38E6-D339-4140-9669-BB36B6C53516}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{532703DF-FF48-407C-AB10-2BBBA9F34987}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5481A949-7D1A-4DEA-8D9A-DFE830E26E50}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5556BB0B-4D90-4F56-86DA-13B69CA1247B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{568E363D-7788-46F1-85C1-6E66762DEC44}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{56A9DA01-520C-47E5-8530-9B97EE768984}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{582DCAFB-6437-4E7A-A9E8-0FE249223C8F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5852CF0C-6949-448A-A40D-E0469B7029A3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{58B67E65-390D-4985-BA7F-2E997F1E84A7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5A560D82-FAF1-4421-8828-B3BE298B0C77}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5B5068FF-424A-4DCD-8DA0-268A453E8B7B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5BD9400F-2FD1-4D64-9224-389275104B3F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5C7D8738-03CC-4318-A8FA-FA8933522D46}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5DF689E6-B36F-4E06-9486-13E2BDD287E9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5DFCE829-8D2A-456B-B374-950C6F6D9725}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{5EC37A41-0C44-4005-863A-B5150C5768CE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{60814EF1-5291-4F76-ADA1-3E287A760AD4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{609FCB68-7151-4263-972F-F419145CA695}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{611D9F88-A788-4B48-9A3E-810CDF78BF5B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{63057350-0687-4747-9635-DB5C2B37F522}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6312CFB9-9DDA-44C7-86AF-42E7A8ECE155}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{63D97C1D-5C02-47E8-A0CA-1284A3A982FD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6452CD43-88E2-4BFC-B645-24E224E7E463}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{64A897DA-9DAA-4714-9F22-62FCEC648950}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{64D1BB68-12C8-45CC-9E1E-B215930DCAFA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{651524C1-BB63-4B50-BF63-2B94991ABF35}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{65871BD3-F0D5-4927-B93B-B3DD097CD35B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{65D9645D-919E-4B2C-92C1-CAFEE982506F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{66214523-D0D5-4234-B85B-DECA40A26B38}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6699A1B0-82A9-470B-B202-B29689200E5A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{66BF3AD1-F1A9-4453-B441-700C9F3E3EC3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{66ED5207-7508-4D5B-B78B-2CB76C3CD7B3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{677882D3-DC61-4714-8901-492EC43EB3A0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{67D965A8-E39F-4817-BC79-69EFB5BF2458}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{681DECAE-FA4B-40DE-AD90-7F1D1A8C557B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{68B17C18-93DF-4503-9B68-EFE1E362B66D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6997F6E0-1A75-4925-8657-1D4BA0CEF83F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{69B789E0-3CE4-4897-AC75-3A31A46DDB56}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6A78C82C-BF8E-4652-95DC-2F705B8ABFD7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6B20838B-0943-48FA-88E5-B19700569204}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6BFF8296-D3D2-4F50-B978-E205F6F01FFF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6D0AB75C-7CB3-4D90-9C10-A342DAEBC496}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6D668E8A-3783-43DA-A60D-1AB6449D5447}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6E8FBEA8-0B2D-4F52-B9D9-749117371AE3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6E9C5F60-FF6B-4A56-8A82-EA3D9FED39D6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6F6565C6-554A-477C-A0B6-F6894328446F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{6FB51FFC-8883-4665-830C-E256151839C0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{70545CEB-0FED-435C-991E-A607C3ABC4F9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7086FAC1-F596-41E7-B019-3E476ACEC14D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{710C7615-DF5C-41F6-9A3F-D9DB0C86FFE4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{71F85321-7B16-4BA7-930F-FA887B179CCD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{72E663DE-1379-4DC8-A5E2-AE6BC0C50831}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{73B65682-CF1F-4C70-A2AB-53784C269216}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{73B735B6-95F5-48FB-833E-7254DC0DC926}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{73E306E9-AFE3-48E3-B033-7C4AF2D5B50A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{73F92F6A-9371-4DCF-8B04-9625E2A078CB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{73FD519F-39B6-4096-BBD6-95F75B1B5A31}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{74C5584B-3334-4822-BFA2-C83C9C021654}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7564C10F-8AFB-42C9-95CC-A844D1C7912D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{75CCFA25-6D9B-466F-A461-22AF8303B10B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{75D4897E-4C19-4615-BF4F-E90132232514}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{76913DA4-F8B6-47AC-919C-6214CEB7FE0C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{77B156D4-A0E1-4B4C-976A-C42620748B78}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7835061C-923E-4396-963C-DECBB14808A9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{78851B6C-BDF2-4F73-8EFA-BC3AEDC2AD44}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{799DD9ED-8040-4334-B3D2-D9BD48399A97}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7A25A810-6D58-4195-8A95-2698FBAC8747}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7B1CBB17-D713-4C84-A8E1-741580B16187}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7B3A260E-6708-4E58-8A26-599F7DCAEFE8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7B5707DE-D0EE-44C3-B3A8-8F555FF2F103}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7B7E8CD2-60F2-4676-BC9E-DE72088A62EF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7C2B34DE-E03F-4486-A8CF-43B313546E95}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7C2FA5D7-221C-4B9B-BCE2-8E46E5C48497}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7CB73E4E-D567-4CC9-AB44-514B0C7FBF9B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7DDABE9B-C0A9-4738-B8B6-A10BD8626096}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7E2C1269-DD64-4ED7-909E-954F16453BCA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{7F395672-3A64-4182-989C-27AD6A9C10C3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8214BF1B-1620-4E80-B714-D8ABE50B4631}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{823AC1E3-FB1D-4B3F-9068-0F8F53F8DA79}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{82588AB2-3A9A-4556-856B-98EED3A8B121}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8357D98A-04C4-4C44-89F7-5B5B8598D8CE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{835DAE55-2658-4365-8841-A8B54FB3040F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{83D13AA5-C1DC-450E-A7AB-E0FEB41A3F1A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{83EC351A-584E-4E44-94BD-9699DDC946FD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{842C5486-AD44-400B-8546-9AE9C243718D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{84E797A5-E37A-42B4-9E9D-B75CDFB6368F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8561421A-7122-4676-AD43-0F46161B0BF0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8585FA53-5065-462D-BDA9-A243FDBD99E1}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{85C389D7-672C-414A-9220-86B9746022DD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8607D140-A3A7-4BC6-8F7A-634D4224EA5F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{87B0C770-F917-4314-8E5C-C5C58C366796}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{87B94894-F075-4868-BA9A-CE022EF07AC8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{88EC56C2-91D2-4B9B-BB24-9733F9151BB0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{89334C85-BC6A-494B-81B5-FD5A6B33CCD5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8AA7B8B0-04CA-4BED-84F8-A9303633ABD7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8B6EBBA3-632E-4BD2-B1E4-BB96372C1D0F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8BE02C31-CB7D-49D0-BF92-A0559BFE0255}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8DE3CBF5-0A23-444F-AF25-35FEABC79A4D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8F3E890B-EDA5-48F2-8ABC-3887ECB0F998}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{8FAFC86A-F379-4021-B320-A980F5B5C099}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{901EF42F-7F8C-46B5-85A4-BF147E2D557F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9093BCAC-FF5B-4EB6-B104-86329221F3F4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9151CA66-1883-412E-AC38-AB0B01E9C522}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{91BA29E4-307D-4C64-9991-8F4706FBBD1A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{91C4DEE1-FEF6-4DBF-A036-728FAC2983CD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{923451AD-6A04-4D1D-BE55-EB912F8E6212}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{94782DFC-78CF-4D4F-A073-B1979ADF29DD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{94806C50-AB08-4348-A882-F7514C868805}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{95041EBC-EB02-47C3-A194-85B195BDEB8F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{950AE407-64F2-4957-9927-91FDD5BA2700}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{959F6BB0-1983-4850-8720-798B1C6CC440}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{95B31445-2F6D-4DB2-9F74-15ACCEB080CC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9726F100-A1AF-4311-A47B-B75C0D15057E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{97897336-2A78-4506-9BD4-A740B458B0B4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{97F056D3-44A4-442A-AE31-907D3681C973}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{983E9D7F-B18A-480C-92F8-3CD513BCF9CC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{98B9DB28-2F16-4BE2-945E-8DB256F3DE47}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9907C22D-ACF6-4AC7-8762-9572E7ABDC6D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9943E838-8CAB-4ED9-8D85-7307B8DC6AF2}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{99649A23-28BB-4133-B0BD-1FEBC3ED5230}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{997A56C2-C908-4BE8-A18B-9BA29BBC13EE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{997DE054-9E68-4D30-8430-6BB670457F98}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9A064F27-F04F-464B-A09B-20D942E1FA5C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9AA1A89A-ACC5-4D5D-A499-D7626F55621A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9AC8F3B5-EA12-4D15-926A-CD22D8F8684D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9B83FC4B-625B-4EA6-996B-F2127B497F3D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9D50FF1C-7A91-4360-8876-F713926B532B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9DAA0D6D-6A6A-4CC0-9040-BB07328FDC6F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9EF74E9D-C14B-41B2-8423-F44F891EAFD0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{9F635335-0311-46C3-B329-67C100312089}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A09D2E18-B7DC-48B9-A60A-DBCA598E142A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A0C666DF-912B-4AF8-9330-FFEBB669F5B3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A155A1A3-A91A-401A-917C-9D8806E495FC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A26D30A9-B7F2-4969-91AB-9F2C78E065C0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A3007C21-8AE4-4E0C-8958-8DE49D225B0E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A300BF95-CADB-4FD6-9BA5-B9CA8133D31E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A37C195A-AF91-4609-947D-D0E9464DE89A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A3EF5D5A-2CEE-4790-8BD3-699F6F40E30F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A43F01A8-9E0A-43F4-9DB2-2830B99FB090}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A52D0DD0-8189-4BF6-938A-31E596CCDA5B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A5734C4B-7D28-457A-A54C-90A1CE13DCFC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A67CD607-938E-4BFF-B395-F84FABBD84F7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A708ED67-4F93-44AC-96DD-2F6E0BF22C5E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A72D4EBC-816A-480F-A250-F491B4FFC368}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A730A98F-550A-44E7-A3F5-6A9A0671635A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A7475A97-26D4-4574-9165-59FF92CFEEE0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A75B6D27-4DBC-4D18-B5AB-B50231C817F8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A7BFAF25-671C-4026-8ADE-4ACFAA1FE410}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A9C82A02-4088-4BFB-A67B-BEB45E89F142}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{A9E0BE33-F967-4ECC-B4E6-3304222BD299}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AA099173-0ED1-4E94-9339-FC96E1385DF5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AA2888A7-5D5A-47E1-9C1D-26130F0B2822}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AA583D56-34BB-4BA8-A209-74AAD6550C3A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AB344BED-BBB7-4FA6-BC27-B7D60E83CFCE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ABA4FAFB-A786-4855-9E84-A033DC39AFD6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AC10E139-2C2F-4A5D-B6C3-6F00F77DD0F8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AC4F1207-C556-49AB-ABE3-E0D8BEAA14CD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AC6485A0-E548-4929-B01D-5526E8CBD138}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AD762B60-5464-4D0C-A57D-D30753534BAB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ADAA4975-C1F5-424E-8652-41DBAB33BA05}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AE0D6992-60D2-4885-A8AC-50C09D37614E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AE91E946-6753-4F73-86D3-2F959B448F69}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AF6F1602-D1C8-4A13-9846-0435DAB627FC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{AFB76DA6-567C-4791-AC90-E0A9A925A5CF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B03A24FF-3C0C-45D5-80A8-FA2503B1E8F7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B0FD1FF0-61E4-43F6-AC4D-BFE9A2A429B5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B155EC4B-B5D2-4DD6-913B-AFED5AEAFDC3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B15A90D8-60F9-4FE2-9367-F24B182DF712}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B2E3EF0F-653A-44D0-9968-26CD400A225A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B2F78E73-C1B9-4F8E-85B6-83A47CA445D8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B3019A56-0837-40FF-B647-F5914F0687DD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B340C8DC-111B-42E1-8004-5158379B0F46}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B3910685-AA81-4502-9D56-3A7E2573F090}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B3F41A18-7A5C-499A-87EC-DF1C9D842FB2}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B4250BAC-5AA3-4393-BC37-2230A5FCBDD0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B4B8F312-DD4D-472A-9002-56E345C93C54}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B4DD360B-0809-454E-91C2-8CCBF42AEAA6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B540C51E-1D40-4AE0-B3B4-F1C92DA3287E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B6C85127-FFD6-438F-B8E5-1425F27D55B5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B6FC35A9-1497-487D-B8AA-16F736DCB9AE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B76A0B78-00E8-45D6-8178-25FBD562AA33}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{B86DA067-7BE6-4367-86E3-E7F72E732023}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{BBCE1FCA-316C-47F8-BB42-434DE0F99065}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{BE56506D-F7CB-423F-9F12-CD7D6F59E855}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{BE616CD5-3C37-493F-B6FE-CF2916BFEA05}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C00CF31E-FD2E-4991-BEEF-665FB8C2B487}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C171E981-409E-431C-8F7C-54EC618C3786}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C2F62D09-41A2-4D44-8288-FC87C761356F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C3963C47-A254-4685-A08D-D7FEE5098D1C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C3E077E8-EF92-47E5-BEB1-CA1CAE0FE4F5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C4225EA9-A7C4-4D40-806F-E41226E854A6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C4BD4AB7-D698-400C-B20F-083241A27B21}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C526AF99-FB35-4231-92A0-8376761CEC2D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C570C7AA-472F-40E7-A29D-E63732CDA87D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C5839527-B289-4FCE-85C4-BB4C2596DDE7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C5A06CAC-B086-4491-B7D6-9BC83A591B29}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C650472D-5399-4074-A106-96543751B851}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C69859EA-07EF-428A-AEF1-0DB911749C22}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C6BCFE57-D5B0-4991-9516-A1805A3D1EA1}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C7A2A0D8-9BB8-4B3C-943A-E14EE75AAF17}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C831FABB-8DE9-4EBE-A66E-6A10426A1F19}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C8B92773-7EE1-4C72-BAEA-54A174EE70BC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C91DD331-3FB5-41F5-A884-8F727E74D68F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{C9AC5ADE-2F21-466B-8309-49F0A9489F18}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CA1EBB9E-F5B2-4B13-8D79-AEFFFD247244}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CAB60946-2907-4EE3-A0A3-8D01BAC8E4BB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CAD9F250-F7BC-4B76-8867-C3102015DBBB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CB8FF0D2-1F7F-4B76-9261-44666469FFF7}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CCB54EE4-DDA7-4A83-A8C5-F0E8105B30A8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CCC49E1A-4A0C-478B-BC1C-45C926175265}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CD866148-9782-4569-939C-3A7B35630FCA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CDEAFF40-E6C0-49B3-A075-ED9B18DA3C9F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CE8D30AD-192E-4D4B-AC1F-609FDAE23AB5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CEC73C28-ABE5-4B3D-B962-92084FF182EB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CEEB7A50-3809-48BA-BA1C-7220F3D3B9FA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CF110F44-5E8C-47E2-8849-2D672F325C42}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CFCD957F-6D7E-48B3-A882-088BC31D81EC}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{CFD4DA7A-925E-4763-B74B-62EBBB6A1DF9}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D0155729-84CF-4A6F-BDC0-726F55C87159}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D0A1B948-1D38-405F-BFD9-003B81D80B5A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D1413FC3-17CB-4D0A-865C-3616F42FF4FD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D1F66570-048D-42EE-A40A-5434A9FDE3FA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D2E95217-F022-431D-BF28-46DFBA9DD093}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D3A08370-5F8F-4573-B4F3-B8C1D4A51440}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D3EC1B1E-D355-491B-BB45-1CC154455DD3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D40FD350-F825-4BF7-94ED-84EE9E78C5A8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D441C9FA-E855-444C-B25B-33BEE4D6B753}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D4F9DFDF-A245-4DA2-9D25-5F987B35896A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D62DD611-490E-4646-A375-6EF7D7556AB3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D68F97B2-05F4-4B60-9E8F-AC8D02FABC76}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D732D274-9978-411C-BB1B-5E73117405B4}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D736B0D8-E655-4262-A5A5-9FD945AD091C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D79694CB-59C6-4E78-B159-E6C634D70D38}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D7C29808-BCB4-4E1F-B83B-90D6A989F0E3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D7D9DA41-47FA-4905-BEC9-C3B4EABA52A6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D7E1FAB9-74DA-412D-8D9D-55BA3D797B5A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{D9B68DDE-5040-45A0-887E-7E077AD9D05E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DA53343A-0545-40B2-BC27-25F6B5F97FEF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DB0BF560-32B9-4AAD-83BD-FABE2A7E064E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DCACCAC0-5F00-49F9-B0E5-2426DE84A5DD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DDEEB43B-A4ED-443C-95C5-CA7DD749812A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DE215CA6-B6C0-4A20-9381-1EE039883A4A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DEF7BA97-6494-4E64-8E54-94EF8976D02D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{DFCD6E77-1713-4417-B092-6176986A234D}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E20EF2F9-2346-4629-86BD-35B2EFEB9239}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E2E03F86-C494-4847-AA81-4920BC67058C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E415F2D4-18D8-43A8-80A6-48D47A91140C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E4E31726-D4A0-4BBE-9E86-6EACBBE3B14A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E5116C86-7ADF-42FB-9F22-50FBC8EE4A4A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E5122DDF-91A5-495A-B252-F102F67A5776}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E53B2D65-1375-4663-BDE3-1F60C942DEF6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E5C72337-33C3-4123-8F8B-2737E59155A6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E5C9443E-633F-4071-9C6A-670780E0F724}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E61D3293-F961-4EE6-8194-10C14DA715BE}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E6A17028-424F-4DE5-AAB8-9445A2D1A10A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E76C4FFC-9FC2-4D57-A4F4-EE69E4FA6E6C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E7E64BC2-9770-48E1-B1DB-17C9B4B7F904}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E7EF229B-6F57-4AE0-A721-6656D41B3A72}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E8DFDF8B-BFC5-4E12-BD83-5AA95392E5FD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{E9AC4522-2179-4531-B395-05410D797568}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EA9E0165-BEB6-472C-B1B3-8D80F8CED2BD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EB76850B-C173-423C-A5A3-AAADD6E50DBD}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EC43718C-EEEA-4E7D-9065-D890A281FBAF}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ECC70E83-1156-4968-A34E-11EA6C1274AA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ED1728EF-663B-4731-9F56-D8DB17BA7BC5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ED350417-7CCC-42C0-93F6-2722B1EB694A}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{ED4C66DD-DE68-4FE2-8F71-876FD1F4AAC6}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EDAEB99C-081E-4B49-B37A-E26A69D34ABB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EDEB8E33-A191-4DFA-BB6A-137BEEB1716B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EE7A1C6C-5677-4567-8806-A31830EA8DC0}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EE93C842-52D2-458B-AF9B-88F585EFC2DA}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EEB6C244-0377-460C-A5FA-8AB495ADCE3B}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EED62A62-6899-49CA-A050-C1A2617BD11E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EEEDB508-FCAD-4E48-A1C9-A08E92AE7E12}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{EF771CB2-75B4-4232-A25B-56C377656EA8}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F1054A4B-42A7-49F2-B463-B1B2A8CEF541}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F23F68DF-614C-4088-BC86-DDA9E7E05C1F}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F2EB872A-08A1-4FBA-9887-F8D044D08903}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F3331AC1-5CB3-4CC9-B0DA-9293C66928CB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F422E5D6-9471-4D2D-81BF-31E3AE2EB129}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F5561608-BF07-4D4A-95D9-69CD80D26929}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F5D4481D-5B91-4DC8-B6E4-735B8E883BED}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F831B1F4-8442-4B83-9C1B-F9DBC86A5A65}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F85AA972-9681-47CC-812C-15F4F70D3C9E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{F96B4EDD-21E5-4BBD-BD0D-147B344241DB}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FAB7B301-2F89-4CDC-9888-88F7C7FF727E}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FAB9DFE8-B2B6-4BA6-9C74-ECFE1DCB5160}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FB5BB4E4-682B-4560-8B0C-94BCFBE5C973}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FB9CBADD-953F-414A-B8FD-1A53F7810491}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FCBAF4C7-22A4-4808-9CA4-C3975C7C91F5}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FCBED56F-1766-414C-8DB6-121314067370}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FCD66FC2-2489-46E9-9267-83745004F5D3}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FD141E2D-A795-440E-978B-C2FF63ACB362}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FEC47CA5-1341-4615-910F-ECFC83FB742C}
Successfully deleted: [Empty Folder] C:\Users\Dawn\appdata\local\{FFCD29E3-B3E5-4C0B-9DCE-DE618390E767}
~~~ FireFox
Successfully deleted: [File] C:\Users\Dawn\AppData\Roaming\mozilla\firefox\profiles\lvo7s835.default\invalidprefs.js
Successfully deleted: [Folder] C:\Users\Dawn\AppData\Roaming\mozilla\firefox\profiles\lvo7s835.default\extensions\[email protected]
Successfully deleted the following from C:\Users\Dawn\AppData\Roaming\mozilla\firefox\profiles\lvo7s835.default\prefs.js
user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("browser.search.defaultengine", "Privitize VPN");
user_pref("extensions.uXJ7HqxJMXZ.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.match(/ressbar.com[^f]+fid=65017/)||url.indexO
user_pref("extensions.uXJ7HqxJMXZ.url", "hxxp://transferbookmy.info/sync2/?q=hfZ9ofV9CShEAen0qHs9tMqLDe49CNU0jUEMCMlNhd9FrHwFrTrEqja9qjgMBzqUojw9rdsErja8qjsFrSh7hfs0pihPBMn0rj
Emptied folder: C:\Users\Dawn\AppData\Roaming\mozilla\firefox\profiles\lvo7s835.default\minidumps [51 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/01/2014 at 1:35:17.66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#12
Posted 01 February 2014 - 01:09 AM
DawnsShadow
- Topic Starter
-
- Member
-
- 24 posts
Member
Ran the quick scan
OTL logfile created on: 2/1/2014 1:42:25 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dawn\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: MM/dd/yyyy
7.68 Gb Total Physical Memory | 5.41 Gb Available Physical Memory | 70.53% Memory free
15.35 Gb Paging File | 13.00 Gb Available in Paging File | 84.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.07 Gb Total Space | 29.83 Gb Free Space | 5.16% Space Free | Partition Type: NTFS
Drive E: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 15.08 Gb Total Space | 14.34 Gb Free Space | 95.11% Space Free | Partition Type: FAT32
Computer Name: DAWN-PC | User Name: Dawn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2014/01/24 20:19:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dawn\Downloads\OTL.exe
PRC - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2013/12/19 23:06:39 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 14:56:54 | 005,537,136 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/07/02 09:16:32 | 000,507,264 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/12/05 07:34:56 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2010/12/03 09:49:40 | 000,083,792 | R--- | M] (Storage Appliance Corp.) -- C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe
PRC - [2010/10/27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/06/03 14:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) -- C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/03/07 21:36:42 | 004,204,400 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
PRC - [2010/03/07 21:36:28 | 003,577,712 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
PRC - [2010/03/07 21:36:24 | 003,456,880 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2010/03/07 21:35:54 | 003,367,792 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
PRC - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 22:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/03 08:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/03/03 08:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/03/03 08:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/02/09 13:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2010/02/01 13:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010/01/13 12:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009/12/24 20:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009/12/24 20:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/07/13 20:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
========== Modules (No Company Name) ==========
MOD - [2013/12/19 23:06:39 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/02/19 23:26:20 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\22c60ca3c2b18e041ebff2578c90cba3\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/02/19 23:26:19 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\62d047ff6c2865139d95eb19545b1cc6\SMDiagnostics.ni.dll
MOD - [2013/02/19 23:26:18 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\48ee0e1de873152ec7e85d7456c1cc09\System.Runtime.Serialization.ni.dll
MOD - [2013/02/19 16:56:55 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a00aab40bdf5aed84b4d4294965cf20d\System.Web.ni.dll
MOD - [2013/02/19 16:56:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll
MOD - [2013/02/19 16:56:44 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll
MOD - [2013/02/19 16:56:40 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll
MOD - [2013/02/19 16:56:36 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013/02/19 16:56:27 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013/02/19 16:56:06 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
MOD - [2013/02/19 16:56:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013/02/19 16:56:00 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013/02/19 16:55:52 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2013/02/18 16:58:00 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll
MOD - [2013/02/18 16:57:55 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb72ac8478a5ea7e2d570bb710ecb1c1\System.Configuration.ni.dll
MOD - [2013/02/18 16:57:52 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll
MOD - [2013/02/18 16:57:42 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll
MOD - [2013/02/18 16:57:35 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
MOD - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/01/13 12:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/05/20 01:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/20 18:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/10 11:36:42 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/11/02 14:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/02/12 03:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2013/12/11 22:35:05 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/10/08 07:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2013/07/01 14:42:02 | 004,569,856 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/12/05 07:34:56 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/12/03 09:49:40 | 000,083,792 | R--- | M] (Storage Appliance Corp.) [Auto | Running] -- C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe -- (CFUACProxy_hddv2usb3)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/06/03 14:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe -- (RogersSelfHelpService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/03/07 21:36:24 | 003,456,880 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/03 08:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/01 13:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/11/09 12:00:12 | 000,169,936 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe -- (RogersUpdateManager)
SRV - [2009/10/09 21:59:08 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/11/01 14:07:04 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/09/26 22:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013/09/26 21:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/26 21:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/09/25 22:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/09/25 21:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 21:47:43 | 000,078,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2013/09/09 21:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/09/09 20:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/02/12 09:02:24 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/09/19 09:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 09:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/25 12:57:50 | 000,030,720 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/12/19 23:32:45 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011/12/19 23:32:44 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011/09/15 06:02:40 | 000,036,656 | ---- | M] (Egis Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/04/20 20:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/20 17:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/20 17:08:04 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/04/14 05:39:40 | 000,315,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/07 15:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/01 03:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/03/05 01:38:20 | 000,075,624 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)
DRV:64bit: - [2010/03/03 21:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/18 02:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/01/11 05:48:00 | 000,050,976 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR)
DRV:64bit: - [2010/01/06 08:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 14:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/09 21:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/31 17:36:18 | 000,006,656 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidshim.sys -- (hidshim)
DRV:64bit: - [2009/08/31 17:36:16 | 000,026,624 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvotonhidcir.sys -- (nuvotonhidcir)
DRV:64bit: - [2009/08/31 15:45:20 | 000,068,096 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotonir.sys -- (nuvotonir)
DRV:64bit: - [2009/08/31 14:42:04 | 000,048,128 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotoncir.sys -- (nuvotoncir)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 21:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 21:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 21:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/05 03:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 03:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2014/01/24 17:55:04 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140131.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/01/24 14:11:12 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140131.002\ex64.sys -- (NAVEX15)
DRV - [2014/01/24 14:11:12 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140131.002\eng64.sys -- (NAVENG)
DRV - [2013/12/17 19:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/12/11 05:19:07 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/12/11 05:19:07 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...03z195t56n1l461
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope = {AB384A20-ECD2-4B40-B4B3-619FE39ACD23}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AB384A20-ECD2-4B40-B4B3-619FE39ACD23}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...AW_enCA398CA398
IE - HKCU\..\SearchScopes\{AB384A20-ECD2-4B40-B4B3-619FE39ACD23}: "URL" = http://www.google.ca...AW_enCA398CA398
IE - HKCU\..\SearchScopes\{BDFCC79C-1038-46B4-BE6D-1E36044D02A1}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/01/25 00:45:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/11/02 01:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/19 23:06:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/03 20:21:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/19 23:06:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/03 20:21:24 | 000,000,000 | ---D | M]
[2012/03/10 18:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions
[2012/01/04 12:42:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/03/10 18:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/02/01 01:34:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions
[2014/01/01 19:45:40 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/12/21 21:55:09 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/06/27 11:00:10 | 000,000,000 | ---D | M] (Pocket) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2011/03/20 17:43:17 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/11/23 00:06:32 | 000,000,000 | ---D | M] (YoutubeAdblocker) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/03 20:25:25 | 000,355,782 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/16 00:20:13 | 001,267,418 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/03/22 09:32:40 | 000,004,366 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/12/04 20:10:17 | 000,018,590 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/03 19:04:33 | 000,011,318 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi
[2014/01/10 11:26:18 | 000,007,641 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[2014/01/20 21:40:22 | 000,287,587 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/03/20 23:37:30 | 000,002,090 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\Searchou.xml
[2013/11/22 23:39:34 | 000,000,905 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\yahoo_ff.xml
[2013/12/19 23:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/19 23:06:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/02 01:23:01 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
[2012/12/06 18:22:25 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
O1 HOSTS File: ([2014/02/01 00:32:35 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - Startup: C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanne..._IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39E48105-21F8-418C-8275-9614EA130AE0}: DhcpNameServer = 192.168.0.1 192.168.142.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91985F56-65F5-4E3E-AFF0-0F1DE39ECF5D}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D154A320-F2DD-4615-ADD0-26AF1F504DEA}: DhcpNameServer = 64.71.255.204 64.71.255.198
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/02/01 01:27:14 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/02/01 00:27:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/31 09:03:27 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Desktop\Newborn1_files
[2014/01/31 09:02:40 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Desktop\Newborn_files
[2014/01/24 19:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Nalpeiron
[2014/01/24 19:36:45 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/01/24 19:36:40 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/01/03 20:20:47 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Documents\Misc stuff from desktop
[2014/01/03 19:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/02/01 01:20:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/01 01:02:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/01 01:00:43 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/01 01:00:43 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/01 00:52:45 | 005,481,594 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/01 00:52:45 | 002,566,058 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/01 00:52:44 | 000,006,434 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/01 00:52:05 | 000,002,048 | ---- | M] () -- C:\Users\Dawn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/02/01 00:46:22 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/02/01 00:45:30 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/01 00:44:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/01 00:44:30 | 1886,769,151 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/01 00:32:35 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/02/01 00:11:32 | 000,041,080 | ---- | M] () -- C:\Users\Dawn\Desktop\ana.JPG
[2014/01/31 23:27:06 | 000,058,609 | ---- | M] () -- C:\Users\Dawn\Desktop\jov.JPG
[2014/01/31 18:54:20 | 000,006,949 | ---- | M] () -- C:\Users\Dawn\Desktop\blackboard_grammar.jpg
[2014/01/31 18:52:10 | 000,042,335 | ---- | M] () -- C:\Users\Dawn\Desktop\pp,375x360.u8.jpg
[2014/01/31 18:37:32 | 000,087,876 | ---- | M] () -- C:\Users\Dawn\Desktop\tyna5.JPG
[2014/01/31 17:54:32 | 000,100,711 | ---- | M] () -- C:\Users\Dawn\Desktop\Tyna4.JPG
[2014/01/31 17:53:44 | 000,095,879 | ---- | M] () -- C:\Users\Dawn\Desktop\tyna3.JPG
[2014/01/31 17:52:57 | 000,096,729 | ---- | M] () -- C:\Users\Dawn\Desktop\tyna2.JPG
[2014/01/31 17:51:53 | 000,088,628 | ---- | M] () -- C:\Users\Dawn\Desktop\tyna1.JPG
[2014/01/31 17:51:02 | 000,092,014 | ---- | M] () -- C:\Users\Dawn\Desktop\Tyna.JPG
[2014/01/31 09:04:54 | 000,041,617 | ---- | M] () -- C:\Users\Dawn\Desktop\newborn2.JPG
[2014/01/31 09:03:29 | 000,053,658 | ---- | M] () -- C:\Users\Dawn\Desktop\Newborn1.htm
[2014/01/31 09:02:49 | 000,053,649 | ---- | M] () -- C:\Users\Dawn\Desktop\Newborn.htm
[2014/01/31 09:01:30 | 000,171,746 | ---- | M] () -- C:\Users\Dawn\Desktop\feet10.JPG
[2014/01/31 08:56:41 | 000,047,407 | ---- | M] () -- C:\Users\Dawn\Desktop\feet9.JPG
[2014/01/31 02:38:54 | 000,078,314 | ---- | M] () -- C:\Users\Dawn\Desktop\969936_467401983355409_1181268203_n.jpg
[2014/01/31 02:37:41 | 000,141,191 | ---- | M] () -- C:\Users\Dawn\Desktop\1292864_502613903167550_1170608542_o.jpg
[2014/01/31 02:36:43 | 000,009,859 | ---- | M] () -- C:\Users\Dawn\Desktop\1379930_510394955722778_1171958204_n.jpg
[2014/01/31 02:19:16 | 000,015,598 | ---- | M] () -- C:\Users\Dawn\Desktop\mat3.JPG
[2014/01/31 02:18:56 | 000,017,887 | ---- | M] () -- C:\Users\Dawn\Desktop\mat2.JPG
[2014/01/31 02:18:21 | 000,029,028 | ---- | M] () -- C:\Users\Dawn\Desktop\mat.JPG
[2014/01/31 02:11:16 | 000,043,276 | ---- | M] () -- C:\Users\Dawn\Desktop\feet8.jpg
[2014/01/31 02:08:00 | 000,033,457 | ---- | M] () -- C:\Users\Dawn\Desktop\feet7.jpg
[2014/01/31 02:04:36 | 000,280,238 | ---- | M] () -- C:\Users\Dawn\Desktop\feet6.JPG
[2014/01/31 02:01:53 | 000,075,140 | ---- | M] () -- C:\Users\Dawn\Desktop\feet5.JPG
[2014/01/31 01:50:23 | 000,025,962 | ---- | M] () -- C:\Users\Dawn\Desktop\feet4.JPG
[2014/01/31 01:50:09 | 000,032,546 | ---- | M] () -- C:\Users\Dawn\Desktop\feet3.JPG
[2014/01/31 01:48:29 | 000,128,301 | ---- | M] () -- C:\Users\Dawn\Desktop\feet2.JPG
[2014/01/31 01:45:24 | 000,043,012 | ---- | M] () -- C:\Users\Dawn\Desktop\feet1.JPG
[2014/01/31 01:43:07 | 000,328,893 | ---- | M] () -- C:\Users\Dawn\Desktop\Tyna B.JPG
[2014/01/31 01:38:48 | 000,194,143 | ---- | M] () -- C:\Users\Dawn\Desktop\head.JPG
[2014/01/31 01:24:18 | 000,045,024 | ---- | M] () -- C:\Users\Dawn\Desktop\Capture.JPG
[2014/01/28 23:11:58 | 000,101,877 | ---- | M] () -- C:\Users\Dawn\Desktop\MCP.JPG
[2014/01/27 02:03:58 | 365,255,116 | ---- | M] () -- C:\Users\Dawn\Desktop\DSC_3401.psd
[2014/01/24 19:40:25 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/01/21 20:59:58 | 004,974,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/20 13:32:26 | 000,023,663 | ---- | M] () -- C:\Users\Dawn\Desktop\Capture LR.JPG
[2014/01/18 21:35:06 | 000,109,323 | ---- | M] () -- C:\Users\Dawn\Desktop\Large_.jpeg
[2014/01/18 19:01:17 | 001,656,964 | ---- | M] () -- C:\Users\Dawn\Desktop\maternity.psd
[2014/01/18 18:59:35 | 000,201,767 | ---- | M] () -- C:\Users\Dawn\Desktop\maternity.jpg
[2014/01/18 18:52:57 | 000,048,195 | ---- | M] () -- C:\Users\Dawn\Desktop\1517418_10153714307425293_1429156455_n.jpg
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/02/01 00:09:21 | 000,041,080 | ---- | C] () -- C:\Users\Dawn\Desktop\ana.JPG
[2014/01/31 23:27:01 | 000,058,609 | ---- | C] () -- C:\Users\Dawn\Desktop\jov.JPG
[2014/01/31 18:54:20 | 000,006,949 | ---- | C] () -- C:\Users\Dawn\Desktop\blackboard_grammar.jpg
[2014/01/31 18:52:10 | 000,042,335 | ---- | C] () -- C:\Users\Dawn\Desktop\pp,375x360.u8.jpg
[2014/01/31 18:37:32 | 000,087,876 | ---- | C] () -- C:\Users\Dawn\Desktop\tyna5.JPG
[2014/01/31 17:54:32 | 000,100,711 | ---- | C] () -- C:\Users\Dawn\Desktop\Tyna4.JPG
[2014/01/31 17:53:44 | 000,095,879 | ---- | C] () -- C:\Users\Dawn\Desktop\tyna3.JPG
[2014/01/31 17:52:56 | 000,096,729 | ---- | C] () -- C:\Users\Dawn\Desktop\tyna2.JPG
[2014/01/31 17:51:53 | 000,088,628 | ---- | C] () -- C:\Users\Dawn\Desktop\tyna1.JPG
[2014/01/31 17:50:53 | 000,092,014 | ---- | C] () -- C:\Users\Dawn\Desktop\Tyna.JPG
[2014/01/31 09:04:54 | 000,041,617 | ---- | C] () -- C:\Users\Dawn\Desktop\newborn2.JPG
[2014/01/31 09:03:27 | 000,053,658 | ---- | C] () -- C:\Users\Dawn\Desktop\Newborn1.htm
[2014/01/31 09:02:40 | 000,053,649 | ---- | C] () -- C:\Users\Dawn\Desktop\Newborn.htm
[2014/01/31 09:01:30 | 000,171,746 | ---- | C] () -- C:\Users\Dawn\Desktop\feet10.JPG
[2014/01/31 08:56:28 | 000,047,407 | ---- | C] () -- C:\Users\Dawn\Desktop\feet9.JPG
[2014/01/31 02:38:54 | 000,078,314 | ---- | C] () -- C:\Users\Dawn\Desktop\969936_467401983355409_1181268203_n.jpg
[2014/01/31 02:37:40 | 000,141,191 | ---- | C] () -- C:\Users\Dawn\Desktop\1292864_502613903167550_1170608542_o.jpg
[2014/01/31 02:36:42 | 000,009,859 | ---- | C] () -- C:\Users\Dawn\Desktop\1379930_510394955722778_1171958204_n.jpg
[2014/01/31 02:19:16 | 000,015,598 | ---- | C] () -- C:\Users\Dawn\Desktop\mat3.JPG
[2014/01/31 02:18:56 | 000,017,887 | ---- | C] () -- C:\Users\Dawn\Desktop\mat2.JPG
[2014/01/31 02:18:18 | 000,029,028 | ---- | C] () -- C:\Users\Dawn\Desktop\mat.JPG
[2014/01/31 02:11:16 | 000,043,276 | ---- | C] () -- C:\Users\Dawn\Desktop\feet8.jpg
[2014/01/31 02:07:57 | 000,033,457 | ---- | C] () -- C:\Users\Dawn\Desktop\feet7.jpg
[2014/01/31 02:04:35 | 000,280,238 | ---- | C] () -- C:\Users\Dawn\Desktop\feet6.JPG
[2014/01/31 02:01:50 | 000,075,140 | ---- | C] () -- C:\Users\Dawn\Desktop\feet5.JPG
[2014/01/31 01:50:23 | 000,025,962 | ---- | C] () -- C:\Users\Dawn\Desktop\feet4.JPG
[2014/01/31 01:50:09 | 000,032,546 | ---- | C] () -- C:\Users\Dawn\Desktop\feet3.JPG
[2014/01/31 01:48:29 | 000,128,301 | ---- | C] () -- C:\Users\Dawn\Desktop\feet2.JPG
[2014/01/31 01:45:21 | 000,043,012 | ---- | C] () -- C:\Users\Dawn\Desktop\feet1.JPG
[2014/01/31 01:43:06 | 000,328,893 | ---- | C] () -- C:\Users\Dawn\Desktop\Tyna B.JPG
[2014/01/31 01:38:45 | 000,194,143 | ---- | C] () -- C:\Users\Dawn\Desktop\head.JPG
[2014/01/31 01:24:12 | 000,045,024 | ---- | C] () -- C:\Users\Dawn\Desktop\Capture.JPG
[2014/01/28 23:11:54 | 000,101,877 | ---- | C] () -- C:\Users\Dawn\Desktop\MCP.JPG
[2014/01/27 02:03:18 | 365,255,116 | ---- | C] () -- C:\Users\Dawn\Desktop\DSC_3401.psd
[2014/01/24 19:40:25 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/01/20 13:32:22 | 000,023,663 | ---- | C] () -- C:\Users\Dawn\Desktop\Capture LR.JPG
[2014/01/18 21:35:05 | 000,109,323 | ---- | C] () -- C:\Users\Dawn\Desktop\Large_.jpeg
[2014/01/18 18:59:32 | 000,201,767 | ---- | C] () -- C:\Users\Dawn\Desktop\maternity.jpg
[2014/01/18 18:58:36 | 001,656,964 | ---- | C] () -- C:\Users\Dawn\Desktop\maternity.psd
[2014/01/18 18:52:56 | 000,048,195 | ---- | C] () -- C:\Users\Dawn\Desktop\1517418_10153714307425293_1429156455_n.jpg
[2013/08/06 21:11:51 | 000,000,182 | ---- | C] () -- C:\Windows\wininit.ini
[2013/05/12 20:28:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2013/02/27 00:02:14 | 000,004,509 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\CamStudio.cfg
[2013/01/09 00:31:48 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2012/12/06 02:50:07 | 000,000,132 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/11/04 00:45:34 | 000,003,072 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Photobook Designer Prefsv3
[2012/10/24 22:41:23 | 000,000,132 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012/10/20 12:58:49 | 000,000,218 | ---- | C] () -- C:\Users\Dawn\.recently-used.xbel
[2012/08/21 14:18:20 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2012/08/21 14:18:08 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\hpcc3130.dll
[2012/08/16 10:52:35 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/08/16 10:52:35 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/08/09 10:57:42 | 000,103,272 | ---- | C] () -- C:\Users\Dawn\GoToAssistDownloadHelper.exe
[2012/08/08 18:26:55 | 000,060,304 | ---- | C] () -- C:\Users\Dawn\g2mdlhlpx.exe
[2012/06/28 22:04:29 | 000,006,416 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/27 01:01:21 | 000,000,126 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/08/18 23:08:00 | 000,865,117 | ---- | C] () -- C:\Users\Dawn\AppData\Local\census.cache
[2011/08/18 23:06:42 | 000,131,064 | ---- | C] () -- C:\Users\Dawn\AppData\Local\ars.cache
[2011/08/18 22:19:52 | 000,000,036 | ---- | C] () -- C:\Users\Dawn\AppData\Local\housecall.guid.cache
[2011/06/19 23:35:23 | 000,001,456 | ---- | C] () -- C:\Users\Dawn\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/06/07 16:53:41 | 000,001,940 | ---- | C] () -- C:\Users\Dawn\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/29 10:38:57 | 000,007,618 | ---- | C] () -- C:\Users\Dawn\AppData\Local\resmon.resmoncfg
[2011/05/16 11:34:11 | 000,002,736 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\wklnhst.dat
[2010/12/24 00:25:38 | 000,004,982 | ---- | C] () -- C:\ProgramData\xjrxrpty.cte
[2010/12/24 00:25:37 | 000,004,983 | ---- | C] () -- C:\ProgramData\pyknfeyt.slj
[2010/12/03 11:55:20 | 000,061,440 | ---- | C] () -- C:\Users\Dawn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/03/19 19:03:29 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Anthropics
[2013/11/23 02:40:17 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Azureus
[2012/10/25 17:34:12 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Broadview
[2012/01/04 12:42:07 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Canon
[2011/01/25 19:05:28 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/05/11 22:09:28 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2013/03/09 15:30:50 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\com.showitfast.pass.desktop.PASS
[2013/12/03 23:20:25 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Dropbox
[2010/09/25 22:06:14 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\EgisTec
[2011/10/30 11:42:44 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\eSobi
[2012/03/10 18:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Flickr
[2012/10/20 12:58:16 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\gtk-2.0
[2013/10/22 09:57:38 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\JAM Software
[2011/05/28 14:58:45 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Leadertech
[2010/12/24 00:27:17 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\LumaPix
[2012/07/11 22:22:32 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Motorola
[2013/11/07 20:41:07 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\MultiBit
[2012/08/17 00:57:40 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\OfficeRecovery
[2014/01/24 19:40:18 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\onOne Software
[2010/09/27 14:05:59 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\OpenOffice.org
[2012/08/03 13:20:33 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\OverDrive
[2011/06/19 13:42:45 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Participatory Culture Foundation
[2012/10/20 12:58:49 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\PCF-VLC
[2010/11/21 18:30:08 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Philipp Winterberg
[2012/11/04 00:45:00 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Photobook Designer
[2010/09/25 19:00:35 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\PowerCinema
[2011/05/28 15:14:12 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Seagate
[2012/06/28 22:47:12 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\SoftGrid Client
[2011/03/23 16:03:40 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/12/19 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Temp
[2011/05/16 11:35:04 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Template
[2011/06/07 16:51:13 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Tific
[2012/01/04 12:42:05 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\TomTom
[2012/06/28 22:09:38 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\TP
[2010/12/24 03:02:05 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Utherverse
[2012/09/26 13:45:59 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >
OTL logfile created on: 2/1/2014 1:42:25 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dawn\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: MM/dd/yyyy
7.68 Gb Total Physical Memory | 5.41 Gb Available Physical Memory | 70.53% Memory free
15.35 Gb Paging File | 13.00 Gb Available in Paging File | 84.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 578.07 Gb Total Space | 29.83 Gb Free Space | 5.16% Space Free | Partition Type: NTFS
Drive E: | 7.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 15.08 Gb Total Space | 14.34 Gb Free Space | 95.11% Space Free | Partition Type: FAT32
Computer Name: DAWN-PC | User Name: Dawn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found --
PRC - [2014/01/24 20:19:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dawn\Downloads\OTL.exe
PRC - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2013/12/19 23:06:39 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
PRC - [2013/11/02 14:56:54 | 005,537,136 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
PRC - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
PRC - [2013/07/02 09:16:32 | 000,507,264 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2013/06/05 00:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/12/05 07:34:56 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2010/12/03 09:49:40 | 000,083,792 | R--- | M] (Storage Appliance Corp.) -- C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe
PRC - [2010/10/27 18:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/06/03 14:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) -- C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010/03/07 21:36:42 | 004,204,400 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
PRC - [2010/03/07 21:36:28 | 003,577,712 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
PRC - [2010/03/07 21:36:24 | 003,456,880 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
PRC - [2010/03/07 21:35:54 | 003,367,792 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
PRC - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 22:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/03 08:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010/03/03 08:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010/03/03 08:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010/02/09 13:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2010/02/01 13:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010/01/13 12:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009/12/24 20:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2009/12/24 20:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/07/13 20:14:15 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
========== Modules (No Company Name) ==========
MOD - [2013/12/19 23:06:39 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/02/19 23:26:20 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\22c60ca3c2b18e041ebff2578c90cba3\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/02/19 23:26:19 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\62d047ff6c2865139d95eb19545b1cc6\SMDiagnostics.ni.dll
MOD - [2013/02/19 23:26:18 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\48ee0e1de873152ec7e85d7456c1cc09\System.Runtime.Serialization.ni.dll
MOD - [2013/02/19 16:56:55 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a00aab40bdf5aed84b4d4294965cf20d\System.Web.ni.dll
MOD - [2013/02/19 16:56:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll
MOD - [2013/02/19 16:56:44 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll
MOD - [2013/02/19 16:56:40 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll
MOD - [2013/02/19 16:56:36 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013/02/19 16:56:27 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013/02/19 16:56:06 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
MOD - [2013/02/19 16:56:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013/02/19 16:56:00 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013/02/19 16:55:52 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2013/02/18 16:58:00 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d884c684ee3f738a60e3c50dd5d88caa\System.Xml.ni.dll
MOD - [2013/02/18 16:57:55 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\cb72ac8478a5ea7e2d570bb710ecb1c1\System.Configuration.ni.dll
MOD - [2013/02/18 16:57:52 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\08bebcf66ad666dfdf2a4a934d79c0f9\System.Core.ni.dll
MOD - [2013/02/18 16:57:42 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\df418085cedae9fa2efee87e20a419a4\System.ni.dll
MOD - [2013/02/18 16:57:35 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\60c214b6ad5691e368a16ec65d127c27\mscorlib.ni.dll
MOD - [2012/02/01 16:55:58 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2010/01/13 12:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009/05/20 01:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/20 18:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/03/10 11:36:42 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/11/02 14:48:18 | 000,126,352 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/02/12 03:43:00 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)
SRV - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2013/12/11 22:35:05 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/02 15:01:42 | 001,042,808 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe -- (WDBackup)
SRV - [2013/11/02 14:54:34 | 000,270,704 | R--- | M] (Western Digital Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe -- (WDDriveService)
SRV - [2013/10/08 07:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2013/07/01 14:42:02 | 004,569,856 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/02/01 16:55:58 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/12/05 07:34:56 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2011/06/01 18:06:40 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2010/12/03 09:49:40 | 000,083,792 | R--- | M] (Storage Appliance Corp.) [Auto | Running] -- C:\ProgramData\Clickfree\HDDV2USB3\UACProxy.exe -- (CFUACProxy_hddv2usb3)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/06/03 14:46:32 | 000,139,264 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\SelfHealing\RogersSelfHelpService.exe -- (RogersSelfHelpService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/08 18:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/03/07 21:36:24 | 003,456,880 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC)
SRV - [2010/03/03 22:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/03 08:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010/02/01 13:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/01/29 18:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/11/09 12:00:12 | 000,169,936 | ---- | M] (Rogers Cable Communications) [Auto | Running] -- C:\Program Files (x86)\Rogers\Update Manager\RogersUpdateManager.exe -- (RogersUpdateManager)
SRV - [2009/10/09 21:59:08 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Acer Games\Acer Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/30 21:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 21:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/11/01 14:07:04 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/09/26 22:18:30 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013/09/26 21:45:56 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/09/26 21:26:03 | 000,858,200 | R--- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/09/25 22:28:00 | 000,590,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/09/25 21:50:25 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013/09/09 21:47:43 | 000,078,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2013/09/09 21:47:26 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013/09/09 20:49:49 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/02/12 09:02:24 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/09/19 09:02:08 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/09/19 09:02:06 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 01:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/25 12:57:50 | 000,030,720 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/12/19 23:32:45 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011/12/19 23:32:44 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011/09/15 06:02:40 | 000,036,656 | ---- | M] (Egis Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 01:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/04/20 20:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/04/20 17:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/20 17:08:04 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/04/14 05:39:40 | 000,315,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/04/07 15:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/04/01 03:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/03/05 01:38:20 | 000,075,624 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)
DRV:64bit: - [2010/03/03 21:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/18 02:38:00 | 000,075,304 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/01/11 05:48:00 | 000,050,976 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2sdgx64.sys -- (O2SDGRDR)
DRV:64bit: - [2010/01/06 08:33:16 | 000,158,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/11/02 14:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/10/09 21:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/09/17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/08/31 17:36:18 | 000,006,656 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidshim.sys -- (hidshim)
DRV:64bit: - [2009/08/31 17:36:16 | 000,026,624 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuvotonhidcir.sys -- (nuvotonhidcir)
DRV:64bit: - [2009/08/31 15:45:20 | 000,068,096 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotonir.sys -- (nuvotonir)
DRV:64bit: - [2009/08/31 14:42:04 | 000,048,128 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuvotoncir.sys -- (nuvotoncir)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/02 21:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 21:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 21:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/05 03:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/05 03:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2008/05/06 15:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2014/01/24 17:55:04 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140131.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/01/24 14:11:12 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140131.002\ex64.sys -- (NAVEX15)
DRV - [2014/01/24 14:11:12 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140131.002\eng64.sys -- (NAVENG)
DRV - [2013/12/17 19:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/12/11 05:19:07 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/12/11 05:19:07 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...03z195t56n1l461
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope = {AB384A20-ECD2-4B40-B4B3-619FE39ACD23}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{AB384A20-ECD2-4B40-B4B3-619FE39ACD23}: "URL" = http://www.google.co...ng}&rlz=1I7ACAW
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...03z195t56n1l461
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...AW_enCA398CA398
IE - HKCU\..\SearchScopes\{AB384A20-ECD2-4B40-B4B3-619FE39ACD23}: "URL" = http://www.google.ca...AW_enCA398CA398
IE - HKCU\..\SearchScopes\{BDFCC79C-1038-46B4-BE6D-1E36044D02A1}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;192.168.*.*
========== FireFox ==========
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/01/25 00:45:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013/11/02 01:23:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/19 23:06:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/03 20:21:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/19 23:06:32 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/03 20:21:24 | 000,000,000 | ---D | M]
[2012/03/10 18:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions
[2012/01/04 12:42:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\[email protected]
[2012/03/10 18:36:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/02/01 01:34:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions
[2014/01/01 19:45:40 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2011/12/21 21:55:09 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/06/27 11:00:10 | 000,000,000 | ---D | M] (Pocket) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2011/03/20 17:43:17 | 000,000,000 | ---D | M] (TinEye Reverse Image Search) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/11/23 00:06:32 | 000,000,000 | ---D | M] (YoutubeAdblocker) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/03 20:25:25 | 000,355,782 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/16 00:20:13 | 001,267,418 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/03/22 09:32:40 | 000,004,366 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2013/12/04 20:10:17 | 000,018,590 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\[email protected]
[2014/01/03 19:04:33 | 000,011,318 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{146f1820-2b0d-49ef-acbf-d85a6986e10c}.xpi
[2014/01/10 11:26:18 | 000,007,641 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[2014/01/20 21:40:22 | 000,287,587 | ---- | M] () (No name found) -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/03/20 23:37:30 | 000,002,090 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\Searchou.xml
[2013/11/22 23:39:34 | 000,000,905 | ---- | M] () -- C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\yahoo_ff.xml
[2013/12/19 23:06:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/19 23:06:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/02 01:23:01 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
[2012/12/06 18:22:25 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
O1 HOSTS File: ([2014/02/01 00:32:35 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll (Google Inc.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Dawn\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - Startup: C:\Users\Dawn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanne..._IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39E48105-21F8-418C-8275-9614EA130AE0}: DhcpNameServer = 192.168.0.1 192.168.142.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91985F56-65F5-4E3E-AFF0-0F1DE39ECF5D}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D154A320-F2DD-4615-ADD0-26AF1F504DEA}: DhcpNameServer = 64.71.255.204 64.71.255.198
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/02/01 01:27:14 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/02/01 00:27:47 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/31 09:03:27 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Desktop\Newborn1_files
[2014/01/31 09:02:40 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Desktop\Newborn_files
[2014/01/24 19:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Nalpeiron
[2014/01/24 19:36:45 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/01/24 19:36:40 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/01/03 20:20:47 | 000,000,000 | ---D | C] -- C:\Users\Dawn\Documents\Misc stuff from desktop
[2014/01/03 19:54:53 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/02/01 01:20:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/01 01:02:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/01 01:00:43 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/01 01:00:43 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/01 00:52:45 | 005,481,594 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/01 00:52:45 | 002,566,058 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/01 00:52:44 | 000,006,434 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/01 00:52:05 | 000,002,048 | ---- | M] () -- C:\Users\Dawn\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/02/01 00:46:22 | 000,008,192 | ---- | M] () -- C:\Windows\SysWow64\WDPABKP.dat
[2014/02/01 00:45:30 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/01 00:44:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/01 00:44:30 | 1886,769,151 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/01 00:32:35 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/02/01 00:11:32 | 000,041,080 | ---- | M] () -- C:\Users\Dawn\Desktop\ana.JPG
[2014/01/31 23:27:06 | 000,058,609 | ---- | M] () -- C:\Users\Dawn\Desktop\jov.JPG
[2014/01/31 18:54:20 | 000,006,949 | ---- | M] () -- C:\Users\Dawn\Desktop\blackboard_grammar.jpg
[2014/01/31 18:52:10 | 000,042,335 | ---- | M] () -- C:\Users\Dawn\Desktop\pp,375x360.u8.jpg
[2014/01/31 18:37:32 | 000,087,876 | ---- | M] () -- C:\Users\Dawn\Desktop\tyna5.JPG
[2014/01/31 17:54:32 | 000,100,711 | ---- | M] () -- C:\Users\Dawn\Desktop\Tyna4.JPG
[2014/01/31 17:53:44 | 000,095,879 | ---- | M] () -- C:\Users\Dawn\Desktop\tyna3.JPG
[2014/01/31 17:52:57 | 000,096,729 | ---- | M] () -- C:\Users\Dawn\Desktop\tyna2.JPG
[2014/01/31 17:51:53 | 000,088,628 | ---- | M] () -- C:\Users\Dawn\Desktop\tyna1.JPG
[2014/01/31 17:51:02 | 000,092,014 | ---- | M] () -- C:\Users\Dawn\Desktop\Tyna.JPG
[2014/01/31 09:04:54 | 000,041,617 | ---- | M] () -- C:\Users\Dawn\Desktop\newborn2.JPG
[2014/01/31 09:03:29 | 000,053,658 | ---- | M] () -- C:\Users\Dawn\Desktop\Newborn1.htm
[2014/01/31 09:02:49 | 000,053,649 | ---- | M] () -- C:\Users\Dawn\Desktop\Newborn.htm
[2014/01/31 09:01:30 | 000,171,746 | ---- | M] () -- C:\Users\Dawn\Desktop\feet10.JPG
[2014/01/31 08:56:41 | 000,047,407 | ---- | M] () -- C:\Users\Dawn\Desktop\feet9.JPG
[2014/01/31 02:38:54 | 000,078,314 | ---- | M] () -- C:\Users\Dawn\Desktop\969936_467401983355409_1181268203_n.jpg
[2014/01/31 02:37:41 | 000,141,191 | ---- | M] () -- C:\Users\Dawn\Desktop\1292864_502613903167550_1170608542_o.jpg
[2014/01/31 02:36:43 | 000,009,859 | ---- | M] () -- C:\Users\Dawn\Desktop\1379930_510394955722778_1171958204_n.jpg
[2014/01/31 02:19:16 | 000,015,598 | ---- | M] () -- C:\Users\Dawn\Desktop\mat3.JPG
[2014/01/31 02:18:56 | 000,017,887 | ---- | M] () -- C:\Users\Dawn\Desktop\mat2.JPG
[2014/01/31 02:18:21 | 000,029,028 | ---- | M] () -- C:\Users\Dawn\Desktop\mat.JPG
[2014/01/31 02:11:16 | 000,043,276 | ---- | M] () -- C:\Users\Dawn\Desktop\feet8.jpg
[2014/01/31 02:08:00 | 000,033,457 | ---- | M] () -- C:\Users\Dawn\Desktop\feet7.jpg
[2014/01/31 02:04:36 | 000,280,238 | ---- | M] () -- C:\Users\Dawn\Desktop\feet6.JPG
[2014/01/31 02:01:53 | 000,075,140 | ---- | M] () -- C:\Users\Dawn\Desktop\feet5.JPG
[2014/01/31 01:50:23 | 000,025,962 | ---- | M] () -- C:\Users\Dawn\Desktop\feet4.JPG
[2014/01/31 01:50:09 | 000,032,546 | ---- | M] () -- C:\Users\Dawn\Desktop\feet3.JPG
[2014/01/31 01:48:29 | 000,128,301 | ---- | M] () -- C:\Users\Dawn\Desktop\feet2.JPG
[2014/01/31 01:45:24 | 000,043,012 | ---- | M] () -- C:\Users\Dawn\Desktop\feet1.JPG
[2014/01/31 01:43:07 | 000,328,893 | ---- | M] () -- C:\Users\Dawn\Desktop\Tyna B.JPG
[2014/01/31 01:38:48 | 000,194,143 | ---- | M] () -- C:\Users\Dawn\Desktop\head.JPG
[2014/01/31 01:24:18 | 000,045,024 | ---- | M] () -- C:\Users\Dawn\Desktop\Capture.JPG
[2014/01/28 23:11:58 | 000,101,877 | ---- | M] () -- C:\Users\Dawn\Desktop\MCP.JPG
[2014/01/27 02:03:58 | 365,255,116 | ---- | M] () -- C:\Users\Dawn\Desktop\DSC_3401.psd
[2014/01/24 19:40:25 | 000,001,929 | ---- | M] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/01/21 20:59:58 | 004,974,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/20 13:32:26 | 000,023,663 | ---- | M] () -- C:\Users\Dawn\Desktop\Capture LR.JPG
[2014/01/18 21:35:06 | 000,109,323 | ---- | M] () -- C:\Users\Dawn\Desktop\Large_.jpeg
[2014/01/18 19:01:17 | 001,656,964 | ---- | M] () -- C:\Users\Dawn\Desktop\maternity.psd
[2014/01/18 18:59:35 | 000,201,767 | ---- | M] () -- C:\Users\Dawn\Desktop\maternity.jpg
[2014/01/18 18:52:57 | 000,048,195 | ---- | M] () -- C:\Users\Dawn\Desktop\1517418_10153714307425293_1429156455_n.jpg
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/02/01 00:09:21 | 000,041,080 | ---- | C] () -- C:\Users\Dawn\Desktop\ana.JPG
[2014/01/31 23:27:01 | 000,058,609 | ---- | C] () -- C:\Users\Dawn\Desktop\jov.JPG
[2014/01/31 18:54:20 | 000,006,949 | ---- | C] () -- C:\Users\Dawn\Desktop\blackboard_grammar.jpg
[2014/01/31 18:52:10 | 000,042,335 | ---- | C] () -- C:\Users\Dawn\Desktop\pp,375x360.u8.jpg
[2014/01/31 18:37:32 | 000,087,876 | ---- | C] () -- C:\Users\Dawn\Desktop\tyna5.JPG
[2014/01/31 17:54:32 | 000,100,711 | ---- | C] () -- C:\Users\Dawn\Desktop\Tyna4.JPG
[2014/01/31 17:53:44 | 000,095,879 | ---- | C] () -- C:\Users\Dawn\Desktop\tyna3.JPG
[2014/01/31 17:52:56 | 000,096,729 | ---- | C] () -- C:\Users\Dawn\Desktop\tyna2.JPG
[2014/01/31 17:51:53 | 000,088,628 | ---- | C] () -- C:\Users\Dawn\Desktop\tyna1.JPG
[2014/01/31 17:50:53 | 000,092,014 | ---- | C] () -- C:\Users\Dawn\Desktop\Tyna.JPG
[2014/01/31 09:04:54 | 000,041,617 | ---- | C] () -- C:\Users\Dawn\Desktop\newborn2.JPG
[2014/01/31 09:03:27 | 000,053,658 | ---- | C] () -- C:\Users\Dawn\Desktop\Newborn1.htm
[2014/01/31 09:02:40 | 000,053,649 | ---- | C] () -- C:\Users\Dawn\Desktop\Newborn.htm
[2014/01/31 09:01:30 | 000,171,746 | ---- | C] () -- C:\Users\Dawn\Desktop\feet10.JPG
[2014/01/31 08:56:28 | 000,047,407 | ---- | C] () -- C:\Users\Dawn\Desktop\feet9.JPG
[2014/01/31 02:38:54 | 000,078,314 | ---- | C] () -- C:\Users\Dawn\Desktop\969936_467401983355409_1181268203_n.jpg
[2014/01/31 02:37:40 | 000,141,191 | ---- | C] () -- C:\Users\Dawn\Desktop\1292864_502613903167550_1170608542_o.jpg
[2014/01/31 02:36:42 | 000,009,859 | ---- | C] () -- C:\Users\Dawn\Desktop\1379930_510394955722778_1171958204_n.jpg
[2014/01/31 02:19:16 | 000,015,598 | ---- | C] () -- C:\Users\Dawn\Desktop\mat3.JPG
[2014/01/31 02:18:56 | 000,017,887 | ---- | C] () -- C:\Users\Dawn\Desktop\mat2.JPG
[2014/01/31 02:18:18 | 000,029,028 | ---- | C] () -- C:\Users\Dawn\Desktop\mat.JPG
[2014/01/31 02:11:16 | 000,043,276 | ---- | C] () -- C:\Users\Dawn\Desktop\feet8.jpg
[2014/01/31 02:07:57 | 000,033,457 | ---- | C] () -- C:\Users\Dawn\Desktop\feet7.jpg
[2014/01/31 02:04:35 | 000,280,238 | ---- | C] () -- C:\Users\Dawn\Desktop\feet6.JPG
[2014/01/31 02:01:50 | 000,075,140 | ---- | C] () -- C:\Users\Dawn\Desktop\feet5.JPG
[2014/01/31 01:50:23 | 000,025,962 | ---- | C] () -- C:\Users\Dawn\Desktop\feet4.JPG
[2014/01/31 01:50:09 | 000,032,546 | ---- | C] () -- C:\Users\Dawn\Desktop\feet3.JPG
[2014/01/31 01:48:29 | 000,128,301 | ---- | C] () -- C:\Users\Dawn\Desktop\feet2.JPG
[2014/01/31 01:45:21 | 000,043,012 | ---- | C] () -- C:\Users\Dawn\Desktop\feet1.JPG
[2014/01/31 01:43:06 | 000,328,893 | ---- | C] () -- C:\Users\Dawn\Desktop\Tyna B.JPG
[2014/01/31 01:38:45 | 000,194,143 | ---- | C] () -- C:\Users\Dawn\Desktop\head.JPG
[2014/01/31 01:24:12 | 000,045,024 | ---- | C] () -- C:\Users\Dawn\Desktop\Capture.JPG
[2014/01/28 23:11:54 | 000,101,877 | ---- | C] () -- C:\Users\Dawn\Desktop\MCP.JPG
[2014/01/27 02:03:18 | 365,255,116 | ---- | C] () -- C:\Users\Dawn\Desktop\DSC_3401.psd
[2014/01/24 19:40:25 | 000,001,929 | ---- | C] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/01/20 13:32:22 | 000,023,663 | ---- | C] () -- C:\Users\Dawn\Desktop\Capture LR.JPG
[2014/01/18 21:35:05 | 000,109,323 | ---- | C] () -- C:\Users\Dawn\Desktop\Large_.jpeg
[2014/01/18 18:59:32 | 000,201,767 | ---- | C] () -- C:\Users\Dawn\Desktop\maternity.jpg
[2014/01/18 18:58:36 | 001,656,964 | ---- | C] () -- C:\Users\Dawn\Desktop\maternity.psd
[2014/01/18 18:52:56 | 000,048,195 | ---- | C] () -- C:\Users\Dawn\Desktop\1517418_10153714307425293_1429156455_n.jpg
[2013/08/06 21:11:51 | 000,000,182 | ---- | C] () -- C:\Windows\wininit.ini
[2013/05/12 20:28:21 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\WDPABKP.dat
[2013/02/27 00:02:14 | 000,004,509 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\CamStudio.cfg
[2013/01/09 00:31:48 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2012/12/06 02:50:07 | 000,000,132 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/11/04 00:45:34 | 000,003,072 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Photobook Designer Prefsv3
[2012/10/24 22:41:23 | 000,000,132 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012/10/20 12:58:49 | 000,000,218 | ---- | C] () -- C:\Users\Dawn\.recently-used.xbel
[2012/08/21 14:18:20 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2012/08/21 14:18:08 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\hpcc3130.dll
[2012/08/16 10:52:35 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2012/08/16 10:52:35 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012/08/09 10:57:42 | 000,103,272 | ---- | C] () -- C:\Users\Dawn\GoToAssistDownloadHelper.exe
[2012/08/08 18:26:55 | 000,060,304 | ---- | C] () -- C:\Users\Dawn\g2mdlhlpx.exe
[2012/06/28 22:04:29 | 000,006,416 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/27 01:01:21 | 000,000,126 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/08/18 23:08:00 | 000,865,117 | ---- | C] () -- C:\Users\Dawn\AppData\Local\census.cache
[2011/08/18 23:06:42 | 000,131,064 | ---- | C] () -- C:\Users\Dawn\AppData\Local\ars.cache
[2011/08/18 22:19:52 | 000,000,036 | ---- | C] () -- C:\Users\Dawn\AppData\Local\housecall.guid.cache
[2011/06/19 23:35:23 | 000,001,456 | ---- | C] () -- C:\Users\Dawn\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/06/07 16:53:41 | 000,001,940 | ---- | C] () -- C:\Users\Dawn\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/29 10:38:57 | 000,007,618 | ---- | C] () -- C:\Users\Dawn\AppData\Local\resmon.resmoncfg
[2011/05/16 11:34:11 | 000,002,736 | ---- | C] () -- C:\Users\Dawn\AppData\Roaming\wklnhst.dat
[2010/12/24 00:25:38 | 000,004,982 | ---- | C] () -- C:\ProgramData\xjrxrpty.cte
[2010/12/24 00:25:37 | 000,004,983 | ---- | C] () -- C:\ProgramData\pyknfeyt.slj
[2010/12/03 11:55:20 | 000,061,440 | ---- | C] () -- C:\Users\Dawn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 20:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011/03/19 19:03:29 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Anthropics
[2013/11/23 02:40:17 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Azureus
[2012/10/25 17:34:12 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Broadview
[2012/01/04 12:42:07 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Canon
[2011/01/25 19:05:28 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/05/11 22:09:28 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2013/03/09 15:30:50 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\com.showitfast.pass.desktop.PASS
[2013/12/03 23:20:25 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Dropbox
[2010/09/25 22:06:14 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\EgisTec
[2011/10/30 11:42:44 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\eSobi
[2012/03/10 18:34:42 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Flickr
[2012/10/20 12:58:16 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\gtk-2.0
[2013/10/22 09:57:38 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\JAM Software
[2011/05/28 14:58:45 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Leadertech
[2010/12/24 00:27:17 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\LumaPix
[2012/07/11 22:22:32 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Motorola
[2013/11/07 20:41:07 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\MultiBit
[2012/08/17 00:57:40 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\OfficeRecovery
[2014/01/24 19:40:18 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\onOne Software
[2010/09/27 14:05:59 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\OpenOffice.org
[2012/08/03 13:20:33 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\OverDrive
[2011/06/19 13:42:45 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Participatory Culture Foundation
[2012/10/20 12:58:49 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\PCF-VLC
[2010/11/21 18:30:08 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Philipp Winterberg
[2012/11/04 00:45:00 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Photobook Designer
[2010/09/25 19:00:35 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\PowerCinema
[2011/05/28 15:14:12 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Seagate
[2012/06/28 22:47:12 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\SoftGrid Client
[2011/03/23 16:03:40 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/12/19 23:30:08 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Temp
[2011/05/16 11:35:04 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Template
[2011/06/07 16:51:13 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Tific
[2012/01/04 12:42:05 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\TomTom
[2012/06/28 22:09:38 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\TP
[2010/12/24 03:02:05 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Utherverse
[2012/09/26 13:45:59 | 000,000,000 | ---D | M] -- C:\Users\Dawn\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
< End of report >
#13
Posted 01 February 2014 - 01:20 AM
DawnsShadow
- Topic Starter
-
- Member
-
- 24 posts
Member
# AdwCleaner v3.018 - Report created 01/02/2014 at 02:13:09
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Dawn - DAWN-PC
# Running from : C:\Users\Dawn\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Uniblue\SpeedUpMyPC
Folder Deleted : C:\Users\Dawn\AppData\Local\Temp\boost_interprocess
File Deleted : C:\Users\Dawn\Desktop\sweetpcfix.url
File Deleted : C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\Searchou.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.17267
-\\ Mozilla Firefox v26.0 (en-US)
[ File : C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\prefs.js ]
Line Deleted : user_pref("extensions.uXJ7HqxJMXZ.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.match(/ressbar.com[^f]+fid=65017/)||url.indexOf(\"form=u064ht&pc=u064\"[...]
*************************
AdwCleaner[R0].txt - [2012 octets] - [01/02/2014 02:11:13]
AdwCleaner[S0].txt - [1957 octets] - [01/02/2014 02:13:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2017 octets] ##########
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Dawn - DAWN-PC
# Running from : C:\Users\Dawn\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\Uniblue\SpeedUpMyPC
Folder Deleted : C:\Users\Dawn\AppData\Local\Temp\boost_interprocess
File Deleted : C:\Users\Dawn\Desktop\sweetpcfix.url
File Deleted : C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\searchplugins\Searchou.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{05478A66-EDB6-4A22-A870-A5987F80A7DA}
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.17267
-\\ Mozilla Firefox v26.0 (en-US)
[ File : C:\Users\Dawn\AppData\Roaming\Mozilla\Firefox\Profiles\lvo7s835.default\prefs.js ]
Line Deleted : user_pref("extensions.uXJ7HqxJMXZ.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.match(/ressbar.com[^f]+fid=65017/)||url.indexOf(\"form=u064ht&pc=u064\"[...]
*************************
AdwCleaner[R0].txt - [2012 octets] - [01/02/2014 02:11:13]
AdwCleaner[S0].txt - [1957 octets] - [01/02/2014 02:13:09]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2017 octets] ##########
#14
Posted 01 February 2014 - 01:59 AM
DawnsShadow
- Topic Starter
-
- Member
-
- 24 posts
Member
Results of screen317's Security Check version 0.99.79
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader XI
Mozilla Firefox (26.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 9%
````````````````````End of Log``````````````````````
Windows 7 x64 (UAC is enabled)
Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader XI
Mozilla Firefox (26.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 9%
````````````````````End of Log``````````````````````
#15
Posted 01 February 2014 - 09:23 AM
zep516
-
- Malware Removal
-
- 8,090 posts
Trusted Helper
Hi DawnsShadow,
How is the computer running? Anymore pop ups / ads or other issues remaining ?
How is the computer running? Anymore pop ups / ads or other issues remaining ?
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
