Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need help removing Powelik & Adclicker trojans [Solved]

Started by Kooldaddyo , Nov 02 2014 01:06 PM
Powelik Adclicker

  • This topic is locked This topic is locked

#1
Kooldaddyo
Posted 02 November 2014 - 01:06 PM

Kooldaddyo

    Member

  • Member
  • PipPip
  • 17 posts

11/5 STILL NEED HELP PLEASE! 

I Posted on 11/2

 

I have been infected with Powelik & Adclick Trojans and need help removing them. I have ran my Norton A/V and it said it found and fixed but it did not. I have also ran Malwarebytes and it found them also but they still remain and Norton keeps blocking them constantly.

 

 I just ran geekstogo OTL by Old Timer Ver 3.2.69.0 and the text file is below:

 

 

 

OTL logfile created on: 11/2/2014 9:22:59 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ShopAaron's.com\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.93 Gb Total Physical Memory | 1.76 Gb Available Physical Memory | 44.63% Memory free
7.87 Gb Paging File | 4.45 Gb Available in Paging File | 56.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 150.29 Gb Free Space | 53.03% Space Free | Partition Type: NTFS
 
Computer Name: DADDYOSDELLLAPT | User Name: ShopAaron's.com | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/02 09:19:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ShopAaron's.com\Desktop\OTL.exe
PRC - [2014/10/19 12:18:58 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
PRC - [2014/10/06 18:54:03 | 000,810,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2014/10/01 10:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/10/01 10:09:20 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/09/21 01:59:37 | 000,262,968 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
PRC - [2014/09/12 01:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/07/30 21:48:25 | 000,130,104 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
PRC - [2014/07/23 07:44:16 | 000,438,616 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2013/02/13 18:38:24 | 000,844,144 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2013/02/13 18:38:18 | 000,310,128 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/02/13 18:38:14 | 001,509,232 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012/07/11 16:35:28 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2011/09/06 09:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 07:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
PRC - [2011/08/18 07:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/01 09:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2009/06/24 18:19:50 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/06/24 14:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2009/06/18 19:46:28 | 001,554,928 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
PRC - [2009/06/18 19:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2008/12/18 12:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/09/26 07:19:04 | 000,210,208 | ---- | M] (Acresso Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/10/16 14:53:00 | 002,297,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\e3641fa3359f37ad12c84183ce765093\System.Core.ni.dll
MOD - [2014/10/16 14:06:06 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll
MOD - [2014/10/16 14:05:07 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll
MOD - [2014/10/16 14:04:48 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/16 14:04:33 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/16 14:04:23 | 005,467,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/16 14:03:54 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/16 14:03:46 | 012,236,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll
MOD - [2014/10/16 14:03:26 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/16 14:03:13 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/10/16 12:22:49 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/10/16 12:22:44 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\54565a827b0e5a6f78e93e2ae06dd0e4\System.Runtime.Remoting.ni.dll
MOD - [2014/10/16 12:22:42 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MOD - [2014/10/16 12:22:27 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MOD - [2014/10/16 12:22:17 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MOD - [2014/10/16 12:22:10 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\902843918d037f5f3511d679bf1e2216\System.ServiceProcess.ni.dll
MOD - [2014/10/16 12:21:51 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/16 12:21:49 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/16 12:21:43 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/16 12:21:41 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/09/10 06:40:23 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2014/02/27 09:53:42 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2011/08/18 07:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
MOD - [2009/06/18 19:46:28 | 001,554,928 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
MOD - [2009/06/18 19:46:24 | 000,494,064 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2009/06/18 19:46:20 | 000,584,176 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\BBEngineAS.dll
MOD - [2009/05/20 16:59:48 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/09/18 17:25:49 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/06/16 23:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/16 17:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
SRV:64bit: - [2009/06/28 20:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe -- (STacSV)
SRV:64bit: - [2008/12/18 12:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2014/10/01 10:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/10/01 10:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/09/23 19:54:34 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/21 01:59:37 | 000,262,968 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe -- (NAV)
SRV - [2014/09/12 01:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/07/30 21:48:25 | 000,130,104 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe -- (NCO)
SRV - [2014/07/23 07:44:16 | 000,438,616 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2014/07/14 17:21:06 | 001,767,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2014/03/20 14:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011/08/18 07:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/11/06 07:35:49 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2009/06/28 20:44:38 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe -- (STacSV)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/11/02 08:35:55 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/08/25 18:20:22 | 000,876,248 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1506000.020\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/08/25 18:20:22 | 000,037,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1506000.020\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2014/08/11 13:39:04 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/08/06 11:48:16 | 000,266,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1506000.020\ironx64.sys -- (SymIRON)
DRV:64bit: - [2014/03/03 20:18:12 | 001,148,120 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1506000.020\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/02/20 15:14:34 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1506000.020\ccsetx64.sys -- (ccSet_NAV)
DRV:64bit: - [2014/02/17 17:32:41 | 000,593,112 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1506000.020\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/10/29 23:26:19 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1506000.020\symds64.sys -- (SymDS)
DRV:64bit: - [2013/10/01 18:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/27 11:23:26 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DE07060.00F\ccsetx64.sys -- (ccSet_NST)
DRV:64bit: - [2013/07/19 02:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2013/02/06 06:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/02/06 06:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/04/18 14:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/04/30 03:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/04/30 03:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/04/30 03:59:10 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/04/30 03:59:10 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 18:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 01:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/11/10 03:53:40 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009/07/16 17:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
DRV:64bit: - [2009/07/16 17:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/28 20:44:38 | 000,487,424 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/06/25 20:23:30 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/06/25 01:04:20 | 000,067,584 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2009/06/25 00:38:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2009/06/25 00:13:44 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2009/06/15 11:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/06/10 12:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/25 12:13:10 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2006/11/01 10:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2014/10/03 11:19:31 | 001,587,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\BASHDefs\20141024.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/09/23 10:00:10 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141101.003\ex64.sys -- (NAVEX15)
DRV - [2014/09/23 10:00:10 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/09/23 10:00:10 | 000,142,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/09/23 10:00:10 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141101.003\eng64.sys -- (NAVENG)
DRV - [2014/08/27 16:06:54 | 000,633,560 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\IPSDefs\20141101.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2003/06/10 14:51:27 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\ASPI32.SYS -- (Aspi32)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {22858CA6-EDBB-4BB0-B24B-FE28107132E2}
IE:64bit: - HKLM\..\SearchScopes\{22858CA6-EDBB-4BB0-B24B-FE28107132E2}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6F78BEF4-F7F7-4D74-AD6A-B8F2E5CD49F5}
IE - HKLM\..\SearchScopes\{6F78BEF4-F7F7-4D74-AD6A-B8F2E5CD49F5}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://a-1countertops.moraware.ne [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.protopage...itled/Bookmarks
IE - HKCU\..\SearchScopes,DefaultScope = {36D61774-4A8F-4570-8C0F-E748663E87F1}
IE - HKCU\..\SearchScopes\{36D61774-4A8F-4570-8C0F-E748663E87F1}: "URL" = https://www.google.c...?q={searchTerms}
IE - HKCU\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://www.searchqu....&q={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\ShopAaron's.com\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\ShopAaron's.com\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ [2014/11/02 08:30:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/08/29 14:08:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.4.0.13\IPSFF [2014/08/13 13:25:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/08/29 14:08:21 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: Google Slides = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: Google Docs = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Sheets = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: Norton Identity Safe = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
CHR - Extension: Skype Click to Call = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.3.16540.9015_0\
CHR - Extension: Google Wallet = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Norton Security Toolbar = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.7.6.17_0\
CHR - Extension: Gmail = C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
Hosts file not found
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coieplg.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coieplg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files (x86)\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [HLBackupScheduler] C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe File not found
O4 - HKCU..\Run: [Innova OBD PC-Link] C:\Program Files (x86)\Innova OBD PC-Link\Innova.exe (Innova Electronics Corp.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe (Softthinks)
O4 - Startup: C:\Users\ShopAaron's.com\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab (PCPitstop Utility)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.71.2)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab (EPUImageControl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.71.2)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.youplay.c...ploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...xControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.113.32.29 24.113.32.30 66.235.59.7
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{32C7CFB8-DEEC-40FC-BCC5-B8A284501BEF}: DhcpNameServer = 68.87.69.150 68.87.85.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0FE49F0-3CAF-4189-87B9-675E746829FE}: DhcpNameServer = 24.113.32.29 24.113.32.30 66.235.59.7
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{13636d6a-d691-11e0-ba0e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13636d6a-d691-11e0-ba0e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\{5a26b33d-c8c8-11df-9311-0026b90d139a}\Shell - "" = AutoRun
O33 - MountPoints2\{5a26b33d-c8c8-11df-9311-0026b90d139a}\Shell\AutoRun\command - "" = E:\TL-Bootstrap.exe
O33 - MountPoints2\{b062c009-8f30-11e2-b807-0026b90d139a}\Shell - "" = AutoRun
O33 - MountPoints2\{b062c009-8f30-11e2-b807-0026b90d139a}\Shell\AutoRun\command - "" = E:\VZW_Software_upgrade_assistant_installer.exe
O33 - MountPoints2\{fb83b260-0f93-11e0-9087-0026b90d139a}\Shell - "" = AutoRun
O33 - MountPoints2\{fb83b260-0f93-11e0-9087-0026b90d139a}\Shell\AutoRun\command - "" = E:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/02 09:18:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ShopAaron's.com\Desktop\OTL.exe
[2014/11/01 19:56:34 | 000,000,000 | -HSD | C] -- C:\found.000
[2014/11/01 19:12:26 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/01 10:40:16 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{77E199D4-3AA4-4861-9951-3542B5591810}
[2014/11/01 09:37:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/11/01 09:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/11/01 09:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/11/01 08:34:44 | 000,000,000 | ---D | C] -- C:\NPE
[2014/10/31 12:28:12 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\Desktop\80 AR complete lower
[2014/10/31 12:21:13 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{BB6CBEB2-EA11-4F6A-A743-455B73473730}
[2014/10/30 19:21:43 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{954506BF-F8BD-4E94-88B1-B05C9BD46F71}
[2014/10/30 09:18:50 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\Desktop\Gamo Bone Hunter .177
[2014/10/30 07:20:25 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{52E2DB3B-F8B1-40EE-B72A-FC9A72D72ED5}
[2014/10/29 21:21:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PCPitstop
[2014/10/29 21:21:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCPitstop
[2014/10/29 19:19:42 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{78B80EB4-EA19-4787-8315-359BD91308F0}
[2014/10/29 07:26:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/10/29 07:25:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014/10/29 07:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/10/29 07:19:12 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{F11CE967-BE27-4352-9F17-A72E3BE702D7}
[2014/10/28 18:56:53 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{4651A027-ED76-4D9D-9E63-338BDACD41D7}
[2014/10/28 06:55:46 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{0D375BA4-62E1-4AC1-BF84-B01A3DF8857D}
[2014/10/27 15:07:01 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\Desktop\Paizlee Teddy Bear
[2014/10/27 14:04:34 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\Desktop\Boxers
[2014/10/27 09:10:02 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{00EB3F02-C5ED-4EB8-BFE2-D1CB809B5A29}
[2014/10/27 09:08:14 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\Desktop\Apple Health
[2014/10/26 21:09:30 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{BE7287FF-B109-4ED2-BFA5-D729F0F0139B}
[2014/10/26 06:56:04 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{F95BFDFA-1A3B-4C81-8629-722F05A27A1E}
[2014/10/25 09:16:58 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{BF381502-AAF7-43E1-8FD2-A374017CDB06}
[2014/10/24 21:15:50 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{B24905E0-A208-4DC2-A37F-644759C7F038}
[2014/10/24 09:14:43 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{2ACF9690-6071-4324-88BB-B803EEA7A6E4}
[2014/10/23 19:26:57 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{9F6B5478-1F58-41FC-920A-1EFF749747AC}
[2014/10/23 07:26:03 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{1E4600A4-3632-42CB-AEA5-DBA500BC07CD}
[2014/10/22 19:25:36 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{415E4BB1-8505-40F8-BEF6-3052F98BF137}
[2014/10/22 07:25:10 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{31EBA05D-8CEA-4023-AA20-5E84DB84B0F0}
[2014/10/21 10:13:06 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{CF4C9A5F-7858-48E1-B713-1C834A53B398}
[2014/10/21 09:49:30 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2014/10/21 09:48:58 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Roaming\AVS4YOU
[2014/10/21 09:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2014/10/21 09:45:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2014/10/20 19:29:09 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{BCF74012-7B58-4955-986A-04BF33180B69}
[2014/10/20 07:28:41 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{D617C5D6-28B9-43A4-8ACD-52C675818F4A}
[2014/10/20 07:20:59 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{4E6F06BF-5741-4DF4-9E45-8ED3B2BFF04D}
[2014/10/19 09:02:48 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{D70D9061-938B-459C-BB32-CC003203672D}
[2014/10/18 17:57:55 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{2ADAFAD2-BEF9-4C0A-9DD5-976A7DA433DA}
[2014/10/17 20:46:17 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{E01AEBF4-0922-46C5-A8A3-0D22AFCD2524}
[2014/10/17 19:38:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/10/17 19:37:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/10/17 08:22:02 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{0E99A6B5-12DB-402F-BA1D-73A6204BE38F}
[2014/10/16 20:21:32 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{331E9A07-CA23-4FE7-8284-43787F74B172}
[2014/10/16 08:22:01 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\Desktop\Blazer
[2014/10/16 08:21:06 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{4EDB560E-B342-41B1-A5B0-C3FB0B3E6E55}
[2014/10/15 19:40:32 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{18ADC825-D57B-441D-94D8-1FB0631B4414}
[2014/10/15 07:40:07 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{004422EF-8392-4389-85FE-53C5D794C277}
[2014/10/14 19:39:54 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{8003382B-C5AA-479B-A6C0-B958806EFE23}
[2014/10/14 07:38:59 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{3AC36D25-6344-491A-91F8-7E3E0BC7A63D}
[2014/10/13 19:37:52 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{23EBD968-35BB-4F44-BF5C-E6EC4D6112F0}
[2014/10/13 07:37:26 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{DCE57CE0-FF95-4430-BCD7-CF8BE8360770}
[2014/10/12 19:37:00 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{D29EE577-0F6D-4DCE-8AFF-95D7FBFCBF5E}
[2014/10/12 07:36:05 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{21C578CB-3DA4-45EE-B6DA-DBB20F0BBEBD}
[2014/10/11 19:07:27 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{6B50CB7A-A245-44BC-A2AB-D867B76F85FD}
[2014/10/11 07:06:18 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{AD89C207-989D-4D41-8F00-8263CF0149FA}
[2014/10/10 09:21:03 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{0D75AA09-C25A-46F6-8365-2CDB47481D6A}
[2014/10/09 20:03:04 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{2841FF9F-330C-47F4-A221-FD96C0084E25}
[2014/10/09 08:02:02 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{21E47258-3FE8-4CF9-8C93-59DFDB92EA70}
[2014/10/08 18:21:49 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{82D691EF-B1D7-46BF-9657-669D9330BCFB}
[2014/10/08 06:21:22 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{2B62EE3C-E8E2-44EF-887D-BB1C7BDB1899}
[2014/10/07 12:08:02 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{588767D5-048E-495E-A1D1-0123803CA6A5}
[2014/10/06 20:31:52 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{E41B9892-CCAF-47C2-95AB-0D342EB7EF79}
[2014/10/06 07:38:37 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{CF682702-509F-4E06-A65C-29192EA7DEC2}
[2014/10/04 14:42:39 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\Desktop\Remington 870 Magnum Express 12 ga
[2014/10/04 14:07:31 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{BFE51D06-F974-4660-BC25-49EBDF988B26}
[2014/10/04 07:36:49 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\Desktop\Gun funnies
[2014/10/03 20:35:38 | 000,000,000 | ---D | C] -- C:\Users\ShopAaron's.com\AppData\Local\{820A352D-397F-4FE9-B767-EEC3DA2B2FDD}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\ShopAaron's.com\AppData\Local\*.tmp files -> C:\Users\ShopAaron's.com\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/11/02 09:43:19 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/02 09:19:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ShopAaron's.com\Desktop\OTL.exe
[2014/11/02 08:43:32 | 005,701,538 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/11/02 08:43:32 | 001,880,290 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/11/02 08:43:32 | 000,006,210 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/11/02 08:43:18 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/02 08:43:18 | 000,022,464 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/02 08:28:12 | 3168,419,840 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/01 20:38:05 | 000,335,251 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\scan0001.pdf
[2014/11/01 19:59:00 | 000,003,304 | ---- | M] () -- C:\bootsqm.dat
[2014/11/01 14:05:51 | 000,454,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/01 09:37:11 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/30 21:28:46 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/10/30 21:17:20 | 000,045,734 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\10615399_10152731716499004_4891723299296646352_n.jpg
[2014/10/29 15:50:51 | 000,103,897 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\My 3 yr driving Abstract.pdf
[2014/10/28 09:29:26 | 000,037,055 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\Glock 1911.jpg
[2014/10/25 09:48:59 | 000,017,707 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\What Im going to be for Halloween.jpg
[2014/10/22 14:49:10 | 000,013,051 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\00T0T_9g8Kupy0V99_600x450.jpg
[2014/10/21 18:38:19 | 000,070,618 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\[bleep] this post.jpg
[2014/10/21 09:23:59 | 163,099,288 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\Sophia eagerly sucks Daddys cum.mp4
[2014/10/20 15:54:19 | 000,024,357 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\10372552_10154175425020015_4888907336937689972_n.jpg
[2014/10/17 18:15:32 | 000,028,644 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\Im a pervert.jpg
[2014/10/09 08:15:03 | 000,989,171 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\Bundy Thumb Up.gif
[2014/10/08 08:14:47 | 000,024,749 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\Freedom Eagle.jpg
[2014/10/05 16:02:14 | 000,071,112 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\Tool rack.jpg
[2014/10/05 13:44:10 | 010,216,949 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\Kitsap No_Shooting_Areas_2012_web.pdf
[2014/10/03 21:29:54 | 000,061,382 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\Best Post Ever.jpg
[2014/10/03 21:24:56 | 000,057,976 | ---- | M] () -- C:\Users\ShopAaron's.com\Desktop\Go [bleep] yourself with a cactus.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\ShopAaron's.com\AppData\Local\*.tmp files -> C:\Users\ShopAaron's.com\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/11/01 20:38:06 | 000,335,251 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\scan0001.pdf
[2014/11/01 19:59:00 | 000,003,304 | ---- | C] () -- C:\bootsqm.dat
[2014/11/01 14:05:51 | 000,454,864 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/01 09:37:11 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/30 21:17:32 | 000,045,734 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\10615399_10152731716499004_4891723299296646352_n.jpg
[2014/10/29 15:50:51 | 000,103,897 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\My 3 yr driving Abstract.pdf
[2014/10/28 09:29:51 | 000,037,055 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\Glock 1911.jpg
[2014/10/25 09:50:42 | 000,017,707 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\What Im going to be for Halloween.jpg
[2014/10/23 16:04:36 | 000,086,420 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\Jeff Jamie Jordan 2002.jpg
[2014/10/22 14:50:00 | 000,013,051 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\00T0T_9g8Kupy0V99_600x450.jpg
[2014/10/21 09:22:08 | 163,099,288 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\Sophia eagerly sucks Daddys cum.mp4
[2014/10/20 15:58:38 | 000,024,357 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\10372552_10154175425020015_4888907336937689972_n.jpg
[2014/10/17 18:14:39 | 000,028,644 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\Im a pervert.jpg
[2014/10/11 06:55:48 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/10/09 08:15:03 | 000,989,171 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\Bundy Thumb Up.gif
[2014/10/08 08:17:53 | 000,024,749 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\Freedom Eagle.jpg
[2014/10/05 16:02:34 | 000,071,112 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\Tool rack.jpg
[2014/10/05 13:44:09 | 010,216,949 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\Kitsap No_Shooting_Areas_2012_web.pdf
[2014/10/03 21:33:15 | 000,070,618 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\[bleep] this post.jpg
[2014/10/03 21:30:12 | 000,061,382 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\Best Post Ever.jpg
[2014/10/03 21:25:30 | 000,057,976 | ---- | C] () -- C:\Users\ShopAaron's.com\Desktop\Go [bleep] yourself with a cactus.jpg
[2013/08/31 18:17:44 | 000,006,188 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/29 14:00:43 | 000,206,186 | ---- | C] () -- C:\Windows\hpoins46.dat
[2013/03/30 11:18:59 | 000,366,110 | ---- | C] () -- C:\Windows\hpoins46.dat.temp
[2013/02/05 16:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/02/05 16:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2013/02/05 16:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2013/02/05 16:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2013/02/05 16:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012/07/05 16:44:02 | 000,000,028 | ---- | C] () -- C:\Users\ShopAaron's.com\AppData\Local\settings.ini
[2010/07/07 06:03:23 | 000,000,632 | RHS- | C] () -- C:\Users\ShopAaron's.com\ntuser.pol
[2010/05/02 06:19:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/04/03 15:50:28 | 000,000,142 | ---- | C] () -- C:\Users\ShopAaron's.com\AppData\Roaming\wklnhst.dat
 
========== ZeroAccess Check ==========
 
[2010/06/17 11:39:14 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 18:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 17:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/08/27 14:52:13 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2014/07/16 08:56:53 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\DVDVideoSoft
[2014/04/15 14:15:17 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\GARMIN
[2013/08/31 18:27:00 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\Innova
[2010/06/19 08:05:05 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\Leadertech
[2014/08/27 15:40:00 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\No Company Name
[2014/03/26 11:00:04 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\Oberon Media
[2014/08/08 15:15:03 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\Oracle
[2014/08/25 07:40:44 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\PCDr
[2014/08/27 15:26:08 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\PDAppFlex
[2013/03/17 19:03:45 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\Samsung
[2012/06/24 10:10:34 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\Spotify
[2010/04/04 07:29:26 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\Template
[2010/06/15 17:02:06 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\Tific
[2013/06/16 09:11:41 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\Wargaming.net
[2010/10/26 20:22:31 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\Windows Live Writer
[2014/03/25 17:58:14 | 000,000,000 | ---D | M] -- C:\Users\ShopAaron's.com\AppData\Roaming\WinWay
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 366 bytes -> C:\ProgramData\TEMP:03DBFDCF

< End of report >


Edited by Kooldaddyo, 04 November 2014 - 11:47 PM.

  • 0

Advertisements

#2
Kooldaddyo
Posted 02 November 2014 - 02:45 PM

Kooldaddyo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

OTL Extras logfile created on: 11/2/2014 9:22:59 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\ShopAaron's.com\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.93 Gb Total Physical Memory | 1.76 Gb Available Physical Memory | 44.63% Memory free
7.87 Gb Paging File | 4.45 Gb Available in Paging File | 56.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283.40 Gb Total Space | 150.29 Gb Free Space | 53.03% Space Free | Partition Type: NTFS
 
Computer Name: DADDYOSDELLLAPT | User Name: ShopAaron's.com | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
chm.file [open] -- "%SystemRoot%\hh.exe" %1
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{115DFB12-3549-4F51-A9C4-85BE8DDE59A4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{165DB9F0-480E-457E-B037-D63DE8300DF5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1F527E09-C905-4886-8DBA-678C5E2D91CF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2152D670-76C3-4236-9810-C2FBF283AF3C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{225D9B18-7294-4627-959A-8E50FD50BDC1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{277A2877-7C53-4F33-9FC1-DE7CBF2BECF5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{2E7BD1E3-7D18-406B-9584-EC8BE10A4F0A}" = lport=445 | protocol=6 | dir=in | app=system |
"{3A1532E8-9B42-42A7-B1AD-69C24516F27E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{44A89C4C-8B35-4470-86A9-57E3BAED0D1C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{451344DC-A3B7-4635-BF42-912CEA1E226C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{500CCC43-BD81-484F-A6F1-98C29857C18D}" = lport=137 | protocol=17 | dir=in | app=system |
"{58D9BF21-097D-4F61-BD25-6AD8A23453E4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{67FF7D44-E714-414A-B3DE-B7E4742D7EDF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6FB64D28-8186-4CD7-81DF-1C06C82CBD51}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92A2D8EE-51DC-4AA5-B4A7-968A2391E410}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{99E66F24-C860-4764-B5E6-A78C83E4BCDF}" = rport=445 | protocol=6 | dir=out | app=system |
"{A6C274B5-204B-48AE-8482-9C2AF6228A4E}" = lport=138 | protocol=17 | dir=in | app=system |
"{A99A77D5-8C3F-4755-B63A-ACDB9C15D92B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B7723FF6-F1E9-4D0E-89BE-CF517D842EB9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B866CF82-1563-478A-8CB1-94DFCC29370D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BBC68E90-5000-413D-B085-E2F35E350817}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D154DF15-7719-4233-B5C1-6EC09CF5B326}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7053AD3-1EA5-4DB2-85B0-9410100F7955}" = rport=138 | protocol=17 | dir=out | app=system |
"{D844165D-306D-4411-86B2-352589FFFE1F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DA2AB728-52A1-42C3-8E48-046B409F3DD6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{DA3F562B-9552-435C-85A2-68E6271FF196}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{EF216331-B29B-4973-A6B3-37A3C16914EE}" = lport=139 | protocol=6 | dir=in | app=system |
"{F084B39E-CFDE-4691-803B-EBDC67504B5D}" = rport=137 | protocol=17 | dir=out | app=system |
"{FEF83FB0-915F-4894-BAB5-A5F7040CA23C}" = rport=139 | protocol=6 | dir=out | app=system |
"{FF1B4F85-463E-4DF2-A24D-CA5E4FF75515}" = lport=2869 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F83EE2-B87E-4BD3-8312-D89653363FAA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{07D97213-D7C0-453E-8EA8-17D2264BFF3E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{09BAD2C9-267F-43E0-B1C0-8F32F0B1A301}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0C9823A2-DE4E-4865-A00C-7C0F67ECCC24}" = protocol=58 | dir=out | [email protected],-28546 |
"{0E10D566-B6E4-44FB-9379-9B13F3782B05}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{119B75C9-0E59-4F21-A937-9C95E678D147}" = protocol=17 | dir=in | app=c:\users\shopaaron's.com\appdata\local\temp\7zs2b42\hpdiagnosticcoreui.exe |
"{1628DE22-228A-4413-89B8-20288EDABB05}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{174E0628-A520-461C-BA79-B7951710766A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{18668E63-B666-471F-90BC-0F56FEB54776}" = dir=in | app=c:\users\shopaaron's.com\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{1F9C2D5C-9FB1-4B1D-8532-76500F271157}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{228BCAD4-1283-4BC4-AF8E-2DE3D6334183}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{2668DD07-4F61-4DF6-934A-785F0D2F5646}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{337BCB01-D45A-491E-9768-70FAA63181D7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{34127CC1-1CA8-46BA-80F6-C65950A608AE}" = protocol=17 | dir=in | app=c:\users\shopaaron's.com\appdata\local\temp\7zs5b5a\hpdiagnosticcoreui.exe |
"{3D06ADA9-0E8A-4719-ADE5-F36806E5F6A2}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{3D650457-FB51-42E9-AF72-BA095C2E3912}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{3DA50F40-8C05-4E34-B6BD-54681E0B8C86}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{41505447-4D67-4BBC-9A0A-2086963218BF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{41813107-0E85-4572-A6BD-BC481490DA39}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4792F7D1-E252-4590-81B5-900A36050C5B}" = protocol=17 | dir=in | app=c:\users\shopaaron's.com\appdata\local\temp\7zs31bb\hpdiagnosticcoreui.exe |
"{51EBD6EB-AA82-4FFA-AEFE-7FD0D19C205B}" = protocol=6 | dir=in | app=c:\users\shopaaron's.com\appdata\local\temp\7zs31bb\hpdiagnosticcoreui.exe |
"{528A396B-8758-4599-BD13-C6C3315D1C1D}" = protocol=6 | dir=in | app=c:\users\shopaaron's.com\appdata\local\temp\7zs2b42\hpdiagnosticcoreui.exe |
"{52D911AB-62C3-4B3A-ACF8-68729DE83A25}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{533D4F85-01F4-4B2A-8F90-6604AED20906}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5B1ED0FD-DF92-43C7-A7D5-7A872D1D7019}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{5BE0CE5C-1908-48D9-8B4F-09DC69766B03}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{66E6D834-FA7D-4998-A8E8-3A8D9EDA3CE3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{69CA3AC2-501C-4967-89A0-3E98E9399DD8}" = protocol=58 | dir=in | [email protected],-28545 |
"{6D17B9ED-E14D-4601-A607-9D1A7D77DA91}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{70A738B4-1230-4125-BDB9-563C294F3846}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{75CCA73B-B3B1-4BDD-975F-34490C3F0CAE}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"{7D6F624A-DB9D-4E9F-AF30-9673D0A533E6}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{7EFAEBBF-C702-4664-9A77-F8D829A659A2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{83894100-DD8E-4D46-BC73-86E5FDA76B62}" = dir=in | app=d:\setup\hpznui40.exe |
"{8D84389C-6BF6-4812-A06D-3734584637B1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9B775032-9352-46C8-B2E7-FD0F9979FD88}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{AAE01B9C-9374-459A-98E6-0C732D8D2DED}" = protocol=1 | dir=in | [email protected],-28543 |
"{AD682E3C-7788-4F33-917C-2A2EC38BC5BB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{B54298CE-4074-4B28-A642-026B8E949F23}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B57CC3CA-953B-44C4-9B11-012BEDAFE444}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{B60C4552-A445-4618-A301-25B0E4530897}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{B704F678-F396-48F6-A9E0-021B638E0D40}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{BA30E0B9-4627-48E6-9758-981F519EF107}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{BDA9F0BF-4FD2-45AC-B839-F8E8030592DF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{BDDA0DCB-4178-4CE2-8928-E97F239135C7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{CA24BEE4-158D-4D10-97A1-3331E47BD0A5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{CCABA5E1-6D5B-4A9D-ADF7-5036DA4A11B8}" = protocol=6 | dir=in | app=c:\users\shopaaron's.com\appdata\local\temp\7zs5b5a\hpdiagnosticcoreui.exe |
"{CD2C3B9A-7CE4-4F27-8FE4-68655419CDCE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB751A60-8F53-41A5-B7CC-D495501659DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DE9597A1-7040-4511-ABFD-94686A4389EE}" = protocol=6 | dir=out | app=system |
"{E8AD30B3-F666-4262-A7E0-C15D4A47BE6C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EFC9BB24-2FB9-4AA1-BB21-2127B1ACB860}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FA1C709D-03CA-4CB4-8CA2-37FF0CC674A2}" = protocol=1 | dir=out | [email protected],-28544 |
"{FD3D07E0-9AEE-4192-9F6D-09826EE449FA}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{1B342002-EEA8-49CD-BBF6-B34E075C9628}C:\users\shopaaron's.com\appdata\local\dvo\cook'n10app\cook'n.exe" = protocol=6 | dir=in | app=c:\users\shopaaron's.com\appdata\local\dvo\cook'n10app\cook'n.exe |
"TCP Query User{33596E93-51DA-465B-9E0F-6C9E1A0A14F1}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{3B835381-04E2-458B-802E-D6CC697F8E2C}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{3C735A12-92FA-4485-ACA6-3731711A9086}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{934633D3-B045-42DF-AB85-298B52DD2343}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{A2D12880-F1E0-4168-85A0-BD83E34F4569}C:\users\shopaaron's.com\appdata\local\dvo\cook'n10app\cook'n.exe" = protocol=17 | dir=in | app=c:\users\shopaaron's.com\appdata\local\dvo\cook'n10app\cook'n.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}" = HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}" = Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{550331CC-C34B-494F-BCDA-37CE4EF6E924}" = Garmin Communicator Plugin x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A02609EB-395E-4638-8DD7-30CE043014E5}" = ANT Drivers Installer x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"CCleaner" = CCleaner
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1)
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Shop for HP Supplies" = Shop for HP Supplies
"SP6" = Logitech SetPoint 6.30
"SynTPDeinstKey" = Dell Touchpad
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04F3038E-4120-44CC-B330-E05F737246A5}" = Roxio Update Manager
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{12A3AF78-CBB5-484B-AE87-927C4DE6B9A8}" = Garmin City Navigator North America NT 2011.10 Update
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{2376AAB2-F4D9-48D7-A42B-4E80B8967A8B}" = F4500
"{26A24AE4-039D-4CA4-87B4-2F03217071FF}" = Java 7 Update 71
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}" = QuickTime 7
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{55F7F5FE-EAEC-44F1-969F-D63CFDC0EBB8}" = Innova OBD PC-Link
"{560D64A9-BDFD-44B7-90D1-8FBBED7F4A19}" = Garmin Express
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59991D18-A988-45AB-B1BF-5ADE6E64CD3F}" = SnagIt 9
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D181996-F404-4639-9B95-15012541CB7C}" = Garmin Express Tray
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77D28FF5-242F-488A-8215-937D6A4D69E0}" = Adobe AIR
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{817c6bb8-ea2d-4e12-abbc-e33c3de43f64}" = Garmin Express
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{85498904-0748-45AA-9482-6DB8EA971B91}" = DJ_AIO_06_F4500_SW_MIN
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{970704F5-579F-4430-A6A8-B562561B4D3D}" = WinWay Resume Deluxe
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.09)
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D968FBF3-E4A6-4D82-981D-D7FF9B7BFC30}" = Elevated Installer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E68EADA6-63A4-F6D3-FE12-968B879F7AD6}" = Adobe Download Assistant
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Cisco Connect" = Cisco Connect
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cook'n" = Cook'n
"Dell Webcam Central" = Dell Webcam Central
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 5.0.44.623
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
"NAV" = Norton AntiVirus
"NST" = Norton Identity Safe
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PhatMan" = PhatNoise Music Manager
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11/2/2014 12:01:41 AM | Computer Name = DaddyosDellLaptop | Source = Windows Search Service | ID = 3058
Description =
 
Error - 11/2/2014 12:01:41 AM | Computer Name = DaddyosDellLaptop | Source = Windows Search Service | ID = 7010
Description =
 
Error - 11/2/2014 12:01:41 AM | Computer Name = DaddyosDellLaptop | Source = Windows Search Service | ID = 7042
Description =
 
Error - 11/2/2014 12:07:32 AM | Computer Name = DaddyosDellLaptop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.17344,
 time stamp: 0x4a5bc6b7  Faulting module name: MSHTML.dll, version: 11.0.9600.17344,
 time stamp: 0x541b8a22  Exception code: 0xc00000fd  Fault offset: 0x00091d1d  Faulting
 process id: 0x1ddc  Faulting application start time: 0x01cff6524f17ea11  Faulting application
 path: C:\Program Files\Internet Explorer\iexplore.exe  Faulting module path: C:\Windows\system32\MSHTML.dll
Report
 Id: c4474fcb-6245-11e4-bd71-0026b90d139a
 
Error - 11/2/2014 12:09:34 AM | Computer Name = DaddyosDellLaptop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.17344,
 time stamp: 0x4a5bc6b7  Faulting module name: ntdll.dll, version: 6.1.7601.18247,
 time stamp: 0x521ea8e7  Exception code: 0xc00000fd  Fault offset: 0x0002df0b  Faulting
 process id: 0x1a34  Faulting application start time: 0x01cff6522976fa1d  Faulting application
 path: C:\Program Files\Internet Explorer\iexplore.exe  Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report
 Id: 0cbbb5e3-6246-11e4-bd71-0026b90d139a
 
Error - 11/2/2014 1:16:27 AM | Computer Name = DaddyosDellLaptop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.17344,
 time stamp: 0x4a5bc6b7  Faulting module name: jscript9.dll, version: 11.0.9600.17344,
 time stamp: 0x541b85e6  Exception code: 0xc0000005  Fault offset: 0x00127417  Faulting
 process id: 0x1ea4  Faulting application start time: 0x01cff65ba295ddbe  Faulting application
 path: C:\Program Files\Internet Explorer\iexplore.exe  Faulting module path: C:\Windows\SysWOW64\jscript9.dll
Report
 Id: 6533017e-624f-11e4-bd71-0026b90d139a
 
Error - 11/2/2014 2:40:06 AM | Computer Name = DaddyosDellLaptop | Source = Google Update | ID = 20
Description =
 
Error - 11/2/2014 3:12:39 AM | Computer Name = DaddyosDellLaptop | Source = Google Update | ID = 20
Description =
 
Error - 11/2/2014 12:25:05 PM | Computer Name = DaddyosDellLaptop | Source = Google Update | ID = 20
Description =
 
Error - 11/2/2014 12:43:29 PM | Computer Name = DaddyosDellLaptop | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
 when process Performance extension counter provider. The BaseIndex value from the
 Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
 the Data section.
 
Error - 11/2/2014 12:43:29 PM | Computer Name = DaddyosDellLaptop | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
 failed. The first DWORD in the Data section contains the error code.
 
Error - 11/2/2014 1:09:17 PM | Computer Name = DaddyosDellLaptop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 11.0.9600.17344,
 time stamp: 0x4a5bc6b7  Faulting module name: MSHTML.dll, version: 11.0.9600.17344,
 time stamp: 0x541b8a22  Exception code: 0xc0000005  Fault offset: 0x004a5803  Faulting
 process id: 0x195c  Faulting application start time: 0x01cff6bf14fb264a  Faulting application
 path: C:\Program Files\Internet Explorer\iexplore.exe  Faulting module path: C:\Windows\system32\MSHTML.dll
Report
 Id: fa1a7431-62b2-11e4-b2a8-0026b90d139a
 
[ Broadcom Wireless LAN Events ]
Error - 10/21/2014 11:38:57 AM | Computer Name = DaddyosDellLaptop | Source = WLAN-Tray | ID = 0
Description = 08:38:57, Tue, Oct 21, 14 Error - Unable to decode string, error 87

 
Error - 10/29/2014 11:52:23 PM | Computer Name = DaddyosDellLaptop | Source = WLAN-Tray | ID = 0
Description = 20:52:23, Wed, Oct 29, 14 Error - Unable to gain access to user store

 
[ Dell Events ]
Error - 9/25/2010 1:22:30 PM | Computer Name = DaddyosDellLaptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 9/25/2010 1:22:30 PM | Computer Name = DaddyosDellLaptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 3/5/2011 8:31:04 PM | Computer Name = DaddyosDellLaptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 3/5/2011 8:31:04 PM | Computer Name = DaddyosDellLaptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 7/4/2011 3:20:59 PM | Computer Name = DaddyosDellLaptop | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
[ Media Center Events ]
Error - 9/9/2010 1:07:57 AM | Computer Name = DaddyosDellLaptop | Source = MCUpdate | ID = 0
Description = 10:07:57 PM - Error connecting to the internet.  10:07:57 PM -     Unable
 to contact server.. 
 
Error - 9/9/2010 1:08:03 AM | Computer Name = DaddyosDellLaptop | Source = MCUpdate | ID = 0
Description = 10:08:02 PM - Error connecting to the internet.  10:08:02 PM -     Unable
 to contact server.. 
 
Error - 9/9/2010 2:08:08 AM | Computer Name = DaddyosDellLaptop | Source = MCUpdate | ID = 0
Description = 11:08:08 PM - Error connecting to the internet.  11:08:08 PM -     Unable
 to contact server.. 
 
Error - 9/9/2010 2:08:14 AM | Computer Name = DaddyosDellLaptop | Source = MCUpdate | ID = 0
Description = 11:08:13 PM - Error connecting to the internet.  11:08:13 PM -     Unable
 to contact server.. 
 
Error - 9/9/2010 11:02:32 AM | Computer Name = DaddyosDellLaptop | Source = MCUpdate | ID = 0
Description = 8:02:32 AM - Error connecting to the internet.  8:02:32 AM -     Unable
 to contact server.. 
 
Error - 9/9/2010 11:02:38 AM | Computer Name = DaddyosDellLaptop | Source = MCUpdate | ID = 0
Description = 8:02:37 AM - Error connecting to the internet.  8:02:37 AM -     Unable
 to contact server.. 
 
Error - 10/2/2010 6:58:42 AM | Computer Name = DaddyosDellLaptop | Source = MCUpdate | ID = 0
Description = 3:58:40 AM - Error connecting to the internet.  3:58:40 AM -     Unable
 to contact server.. 
 
Error - 3/19/2014 6:31:41 PM | Computer Name = DaddyosDellLaptop | Source = MCUpdate | ID = 0
Description = 3:31:31 PM - Error connecting to the internet.  3:31:31 PM -     Unable
 to contact server.. 
 
Error - 4/23/2014 7:29:27 PM | Computer Name = DaddyosDellLaptop | Source = MCUpdate | ID = 0
Description = 4:29:27 PM - Error connecting to the internet.  4:29:27 PM -     Unable
 to contact server.. 
 
Error - 4/23/2014 7:30:14 PM | Computer Name = DaddyosDellLaptop | Source = MCUpdate | ID = 0
Description = 4:29:32 PM - Error connecting to the internet.  4:29:32 PM -     Unable
 to contact server.. 
 
[ System Events ]
Error - 11/2/2014 12:35:47 PM | Computer Name = DaddyosDellLaptop | Source = Service Control Manager | ID = 7001
Description = The MBAMService service depends on the MBAMProtector service which
 failed to start because of the following error:   %%2
 
Error - 11/2/2014 12:36:41 PM | Computer Name = DaddyosDellLaptop | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.
 
Error - 11/2/2014 12:43:56 PM | Computer Name = DaddyosDellLaptop | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 11/2/2014 12:43:57 PM | Computer Name = DaddyosDellLaptop | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 11/2/2014 12:43:57 PM | Computer Name = DaddyosDellLaptop | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 11/2/2014 1:26:16 PM | Computer Name = DaddyosDellLaptop | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 11/2/2014 1:26:18 PM | Computer Name = DaddyosDellLaptop | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 11/2/2014 2:28:58 PM | Computer Name = DaddyosDellLaptop | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 11/2/2014 2:29:04 PM | Computer Name = DaddyosDellLaptop | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
Error - 11/2/2014 2:29:04 PM | Computer Name = DaddyosDellLaptop | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = There was an error while attempting to read the local hosts file.
 
 
< End of report >


  • 0

#3
Valinorum
Posted 05 November 2014 - 10:26 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Hi Kooldaddyo, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction, stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
 
  • Step #1 Scan with Farbar Recovery Scan Tool
    • Please download Farbar Recovery Scan Tool by Farbar to your Desktop from the link below.
      Download link for 32 bit system
      Download link for 64 bit system
    • Right-click on the program and choose Run as administrator;
    • Put tick-mark on all boxes under Whitelist and Optional Scan;
    • Click on Scan;
    • After the scan two notepad files will be opened --
      • FRST.txt;
      • Addition.txt
    • Copy and Paste the contents of the logs in your next reply.
 
  • Required Log(s):
    • FRST.txt
    • Addition.txt
Regards,
Valinorum
  • 0

#4
Kooldaddyo
Posted 05 November 2014 - 11:48 AM

Kooldaddyo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by ShopAaron's.com (administrator) on DADDYOSDELLLAPT on 05-11-2014 09:40:11
Running from C:\Users\ShopAaron's.com\Desktop
Loaded Profile: ShopAaron's.com (Available profiles: ShopAaron's.com & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
(Facebook Inc.) C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Innova Electronics Corp.) C:\Program Files (x86)\Innova OBD PC-Link\Innova.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1812776 2009-06-25] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-28] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1612880 2010-01-27] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [494064 2009-06-18] ()
HKLM-x32\...\Run: [DellSupportCenter] => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-06] (Dell)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2011-08-01] (Softthinks)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe [210208 2008-09-26] (Acresso Corporation)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [HLBackupScheduler] => C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [Facebook Update] => C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [Innova OBD PC-Link] => C:\Program Files (x86)\Innova OBD PC-Link\Innova.exe [75776 2012-10-29] (Innova Electronics Corp.)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {13636d6a-d691-11e0-ba0e-806e6f6e6963} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {5a26b33d-c8c8-11df-9311-0026b90d139a} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {b062c009-8f30-11e2-b807-0026b90d139a} - E:\VZW_Software_upgrade_assistant_installer.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {fb83b260-0f93-11e0-9087-0026b90d139a} - E:\setup.exe -a
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ShopAaron's.com\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\ShopAaron's.com\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.protopage...itled/Bookmarks
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://a-1counterto...1countertops/go
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {36D61774-4A8F-4570-8C0F-E748663E87F1} URL = https://www.google.c...?q={searchTerms}
SearchScopes: HKCU - {36D61774-4A8F-4570-8C0F-E748663E87F1} URL = https://www.google.c...?q={searchTerms}
SearchScopes: HKCU - {6F78BEF4-F7F7-4D74-AD6A-B8F2E5CD49F5} URL =
SearchScopes: HKCU - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu....&q={SearchTerms}
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll (TechSmith Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
DPF: HKLM-x32 {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.youplay.c...ploader_v10.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 24.113.32.29 24.113.32.30 66.235.59.7

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ShopAaron's.com\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ShopAaron's.com\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn [2014-11-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-29]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.4.0.13\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.4.0.13\IPSFF [2014-08-13]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-06]
CHR Extension: (Google Docs) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-06]
CHR Extension: (Google Drive) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-06]
CHR Extension: (Google Search) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-06]
CHR Extension: (Google Sheets) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-06]
CHR Extension: (Norton Identity Safe) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-09-06]
CHR Extension: (Skype Click to Call) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-06]
CHR Extension: (Google Wallet) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-06]
CHR Extension: (Norton Security Toolbar) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-09-06]
CHR Extension: (Gmail) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [2014-08-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-30] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-28] (IDT, Inc.)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16512 2003-06-10] (Adaptec) [File not signed]
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\BASHDefs\20141024.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-23] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\IPSDefs\20141104.001\IDSvia64.sys [633560 2014-08-27] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141104.035\ENG64.SYS [129752 2014-09-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141104.035\EX64.SYS [2137304 2014-09-23] (Symantec Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-10-29] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-08-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\aspi32.sys 54AB078660E536DA72B21A27F56B035B
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\drivers\BCM42RLY.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\BASHDefs\20141024.001\BHDrvx64.sys D90F5136CB6512B2B9A855C94F79B0B5
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CtClsFlt.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 41AC348DBD378F618CB4FDEE54270692
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 03E1B8BA59327D186C7C533A6998FEF9
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 142EA7DF1851C563571F2DCFC7AFBB40
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\drivers\grmnusb.sys B9893A68032A6D9ADDB5B98287C630F7
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\IPSDefs\20141104.001\IDSvia64.sys 77AC93E28B5F4DCE317EFA695E3F59E3
C:\Windows\System32\DRIVERS\igdkmd64.sys C6238C6ABD6AC99F5D152DA4E9439A3D
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\IntcHdmi.sys D485D3BD3E2179AA86853A182F70699F
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\k57nd60a.sys 7DBAFE10C1B777305C80BEA42FBDA710
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LEqdUsb.Sys ABFD2B5726F4CCE49297AE48806CC594
C:\Windows\System32\DRIVERS\LHidEqd.Sys 933F69CF9ACD2498693BFCD7ED68E8D4
C:\Windows\System32\DRIVERS\LHidFilt.Sys 1074C77A47835E03C15BF92452F9A750
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LMouFilt.Sys 96999C364C649E2866A268F7420A304A
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\Drivers\LUsbFilt.Sys 51B20B742C9E35ADE40B840F6F4F5EE2
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141104.035\ENG64.SYS C180A82874D3CDC390A27F2F1E1AF025
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141104.035\EX64.SYS E66CA6C321614D7BC0AFC9C8436131B9
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys 07D57B890DD5693A6AB660CBAE8F91B4
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rimmpx64.sys 6FAF5B04BEDC66D300D9D233B2D222F0
C:\Windows\System32\DRIVERS\rimspx64.sys 67F50C31713106FD1B0F286F86AA2B2E
C:\Windows\System32\DRIVERS\rixdpx64.sys 4D7EF3D46346EC4C58784DB964B365DE
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS E163E10191958FF6A2B0B48353F9E9FD
C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS 68E7B6708B9EEE021301C483825D05EA
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys B4C983DA20E2970E21893BF0E4EE2AD8
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys ==> MD5 is legit
C:\Windows\system32\drivers\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS 5C9EE2303CA7F267665D75237862B39C
C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS 9F31630D7FC2DD9D5DA1CE359AAD1F46
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 97E11C50CE52277B377396EA8838E539
C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS 2C95265BE19F338E1C1090E4E91055BB
C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS 5570A74FF9B1EFBC5154DD1E2F05C517
C:\Windows\System32\DRIVERS\SynTP.sys 1657B7442D5CE30533F5C4317716B468
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wimfltr.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 09:40 - 2014-11-05 09:42 - 00046308 _____ () C:\Users\ShopAaron's.com\Desktop\FRST.txt
2014-11-05 09:39 - 2014-11-05 09:39 - 02114560 _____ (Farbar) C:\Users\ShopAaron's.com\Desktop\FRST64.exe
2014-11-05 09:16 - 2014-11-05 09:40 - 00000000 ____D () C:\FRST
2014-11-05 08:30 - 2014-11-05 08:30 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{CEE26C83-414A-42F1-A5A8-1E2FB3844C83}
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00031874.tmp
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00029358.tmp
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00011478.tmp
2014-11-05 08:19 - 2014-11-05 08:19 - 40034920 ____T () C:\Windows\SysWOW64\00019149.tmp
2014-11-04 22:08 - 2014-11-04 22:08 - 00000372 _____ () C:\Windows\PFRO.log
2014-11-04 22:04 - 2014-11-04 22:04 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-04 22:04 - 2014-11-04 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-04 22:03 - 2014-11-04 22:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-04 22:03 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-04 22:03 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-04 22:03 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-04 20:42 - 2014-11-04 20:42 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{C12A7810-1422-4B6D-A3B5-D257554F8A23}
2014-11-04 08:41 - 2014-11-04 08:41 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{8220E56F-A94E-455A-9957-5E055A4C1611}
2014-11-03 14:45 - 2014-11-03 14:45 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{04D5B938-3154-4F93-BC34-9263C57067C8}
2014-11-02 11:28 - 2014-11-03 18:48 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Powelik fix
2014-11-02 11:08 - 2014-11-02 11:08 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{6750CD16-6985-47EB-B4BE-6A53CF1850A4}
2014-11-02 09:18 - 2014-11-02 09:19 - 00602112 _____ (OldTimer Tools) C:\Users\ShopAaron's.com\Desktop\OTL.exe
2014-11-01 20:01 - 2014-11-05 09:32 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-01 20:00 - 2014-11-05 09:32 - 00000672 _____ () C:\Windows\setupact.log
2014-11-01 20:00 - 2014-11-01 20:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-01 19:56 - 2014-11-01 19:56 - 00000000 __SHD () C:\found.000
2014-11-01 14:09 - 2014-11-05 09:40 - 00128004 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 14:07 - 2014-11-01 14:07 - 00000020 ___SH () C:\Users\ShopAaron's.com\ntuser.ini
2014-11-01 14:05 - 2014-11-01 14:05 - 00454864 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-01 10:40 - 2014-11-01 10:40 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{77E199D4-3AA4-4861-9951-3542B5591810}
2014-11-01 09:37 - 2014-11-01 09:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-01 08:34 - 2014-11-01 08:34 - 00000000 ____D () C:\NPE
2014-10-31 12:28 - 2014-10-31 12:29 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\80 AR complete lower
2014-10-31 12:21 - 2014-10-31 12:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{BB6CBEB2-EA11-4F6A-A743-455B73473730}
2014-10-30 19:21 - 2014-10-30 19:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{954506BF-F8BD-4E94-88B1-B05C9BD46F71}
2014-10-30 07:20 - 2014-10-30 07:20 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{52E2DB3B-F8B1-40EE-B72A-FC9A72D72ED5}
2014-10-29 21:21 - 2014-10-30 06:42 - 00000000 ____D () C:\Program Files (x86)\PCPitstop
2014-10-29 21:21 - 2014-10-29 23:21 - 00000000 ____D () C:\ProgramData\PCPitstop
2014-10-29 19:19 - 2014-10-29 19:20 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{78B80EB4-EA19-4787-8315-359BD91308F0}
2014-10-29 18:55 - 2014-11-04 17:13 - 00000212 _____ () C:\Users\ShopAaron's.com\BullseyeCoverageError.txt
2014-10-29 07:26 - 2014-10-29 07:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-29 07:25 - 2014-10-29 07:26 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-29 07:25 - 2014-10-29 07:25 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-29 07:19 - 2014-10-29 07:19 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{F11CE967-BE27-4352-9F17-A72E3BE702D7}
2014-10-28 18:56 - 2014-10-28 18:57 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{4651A027-ED76-4D9D-9E63-338BDACD41D7}
2014-10-28 06:55 - 2014-10-28 06:55 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{0D375BA4-62E1-4AC1-BF84-B01A3DF8857D}
2014-10-27 15:07 - 2014-10-27 15:56 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Paizlee Teddy Bear
2014-10-27 14:04 - 2014-10-27 14:04 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Boxers
2014-10-27 09:10 - 2014-10-27 09:10 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{00EB3F02-C5ED-4EB8-BFE2-D1CB809B5A29}
2014-10-27 09:08 - 2014-10-27 09:23 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Apple Health
2014-10-26 21:09 - 2014-10-26 21:09 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{BE7287FF-B109-4ED2-BFA5-D729F0F0139B}
2014-10-26 06:56 - 2014-10-26 06:56 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{F95BFDFA-1A3B-4C81-8629-722F05A27A1E}
2014-10-25 09:16 - 2014-10-25 09:17 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{BF381502-AAF7-43E1-8FD2-A374017CDB06}
2014-10-24 21:15 - 2014-10-24 21:16 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{B24905E0-A208-4DC2-A37F-644759C7F038}
2014-10-24 09:14 - 2014-10-24 09:14 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{2ACF9690-6071-4324-88BB-B803EEA7A6E4}
2014-10-23 19:26 - 2014-10-23 19:27 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{9F6B5478-1F58-41FC-920A-1EFF749747AC}
2014-10-23 07:26 - 2014-10-23 07:26 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{1E4600A4-3632-42CB-AEA5-DBA500BC07CD}
2014-10-22 19:25 - 2014-10-22 19:25 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{415E4BB1-8505-40F8-BEF6-3052F98BF137}
2014-10-22 07:25 - 2014-10-22 07:25 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{31EBA05D-8CEA-4023-AA20-5E84DB84B0F0}
2014-10-21 10:13 - 2014-10-21 10:13 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{CF4C9A5F-7858-48E1-B713-1C834A53B398}
2014-10-21 09:49 - 2014-10-21 09:49 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-10-21 09:48 - 2014-10-21 09:48 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Roaming\AVS4YOU
2014-10-21 09:45 - 2014-10-21 09:57 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-10-21 09:22 - 2014-10-21 09:23 - 163099288 _____ () C:\Users\ShopAaron's.com\Desktop\Sophia eagerly sucks Daddys cum.mp4
2014-10-20 19:29 - 2014-10-20 19:29 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{BCF74012-7B58-4955-986A-04BF33180B69}
2014-10-20 07:28 - 2014-10-20 07:28 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{D617C5D6-28B9-43A4-8ACD-52C675818F4A}
2014-10-20 07:20 - 2014-10-20 07:20 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{4E6F06BF-5741-4DF4-9E45-8ED3B2BFF04D}
2014-10-19 09:02 - 2014-10-19 09:02 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{D70D9061-938B-459C-BB32-CC003203672D}
2014-10-18 17:57 - 2014-10-18 17:58 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{2ADAFAD2-BEF9-4C0A-9DD5-976A7DA433DA}
2014-10-17 20:46 - 2014-10-17 20:46 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{E01AEBF4-0922-46C5-A8A3-0D22AFCD2524}
2014-10-17 19:37 - 2014-10-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-17 08:22 - 2014-10-17 08:22 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{0E99A6B5-12DB-402F-BA1D-73A6204BE38F}
2014-10-16 20:21 - 2014-10-16 20:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{331E9A07-CA23-4FE7-8284-43787F74B172}
2014-10-16 08:22 - 2014-10-28 21:07 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Blazer
2014-10-16 08:21 - 2014-10-16 08:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{4EDB560E-B342-41B1-A5B0-C3FB0B3E6E55}
2014-10-16 07:07 - 2014-10-09 18:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 07:07 - 2014-10-09 18:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 07:07 - 2014-10-09 18:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 07:07 - 2014-10-06 18:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 07:07 - 2014-10-06 18:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 07:07 - 2014-09-28 16:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 07:07 - 2014-09-25 14:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 07:07 - 2014-09-25 14:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 07:07 - 2014-09-25 14:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 07:07 - 2014-09-25 14:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 07:07 - 2014-09-25 14:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 07:07 - 2014-09-25 14:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 07:07 - 2014-09-25 14:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 07:07 - 2014-09-18 18:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 07:07 - 2014-09-18 17:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 07:07 - 2014-09-18 17:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 07:07 - 2014-09-18 17:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 07:07 - 2014-09-18 17:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 07:07 - 2014-09-18 17:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 07:07 - 2014-09-18 17:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 07:07 - 2014-09-18 17:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 07:07 - 2014-09-18 17:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 07:07 - 2014-09-18 17:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 07:07 - 2014-09-18 17:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 07:07 - 2014-09-18 17:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 07:07 - 2014-09-18 17:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 07:07 - 2014-09-18 17:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 07:07 - 2014-09-18 17:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 07:07 - 2014-09-18 17:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 07:07 - 2014-09-18 17:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 07:07 - 2014-09-18 17:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 07:07 - 2014-09-18 17:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 07:07 - 2014-09-18 17:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 07:07 - 2014-09-18 17:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 07:07 - 2014-09-18 17:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 07:07 - 2014-09-18 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 07:07 - 2014-09-18 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 07:07 - 2014-09-18 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 07:07 - 2014-09-18 17:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 07:07 - 2014-09-18 16:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 07:07 - 2014-09-18 16:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 07:07 - 2014-09-18 16:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 07:07 - 2014-09-18 16:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 07:07 - 2014-09-18 16:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 07:07 - 2014-09-18 16:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 07:07 - 2014-09-18 16:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 07:07 - 2014-09-18 16:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 07:07 - 2014-09-18 16:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 07:07 - 2014-09-18 16:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 07:07 - 2014-09-18 16:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 07:07 - 2014-09-18 16:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 07:07 - 2014-09-18 16:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 07:07 - 2014-09-18 16:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 07:07 - 2014-09-18 16:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 07:07 - 2014-09-18 16:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 07:07 - 2014-09-18 16:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 07:07 - 2014-09-18 15:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 07:07 - 2014-09-18 15:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 07:07 - 2014-09-18 15:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 07:07 - 2014-09-18 15:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 07:06 - 2014-09-17 18:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 07:06 - 2014-09-17 17:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 07:06 - 2014-09-12 17:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 07:06 - 2014-09-12 17:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 07:06 - 2014-09-04 18:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 07:06 - 2014-09-04 17:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 07:06 - 2014-09-03 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 07:06 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 07:06 - 2014-08-28 18:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 07:06 - 2014-07-16 18:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 07:06 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 07:06 - 2014-07-16 17:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 07:06 - 2014-07-16 17:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 07:06 - 2014-07-16 17:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 07:06 - 2014-07-16 17:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 19:40 - 2014-10-15 19:40 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{18ADC825-D57B-441D-94D8-1FB0631B4414}
2014-10-15 07:40 - 2014-10-15 07:40 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{004422EF-8392-4389-85FE-53C5D794C277}
2014-10-14 19:39 - 2014-10-14 19:40 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{8003382B-C5AA-479B-A6C0-B958806EFE23}
2014-10-14 07:38 - 2014-10-14 07:39 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{3AC36D25-6344-491A-91F8-7E3E0BC7A63D}
2014-10-13 19:37 - 2014-10-13 19:38 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{23EBD968-35BB-4F44-BF5C-E6EC4D6112F0}
2014-10-13 07:37 - 2014-10-13 07:37 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{DCE57CE0-FF95-4430-BCD7-CF8BE8360770}
2014-10-12 19:37 - 2014-10-12 19:37 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{D29EE577-0F6D-4DCE-8AFF-95D7FBFCBF5E}
2014-10-12 07:36 - 2014-10-12 07:36 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{21C578CB-3DA4-45EE-B6DA-DBB20F0BBEBD}
2014-10-11 19:07 - 2014-10-11 19:07 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{6B50CB7A-A245-44BC-A2AB-D867B76F85FD}
2014-10-11 07:06 - 2014-10-11 07:06 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{AD89C207-989D-4D41-8F00-8263CF0149FA}
2014-10-11 06:55 - 2014-10-11 06:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-10 09:21 - 2014-10-10 09:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{0D75AA09-C25A-46F6-8365-2CDB47481D6A}
2014-10-09 20:03 - 2014-10-09 20:03 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{2841FF9F-330C-47F4-A221-FD96C0084E25}
2014-10-09 08:02 - 2014-10-09 08:02 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{21E47258-3FE8-4CF9-8C93-59DFDB92EA70}
2014-10-08 18:21 - 2014-10-08 18:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{82D691EF-B1D7-46BF-9657-669D9330BCFB}
2014-10-08 06:21 - 2014-10-08 06:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{2B62EE3C-E8E2-44EF-887D-BB1C7BDB1899}
2014-10-07 12:08 - 2014-10-07 12:08 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{588767D5-048E-495E-A1D1-0123803CA6A5}
2014-10-06 20:31 - 2014-10-06 20:32 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{E41B9892-CCAF-47C2-95AB-0D342EB7EF79}
2014-10-06 07:38 - 2014-10-06 07:38 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{CF682702-509F-4E06-A65C-29192EA7DEC2}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 09:33 - 2010-04-03 13:50 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\SoftThinks
2014-11-05 09:33 - 2009-11-06 07:59 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-11-05 09:33 - 2009-11-06 07:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-11-05 09:33 - 2009-11-06 07:37 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-11-05 07:52 - 2009-07-13 20:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-05 07:52 - 2009-07-13 20:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 21:28 - 2010-07-24 08:24 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\CrashDumps
2014-11-04 08:33 - 2009-07-13 21:13 - 00006210 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-03 19:33 - 2014-05-31 17:24 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Resume
2014-11-01 14:07 - 2010-04-03 13:50 - 00000000 ____D () C:\Users\ShopAaron's.com
2014-11-01 13:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-01 13:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-11-01 09:17 - 2011-11-27 14:54 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\NPE
2014-10-30 21:28 - 2010-11-19 18:38 - 00001019 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-30 21:28 - 2010-04-04 06:20 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-10-28 06:47 - 2009-07-13 21:08 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-24 09:56 - 2014-10-04 07:36 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Gun funnies
2014-10-23 13:02 - 2010-10-20 17:32 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\Windows Live
2014-10-21 09:48 - 2010-04-03 13:50 - 00098912 _____ () C:\Users\ShopAaron's.com\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-17 19:38 - 2013-10-15 19:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 19:37 - 2009-11-06 07:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-16 13:42 - 2014-04-29 17:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 12:19 - 2012-04-28 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 12:05 - 2013-08-13 20:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 11:58 - 2010-04-04 06:17 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 10:10 - 2014-08-28 16:36 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\A-1 Countertops
2014-10-16 06:58 - 2014-07-30 13:26 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\My Hand guns
2014-10-15 20:13 - 2010-04-06 21:39 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\Adobe
2014-10-13 17:42 - 2014-10-04 14:42 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Remington 870 Magnum Express 12 ga
2014-10-11 06:55 - 2009-11-06 07:33 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-11 06:55 - 2009-11-06 07:33 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-08 06:43 - 2011-05-11 19:30 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update

Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\spp_setpointp.exe
C:\Users\ShopAaron's.com\AppData\Local\Temp\BullseyeCoverage-2-x86.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
description             Windows Boot Manager
locale                  en-us
inherit                 {globalsettings}
default                 {current}
resumeobject            {5b319acf-caf6-11de-9847-0026b90d139a}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-us
inherit                 {bootloadersettings}
recoverysequence        {5b319ad1-caf6-11de-9847-0026b90d139a}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {5b319acf-caf6-11de-9847-0026b90d139a}
nx                      OptIn
bootlog                 Yes

Windows Boot Loader
-------------------
identifier              {5b319ad1-caf6-11de-9847-0026b90d139a}
device                  ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5b319ad2-caf6-11de-9847-0026b90d139a}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5b319ad2-caf6-11de-9847-0026b90d139a}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {5b319acf-caf6-11de-9847-0026b90d139a}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {5b319ad2-caf6-11de-9847-0026b90d139a}
description             Ramdisk Options
ramdisksdidevice        partition=\Device\HarddiskVolume2
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

 

LastRegBack: 2014-10-29 13:16

==================== End Of Log ============================


  • 0

#5
Kooldaddyo
Posted 05 November 2014 - 11:50 AM

Kooldaddyo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014
Ran by ShopAaron's.com at 2014-11-05 09:42:51
Running from C:\Users\ShopAaron's.com\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11069.2 - Cisco Consumer Products LLC)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cook'n (HKLM-x32\...\Cook'n) (Version:  - )
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.51 - Dell)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.2 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Elevated Installer (x32 Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
F4500 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free 3GP Video Converter version 5.0.44.623 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version: 5.0.44.623 - DVDVideoSoft Ltd.)
Garmin City Navigator North America NT 2011.10 Update (HKLM-x32\...\{12A3AF78-CBB5-484B-AE87-927C4DE6B9A8}) (Version: 14.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{817c6bb8-ea2d-4e12-abbc-e33c3de43f64}) (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{D17111CB-C992-42A9-9D56-C19395102AAA}) (Version: 2.4.2 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Innova OBD PC-Link (HKLM-x32\...\{55F7F5FE-EAEC-44F1-969F-D63CFDC0EBB8}) (Version: 2.2.7 - Innova Electronics)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Logitech SetPoint 6.30 (HKLM\...\SP6) (Version: 6.30.43 - Logitech)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.6.15 - Symantec Corporation)
PhatNoise Music Manager (HKLM-x32\...\PhatMan) (Version:  - )
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.0 - Roxio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SnagIt 9 (HKLM-x32\...\{59991D18-A988-45AB-B1BF-5ADE6E64CD3F}) (Version: 9.0.0 - TechSmith Corporation)
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.6.1 - )
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinWay Resume Deluxe (HKLM-x32\...\{970704F5-579F-4430-A6A8-B562561B4D3D}) (Version: 14.00.013 - WinWay Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-146968359-3179086206-2102039461-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?

==================== Restore Points  =========================

18-10-2014 03:35:47 Installed Java 7 Update 71
25-10-2014 07:00:05 Scheduled Checkpoint
01-11-2014 21:16:51 Restore Operation

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2096ECD3-68C4-4F5B-813D-D798590D401B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-146968359-3179086206-2102039461-1000UA => C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {267D8CB3-6B20-47AB-A995-1889E9F6094C} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2D9A795C-44A5-4811-9603-4CCB1531DB9E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {35BE86D4-4ED1-46D6-8FB5-1BE8A7A01179} - System32\Tasks\{9606C181-BE39-4934-8E98-2F672B2F98E8} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {538F44C3-B922-4358-BFD4-B16F1A8AC1FE} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-07-23] ()
Task: {5BF3A577-DE00-450B-B49D-8F291FCA07D6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-146968359-3179086206-2102039461-1000Core => C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {6818E708-978E-4020-8F81-8FEC9FA76292} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-20] (Symantec Corporation)
Task: {872ECE89-8BE2-4032-A7DF-FFB6B291E2DA} - System32\Tasks\5069 => Wscript.exe C:\Users\SHOPAA~1.COM\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {9933BB77-8A80-4F4C-9CF3-C65DCD992B1A} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {9F5E9154-8CE3-4271-90E6-79EF6ADA50E2} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A88D517E-B0AA-4F72-9D51-CC1E1279AA65} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AE1D91D5-3D0B-4518-9168-1CF13F23D379} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {B2E3E917-29EE-4D7E-AE21-36CB6E3F2D85} - System32\Tasks\PCSpeedClean_Popup => C:\Program Files (x86)\PC Speed Clean\Splash.exe
Task: {C49085BC-699D-44AD-9C7F-7E0FCA3E3321} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {C82D7D26-D3F2-4A6F-A3D3-106EAB480716} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {D3D17F84-4897-4794-8E35-5542695E0881} - System32\Tasks\PCSpeedClean_Start => C:\Program Files (x86)\PC Speed Clean\PCSpeedClean.exe
Task: {E498108B-916E-4FE2-AFA4-1648DCC28B20} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {EC4D98C4-8F3E-4F96-9066-8D9CA1163715} - System32\Tasks\DHR32XK1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-16] (Dell Inc.)
Task: {F17F1EA8-78FD-44E5-ABDC-C111E2015A9B} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)

==================== Loaded Modules (whitelisted) =============

2009-11-06 07:30 - 2009-07-16 17:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2009-11-06 07:30 - 2009-07-16 17:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2009-11-06 07:38 - 2011-08-18 07:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-10-16 14:30 - 2014-10-16 14:30 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\1ee85489e15cf6d5c256721d357a27cd\VistaBridgeLibrary.ni.dll
2009-06-18 19:46 - 2009-06-18 19:46 - 00494064 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2009-06-18 19:46 - 2009-06-18 19:46 - 01554928 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
2009-06-18 19:46 - 2009-06-18 19:46 - 00584176 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\BBEngineAS.dll
2009-05-20 16:59 - 2009-05-20 16:59 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:03DBFDCF

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: PNAgent => "C:\Program Files (x86)\PhatNoise Music Manager\PNAgent.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-146968359-3179086206-2102039461-500 - Administrator - Disabled)
Guest (S-1-5-21-146968359-3179086206-2102039461-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-146968359-3179086206-2102039461-1004 - Limited - Enabled)
ShopAaron's.com (S-1-5-21-146968359-3179086206-2102039461-1000 - Administrator - Enabled) => C:\Users\ShopAaron's.com

==================== Faulty Device Manager Devices =============

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2014 09:42:38 AM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/05/2014 07:52:38 AM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/05/2014 07:45:15 AM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/05/2014 07:35:51 AM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/05/2014 01:25:22 AM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/04/2014 11:40:06 PM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/04/2014 09:28:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: jscript9.dll, version: 11.0.9600.17344, time stamp: 0x541b85e6
Exception code: 0xc0000005
Fault offset: 0x000d0797
Faulting process id: 0x37e4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/04/2014 09:07:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 26c8

Start Time: 01cff8b622c9ae55

Termination Time: 42

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (11/04/2014 09:05:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 246c

Start Time: 01cff8b60a2275de

Termination Time: 56

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (11/04/2014 08:40:05 PM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

System errors:
=============
Error: (11/05/2014 09:39:58 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/05/2014 09:39:58 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/05/2014 09:36:42 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/05/2014 09:36:42 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/05/2014 09:36:39 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/05/2014 09:36:37 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/05/2014 09:36:36 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/05/2014 09:36:36 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/05/2014 09:35:21 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (11/05/2014 09:33:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Microsoft Office Sessions:
=========================
Error: (11/05/2014 09:42:38 AM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/05/2014 07:52:38 AM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/05/2014 07:45:15 AM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/05/2014 07:35:51 AM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/05/2014 01:25:22 AM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/04/2014 11:40:06 PM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

Error: (11/04/2014 09:28:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7jscript9.dll11.0.9600.17344541b85e6c0000005000d079737e401cff8b80d05ec09C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll82732073-64ac-11e4-bd0d-0026b90d139a

Error: (11/04/2014 09:07:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1734426c801cff8b622c9ae5542C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (11/04/2014 09:05:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17344246c01cff8b60a2275de56C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (11/04/2014 08:40:05 PM) (Source: Google Update) (EventID: 20) (User: DADDYOSDELLLAPT)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook...maha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 52%
Total physical RAM: 3932.86 MB
Available physical RAM: 1857.78 MB
Total Pagefile: 7863.89 MB
Available Pagefile: 5547.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:141.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 117D34E4)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#6
Kooldaddyo
Posted 05 November 2014 - 12:05 PM

Kooldaddyo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-11-2014
Ran by ShopAaron's.com (administrator) on DADDYOSDELLLAPT on 05-11-2014 09:56:02
Running from C:\Users\ShopAaron's.com\Desktop
Loaded Profile: ShopAaron's.com (Available profiles: ShopAaron's.com & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
(Facebook Inc.) C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Innova Electronics Corp.) C:\Program Files (x86)\Innova OBD PC-Link\Innova.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1812776 2009-06-25] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-28] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1612880 2010-01-27] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [494064 2009-06-18] ()
HKLM-x32\...\Run: [DellSupportCenter] => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-06] (Dell)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2011-08-01] (Softthinks)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe [210208 2008-09-26] (Acresso Corporation)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [HLBackupScheduler] => C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [Facebook Update] => C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [Innova OBD PC-Link] => C:\Program Files (x86)\Innova OBD PC-Link\Innova.exe [75776 2012-10-29] (Innova Electronics Corp.)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {13636d6a-d691-11e0-ba0e-806e6f6e6963} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {5a26b33d-c8c8-11df-9311-0026b90d139a} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {b062c009-8f30-11e2-b807-0026b90d139a} - E:\VZW_Software_upgrade_assistant_installer.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {fb83b260-0f93-11e0-9087-0026b90d139a} - E:\setup.exe -a
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ShopAaron's.com\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\ShopAaron's.com\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.protopage...itled/Bookmarks
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://a-1counterto...1countertops/go
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {36D61774-4A8F-4570-8C0F-E748663E87F1} URL = https://www.google.c...?q={searchTerms}
SearchScopes: HKCU - {36D61774-4A8F-4570-8C0F-E748663E87F1} URL = https://www.google.c...?q={searchTerms}
SearchScopes: HKCU - {6F78BEF4-F7F7-4D74-AD6A-B8F2E5CD49F5} URL =
SearchScopes: HKCU - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = http://www.searchqu....&q={SearchTerms}
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll (TechSmith Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
DPF: HKLM-x32 {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.youplay.c...ploader_v10.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 24.113.32.29 24.113.32.30 66.235.59.7

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ShopAaron's.com\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ShopAaron's.com\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn [2014-11-05]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-29]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.4.0.13\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.4.0.13\IPSFF [2014-08-13]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-06]
CHR Extension: (Google Docs) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-06]
CHR Extension: (Google Drive) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-06]
CHR Extension: (Google Search) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-06]
CHR Extension: (Google Sheets) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-06]
CHR Extension: (Norton Identity Safe) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-09-06]
CHR Extension: (Skype Click to Call) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-06]
CHR Extension: (Google Wallet) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-06]
CHR Extension: (Norton Security Toolbar) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-09-06]
CHR Extension: (Gmail) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx [2014-08-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-30] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-28] (IDT, Inc.)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16512 2003-06-10] (Adaptec) [File not signed]
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\BASHDefs\20141024.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-23] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\IPSDefs\20141104.001\IDSvia64.sys [633560 2014-08-27] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141104.035\ENG64.SYS [129752 2014-09-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141104.035\EX64.SYS [2137304 2014-09-23] (Symantec Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-10-29] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-08-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\aspi32.sys 54AB078660E536DA72B21A27F56B035B
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\drivers\BCM42RLY.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\BASHDefs\20141024.001\BHDrvx64.sys D90F5136CB6512B2B9A855C94F79B0B5
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CtClsFlt.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 41AC348DBD378F618CB4FDEE54270692
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 03E1B8BA59327D186C7C533A6998FEF9
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 142EA7DF1851C563571F2DCFC7AFBB40
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\drivers\grmnusb.sys B9893A68032A6D9ADDB5B98287C630F7
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\IPSDefs\20141104.001\IDSvia64.sys 77AC93E28B5F4DCE317EFA695E3F59E3
C:\Windows\System32\DRIVERS\igdkmd64.sys C6238C6ABD6AC99F5D152DA4E9439A3D
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\IntcHdmi.sys D485D3BD3E2179AA86853A182F70699F
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\k57nd60a.sys 7DBAFE10C1B777305C80BEA42FBDA710
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LEqdUsb.Sys ABFD2B5726F4CCE49297AE48806CC594
C:\Windows\System32\DRIVERS\LHidEqd.Sys 933F69CF9ACD2498693BFCD7ED68E8D4
C:\Windows\System32\DRIVERS\LHidFilt.Sys 1074C77A47835E03C15BF92452F9A750
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LMouFilt.Sys 96999C364C649E2866A268F7420A304A
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\Drivers\LUsbFilt.Sys 51B20B742C9E35ADE40B840F6F4F5EE2
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141104.035\ENG64.SYS C180A82874D3CDC390A27F2F1E1AF025
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141104.035\EX64.SYS E66CA6C321614D7BC0AFC9C8436131B9
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys 07D57B890DD5693A6AB660CBAE8F91B4
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rimmpx64.sys 6FAF5B04BEDC66D300D9D233B2D222F0
C:\Windows\System32\DRIVERS\rimspx64.sys 67F50C31713106FD1B0F286F86AA2B2E
C:\Windows\System32\DRIVERS\rixdpx64.sys 4D7EF3D46346EC4C58784DB964B365DE
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS E163E10191958FF6A2B0B48353F9E9FD
C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS 68E7B6708B9EEE021301C483825D05EA
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys B4C983DA20E2970E21893BF0E4EE2AD8
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys ==> MD5 is legit
C:\Windows\system32\drivers\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS 5C9EE2303CA7F267665D75237862B39C
C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS 9F31630D7FC2DD9D5DA1CE359AAD1F46
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 97E11C50CE52277B377396EA8838E539
C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS 2C95265BE19F338E1C1090E4E91055BB
C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS 5570A74FF9B1EFBC5154DD1E2F05C517
C:\Windows\System32\DRIVERS\SynTP.sys 1657B7442D5CE30533F5C4317716B468
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wimfltr.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 09:45 - 2014-11-05 09:45 - 00109837 _____ () C:\Users\ShopAaron's.com\Desktop\Shortcut.txt
2014-11-05 09:42 - 2014-11-05 09:45 - 00044415 _____ () C:\Users\ShopAaron's.com\Desktop\Addition.txt
2014-11-05 09:40 - 2014-11-05 09:56 - 00046299 _____ () C:\Users\ShopAaron's.com\Desktop\FRST.txt
2014-11-05 09:39 - 2014-11-05 09:39 - 02114560 _____ (Farbar) C:\Users\ShopAaron's.com\Desktop\FRST64.exe
2014-11-05 09:16 - 2014-11-05 09:56 - 00000000 ____D () C:\FRST
2014-11-05 08:30 - 2014-11-05 08:30 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{CEE26C83-414A-42F1-A5A8-1E2FB3844C83}
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00031874.tmp
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00029358.tmp
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00011478.tmp
2014-11-05 08:19 - 2014-11-05 08:19 - 40034920 ____T () C:\Windows\SysWOW64\00019149.tmp
2014-11-04 22:08 - 2014-11-04 22:08 - 00000372 _____ () C:\Windows\PFRO.log
2014-11-04 22:04 - 2014-11-04 22:04 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-04 22:04 - 2014-11-04 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-04 22:03 - 2014-11-04 22:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-04 22:03 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-04 22:03 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-04 22:03 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-04 20:42 - 2014-11-04 20:42 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{C12A7810-1422-4B6D-A3B5-D257554F8A23}
2014-11-04 08:41 - 2014-11-04 08:41 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{8220E56F-A94E-455A-9957-5E055A4C1611}
2014-11-03 14:45 - 2014-11-03 14:45 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{04D5B938-3154-4F93-BC34-9263C57067C8}
2014-11-02 11:28 - 2014-11-03 18:48 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Powelik fix
2014-11-02 11:08 - 2014-11-02 11:08 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{6750CD16-6985-47EB-B4BE-6A53CF1850A4}
2014-11-02 09:18 - 2014-11-02 09:19 - 00602112 _____ (OldTimer Tools) C:\Users\ShopAaron's.com\Desktop\OTL.exe
2014-11-01 20:01 - 2014-11-05 09:32 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-01 20:00 - 2014-11-05 09:32 - 00000672 _____ () C:\Windows\setupact.log
2014-11-01 20:00 - 2014-11-01 20:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-01 19:56 - 2014-11-01 19:56 - 00000000 __SHD () C:\found.000
2014-11-01 14:09 - 2014-11-05 09:56 - 00128372 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 14:07 - 2014-11-01 14:07 - 00000020 ___SH () C:\Users\ShopAaron's.com\ntuser.ini
2014-11-01 14:05 - 2014-11-01 14:05 - 00454864 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-01 10:40 - 2014-11-01 10:40 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{77E199D4-3AA4-4861-9951-3542B5591810}
2014-11-01 09:37 - 2014-11-01 09:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-01 08:34 - 2014-11-01 08:34 - 00000000 ____D () C:\NPE
2014-10-31 12:28 - 2014-10-31 12:29 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\80 AR complete lower
2014-10-31 12:21 - 2014-10-31 12:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{BB6CBEB2-EA11-4F6A-A743-455B73473730}
2014-10-30 19:21 - 2014-10-30 19:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{954506BF-F8BD-4E94-88B1-B05C9BD46F71}
2014-10-30 07:20 - 2014-10-30 07:20 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{52E2DB3B-F8B1-40EE-B72A-FC9A72D72ED5}
2014-10-29 21:21 - 2014-10-30 06:42 - 00000000 ____D () C:\Program Files (x86)\PCPitstop
2014-10-29 21:21 - 2014-10-29 23:21 - 00000000 ____D () C:\ProgramData\PCPitstop
2014-10-29 19:19 - 2014-10-29 19:20 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{78B80EB4-EA19-4787-8315-359BD91308F0}
2014-10-29 18:55 - 2014-11-04 17:13 - 00000212 _____ () C:\Users\ShopAaron's.com\BullseyeCoverageError.txt
2014-10-29 07:26 - 2014-10-29 07:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-29 07:25 - 2014-10-29 07:26 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-29 07:25 - 2014-10-29 07:25 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-29 07:19 - 2014-10-29 07:19 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{F11CE967-BE27-4352-9F17-A72E3BE702D7}
2014-10-28 18:56 - 2014-10-28 18:57 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{4651A027-ED76-4D9D-9E63-338BDACD41D7}
2014-10-28 06:55 - 2014-10-28 06:55 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{0D375BA4-62E1-4AC1-BF84-B01A3DF8857D}
2014-10-27 15:07 - 2014-10-27 15:56 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Paizlee Teddy Bear
2014-10-27 14:04 - 2014-10-27 14:04 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Boxers
2014-10-27 09:10 - 2014-10-27 09:10 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{00EB3F02-C5ED-4EB8-BFE2-D1CB809B5A29}
2014-10-27 09:08 - 2014-10-27 09:23 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Apple Health
2014-10-26 21:09 - 2014-10-26 21:09 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{BE7287FF-B109-4ED2-BFA5-D729F0F0139B}
2014-10-26 06:56 - 2014-10-26 06:56 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{F95BFDFA-1A3B-4C81-8629-722F05A27A1E}
2014-10-25 09:16 - 2014-10-25 09:17 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{BF381502-AAF7-43E1-8FD2-A374017CDB06}
2014-10-24 21:15 - 2014-10-24 21:16 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{B24905E0-A208-4DC2-A37F-644759C7F038}
2014-10-24 09:14 - 2014-10-24 09:14 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{2ACF9690-6071-4324-88BB-B803EEA7A6E4}
2014-10-23 19:26 - 2014-10-23 19:27 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{9F6B5478-1F58-41FC-920A-1EFF749747AC}
2014-10-23 07:26 - 2014-10-23 07:26 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{1E4600A4-3632-42CB-AEA5-DBA500BC07CD}
2014-10-22 19:25 - 2014-10-22 19:25 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{415E4BB1-8505-40F8-BEF6-3052F98BF137}
2014-10-22 07:25 - 2014-10-22 07:25 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{31EBA05D-8CEA-4023-AA20-5E84DB84B0F0}
2014-10-21 10:13 - 2014-10-21 10:13 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{CF4C9A5F-7858-48E1-B713-1C834A53B398}
2014-10-21 09:49 - 2014-10-21 09:49 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-10-21 09:48 - 2014-10-21 09:48 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Roaming\AVS4YOU
2014-10-21 09:45 - 2014-10-21 09:57 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-10-21 09:22 - 2014-10-21 09:23 - 163099288 _____ () C:\Users\ShopAaron's.com\Desktop\Sophia eagerly sucks Daddys cum.mp4
2014-10-20 19:29 - 2014-10-20 19:29 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{BCF74012-7B58-4955-986A-04BF33180B69}
2014-10-20 07:28 - 2014-10-20 07:28 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{D617C5D6-28B9-43A4-8ACD-52C675818F4A}
2014-10-20 07:20 - 2014-10-20 07:20 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{4E6F06BF-5741-4DF4-9E45-8ED3B2BFF04D}
2014-10-19 09:02 - 2014-10-19 09:02 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{D70D9061-938B-459C-BB32-CC003203672D}
2014-10-18 17:57 - 2014-10-18 17:58 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{2ADAFAD2-BEF9-4C0A-9DD5-976A7DA433DA}
2014-10-17 20:46 - 2014-10-17 20:46 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{E01AEBF4-0922-46C5-A8A3-0D22AFCD2524}
2014-10-17 19:37 - 2014-10-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-17 08:22 - 2014-10-17 08:22 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{0E99A6B5-12DB-402F-BA1D-73A6204BE38F}
2014-10-16 20:21 - 2014-10-16 20:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{331E9A07-CA23-4FE7-8284-43787F74B172}
2014-10-16 08:22 - 2014-10-28 21:07 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Blazer
2014-10-16 08:21 - 2014-10-16 08:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{4EDB560E-B342-41B1-A5B0-C3FB0B3E6E55}
2014-10-16 07:07 - 2014-10-09 18:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 07:07 - 2014-10-09 18:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 07:07 - 2014-10-09 18:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 07:07 - 2014-10-06 18:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 07:07 - 2014-10-06 18:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 07:07 - 2014-09-28 16:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 07:07 - 2014-09-25 14:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 07:07 - 2014-09-25 14:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 07:07 - 2014-09-25 14:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 07:07 - 2014-09-25 14:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 07:07 - 2014-09-25 14:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 07:07 - 2014-09-25 14:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 07:07 - 2014-09-25 14:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 07:07 - 2014-09-18 18:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 07:07 - 2014-09-18 17:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 07:07 - 2014-09-18 17:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 07:07 - 2014-09-18 17:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 07:07 - 2014-09-18 17:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 07:07 - 2014-09-18 17:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 07:07 - 2014-09-18 17:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 07:07 - 2014-09-18 17:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 07:07 - 2014-09-18 17:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 07:07 - 2014-09-18 17:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 07:07 - 2014-09-18 17:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 07:07 - 2014-09-18 17:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 07:07 - 2014-09-18 17:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 07:07 - 2014-09-18 17:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 07:07 - 2014-09-18 17:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 07:07 - 2014-09-18 17:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 07:07 - 2014-09-18 17:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 07:07 - 2014-09-18 17:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 07:07 - 2014-09-18 17:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 07:07 - 2014-09-18 17:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 07:07 - 2014-09-18 17:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 07:07 - 2014-09-18 17:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 07:07 - 2014-09-18 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 07:07 - 2014-09-18 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 07:07 - 2014-09-18 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 07:07 - 2014-09-18 17:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 07:07 - 2014-09-18 16:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 07:07 - 2014-09-18 16:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 07:07 - 2014-09-18 16:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 07:07 - 2014-09-18 16:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 07:07 - 2014-09-18 16:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 07:07 - 2014-09-18 16:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 07:07 - 2014-09-18 16:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 07:07 - 2014-09-18 16:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 07:07 - 2014-09-18 16:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 07:07 - 2014-09-18 16:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 07:07 - 2014-09-18 16:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 07:07 - 2014-09-18 16:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 07:07 - 2014-09-18 16:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 07:07 - 2014-09-18 16:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 07:07 - 2014-09-18 16:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 07:07 - 2014-09-18 16:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 07:07 - 2014-09-18 16:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 07:07 - 2014-09-18 15:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 07:07 - 2014-09-18 15:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 07:07 - 2014-09-18 15:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 07:07 - 2014-09-18 15:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 07:06 - 2014-09-17 18:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 07:06 - 2014-09-17 17:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 07:06 - 2014-09-12 17:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 07:06 - 2014-09-12 17:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 07:06 - 2014-09-04 18:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 07:06 - 2014-09-04 17:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 07:06 - 2014-09-03 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 07:06 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 07:06 - 2014-08-28 18:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 07:06 - 2014-07-16 18:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 07:06 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 07:06 - 2014-07-16 17:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 07:06 - 2014-07-16 17:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 07:06 - 2014-07-16 17:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 07:06 - 2014-07-16 17:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 19:40 - 2014-10-15 19:40 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{18ADC825-D57B-441D-94D8-1FB0631B4414}
2014-10-15 07:40 - 2014-10-15 07:40 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{004422EF-8392-4389-85FE-53C5D794C277}
2014-10-14 19:39 - 2014-10-14 19:40 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{8003382B-C5AA-479B-A6C0-B958806EFE23}
2014-10-14 07:38 - 2014-10-14 07:39 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{3AC36D25-6344-491A-91F8-7E3E0BC7A63D}
2014-10-13 19:37 - 2014-10-13 19:38 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{23EBD968-35BB-4F44-BF5C-E6EC4D6112F0}
2014-10-13 07:37 - 2014-10-13 07:37 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{DCE57CE0-FF95-4430-BCD7-CF8BE8360770}
2014-10-12 19:37 - 2014-10-12 19:37 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{D29EE577-0F6D-4DCE-8AFF-95D7FBFCBF5E}
2014-10-12 07:36 - 2014-10-12 07:36 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{21C578CB-3DA4-45EE-B6DA-DBB20F0BBEBD}
2014-10-11 19:07 - 2014-10-11 19:07 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{6B50CB7A-A245-44BC-A2AB-D867B76F85FD}
2014-10-11 07:06 - 2014-10-11 07:06 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{AD89C207-989D-4D41-8F00-8263CF0149FA}
2014-10-11 06:55 - 2014-10-11 06:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-10 09:21 - 2014-10-10 09:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{0D75AA09-C25A-46F6-8365-2CDB47481D6A}
2014-10-09 20:03 - 2014-10-09 20:03 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{2841FF9F-330C-47F4-A221-FD96C0084E25}
2014-10-09 08:02 - 2014-10-09 08:02 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{21E47258-3FE8-4CF9-8C93-59DFDB92EA70}
2014-10-08 18:21 - 2014-10-08 18:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{82D691EF-B1D7-46BF-9657-669D9330BCFB}
2014-10-08 06:21 - 2014-10-08 06:21 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{2B62EE3C-E8E2-44EF-887D-BB1C7BDB1899}
2014-10-07 12:08 - 2014-10-07 12:08 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{588767D5-048E-495E-A1D1-0123803CA6A5}
2014-10-06 20:31 - 2014-10-06 20:32 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{E41B9892-CCAF-47C2-95AB-0D342EB7EF79}
2014-10-06 07:38 - 2014-10-06 07:38 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{CF682702-509F-4E06-A65C-29192EA7DEC2}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 09:48 - 2010-07-24 08:24 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\CrashDumps
2014-11-05 09:42 - 2009-07-13 20:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-05 09:42 - 2009-07-13 20:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-05 09:33 - 2010-04-03 13:50 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\SoftThinks
2014-11-05 09:33 - 2009-11-06 07:59 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-11-05 09:33 - 2009-11-06 07:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-11-05 09:33 - 2009-11-06 07:37 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-11-04 08:33 - 2009-07-13 21:13 - 00006210 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-03 19:33 - 2014-05-31 17:24 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Resume
2014-11-01 14:07 - 2010-04-03 13:50 - 00000000 ____D () C:\Users\ShopAaron's.com
2014-11-01 13:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-01 13:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-11-01 09:17 - 2011-11-27 14:54 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\NPE
2014-10-30 21:28 - 2010-11-19 18:38 - 00001019 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-30 21:28 - 2010-04-04 06:20 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-10-28 06:47 - 2009-07-13 21:08 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-24 09:56 - 2014-10-04 07:36 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Gun funnies
2014-10-23 13:02 - 2010-10-20 17:32 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\Windows Live
2014-10-21 09:48 - 2010-04-03 13:50 - 00098912 _____ () C:\Users\ShopAaron's.com\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-17 19:38 - 2013-10-15 19:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 19:37 - 2009-11-06 07:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-16 13:42 - 2014-04-29 17:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 12:19 - 2012-04-28 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 12:05 - 2013-08-13 20:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 11:58 - 2010-04-04 06:17 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 10:10 - 2014-08-28 16:36 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\A-1 Countertops
2014-10-16 06:58 - 2014-07-30 13:26 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\My Hand guns
2014-10-15 20:13 - 2010-04-06 21:39 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\Adobe
2014-10-13 17:42 - 2014-10-04 14:42 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Remington 870 Magnum Express 12 ga
2014-10-11 06:55 - 2009-11-06 07:33 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-11 06:55 - 2009-11-06 07:33 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-08 06:43 - 2011-05-11 19:30 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update

Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\spp_setpointp.exe
C:\Users\ShopAaron's.com\AppData\Local\Temp\BullseyeCoverage-2-x86.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
description             Windows Boot Manager
locale                  en-us
inherit                 {globalsettings}
default                 {current}
resumeobject            {5b319acf-caf6-11de-9847-0026b90d139a}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-us
inherit                 {bootloadersettings}
recoverysequence        {5b319ad1-caf6-11de-9847-0026b90d139a}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {5b319acf-caf6-11de-9847-0026b90d139a}
nx                      OptIn
bootlog                 Yes

Windows Boot Loader
-------------------
identifier              {5b319ad1-caf6-11de-9847-0026b90d139a}
device                  ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5b319ad2-caf6-11de-9847-0026b90d139a}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5b319ad2-caf6-11de-9847-0026b90d139a}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {5b319acf-caf6-11de-9847-0026b90d139a}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {5b319ad2-caf6-11de-9847-0026b90d139a}
description             Ramdisk Options
ramdisksdidevice        partition=\Device\HarddiskVolume2
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

 

LastRegBack: 2014-10-29 13:16

==================== End Of Log ============================


  • 0

#7
Valinorum
Posted 05 November 2014 - 12:16 PM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Hi,

It is a long set of instruction. Proceed with caution.

 
  • Step #2 Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
Closeprocesses:
Emptytemp:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00031874.tmp
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00029358.tmp
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00011478.tmp
2014-11-05 08:19 - 2014-11-05 08:19 - 40034920 ____T () C:\Windows\SysWOW64\00019149.tmp
Folder: C:\Users\ShopAaron's.com\Desktop\Powelik fix
CustomCLSID: HKU\S-1-5-21-146968359-3179086206-2102039461-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
Task: {872ECE89-8BE2-4032-A7DF-FFB6B291E2DA} - System32\Tasks\5069 => Wscript.exe C:\Users\SHOPAA~1.COM\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
C:\Users\SHOPAA~1.COM\AppData\Local\Temp\launchie.vbs
Task: {9933BB77-8A80-4F4C-9CF3-C65DCD992B1A} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {AE1D91D5-3D0B-4518-9168-1CF13F23D379} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {C82D7D26-D3F2-4A6F-A3D3-106EAB480716} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:03DBFDCF
CMD: bitsadmin /Reset /Allusers
End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Post the log in your next reply.
 
  • Step #3 Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart;
    • Post the log in your reply.
 
  • Step #4 Fix with Junkware Removal Tool
    Download Junkware Removal Tool by thisisu to your Desktop from the link below.
    Download Link 1
    Download Link 2
    • Disable your anti-virus to avoid potential conflicts. For more information please acknowledge yourself this article;
    • Run the program either by double-clicking(Windows XP) or Right-clicking and choosing Run as administrator(Windows Vista and above);
    • Please be patient as the tool cleans your system;
    • After completion of the process a log named JRT.txt will automatically open and is save to your Desktop;
    • Post the log in your next reply.
 
  • Step #5 Scan with Malwarebytes' Anti-Malware
    • Download Malwarebytes' Anti-Malware from the suitable link below --
    • Double-click mbam-setup.exe to install the application.
    • Before clicking Finish perform the following actions --
      • Un-check the box beside Enable free trial of Malwarebytes Anti-Malware Premium.
      • Check the box beside Launch Malwarebytes Anti-Malware
    • Once the program has loaded, The MBAM dashboard will appear with an alert to update - click the green button Update Now;
    • Click on Setting--
      • Navigate to the tab Detection and Protection and check all the boxes under Detection Options
    • From the Dashboard click on Scan Now;
    • If threats are detected click on Apply actions. If the program asks to reboot your PC, let it do so;
    • On completion of the scan click on View Detailed Log after that click on Export Button, select Text File and save the log to your Desktop;
    • Post the log in your next reply.
 
  • Step #6 ESET Online Scanner
    Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
    • Download esetsmartinstaller_enu.exe by clicking here.
    • Right-click on the program and choose Run as administrator.
    • Accept their terms and condition and proceed.
    • Install Add-On/Active X if prompted.
    • From the Computer Scan Setting --
      • Enable detection of potentially unwanted application
    • Click on Advanced Setting--
      • Uncheck the following box --
        • Remove Found Threats
    • Check the following boxes --
      • Scan archives;
      • Scan for potentially unsafe applications
      • Enable Anti-Sblueth Technology
  • Click on Start and wait for the virus signature database to update.
  • The online scan will begin automatically and can take several hours.
    • Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
  • After the Scan finishes --
    • If no threats were found:
      • Put a checkmark in Uninstall application on close.
      • Close the program and report that nothing was found
    • If threats were found:
      • Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).
      • Post the log file in your next reply.
  • Note: Enable your security programs afterwards. 
    • Required Log(s):
      • FRST Fix Log
      • AdwCleaner Log
      • Junkware Removal Tool Log
      • Malwarebytes' Anti-Malware Log
      • ESET Log
    Regards,
    Valinorum

  • 0

#8
Kooldaddyo
Posted 05 November 2014 - 08:26 PM

Kooldaddyo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-11-2014
Ran by ShopAaron's.com at 2014-11-05 10:40:23 Run:1
Running from C:\Users\ShopAaron's.com\Desktop
Loaded Profile: ShopAaron's.com (Available profiles: ShopAaron's.com & Guest)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
Closeprocesses:
Emptytemp:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00031874.tmp
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00029358.tmp
2014-11-05 08:20 - 2014-11-05 08:20 - 40034920 ____T () C:\Windows\SysWOW64\00011478.tmp
2014-11-05 08:19 - 2014-11-05 08:19 - 40034920 ____T () C:\Windows\SysWOW64\00019149.tmp
Folder: C:\Users\ShopAaron's.com\Desktop\Powelik fix
CustomCLSID: HKU\S-1-5-21-146968359-3179086206-2102039461-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
Task: {872ECE89-8BE2-4032-A7DF-FFB6B291E2DA} - System32\Tasks\5069 => Wscript.exe C:\Users\SHOPAA~1.COM\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
C:\Users\SHOPAA~1.COM\AppData\Local\Temp\launchie.vbs
Task: {9933BB77-8A80-4F4C-9CF3-C65DCD992B1A} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {AE1D91D5-3D0B-4518-9168-1CF13F23D379} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {C82D7D26-D3F2-4A6F-A3D3-106EAB480716} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:03DBFDCF
CMD: bitsadmin /Reset /Allusers
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-146968359-3179086206-2102039461-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32" => Key Deleted Successfully.
"HKU\S-1-5-21-146968359-3179086206-2102039461-1000\Software\Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key deleted successfully.
"C:\Windows\SysWOW64\00031874.tmp" => File/Directory not found.
"C:\Windows\SysWOW64\00029358.tmp" => File/Directory not found.
"C:\Windows\SysWOW64\00011478.tmp" => File/Directory not found.
"C:\Windows\SysWOW64\00019149.tmp" => File/Directory not found.

========================= Folder: C:\Users\ShopAaron's.com\Desktop\Powelik fix ========================

2014-11-02 10:49 - 2014-11-02 10:49 - 0085932 _____ () C:\Users\ShopAaron's.com\Desktop\Powelik fix\Extras.Txt
2014-11-02 10:44 - 2014-11-02 10:44 - 0125098 _____ () C:\Users\ShopAaron's.com\Desktop\Powelik fix\OTL.Txt

====== End of Folder: ======

"HKU\S-1-5-21-146968359-3179086206-2102039461-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{872ECE89-8BE2-4032-A7DF-FFB6B291E2DA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{872ECE89-8BE2-4032-A7DF-FFB6B291E2DA}" => Key deleted successfully.
C:\Windows\System32\Tasks\5069 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\5069" => Key deleted successfully.
"C:\Users\SHOPAA~1.COM\AppData\Local\Temp\launchie.vbs" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9933BB77-8A80-4F4C-9CF3-C65DCD992B1A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9933BB77-8A80-4F4C-9CF3-C65DCD992B1A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE1D91D5-3D0B-4518-9168-1CF13F23D379}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE1D91D5-3D0B-4518-9168-1CF13F23D379}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C82D7D26-D3F2-4A6F-A3D3-106EAB480716}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C82D7D26-D3F2-4A6F-A3D3-106EAB480716}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
C:\ProgramData\TEMP => ":03DBFDCF" ADS removed successfully.

=========  bitsadmin /Reset /Allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{47A669CF-D0D8-40BA-9498-EF69866B055F} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 6.2 GB temporary data.

The system needed a reboot.

==== End of Fixlog ====

 

 

 

 

# AdwCleaner v3.311 - Report created 05/11/2014 at 11:42:29
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : ShopAaron's.com - DADDYOSDELLLAPT
# Running from : C:\Users\ShopAaron's.com\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Guest\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Guest\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Guest\AppData\LocalLow\SearchquTB
Folder Deleted : C:\Users\Guest\AppData\Roaming\Bandoo
Folder Deleted : C:\Users\ShopAaron's.com\AppData\Roaming\HPAppData
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob
Folder Deleted : C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob
File Deleted : C:\Windows\Downloaded Program Files\popcaploader.inf

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2
Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BandooUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BandooUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FF99715-3016-4381-84CE-E4E4C9673020}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong2
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutb
Key Deleted : HKLM\SOFTWARE\Bandoo
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Google Chrome v38.0.2125.111

[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : nppllibpnmahfaklnpggkibhkapjkeob

[ File : C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://www.searchqu.com/web?src=ieb&q={SearchTerms}
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN10506&l=dis&prt=IDSSNAV&chn=retail&geo=US&ver=2014&locale=en_US&gct=sb&qsrc=2869
Deleted [Extension] : nppllibpnmahfaklnpggkibhkapjkeob

*************************

AdwCleaner[R0].txt - [10184 octets] - [05/11/2014 11:36:34]
AdwCleaner[S0].txt - [9937 octets] - [05/11/2014 11:42:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9997 octets] ##########

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Windows 7 Home Premium x64
Ran by ShopAaron's.com on Wed 11/05/2014 at 11:55:11.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{004422EF-8392-4389-85FE-53C5D794C277}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0053CE6F-CB11-4A19-B75F-B5B223F6CF1B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{008EE6B3-375E-4EA9-BE4F-03BDAEF4E3A6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{009AA0E1-B086-4E3D-B19C-D58CC1E419AA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{00B89830-2D54-4DCE-8D0D-EA137345F497}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{00EAC544-7769-47E2-855D-5813897B71A7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{00EB3F02-C5ED-4EB8-BFE2-D1CB809B5A29}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{00F3472F-A949-43EB-A29B-F1BCE6DD77B1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{00FB406C-6B78-4B45-A9DA-41ED82446B96}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{02688495-EBB5-497B-B825-8AB53FF6F1D7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{02733229-33D8-49E6-AD2C-8144B5E7AE51}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{02EB6DEC-7B80-439A-83E9-35AECD7A07B4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{03282E3D-A8D9-4171-A01E-70FC4B950CC7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0347E22A-540D-4CBC-8FBE-BCD8F7E36208}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{03B215EB-FA47-490F-A12B-F3F10633F602}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{04000659-BF2E-4C86-A226-989E6D38A0A5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{04B0822A-0AD1-4BB0-B72F-4ADA56C2431C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{04D5B938-3154-4F93-BC34-9263C57067C8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{053EC107-F6DB-423E-B65D-DA276F24210A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{056B38F2-4D0F-4AB1-9AF2-247C8072C6F4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{06AA85A2-9D63-4980-A907-BFAC21570969}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{06CD79CC-AE16-45A6-B1E1-446DA41B6A9F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{06EA9A6B-3744-4D5B-B295-C0A6194F8C12}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{06FE0F70-BCB3-486F-A3B7-F1147A7CECC9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{07249F2E-C3FE-4101-A20C-0931AB38F7E8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0752F075-52BF-4E6B-B2CE-C3B7640765B8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{08A0C116-5BD9-40F1-B098-0F5C6994D7A0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{08C0E8E8-0ECC-4F5F-9041-AA14C30B19DD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0983C24E-867D-441A-A37E-CF6C87B4204B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{09E3C871-A97F-4DF4-906F-A0703214583A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0A3B2746-2EE3-42EB-A908-A5350D6B3DB5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0A80E25B-4FB2-41D3-8BA6-0AAB3F7132D6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0AD3950D-6AB5-48E8-8908-207E36730705}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0ADCC865-2EEE-43C1-9312-F9FB8D03979C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0AFFA474-6593-4358-B79A-4BD7929215AB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0B38ABBD-FC60-4783-842F-9D5A5A4D1375}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0B57E613-3E69-40E0-9E94-817F21C7D142}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0BB486A6-C0B3-48A8-8075-13EE5F6EFC11}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0BB4C84C-B8D9-4832-A935-F2010D1ECF91}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0C3998FA-4C48-45A1-A818-D43C0A426A4F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0D375BA4-62E1-4AC1-BF84-B01A3DF8857D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0D3D3DFC-2732-458D-A7F6-6DB7CE11F711}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0D43CB39-E5A3-47C3-8BA6-7C2B2DEBAC6F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0D5EC25C-CACC-4E06-A53E-0E50113C552C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0D75AA09-C25A-46F6-8365-2CDB47481D6A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0D84487B-F812-4B28-B4C3-1733DBC128F0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0DD4ADB5-E733-4449-A4AA-57B38395B53F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0DF9883B-7B04-41ED-819C-4FF7FBF97849}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0E30C13B-D928-4B3F-B1D3-572CAAEC2E0E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0E99A6B5-12DB-402F-BA1D-73A6204BE38F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0EAFB1DB-F1C1-486A-BAF7-5739B70EF788}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0ED9A174-C974-4701-A23A-F698A7DD6478}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0F751049-92C5-42EA-B628-5F588BED3C76}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0F9A9514-972F-42DC-8460-B89039924C4E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0FBB64F6-5153-44C3-B56A-7F054623AAC7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0FF656EE-482D-42D0-8E4E-3CB20EA86694}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{0FF8122B-6ABA-4A1B-B19B-179BA5CA22DD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{117E4973-A03B-4C0B-97C2-AE6E06A1786B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{11ACF19E-836E-48DC-961A-6FB857AFD41B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{11D5D48A-7098-4381-BD68-573EA22861D6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{121F1E9C-5B17-4FCA-85CF-15519AE86913}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{129EBE77-4F81-49E8-968D-31C9715ACC8F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{12C69C36-5E12-4964-80B3-7BD81C14506D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{13AAF03C-69B0-4F21-8F7B-8A1BE5366311}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{13E0C512-BBD4-4BBA-B640-FE9BF102EEEB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{13E188D5-1470-45F8-99A2-3F3B79A3AA8C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{14AC49FB-ED39-4F1A-A475-14FDDD567B8C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{14E7A5A0-B141-46F2-AEA1-B39DD8365A38}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1513ADBF-3508-430A-9A36-D6CACDEF61F2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1520B9E9-4D7E-44E2-A75C-03A9BC74F280}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{158BEDB1-C4ED-4D09-981D-F46F2446A7D8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{15D57BC8-F759-4C4C-9CAF-186E3E387020}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{15DA30A1-7A88-49FD-8A19-C6ECAA99997B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1659B0FF-FFE6-43DE-B9C8-4440B905541B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{171D4ABA-3E80-42B6-B057-86A98403B0FB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1793CC4B-05C6-4503-9362-D521F3431818}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{179CA169-DB3F-49F6-AEE9-096B96238F89}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{17C0BD93-E233-4F09-9131-40AF62EF843E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1801ED4A-250B-43FE-A5FF-EB90CC678E26}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{18173B00-0B5D-4067-942D-B4017E667930}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{182720F0-D129-405C-BFC0-D029E0BC391F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{18ADC825-D57B-441D-94D8-1FB0631B4414}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{18F2A053-7415-4261-B01F-90E6ADE5438B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{190F9B73-FE39-463F-BB78-D7BF1ACBC74B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{191722E5-999C-496D-9F40-140CD9FEFDA1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{199C15E2-0081-4207-B2DE-7E307BC416C5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{19FBD39F-7BAC-49B8-ACC1-3F9EE7A51454}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{19FDB60A-2B1F-4D31-96BE-400E74AF2E0A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1A1DAC6B-A94E-4627-8F6B-627A72E123BF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1A9E99EE-386B-4D84-9789-4A40E561A680}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1C1477E9-34B8-4841-AA28-E75B7327174C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1C19ADD4-4C6E-4584-B8E5-3D877BB697FE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1C207897-C34F-4421-9281-FB346ACD9200}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1C4505B5-14A5-4DE4-976B-146531C34C28}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1C9FF5C5-A3B9-492A-A848-77303D307878}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1CA3E52F-6693-4B3C-AD89-7242825B1AA8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1CDE1B4B-FF4E-435E-BE03-1C244B17BD70}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1D2F5112-ECEE-4CB6-B3AB-3CC30FC7A39A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1D7F7EFB-E350-405C-9BC9-9779FC157941}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1DC983EB-CB27-45D7-B397-8395F4C84B8A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1E224335-878A-4561-9CDB-E52D0DDAC5CE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1E3E7B8A-EF2F-4241-9E31-636D1AF4D4B5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1E4600A4-3632-42CB-AEA5-DBA500BC07CD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1E4E2132-6F32-4AC6-848C-87A961D10738}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1E5CEAA9-2CB7-4907-BE47-0ACB21060A77}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1E6A47F2-B214-46CB-8E4E-F652257A6F15}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1F036B76-FAB6-4193-9941-7F1A105AD212}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1F201A7F-3BDA-4E8F-B208-7D331EE1FC31}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1F46C080-6021-4355-BEB7-AC47FF40D619}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1F52F38B-0C00-4738-BF5B-A5E04DAF0DD7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1FA6D8DC-E7F2-4443-ABE9-7C305546C2E4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1FB318ED-BE13-415D-BB03-12AE2CD33F95}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{1FB808A8-88E5-4F14-A198-D70707E36CB4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{20167388-A2AD-4A5B-AEC2-189DD06D430D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2112DB6F-F2BA-4F94-B848-13BEE346F3D1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{212FFFBE-86D0-4181-BE25-0E85AB1A3984}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2164E716-9653-42D5-B886-032FB4E19D80}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{21C578CB-3DA4-45EE-B6DA-DBB20F0BBEBD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{21CA77F4-4043-4368-9437-BB42DD469228}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{21D94A82-9AF5-4D4E-A5D7-45126CC3CD4B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{21E47258-3FE8-4CF9-8C93-59DFDB92EA70}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{21E6D4F1-8CFD-4146-97E9-2BB96919E719}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{21E9BB1E-795E-412C-903B-0C3F87EA8025}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2278E42C-0274-47BC-85DD-886A9DFF05DB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{230DB71F-A64E-4B41-AE9F-5F35635CFBD2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{23497E9D-F75F-4288-8A63-12FBF0484BC3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2375E5CA-BDF7-419C-80D7-749C0A891FE8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{23840C32-4839-4E21-BC9C-AD23C8998780}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{23AE6D56-D409-4919-9093-FD9E8BA01566}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{23EBD968-35BB-4F44-BF5C-E6EC4D6112F0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{23FB9A2D-994A-4385-92B9-45985E62B8E3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{24002D23-F6B4-4466-B7DA-B7F402E49FEC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{245F6650-E37C-49EE-A63B-0588852EA04A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{24971CD5-EB79-4CEB-BF42-F5547F972716}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{24B8EE1A-3DE4-405B-9C1F-E3F23E15AB60}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{24C14177-5687-4C84-B9EE-6ACF88F82F4A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{25142449-0A63-46F3-BD49-0EFF5C6154C3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{253B2D5F-C62A-4E02-900F-1E6C9FF4DFB8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2660DA1E-E8ED-4526-B60F-C271B6A4606D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{27C8AD24-FEF8-4770-9B41-3B6F5D80E99D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{280DA11F-B945-4195-8765-0C284C83AC2C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2841FF9F-330C-47F4-A221-FD96C0084E25}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{286ACDF2-FBA9-4962-93DC-F7AB31D6343D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{28853CE2-5962-4C0C-AAAB-05197F7D8B64}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{296925FB-2340-4EBF-929E-422E492867F1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2A233A3A-05B8-4E86-9D85-44B41DD83656}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2A7ECE5A-1038-4168-86E7-BF40AC7D99E5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2AB6E6CA-C511-47B6-B464-3CB0AB7985DE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2ACF9690-6071-4324-88BB-B803EEA7A6E4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2ADAFAD2-BEF9-4C0A-9DD5-976A7DA433DA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2AFEBB16-334C-467B-904A-8DE22E79A625}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2B62EE3C-E8E2-44EF-887D-BB1C7BDB1899}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2B807679-F39F-4256-AC0A-FB39C141DA2C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2C08CB4D-1D4A-46E3-99DC-64B0F8340ACA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2C60EFE9-2B60-4AB5-B514-C696DD580C49}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2C76AAE1-ED2F-4F0C-9FD1-1B7A9A78DCF5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2C9083B7-D4FE-4017-8753-C3A1F8061BA1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2CB15E20-AF63-438C-951D-1F30799D10D4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2CE38188-BD3B-4834-8341-9D6DC86BE87C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2CF89EB3-BF66-44BA-AD7E-732D63F20386}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2D643F35-1F26-474D-96F2-EB9808C4E8D4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2DF7E7E6-8024-4EDC-B7A9-064864E32947}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2E4C11F5-DCA9-4669-ADFC-9937AC1BC70C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2E5C60B3-682D-43CC-9959-6CB75D6FD913}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2EAA5046-30FF-480E-A785-0015D407BD3B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2ECB9191-EA5C-4A6F-94D1-B733EFDCB686}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2ECD833D-13DE-4771-A8EC-2B69FB2AE3FE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2F25C645-15E7-4A79-BA7A-754FEFAC8041}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2F2A60C7-4EC0-4FF0-BA3E-4EA923932342}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2FA2FA27-45B8-4414-A133-6777C0A1372A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2FC11F0B-E50A-420E-9143-AF15B03580F7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{2FDC28F7-7626-4634-BDF5-6F82704101EE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{302DF804-6685-4BD5-8C08-7C875B02940E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{30B5FED3-E1AE-49EF-B6CA-AC6B2B32ACF1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{30D7DD71-3305-4AA6-83CF-81E621405275}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{30F77656-B3C1-490C-82F1-55A9CC0BDFF5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{316CEC8B-3942-4212-AB3F-6B604CD8878F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{31BD7E2F-F62C-4BEF-BECE-A079A5AEF31C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{31EBA05D-8CEA-4023-AA20-5E84DB84B0F0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{327DD802-C1BB-4361-8C60-77185FD173C2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{32D78801-2742-4F8C-9360-D56F163D72E2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{331E9A07-CA23-4FE7-8284-43787F74B172}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{33357F45-CFBC-4DA0-8853-217418D1E067}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3368AD9E-3B80-4E83-9F34-48DF1FC5DF7E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{33706135-CC03-49B2-AC94-93FE570340C9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{341FA6EC-BA43-417F-8459-446679B2997D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{34A39409-C0F2-4841-8B61-41CB93ABA2EE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{355BB2B3-F0B9-4B0C-8244-679AF833139E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{360DDC80-47F0-4DB4-97AB-AA507B41E194}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{361FA1BE-1AF8-4B5C-83AE-40B087B9F798}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{36293DA0-822B-4F91-B9E7-B987822BB556}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{36768CD8-3B85-4540-8FF3-261CB15A3914}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{369ED668-AA0B-4988-B939-40CCFE96C7FF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3702D9DD-F040-4DB8-9683-77602C32E8B7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{37224414-4CB8-4224-94A6-9683DA1031FB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{37474034-427D-4098-B1B4-42D1372C64A5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3766E3A3-F169-4E15-B550-0847CAD3997D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{37801E41-2F1E-486B-B92A-E45151E8BDC4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{37ADCE3F-AF82-459D-B6D5-8B088B3B0803}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{37C65B4D-5391-4B3B-ACEE-DE410FE78F43}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{387F178C-1A40-4C06-9C65-9DFDC48617CC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{388E9D3B-4329-44B9-AA03-C474656C635C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{389D0F66-F360-4AD7-9D9F-F6C3046F1742}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{38D0734F-821D-4815-A245-E8B0E36E3831}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3901418D-A9CE-4E52-B2F8-04903733808F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{39733BF8-FBDD-425A-B7A9-AB29D5C3416D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{397861DA-536B-4C0C-9C6B-BD74F3D112C9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{399117B7-B9DA-4204-AC88-B5EE44562085}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{39F32398-C9A4-46E0-B14F-9D63CC6C9335}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3A64EAE6-E734-463F-8BD5-0896F02759BF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3A7BEB27-A42E-4D55-A0C4-25F70598A66D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3AC36D25-6344-491A-91F8-7E3E0BC7A63D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3B1253B2-BC0D-45DD-91C7-4D451C6BC45E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3B962DD1-DD87-46AA-8130-D0EBC4FF41A7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3BC76C6D-453C-4098-A4AF-87F5D5EF2337}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3C11B5FC-0E18-48E6-9EC8-A4D19BFE07EE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3C5A4AAF-422B-465F-A082-3C3303F213DD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3CA8B2D6-3553-4335-842D-18CD5E5F445A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3CDD1F45-E37A-433E-9826-9A5B22A295D0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3D3D7CCF-75B3-4C58-B4D0-C9C906C22416}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3D5B3AC3-D568-4327-A61A-3C74DD22BB6A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3DB53DAE-170C-4D46-9AFC-03117E221833}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{3ECA7347-0EC5-4804-938C-402642E1EF93}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4002940E-C8DD-442F-90E1-8BDAAC864BE7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{40820DE6-5860-44BC-9045-BF5592F5AD74}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{40A60490-8263-47E7-8E06-C0A7F5C1461E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{415E4BB1-8505-40F8-BEF6-3052F98BF137}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{41D3E660-B2F1-4DB0-B559-BE449859FCF0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{427F1C77-CA22-4F22-84A0-8900E0C78572}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{42AB3826-09ED-4742-A5DF-C1157C909CDB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{42B45CE5-5573-4612-B06F-F080BAA27334}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{431C5106-A8E8-48E4-B678-6EF0B611F907}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{43B9B86C-E706-44E7-ADA3-C1533707A8CA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4417844A-A3CB-4122-BF9C-6B1142063E3A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{444F76CB-5988-4075-88AC-BB15ACB422F4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{445AE3F5-2029-4915-B338-0206AD74C09F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{446C5F06-73EE-4BFB-900F-7E9C0289401F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{44741C61-FF92-4EF1-84C7-75E8988A4D0D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{448B4BD1-A549-4F54-85E5-F448A0E2CC69}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{44921125-630F-4B59-BDAE-267A0DE72734}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{450D42C6-E945-4962-98E2-6225DB4DBDE9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{45158243-C383-410B-A3A7-477E9BC151D4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{45675328-2DA4-4809-9DB7-9B8B89F0A38C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{457F2A1F-8CB7-437A-B686-C1A87D770C03}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4590483A-BE7F-4912-8882-BA2CC7B72D00}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{45C6D290-F61E-4C16-BD3C-0C47B6848EA2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4651A027-ED76-4D9D-9E63-338BDACD41D7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{465E3BF5-1E0F-4AAA-8DA2-6AB58AE91730}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{46D9D61F-563F-426A-94D1-B3C2B47133BC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{46E2F4FF-A1B8-4365-A804-6A41DBB2B352}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{474FD0C7-16D4-49A6-B548-4A7C2B287F7A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{47AA2311-D65F-45F7-BDDF-29258DAB5463}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{47D34C4C-7BC8-49B0-B6D1-56270B16C6A2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{48814EAE-460B-4F69-8C51-B9806B09F469}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{49688870-D217-4888-9D7E-A32CFC44D5F7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{496D370A-091F-4B2D-B8E3-A43D4E0C9A37}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{49763F0E-DC65-4B0A-A3DE-5DD4E708AF46}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{49C88F7A-2325-4E17-A284-757DB0E4F648}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4A13BAF5-220D-4089-BA1F-992748EBAE52}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4A67D032-5F7A-45F4-BAEF-12428212C8E5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4A855DB9-23B2-4E77-9CF1-778D37EB8FA0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4B14D6E9-DC1C-469F-841B-B23B518C009E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4B269AA3-B1BA-4DEE-9311-99314B4B6486}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4B6B2EBB-C872-4CAE-8183-FE0738D73700}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4BBCD476-E0AE-4EE2-9800-735C8202B6A1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4BD5D506-0DDC-4106-A64F-005DE2D0AEB5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4BE1B4F5-1AE4-4899-87FD-6471C561B127}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4BFCC2E6-E306-47CF-BCCF-78BF7596D696}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4C177CB1-86D4-4246-9548-B9C00FEF9EC0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4C39F098-0536-4343-8789-1A302939CF4E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4CCB5A0B-28FE-4CDF-A00A-76821244DD6E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4CD51E0D-A33B-428E-BBAA-6F58FACE39CA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4D04B668-25B3-4FFB-A2DB-07693A4C1491}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4E0EEC6B-E3FC-428D-8E2D-1F4949EC21AF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4E6F06BF-5741-4DF4-9E45-8ED3B2BFF04D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4E9457C1-7DAA-40A7-809A-5770949BAD34}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4E9E4EF9-FEB3-43E5-A2E6-739481956687}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4EDB560E-B342-41B1-A5B0-C3FB0B3E6E55}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{4FCA6223-EE6E-44A9-971D-73E01FB49A17}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{50F08E64-6261-475E-93BA-6394F987844A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5131856B-0342-432B-857A-14179B2DD16E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{51355EA5-3D5E-4136-A547-966645B2A23E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{51D4DB61-BBEB-4060-A9A0-04B91A865973}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{51D88ECC-B71F-4F29-81F7-6C7CF7873FC2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{51EBBDA2-1DC4-4266-B9AF-A24FE4561084}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{52338EF2-4F37-469A-A2AB-11063C32E010}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{52E2DB3B-F8B1-40EE-B72A-FC9A72D72ED5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{52F9A5C6-7E4C-4825-B12A-EDFE387F6C36}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5370B809-ADE9-4DDD-9783-F01A7CE66256}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{53DF5D26-F2DC-4F06-BE3D-51E98A9267D4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{54AE71F9-B63A-48D8-B361-FC79B755B944}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{54DA69DC-E274-48AE-9830-F2CD1A0892B5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{55A36F67-CFE3-4B91-96F0-EC445DFF61AD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{55C39AA0-6CB3-41D5-AACF-8D1FD4342AD9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5652B904-E845-402B-B922-4C8D3CD0CA1E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{56C545D7-960C-4FD1-991C-4D175BD7F869}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5700C10E-346B-4609-B839-0EA9AC117C34}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{57025179-0D07-43CF-82AF-052A477D2ED9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{57611A57-BF1D-4B5C-ADD1-3A31CE9A3794}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{576142E2-49B0-40FB-A5BD-27051A946BF7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{577B747D-2FDB-4F88-BD3F-C8E28817EF82}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5785907F-0EE4-458E-A893-A9FA45C8D7C7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{57C5F487-6021-4EC7-BD7C-C6EA382AD9CE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{588767D5-048E-495E-A1D1-0123803CA6A5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{590D6DF6-12C3-487F-A2D1-AE4BD2C44F10}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{59620EA4-2A6F-4D09-B323-A3F3AD690437}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5969EBF8-07F0-4AEF-91C3-CCB60CB73D72}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{597208CC-B9AD-4260-B93E-81A3556BB5A7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{59AB975F-A17E-4C7C-80F2-1194D5E8789B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{59B77B18-B5F6-4082-B0C9-46448CA1B836}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{59E7C221-85AF-49C3-A2EA-9758F1843C20}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5A0E7AE7-5CB1-44BF-A078-C64CCD04EDD0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5A60194E-6DC6-4336-A355-E8F6DC7F3329}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5A63CEFC-042A-47D0-9113-FD030C4987FF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5A9846C5-4D82-45AE-B0AA-272544B8804F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5B258F26-E10D-4077-B829-006F1F3FADBD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5B4E3F06-00D4-4AF8-9B52-89A9370C1FA0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5B9BAE79-22EF-4545-A7CC-61ACA76012AB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5BD18472-5684-4EC0-A6F1-6BE6255C7F44}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5C0683E7-35DD-45C5-A030-E5CD411AE80A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5C0960B1-9651-4E81-B93B-49F692D5009C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5C461617-E9E6-4EB6-B2F7-9E257D96E374}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5C5B458A-E95C-4463-B4C9-8EBF3206D8E6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5C7907EE-6BCA-46C4-9501-185C506299E8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5C877A43-4C31-4A9D-9DEC-84FA5F46B9BE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5CC1FAB8-B029-41FC-BF8B-848043426FDD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5D1615F8-A775-421D-BDF9-D9675A602DA0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5D408C04-DFF3-425D-9091-444BADA49A83}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5D78351A-5118-44D2-8B89-4C3991577930}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5E0BAC6B-592A-49A8-B9B5-FBF8DB19AAD2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5E1B6A50-1E59-49FE-897E-7A2B69BB66CE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5F0E7C58-8D25-44CA-AA48-AA166B64EFF3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5F7EC91E-5F17-4C6A-ABA5-07B03AC8E76B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5F9BE831-8FFF-41D3-B5A1-D45A2D45D147}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5F9F8B71-D057-47E9-9C5D-DFC26501A5A3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5FEB666E-E2F7-4E04-88AC-35C3026AD916}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5FF35E68-5CFD-40BB-AF1C-C8D8327EF784}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{5FFAB03F-CCFC-4B94-B6EF-073856A8A1EA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{607B3B48-CD5A-41AB-A818-1972BFACB040}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6080A393-CF45-4C77-9C97-B2DD5A0D1233}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{614C49C1-6BF6-4D7D-8BA9-624912D21C86}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{61ABED36-C7B2-4C46-8F9C-1403A01B3778}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{61EDFF8B-B4D0-4C1F-B09E-CFF9056B85CA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{61FE46A6-70C6-43C0-B15B-E53C431779DB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{62CBF5B8-8E38-4083-A792-42FC09E1C29C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{62FE8173-F559-495C-8E9D-A846B24C414D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{62FF875B-304A-4214-937A-6C6E8E4B2913}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6412C5EC-AF63-4234-8F5C-C891A069322C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{647C7CCA-D094-48FF-93BC-4C90C627BAE6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{64A41636-0923-4CC7-B5B5-2E8107133881}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{64C42E6F-74D7-46CF-BF2B-312EA5D9AC36}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{656FF189-CBC6-4715-A238-068FD9F3A572}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{65B801A9-C4F8-4B86-A651-AE15F83DBFBD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{660E6690-6C37-4632-85E3-92F8039EECF8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6629D4FF-B5D6-4CF2-9990-C58334F4E1C0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{66A95EE7-F801-4ED1-B411-5F933B0BFE7E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6744BA39-5A05-4988-8466-7B7C61AE6261}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6750CD16-6985-47EB-B4BE-6A53CF1850A4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6758C081-2054-4E01-862C-A76A06B3DFB6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{676D0E18-B569-42D3-8AB2-D6353ED1F2D4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{676EA6C3-D7CE-458E-9C6B-0ABFF2E92B4C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{678C9E5D-217C-4FEC-8DD2-23E1DA79042E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{67A97505-2633-4C12-98C8-DBBB936BCEC7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{67AFD6C2-1CFD-4F58-909B-FC02E4774CC6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{67BA6EAD-81BB-4C53-8C50-38453B662DA7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{67C85F1A-10FD-4B43-BD37-8E0BF4EE252B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{680B2F0C-58A1-4178-81B3-7AD94C87FA12}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{683823C5-A50E-42B4-8740-7AC3301CF94E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6961236B-3620-4C2E-B42E-5B82E0E3A8A8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{697D794D-FF69-4182-9F7D-D20B9A7F4AD4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{69D19506-66C8-45A0-A281-38AB9D436E3C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6A3AA8EC-1BEE-40ED-9B38-B8DD040B9E83}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6A3E5BD4-D876-494F-AAA2-6AB3F5A96410}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6A54A6C4-95BB-45FE-A11E-DC15AD62DEEF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6AAE4CA2-4AFD-4944-A831-FBE79290F0BC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6AB7A5C9-CBDC-4E82-9376-83D32487F19A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6B28D730-5F5F-4023-B9E2-CF0C2A02B57F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6B50CB7A-A245-44BC-A2AB-D867B76F85FD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6BACD34F-C36C-4233-9D25-5C8B8BD274AA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6BD0ACB4-56BF-48D3-9B6F-1E5D8A50D73B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6C0A2E65-82A0-48CA-8515-87FFA1973E52}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6C5C7139-73BF-4D89-86FA-E1C224B61D8C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6C9A1221-46A5-4B46-8F30-7B6709B29226}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6CF0E39F-8F22-411D-9C03-6D26A9968E51}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6D353AEC-5430-4BE7-8718-5CD9A08C95C7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6DA9D98B-5B2F-473E-AFB7-EF8BF54BC61B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6E488C64-3916-4C77-A191-CE419611BBA0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6E6DEA64-5518-4760-BDE8-81DEA69F3846}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6E7E030D-89B5-4F21-BF74-B4F284FD70E2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6EB1E4A1-90B7-421E-8BE1-AF9B00D9B3A5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{6F73E982-7E76-4D8C-B842-E6A6E2FCE67F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7004DAD6-176C-47B7-BD3B-F4D006CF9DFE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{70860C7F-BC56-41CB-B5BF-E534FAAA1665}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{70C21F07-EC9E-40AD-B3C6-390689B66686}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{70D854E3-5B33-4D27-9E35-278D8BBD0BD2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{70F257A8-F7A8-496A-869E-6C81A0922CFA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{716353BD-7430-404A-9EAF-77D6322E8550}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{718AD8F4-72A2-46DC-A683-1679AA58A058}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{71D55AB2-CFCD-47C4-83F2-B10B7E4DC2D9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{72024779-BFCD-4BEC-B1BF-CC3F8D403712}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{721ACCC0-9006-4269-8B26-2973280AEF01}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{72394E8D-5B8B-452C-A9CD-6182B3B876F2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{72554FA7-C2E5-4C94-AFB2-7DC8E121014D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{72925601-FFC1-4C48-BCBE-84F855F45715}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{72E96EEB-EF32-4D56-A9A1-11CCF256D061}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7314DA6C-2646-4DD9-ACE3-418F58F21C2E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{733CBCC9-E12B-42D3-8B4F-2DF19CAFBAC4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{743AC8A1-2494-4DBA-96F1-214C4C62AAF3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{74FB4BF0-29A7-410C-BAEE-9B4FD242475F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7573B51D-FBF0-467E-883D-2C19636801D8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{75954BCE-9890-433C-A83F-44C250A7AABC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{75B41D48-8E99-48A3-958C-DF82CAD17E54}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{760BF8BE-5A2B-42EB-95B9-FC74BB68AB3F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{76B32CDA-E80D-436F-BD34-C136868ECBA9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{775B86E8-1E36-4D3A-A20D-1F96A9DC9005}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{77E199D4-3AA4-4861-9951-3542B5591810}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{781E66F4-4EDE-4A33-94AE-83C9FA825E7B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{78507FE4-5BA5-4BAB-ADC8-2C3CC574549C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{786D9029-A3E8-4144-A6FD-130D11C94CDF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7891D4D5-3F70-48CD-97D1-9E8981718588}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{78B80EB4-EA19-4787-8315-359BD91308F0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{79C95D13-9F92-4F53-B53F-F828752BFBA3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{79CD9B6F-3A64-4F2C-BA30-25C02923FB77}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{79E9023A-CC22-4621-8124-B453CE7FC675}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7A00CF76-28F3-48AD-9B34-4B505A92511C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7A4866BA-8B68-49B6-BE14-3E53046D59D0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7A7E6347-2A8A-49CD-8D39-FAABC3C547AD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7AC4DAEF-9C6A-417A-BD0D-4C3BC3614104}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7AFF7F21-6D31-4984-AE61-51355220B764}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7B668D4D-02E9-4E5D-B575-2395193E7E74}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7B8D4BD1-B96D-4552-A39A-5E123C88826E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7B9945AC-9700-44AE-9E12-5E52D4C53138}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7BA10550-D7EB-4ED2-9C4F-1530E6F32686}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7BAB8E5D-ACE7-4213-92FD-AE6769892427}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7C3A262A-15F5-41AD-A810-242EBCF5F28A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7C842E5C-4EE3-41D3-B007-55796D6061A6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7E49A367-4A5E-4A97-A0AD-1E3C69FB7A4D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7E6E03AD-D90D-4D30-8D3F-2AE69D7BC178}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7E7E570B-7168-4368-B330-ADA210AA471C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7ECD1EB4-98D8-441A-9F37-81F54208885F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7EF2AA6B-5B82-4C22-BB31-7D949B7A4F16}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7F0BC40B-B40A-48C9-8700-0C9AEB042371}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7F207813-2A93-4223-8D9B-303386721726}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7F20E719-A0D9-4ABD-B8CA-D39C66C80F09}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7F57E276-E09F-446F-8B24-3E1F80C9DAC0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{7FB1D3B9-75B5-4FF5-AEEE-111653F14D2E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8003382B-C5AA-479B-A6C0-B958806EFE23}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{804A0518-64B1-4FE8-A5BF-E586604E9C9E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8062282F-3EC0-4AED-8A10-B8EB289EA671}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{80819A90-D737-4A05-B28D-DB7EB9664A52}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{808736F8-12D0-449C-8992-A1AFA11AEDC0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{816DD67B-D3BE-4363-80E0-7BF1F9B37E8E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{81A0285C-860A-41FE-A6D0-1512F6EBDC54}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{81EE5F41-AE28-4C7F-AD9E-ACE23BF07800}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{820A352D-397F-4FE9-B767-EEC3DA2B2FDD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8220E56F-A94E-455A-9957-5E055A4C1611}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8237557C-5B50-406A-9F07-A7DD85BAA1B3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8254E149-5C28-425F-9D84-DA29FB372552}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{825D169C-CCF1-4A51-83E9-09FE02BB69C6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{82B2C4D3-31CD-4FF5-8B00-F2E8250389FB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{82B9DDE7-105C-4835-994F-EB807F129F5D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{82D691EF-B1D7-46BF-9657-669D9330BCFB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{83005EF4-735B-49E4-9F08-BC870C0F2693}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8333E503-927D-4C6F-BEA9-9C299A86D123}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{83AADCA7-FDBE-4CE8-B46D-E9C4364F937D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{85083051-91A2-4B81-835F-C246ABD53FE5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{853BC502-769B-40BB-A7A8-A77E6B84D3F1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{85FECE3E-A7F2-4DDF-A51A-97F80144DA5A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8645D8F0-DBB4-4107-A732-87C4A0F3067D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{864C38F7-B559-44E9-8B73-C0F255E5D0A4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{86877CFC-CFF7-4CCB-BEB7-37497D08D250}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{872B5686-2255-44A6-A014-E63C549E94C0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{877493F1-D248-4D9B-9FFD-A61C9B1F9301}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{87D1943B-AFBA-4BFF-9076-BC1CEB5E8988}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{87D8314D-C42D-4527-BE1C-AC6108F349C0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{87EA85AB-810A-46DF-B8D6-A5A43191F6A7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{889BABF4-285B-4E5E-AE82-1E042FA9A6AD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{88F3F7B1-5E56-4873-9871-5F8CA614CD4B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{892AC0A0-566B-4824-87EA-357761369A12}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{893D5534-8E4A-4D98-9FD9-454A2D09D4D7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{895A329F-27FD-47EE-8AFC-686561BEF001}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8A130BD9-137B-4230-8679-16FE43E0724B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8A2779D2-BC3A-4FEA-ADF6-80E0E65C8170}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8AB8DB3D-4E1A-4DB1-A126-B2B47EFD242F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8B520631-4BC9-444F-9CBF-911A819A15FC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8B5F6042-DCDB-40B9-9DAA-737E4296FB80}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8BB6355D-C82A-4356-817D-0BDB7904464A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8BC3068E-A44C-4451-B868-1F59AB2F6AD4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8C494E45-13AE-4B3B-9463-87B703AED92C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8C5E7A52-DC93-444D-926E-2C44D05EAA2E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8D302D66-89B3-4FA4-AE77-D63C54983EBF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8DCA3D63-CEAC-4450-9F66-F597785EAE83}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8DFF9EE6-AC18-484E-93DC-4883DDD9DB33}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8E171038-B0D1-46B5-8D8E-B0A5CBFDE1E6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8E7CC188-5732-41F9-A89C-76A5B95D2526}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{8EE75D39-8F4B-46AF-8E29-1613CC78D5A0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{90C4E1AF-1617-4256-B375-54A77E741FD0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{910AD6A3-E06F-4CF9-9A46-A461DF50FBAC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{913D9767-D64E-4E10-AFF6-507043E0665B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{91978190-4279-45A3-B2CC-EDBED64BBDFA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{919ABDE4-5552-4C40-80DB-352573E6DEF7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9248AB80-588D-4F36-A371-50ED3B64ACC0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{924F5FB9-4732-4772-BFBC-D5E0C546D678}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{92DAFF47-6A0D-4464-86EB-9CC78418F38E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{93114263-945B-4DA1-B520-26FF40D85B1A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{939FB9A2-4EF2-4D94-84E9-8D7EA9A73F65}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{93EC1655-16C8-445F-8D03-C1BCA17C4D3C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{93F6DA5D-2FC4-4AD7-A864-95C3B20186AC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{940B8A37-B636-4610-9D55-D39D05E9808B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9462CF65-2FEB-4565-8294-E4C4D3A52229}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9494867B-01CC-4926-BCCB-7644C4730D0C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{94A6669A-09C2-43A5-9767-108CE9A31248}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{94FBF0F9-35C7-4CD7-BD76-59AF2FDD71B3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{954506BF-F8BD-4E94-88B1-B05C9BD46F71}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{955E21BF-8A4B-4589-94E3-FE09DCA4AD0C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9582F3EA-620D-4543-955D-22D70F4694E3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9653ED99-141B-4371-85EA-837723ACF9A7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{965EC121-9D60-4586-A554-52D4EE2262DD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{968DF04C-B7DF-4842-837E-577F1BACA79F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{96BF7D8B-C099-4480-8D7A-C8BEA3050A7B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{96DAE06C-279C-4052-B18E-113AD9530BAB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{96FF644A-DA0F-4E49-9E47-01592C66DB8E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{977A9C3A-E091-4640-A249-3C17BB93F30A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{98D11CDF-FC13-4689-ACD7-93C3639C648C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{98DF929B-62A9-4327-AE74-8319C7A16F3B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{98F0E1AC-0C40-44EC-909B-1B83E8EA0B21}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9957184A-A904-4164-9AFE-F90573DA4BDE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9969E844-E3DD-47DF-B613-9706A24A6EE3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{996FE81F-0DDD-4244-BB0B-0306D123D5E8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{99DA7959-40D7-4FA4-B191-06B825FC57D8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9A38029B-055D-4AC2-B995-BDC235D0EA00}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9A7F86C5-10F3-4244-9FD7-F844591AEEAE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9B4E62EF-F665-4DC0-B40F-6F0E04473509}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9B5E203A-7E06-489A-A891-FF91820C8AA3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9B80F5DC-DAA1-4681-B324-2340EB912010}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9BA9E0F3-B6DA-42FB-B417-C875B290A67B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9C47238B-5F1A-4E7D-AD00-18217E557A92}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9C5E6599-A3C1-490B-9585-5BCAF7A72C36}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9C9138A0-3740-4595-B14C-24036DD315D1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9D012842-00D3-4CAC-B2F1-82BB693C51F6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9D853D33-2DF3-4F94-B394-94B51A6C4E41}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9D8A3F86-BE22-4630-9D45-DBFA7BEB5CBD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9E3267EC-42F3-4F6F-ABD4-53B07B228093}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9E3B1B20-0FED-4167-957D-94A9D323FDAF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9E8650E0-9630-4FEF-AAAE-9757F4BED7BA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9EFE3371-C535-4B79-B779-8E70637B5011}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9F0F39AF-83EC-48C2-940C-2C9FCB8F2678}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9F6B5478-1F58-41FC-920A-1EFF749747AC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{9FECAB98-DBC8-4629-B637-D7850054A8B4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A01D75D3-6346-4E56-9C52-B43F7214ED5F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A061D0F3-81B1-4CA3-B60A-87EBDC63D89B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A0C55197-94B2-4574-BB63-7E7178D65587}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A161CF1B-2B1C-441B-A8F9-BBA77279749C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A29B328D-B225-499F-AE8E-95B9F0E360E9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A2A14B40-AEA0-42D8-BA81-99AAE6C3B839}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A2D2C9BE-29C1-42D7-96F9-9F40773A6424}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A340DAD8-40F9-4A42-821B-09434AEBADC6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A3BF6574-C4AE-4938-8A01-13FD9DB81534}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A456D61A-7246-468F-8ADB-1FD1BF896793}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A4B529DA-AA42-45AC-9412-3B071E615719}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A4E1641D-C800-4111-80E2-CB78408C41C2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A519078D-7965-4F65-978F-F63CC38330C7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A52966CD-A320-4F93-AC6D-D3D2B58FFECC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A555F8A4-6C21-475B-B586-C777E072505B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A5B297F0-0482-4A8D-8779-A3E6B3A70F2B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A5E6E752-A5D2-489F-A875-35E33557973C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A5EB94DA-5DCD-4357-9DEE-719E502F2CDD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A5FB1D49-4CBD-4E61-822F-051F3BCC269C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A67A3DC9-F3AD-4098-AA23-7B4A5A1C344F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A6D3EAF4-B47C-46B5-AEC8-498C27EB6BD1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A6EC6B7F-4573-44A0-84BC-712705ECA3F9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A7B763EC-5587-4AA3-BBED-E0F721E5DB6F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A8220AA4-075B-4E77-B915-F73E9C32F07A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A9278CCD-E941-4A04-82A8-0425D8A2CCF4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{A9FD0C52-019E-40BA-9F5C-C31DE2B3459D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AA2A7DB4-A3A5-41F5-A71A-268D0D367B93}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AA4C2DF6-BD33-44CF-94A2-589B1ABAF415}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AA9583DD-9183-4508-A79E-526DF3B6C290}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AAB3E6B0-7CB2-4120-BB96-E22426CA8762}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AB0BB9E0-40A0-4D9D-81A3-1C12F9689792}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AB1488C3-42ED-4B7D-A3D1-C0ACC0261C7A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{ABACA718-286B-4F21-BA1A-7AE86EC89348}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{ABC7044B-A558-428C-BF08-1533D07451E3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AC13FE3A-6BBF-4DB6-840E-D170A2209BFD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AC2E6F0C-B4D9-4578-9A40-C040C9B2B52E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AC4A7830-58F7-43D7-8FC5-2DDFFF9D2D6A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AC611111-23BC-4915-9810-9F001C46E33C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AC9366FC-BF58-4FC8-8A21-0A1CB830E303}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{ACF6E203-092B-4FB4-AEB0-B3123E8B6DE6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AD072D9F-0BE1-47FF-9CC9-9FCD941F9DFF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AD0E4D5B-762F-48B6-81C3-CBC731057B83}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AD752639-ACA0-4783-A41C-4AF6D3C57203}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AD89C207-989D-4D41-8F00-8263CF0149FA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AD93BEFF-3E1C-431D-A79F-30061B5538CE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{ADFBDC20-996B-4D00-8B01-197D1629BD97}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{ADFBF6D1-7D98-444A-A7DA-1987CFCF9F25}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AE79C2FC-449D-4E91-952A-39995F870DE6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AE9DEA88-EC0C-46EA-94C4-FE34B7454486}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{AF26855F-C834-41DF-8C8E-B8EEF551062B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B04099C3-1672-4CC5-99FD-FFD2B1CAD2BE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B188ADF5-8A20-4D90-93A9-877A4B387BA0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B1B24772-97FE-4AF5-B1A9-A1F115C9FE0E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B1C3C465-7F60-4BAF-A63D-EBEE13318E10}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B207F757-1B4C-4F07-848A-2C99696761A2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B24905E0-A208-4DC2-A37F-644759C7F038}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B286DE91-A5D6-4F8E-860F-F75A21788406}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B2F55FCB-7D42-4FA0-8D60-A50ED7FAA4E3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B3B01D30-BD3F-405B-9D80-09319A27391B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B441F94C-05F6-49D2-90D1-C59AC9AD83D4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B45C3ED3-A149-4162-ABAA-CF55B81E2697}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B4711FD9-3EDF-45A6-8F7C-A460358AE079}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B47C0F5D-AC2B-4A5D-A59D-FC59FAD85C7F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B4EAC144-3736-4B12-B0FC-B1E696F50CF3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B5DD61A0-31E0-4ADA-9DE0-8EE29D8EECC5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B627D0D0-8CD4-4A25-9F1D-2DE73C9E2E4D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B64B4146-CCE0-456A-945A-70BC938DC70E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B64F8055-081D-4BDC-A272-949E96DCBEA5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B6538E53-2839-45E4-BABC-6BF2F1A519B4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B683ED8B-DF05-4054-8218-70A596E7A936}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B6C12058-FCDE-465D-BB77-1F68037F5FE0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B6D26404-1116-42ED-B975-3F0935DD4C8E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B6F60B23-DEF8-445E-BB1B-B2BC02ADA303}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B73E77E6-1ABF-459B-83B2-F1DC55A18662}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B77AAF77-7E41-42A8-8484-AF43D315A616}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B7ADAE2F-98BC-4835-8987-0AF9A8654336}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B86C97C2-7CF7-4352-BAB7-1F0BEB12816E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B8B68246-0EA5-4011-867A-178F955D3D88}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B8BEC762-8354-428F-B6D7-F55E631FC85B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B8C0692E-ADB9-4D3B-B95F-1978E854EA11}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B92B9CA7-7D67-48D4-8644-EFFA845E76F7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B948735A-AA40-4BE0-B603-6580FA6EE489}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B9727E96-B0C7-4EE8-A700-A7EAB6B6DAAD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{B9E5AA5B-9BD8-4ED7-8012-3F79FEC8A68C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BAEBA94C-2A1A-40C2-A53E-CB662293C3BA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BAFD2A2E-8B37-41B1-9DDC-FE9A18960C33}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BB5BE4CD-0B03-49CE-B192-A9C3549EE7CD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BB6CBEB2-EA11-4F6A-A743-455B73473730}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BBC4D555-F40A-4DDC-8664-899F6F372AAC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BBF1FE77-3B7D-4D7A-97A6-1712EF37325E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BBFC1FFD-DE4C-44FF-8B09-0976EADDDCD7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BC32A5EE-B79D-4699-BD1F-BDC86A0E285F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BC58742A-350E-427C-A829-4ADC62D65B1F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BCAF0956-9691-4F81-9005-91DB5DC4F06E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BCF74012-7B58-4955-986A-04BF33180B69}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BD13C795-3E4E-418B-8919-6F20B5B5DE05}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BD530944-33AC-4051-98B8-8F6CCEDCE7A2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BD53D0DC-DE47-4594-950A-4F21C85AFCC4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BDB94B12-5F10-4D94-8E57-6397FEA4E5CC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BE1AAAC2-0A8A-4245-98F4-0A993846F708}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BE5A8B1D-71DA-4503-BAB2-290937A5464E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BE7287FF-B109-4ED2-BFA5-D729F0F0139B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BED37C45-6740-4991-957B-2257BADF9449}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BF381502-AAF7-43E1-8FD2-A374017CDB06}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BF6CA44A-C506-4D6A-BD20-2BBCBC4532F5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BFD98190-8FF4-46F0-B024-1C8B0A9A78F5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BFDD3867-B96C-4F85-A76B-4587E6992B65}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{BFE51D06-F974-4660-BC25-49EBDF988B26}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C09CEA68-66F5-4852-8D25-E9C1878D0CCF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C0CB93C5-D57C-40D3-854B-01347F31E607}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C12A7810-1422-4B6D-A3B5-D257554F8A23}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C190332C-8251-471E-A900-1667041FF582}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C2FEA911-C3BC-4510-9A21-1E8B951D5F8F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C324FFC4-82C7-4BB5-B1B3-61BC5373C119}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C331F3C3-B4A1-4CA9-B9E7-1009C67E38B7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C3581D03-97E7-4020-A007-9FD09DF63732}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C3BFF2C3-2201-4BDE-A3EC-A8B803649926}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C3D596F5-18D5-48A7-94FD-5B0D77A1A47D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C427CBA4-BAFD-4F73-90A4-98A04FE6F9C0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C435ADA1-C6B8-4092-9E3A-C88515A33ADB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C463E8D1-5E03-4D90-B76A-74770AC32B8B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C5B7C93C-3C1F-42D2-A86B-62771D78A57A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C5C088AE-30A8-4E42-A6AF-BDD9DD5D7293}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C602E7BA-C917-492E-93EA-507A97FA30C7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C6B4DCD6-C122-4F9D-8DAE-F864E47B9284}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C724754C-96AC-4D39-82DE-8042CDEC6DE9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C72DA3E2-521B-4296-BEB2-161D77443D9A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C7424687-BD22-49D4-A8BF-6606A17E31B9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C7711AB4-8EAE-4A9D-9A3D-BD483E345FEB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C7BD09B7-F05C-40D9-A386-66FDD7CE99E9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C7E29CC9-21AB-4D9E-9562-DFDEB49F8BC8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C8157A55-2AD8-41F9-B4F3-C8C17885A773}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C8556B10-3E40-4D94-9D55-A213D95942D1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C8655E2E-E372-496F-A4CC-7141FFC39D68}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C86D968C-55E5-4839-936D-17EF2ABD0018}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C8BBC7F3-DA48-427F-AF46-2046C0270A12}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C93DDEFD-7003-4000-B5C8-2221875C64DD}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C9727CA8-AF54-4A3D-A6B9-D279E13FFBC2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{C9F8712E-C68E-4672-9E17-43879BD132D8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CAD23A16-734A-42EA-8076-5469F3665CD4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CB754601-6742-48B1-9D67-656CD3E0A6D8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CBB9C92F-5C50-46B3-9C11-2517B46E9EE2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CBD56244-59EF-4188-A356-59DF3222CE8A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CC52EB73-9378-4F84-8F0B-7E03E1D15FB8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CCCDC1EE-7B5D-4CFB-A78D-326049696608}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CD3342A2-5F37-4B13-9C43-2E65C57C9D35}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CEE26C83-414A-42F1-A5A8-1E2FB3844C83}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CEF254D9-B19E-4A42-AFD5-5086B4251379}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CF4C9A5F-7858-48E1-B713-1C834A53B398}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CF682702-509F-4E06-A65C-29192EA7DEC2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CF6C2D90-2D4A-4041-8401-AA7E60C6EDF9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CFE7A0C4-F75A-4CE5-A042-493459738484}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{CFE84B8D-8009-41C6-A4EF-0C5BF32FACED}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D0B7D0DA-5C49-4DFA-BBB8-6748D3AC3A41}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D0C9A1B9-F57C-4DFB-968D-73175C719F1A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D125B156-4FB5-41B8-9997-07C69BF302D9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D159025C-E0AF-4EB1-ADB9-410FBA19EE92}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D168693E-E5DB-46C1-BC7B-D0AB22552B40}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D1925B90-DDA8-423F-90F1-F233FF360D97}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D1D0A0C5-5588-4438-8AB3-06E296694101}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D206CD0B-B4C0-43B5-BA2B-1D8FD70ED77D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D22DB9B2-149D-4419-8932-7F6F0DB75DD5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D2782F57-4392-4364-ABC1-059488782C05}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D29EE577-0F6D-4DCE-8AFF-95D7FBFCBF5E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D2DA2355-A34B-4C9C-9B3E-7A55E7FB1F62}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D3121242-D2DC-4CBD-80C2-ED208F072F0A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D31CD020-D5D0-4CB7-B564-93CE7B3BE4A1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D3E8F709-3182-4D96-A5B0-E071BCEF8DFE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D410CB7C-EB0D-4167-A36D-C8CE8B92156E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D44E24FE-0370-4EDD-B5F4-D9984AD54BCB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D4A76E15-22EB-4188-8714-74CF1CC61737}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D58B8311-6BC8-4AE9-A646-E10A9B1BE18B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D617C5D6-28B9-43A4-8ACD-52C675818F4A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D66113AB-F423-4FC7-A9EF-DDE8CE51CE8F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D6746F00-347E-4EB5-B4B7-040416D9046B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D69E0F80-3638-44A4-940B-8C1529C0B265}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D6AEE1E8-C6FB-46B4-8530-9D23342452A2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D6BD274B-E64B-49D2-8544-A142CA4BB563}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D6F1B4AC-ED78-4EC8-B982-A7A623838C9B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D6F69C9B-151C-4232-A31F-CD5AD2ECD73C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D70D9061-938B-459C-BB32-CC003203672D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D73A111F-7CF3-4525-9D4F-DFF1E80B2F35}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D7C4A158-6F6F-4111-B549-AA63B605EE2D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D8C487AA-CA8E-4355-A7A9-97D84A74B6DF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D9381D0A-A0B1-4CAC-A896-3F76D6B0CAC9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D9A6D8C2-B25A-4D78-A859-5A85131E2A58}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D9BA0F6B-C591-4F33-B6AD-27160AD7082D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{D9C9A1F0-2FB5-4E06-B8A5-E4471639ACC0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DA8319A2-3395-47EA-84AA-9C6E167F0DB1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DB4BAD50-EF30-4B62-8FFE-A127ED18F1D9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DB6FD784-BCFF-4BA3-9E2B-005B956ADCCB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DBFE55C1-FC46-41E2-B355-A91463A4BE32}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DC4FB37B-503D-45AD-8A68-E35D78467BCA}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DC6364A1-CA51-42E4-B5E0-18D9AF38C81B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DCE57CE0-FF95-4430-BCD7-CF8BE8360770}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DD4A7C20-8C5D-4045-B8B9-551F62F65513}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DDB212CD-9CD6-422A-B620-63A66B66249D}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DDEFD881-677E-4A8F-B473-D95AE518AAE5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DE0B14F4-F507-4BD9-A626-D4455C7E2278}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DE7E82ED-5907-42B2-B17B-14601975AD63}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DE9525D0-5D4B-4448-AD8B-7E3B8AB9BBE1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DEDE3029-B9EB-47EF-A914-1F91DD0D6763}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DF08B8AF-931A-4944-ADE6-92464233C173}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DF241BE6-E163-438A-809F-C6DBC5BB9609}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{DFDBB13E-9618-4DC9-B84F-1E38D42EBC23}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E01AEBF4-0922-46C5-A8A3-0D22AFCD2524}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E03493FB-51AB-4DCC-873C-A31BBBFCB4F3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E034B29B-8D44-407A-837D-A71EFDD08A68}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E0A3D8FE-9E81-4E4B-928C-7B0012167B58}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E11EE9B7-C475-4823-BF46-E068FBD1E8A6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E18AAD0B-D731-4DED-BC31-818F4198C984}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E2A6B793-EB90-4053-A035-072BE225D823}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E2D6CBD4-EDAE-4E8C-AC2F-DD79F122594B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E2D8F422-5F5F-4299-B606-0B8CBE31E0FB}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E3561C48-4A43-4F63-844A-0E684B2E04A4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E36269CD-A18C-45A7-B734-26D89D66AFF1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E39F6795-2D98-4CF1-BE2D-C0DAC565906F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E41B9892-CCAF-47C2-95AB-0D342EB7EF79}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E42CA7AD-6F34-418A-8F69-0FA79F5B6BC6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E4A1AFD0-C3B6-4119-A630-B890470C38B6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E5A98416-10B7-47C6-BF02-860E2FA80CA7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E5F9038F-8911-41E5-A2E9-9264833CA4AE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E5FCD0B6-3005-444E-B387-F24A05B8A3E6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E6128D11-1611-4A7A-A7E7-A0EEF4905234}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E6179508-9A02-4144-9CF7-CA13FBB4B1E9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E67E88E2-3CDE-4F18-9577-2E06924520B7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E72D1CA9-94F6-47E5-8640-0093C0274B43}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E7B25BC4-850F-4424-AC5B-61E46A31C70F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E7E61D9C-8155-4B5B-8FE3-EF4B22DA5030}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E82E4FEC-F5E3-46B0-A9D7-47A0E106A39F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E835614B-1E56-46EA-BFD1-64A071BB60FF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E84EC257-1AA6-4DBD-8028-98FA76B3A46A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E8A37A10-D05D-4424-A4D7-F380EDAFC714}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E8EB574D-5B9B-4A62-9E06-11985E36E5FF}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E8F88F45-BDFD-433F-BB0D-87C24F1D2A5C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E9038732-7053-4BA2-A05A-02A17A6A13A8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E9071DEF-128A-4B60-B0AA-F75A04E7E6E2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E9F1E5E0-29B4-4E4D-8229-1376410C7B47}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{E9FCA082-5763-4F00-B963-0795690495B1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EA7583F0-C047-4B0B-A152-171390EAFC7F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EABEFAC6-991C-4410-9CF7-44EE37B8C00E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EADCE159-A3C5-47BF-957E-9A105B8E2548}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EB967A3B-CF2A-4467-81F2-4C263148888E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EBAD7B21-D171-47AF-AF19-6E65C9614C50}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EC707336-22CB-4F05-BD89-C628E12AAA53}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EDED5F84-2A05-43F7-848C-A83D9B595901}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EE18F5BF-C5B3-49AB-9E08-EFA91957753A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EE2F877E-3128-48BD-965D-85D19F948B62}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EE88B010-91EC-4989-AD01-3A032DA85D00}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EE970D6E-0C10-4D50-838C-385E8D583297}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EE9A9AFC-35B9-45B0-ACC0-A13ED3D2DE19}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EEE525E8-607F-4540-98A3-53858F0C9129}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EEF32F22-E6B0-4FF3-8C59-E91270D8D8F3}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{EF072F01-4E70-4AF4-97D0-CD00FBE02835}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F0535561-E467-4CE2-8D95-0FC28EE6582C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F0B70855-6219-4A18-80B2-29004632A302}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F11CE967-BE27-4352-9F17-A72E3BE702D7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F16FCBB0-24B9-4DA3-98C1-EA230187B1B7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F268DA86-7554-49E9-BC49-2D1EAC6073EC}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F276DF4C-026B-457B-A32C-7E1BEB61022F}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F2A87D74-EB19-4F80-8535-EA3E5944EE25}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F3F95453-6C05-4F19-B893-7268B17557B1}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F41B9AB6-9CD4-4558-BC03-4B2C4AE18034}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F43A0B4E-A42A-4144-8656-C86015C508B5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F50739B1-C1B6-434E-8E2F-D5A144F6472E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F5F48C12-4875-4C40-BBA7-57C881CDD0D0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F64D545A-762D-4535-953E-49D6615FD3BE}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F6A00E66-EE64-42E2-97E8-B993C708B186}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F6BC9309-1383-4947-8847-6128A6B8E54E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F78589C8-C689-4257-863E-281B557E8360}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F7A04CA3-623A-4C0F-81A5-7534E5253427}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F7D5457D-E0FB-4500-875D-A4C1A3B92DE5}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F80E6E10-45EF-49B7-B6AA-DD8228914F19}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F80E7831-C337-4BB5-B4D6-67295EC8DBA7}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F8171E3D-6648-43E9-B4DD-90D45A9DE67B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F8365349-C6CD-4D92-9473-16C3C8DACB1B}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F93C2C28-154E-4EA6-87FF-A84659725646}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F951D017-E25D-4C18-82B6-CD3BAB774EB8}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F95BFDFA-1A3B-4C81-8629-722F05A27A1E}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{F9C87C47-2CAD-4E3A-9FB5-43D4B481D20C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FA7C0959-664A-4ACC-9535-7EFC4C93C0E0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FAD15498-7241-4F4A-882B-1594260B3C6A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FB7C1E8D-EA82-43F2-B487-FFC4629F17C6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FBED1079-2F60-483D-BE1C-F8770A1ADF88}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FC9E7004-BCD1-4460-820A-7733530FD135}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FCD48C87-480D-44AC-BADB-54043B65899A}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FD07E69D-1D0E-48D8-9FE1-69AC1CB4F7F6}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FD75DB00-A59C-461A-AD2C-96498707F59C}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FDBBF0ED-B3AC-4142-999E-690318A2FC01}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FDC93E4C-FE48-43D5-ACC7-18245BF2D3F2}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FDE36D04-8D3F-48F7-8562-A14209505EE0}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FE172F89-88EB-4835-9A7F-A1C782C7D8F4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FE96F1EB-0F12-44EE-A182-2FFD528A9EC9}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FF2608F1-C152-47B7-8870-0C0C318A16E4}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FF80EB43-A652-415B-B5AF-DA0EF8F5A537}
Successfully deleted: [Empty Folder] C:\Users\ShopAaron's.com\appdata\local\{FFF6D68E-467A-407D-8DC1-E8D3BDA297F8}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 11/05/2014 at 12:00:24.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/5/2014
Scan Time: 12:09:30 PM
Logfile: Malewarebytes txt file.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.05.10
Rootkit Database: v2014.11.01.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ShopAaron's.com

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 432888
Time Elapsed: 23 min, 24 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

 

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=620accb968e1d0459b37e551600271ac
# engine=20948
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-11-06 12:14:24
# local_time=2014-11-05 04:14:24 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton AntiVirus'
# compatibility_mode=3599 16777213 100 100 537673 233300649 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 12500410 166776313 0 0
# scanned=261899
# found=9
# cleaned=0
# scan_time=12371
sh=359D977D432E4F90FE627B2717144AE873990AC4 ft=1 fh=63c7b0ee3e7f229d vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\DVDVideoSoftTB.exe.vir"
sh=174B4984C45177B554D25F8999F44DF5CA771E8C ft=1 fh=de76e9361c4ed4f9 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll.vir"
sh=BD3C685B5F9C5FDDBCF46DAF1C89E094C69F87B0 ft=1 fh=62591177f2e83ca9 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe"
sh=3963D8A5B82F5DD540BB1DDEE8BA5B8D9098C549 ft=1 fh=d69ca3895677d6e5 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe"
sh=8029B39410BE0AE775F0267CF8AE42F95C34EFAE ft=1 fh=436941db5c9a22d0 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\Backup\DSLUpdate\hstart.exe.bak"
sh=2A1B0310DFCC188B7448711448B547BEFEF376E2 ft=1 fh=919136f837484dd0 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\Backup\DSLUpdate\hstart.exe.bk1"
sh=BD3C685B5F9C5FDDBCF46DAF1C89E094C69F87B0 ft=1 fh=62591177f2e83ca9 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\hstart.exe"
sh=3963D8A5B82F5DD540BB1DDEE8BA5B8D9098C549 ft=1 fh=d69ca3895677d6e5 vn="a variant of Win32/HiddenStart.A potentially unsafe application" ac=I fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\UpdateWorkingDirectory\DSL\Components\DSUpdate\hstart.exe"
sh=429FC48BC53BC454DBF9DD799994FD538DD2CD1C ft=1 fh=b14d744a763a52f9 vn="Win32/Bundled.Toolbar.Google.E potentially unsafe application" ac=I fn="C:\Users\ShopAaron's.com\Downloads\ccsetup312.exe"
 


  • 0

#9
Valinorum
Posted 05 November 2014 - 09:25 PM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
How is your PC performing?
  • 0

#10
Kooldaddyo
Posted 05 November 2014 - 11:01 PM

Kooldaddyo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

So far so good. Much faster

Do I need to do anything else?

Any idea where I picked up my problems?


  • 0

Advertisements

#11
Valinorum
Posted 05 November 2014 - 11:13 PM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
It mostly comes from visiting shady sites and downloading torrents and programs with poor reputation. Perusing your logs, I see no infection currently present in your system. Unless you are having any issue(s), the machine appears to be Malware-free as we speak.

 

♣ Removal of Tools and Quarantined Files ♣


 

Despite the tools we have used are clean, they are powerful removal tools and made in a way so that they carry out any commands given to them without (most cases) asking for a confirmation. In the hands of an inept person, they can make the machine un-bootable -- a scenario we do not wish to see. Also, we need to remove the quarantined files/folders from your system as a dormant malware can be as bad as an active one if given the proper environment. I shall now give you the guidelines to remove the tools and the quarantined files from your system.
  • Cleanup with Delfix
    Please download DelFix by Xplode to your Desktop.
    Download Link
    • Double-click to run the program;
      • Note: Windows Vista/7/8 users right-click and choose Run as administrator
    • Make sure that all the boxes are checked;
    • Click Run;
    • A log will be opened after the operation is finished;
    • Copy and Paste it in your next reply
 

♣ Prevention and Future Guidelines ♣


 

Prevention is better than cure -- goes the old saying. As much as we love to see you visit our site, we do not want to see you having your PC infected by malwares again.
  • Keep Windows up-to-date.
    It is extremely important that you keep your operating system (Windows) updated when updates are made available. It is set to alert you, so be sure not to ignore these notices and to allow the updates to install. Many of these are critical security packages which could very possibly be the difference between your picking up a future infiltration and simply passing right by it unharmed.
  • Run antivirus software and keep it up-to-date, too.
    Antivirus software is your safety net if all other protections fail. The first line of defense is smart computing, of course, but everyone needs a backup. I'd recommend Microsoft Security Essentials or avast!, both of which are excellent, as well as free. Once they're installed, check periodically to ensure they have been successfully updating as well. An out-of-date antivirus is not a happy antivirus!
  • Keep your web browser plugins and other programs updated also.
    This tip is rarely shared by technicians and its importance is not widely recognized, but it's absolutely critical. Programs such as Java, Adobe Flash Player and Adobe Reader, Internet Explorer, and myriad other such web-exposed items are deeply vulnerable to attack, which can quickly lead to a hopelessly infected system no matter what protection you currently have installed. The reason is that these programs are ubiquitous, but are also not perfect and are extremely complex... and as such, security vulnerabilities are discovered and exploited by hackers hoping to gain control over your machine. By performing every update for these programs as soon as it's made available, you will greatly reduce your exposure to dangerous internet threats.

    A great way to do this is to install the Filehippo Update Checker and run it regularly. Also, try not to ignore any notifications you receive regarding updates to programs already installed on your PC.

    No scripts is an excellent security device too. I like it but it is not for everyone because it requires you to take action if you want to see some things (pop ups, banners etc.) on sites you visit.

    Download NoSript by Giorgio Maone.

    Note: Sometimes you will get a site telling you that you need to install Java when actually all you need to do is enable the site through the no script icon down on the right hand side of your computer.
  • Watch out for new threat named CryptoLocker
    CryptoLocker is a new type ransomware family malware that encrypts your important files and asks for a ransom to decrypt them. At the moment of posting this reply there are no tools that can undo the havoc this malware causes. We can help you to remove the malware from your system but the files that was encrypted cannot be recovered without the decryption key. So, I ask for your forbearance and practice constant vigilance. Please read the following article to acknowledge yourself about the safety measures.
    How to prevent your computer from becoming infected by CryptoLocker.
  • And last of all, surf smart.
    It doesn't matter how well the autopilot system works if the pilot keeps flying the plane into mountain ranges. Don't forget that no matter how much you have protecting yourself, your security ultimately begins and ends with you. Don't visit dangerous or questionable web sites, avoid suspicious links on Facebook and emails/email attachments you're unsure about, and just generally keep your wits about you, and you'll be much safer. Also, avoid illegal downloads, cracks, "warez", and all other too-good-to-be-true internet offerings: they're typically laden with malware. Be smart and you can avoid most threats lurking about the darker corners of the internet! And for even more tips, see our article, How Did I Get Infected in the First Place?

Regards,
Valinorum
  • 0

#12
Kooldaddyo
Posted 09 November 2014 - 12:27 AM

Kooldaddyo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

It's back :-(


  • 0

#13
Valinorum
Posted 09 November 2014 - 10:27 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Give me fresh FRST scan log.
  • 0

#14
Kooldaddyo
Posted 09 November 2014 - 12:08 PM

Kooldaddyo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014
Ran by ShopAaron's.com (administrator) on DADDYOSDELLLAPT on 09-11-2014 09:52:31
Running from C:\Users\ShopAaron's.com\Desktop
Loaded Profiles: ShopAaron's.com & Guest (Available profiles: ShopAaron's.com & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\nav.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(Facebook Inc.) C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Innova Electronics Corp.) C:\Program Files (x86)\Innova OBD PC-Link\Innova.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1812776 2009-06-25] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-28] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-16] (Dell Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1612880 2010-01-27] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [494064 2009-06-18] ()
HKLM-x32\...\Run: [DellSupportCenter] => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128 2013-02-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-06] (Dell)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2011-08-01] (Softthinks)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe [210208 2008-09-26] (Acresso Corporation)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [HLBackupScheduler] => C:\Program Files\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [Facebook Update] => C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232 2013-02-13] (Samsung)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [Innova OBD PC-Link] => C:\Program Files (x86)\Innova OBD PC-Link\Innova.exe [75776 2012-10-29] (Innova Electronics Corp.)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {13636d6a-d691-11e0-ba0e-806e6f6e6963} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {5a26b33d-c8c8-11df-9311-0026b90d139a} - E:\TL-Bootstrap.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {b062c009-8f30-11e2-b807-0026b90d139a} - E:\VZW_Software_upgrade_assistant_installer.exe
HKU\S-1-5-21-146968359-3179086206-2102039461-1000\...\MountPoints2: {fb83b260-0f93-11e0-9087-0026b90d139a} - E:\setup.exe -a
HKU\S-1-5-21-146968359-3179086206-2102039461-501\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-146968359-3179086206-2102039461-501\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\11\ISUSPM.exe [210208 2008-09-26] (Acresso Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-07-23] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\ShopAaron's.com\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\ShopAaron's.com\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.protopage...itled/Bookmarks
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://a-1counterto...1countertops/go
SearchScopes: HKCU - DefaultScope {36D61774-4A8F-4570-8C0F-E748663E87F1} URL = https://www.google.c...?q={searchTerms}
SearchScopes: HKCU - {36D61774-4A8F-4570-8C0F-E748663E87F1} URL = https://www.google.c...?q={searchTerms}
SearchScopes: HKCU - {6F78BEF4-F7F7-4D74-AD6A-B8F2E5CD49F5} URL =
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll (TechSmith Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcp...ols/pcmatic.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB
DPF: HKLM-x32 {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-31-0.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.youplay.c...ploader_v10.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 24.113.32.29 24.113.32.30 66.235.59.7

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\ShopAaron's.com\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ShopAaron's.com\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn [2014-11-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-08-29]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.4.0.13\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.4.0.13\IPSFF [2014-08-13]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-06]
CHR Extension: (Google Docs) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-06]
CHR Extension: (Google Drive) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-06]
CHR Extension: (Google Search) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-06]
CHR Extension: (Google Sheets) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-06]
CHR Extension: (Norton Identity Safe) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-09-06]
CHR Extension: (Skype Click to Call) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-09-06]
CHR Extension: (Google Wallet) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-06]
CHR Extension: (No Name) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-09-06]
CHR Extension: (Gmail) - C:\Users\ShopAaron's.com\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-07-23] (Garmin Ltd or its subsidiaries)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\NAV.exe [262968 2014-09-21] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-30] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-28] (IDT, Inc.)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-16] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16512 2003-06-10] (Adaptec) [File not signed]
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\BASHDefs\20141024.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-23] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-23] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\IPSDefs\20141107.001\IDSvia64.sys [633560 2014-08-27] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141108.003\ENG64.SYS [129752 2014-09-23] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141108.003\EX64.SYS [2137304 2014-09-23] (Symantec Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS [493656 2013-10-29] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-08-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
U2 ccEvtMgr; No ImagePath
U2 ccSetMgr; No ImagePath
U3 navapsvc; No ImagePath
U3 SAVRT; No ImagePath
U1 SAVRTPEL; No ImagePath
U3 TlntSvr; No ImagePath

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\aspi32.sys 54AB078660E536DA72B21A27F56B035B
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\drivers\BCM42RLY.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\BASHDefs\20141024.001\BHDrvx64.sys D90F5136CB6512B2B9A855C94F79B0B5
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\system32\drivers\NAVx64\1506000.020\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys 0510396A957E9FD7205BA62D3CAE4528
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CtClsFlt.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 41AC348DBD378F618CB4FDEE54270692
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 03E1B8BA59327D186C7C533A6998FEF9
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 142EA7DF1851C563571F2DCFC7AFBB40
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\drivers\grmnusb.sys B9893A68032A6D9ADDB5B98287C630F7
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\IPSDefs\20141107.001\IDSvia64.sys 77AC93E28B5F4DCE317EFA695E3F59E3
C:\Windows\System32\DRIVERS\igdkmd64.sys C6238C6ABD6AC99F5D152DA4E9439A3D
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\IntcHdmi.sys D485D3BD3E2179AA86853A182F70699F
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\k57nd60a.sys 7DBAFE10C1B777305C80BEA42FBDA710
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LEqdUsb.Sys ABFD2B5726F4CCE49297AE48806CC594
C:\Windows\System32\DRIVERS\LHidEqd.Sys 933F69CF9ACD2498693BFCD7ED68E8D4
C:\Windows\System32\DRIVERS\LHidFilt.Sys 1074C77A47835E03C15BF92452F9A750
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LMouFilt.Sys 96999C364C649E2866A268F7420A304A
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\Drivers\LUsbFilt.Sys 51B20B742C9E35ADE40B840F6F4F5EE2
C:\Windows\system32\drivers\mbam.sys 5C3669B71657F22E67A1D4BD49D2CBE7
C:\Windows\system32\drivers\MBAMSwissArmy.sys 26C43960C99EE861A5D0EDC4DCF3B1C3
C:\Windows\system32\drivers\mwac.sys 95EF63A7827D4E3A229CBBCB42619E93
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141108.003\ENG64.SYS C180A82874D3CDC390A27F2F1E1AF025
C:\Program Files (x86)\Norton AntiVirus\NortonData\21.4.0.13\Definitions\VirusDefs\20141108.003\EX64.SYS E66CA6C321614D7BC0AFC9C8436131B9
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys 07D57B890DD5693A6AB660CBAE8F91B4
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rimmpx64.sys 6FAF5B04BEDC66D300D9D233B2D222F0
C:\Windows\System32\DRIVERS\rimspx64.sys 67F50C31713106FD1B0F286F86AA2B2E
C:\Windows\System32\DRIVERS\rixdpx64.sys 4D7EF3D46346EC4C58784DB964B365DE
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NAVx64\1506000.020\SRTSP64.SYS E163E10191958FF6A2B0B48353F9E9FD
C:\Windows\system32\drivers\NAVx64\1506000.020\SRTSPX64.SYS 68E7B6708B9EEE021301C483825D05EA
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys B4C983DA20E2970E21893BF0E4EE2AD8
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys ==> MD5 is legit
C:\Windows\system32\drivers\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\NAVx64\1506000.020\SYMDS64.SYS 5C9EE2303CA7F267665D75237862B39C
C:\Windows\System32\drivers\NAVx64\1506000.020\SYMEFA64.SYS 9F31630D7FC2DD9D5DA1CE359AAD1F46
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 97E11C50CE52277B377396EA8838E539
C:\Windows\system32\drivers\NAVx64\1506000.020\Ironx64.SYS 2C95265BE19F338E1C1090E4E91055BB
C:\Windows\System32\Drivers\NAVx64\1506000.020\SYMNETS.SYS 5570A74FF9B1EFBC5154DD1E2F05C517
C:\Windows\System32\DRIVERS\SynTP.sys 1657B7442D5CE30533F5C4317716B468
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wimfltr.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 09:52 - 2014-11-09 09:53 - 00047089 _____ () C:\Users\ShopAaron's.com\Desktop\FRST.txt
2014-11-09 09:49 - 2014-11-09 09:52 - 00000000 ____D () C:\FRST
2014-11-09 09:49 - 2014-11-09 09:49 - 02115584 _____ (Farbar) C:\Users\ShopAaron's.com\Desktop\FRST64.exe
2014-11-09 09:40 - 2014-11-09 09:41 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Powelik removal
2014-11-09 08:49 - 2014-11-09 08:49 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{52857BB3-ECA1-43BE-B603-2A98007F328C}
2014-11-08 11:02 - 2014-11-08 11:02 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{CF92AEBF-5EFC-49EA-9154-6C2C879FFFF0}
2014-11-07 21:33 - 2014-11-07 21:35 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Beretta 9mm
2014-11-07 11:59 - 2014-11-07 11:59 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{216DD06E-DBE2-4462-9AB8-550032BDB793}
2014-11-06 23:58 - 2014-11-06 23:58 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{9CBC6D9B-DAAB-4E6E-930B-51A1551C674F}
2014-11-06 18:45 - 2014-11-06 18:45 - 00000135 _____ () C:\Windows\SysWOW64\debug.log
2014-11-06 11:57 - 2014-11-06 11:57 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{30033546-E1B9-4DC7-BE3B-7186B173B0FF}
2014-11-05 22:08 - 2014-11-05 22:08 - 00000631 _____ () C:\DelFix.txt
2014-11-05 20:59 - 2014-11-05 21:00 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\{FC7973C3-E4C9-442E-83FC-FDD7FFEFD3DD}
2014-11-05 12:44 - 2014-11-05 12:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-05 12:08 - 2014-11-09 08:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-05 12:07 - 2014-11-08 23:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-05 12:07 - 2014-11-05 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-05 12:07 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-05 12:07 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-05 12:07 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-05 11:55 - 2014-11-05 22:08 - 00000000 ____D () C:\Windows\ERUNT
2014-11-05 11:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-11-04 22:08 - 2014-11-05 19:20 - 00001058 _____ () C:\Windows\PFRO.log
2014-11-01 20:01 - 2014-11-09 08:26 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-01 20:00 - 2014-11-09 08:26 - 00000952 _____ () C:\Windows\setupact.log
2014-11-01 20:00 - 2014-11-01 20:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-01 19:56 - 2014-11-01 19:56 - 00000000 __SHD () C:\found.000
2014-11-01 14:09 - 2014-11-09 08:31 - 00217930 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 14:07 - 2014-11-01 14:07 - 00000020 ___SH () C:\Users\ShopAaron's.com\ntuser.ini
2014-11-01 14:05 - 2014-11-01 14:05 - 00454864 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-01 09:37 - 2014-11-01 09:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-01 08:34 - 2014-11-01 08:34 - 00000000 ____D () C:\NPE
2014-10-31 12:28 - 2014-10-31 12:29 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\80 AR complete lower
2014-10-29 21:21 - 2014-10-30 06:42 - 00000000 ____D () C:\Program Files (x86)\PCPitstop
2014-10-29 21:21 - 2014-10-29 23:21 - 00000000 ____D () C:\ProgramData\PCPitstop
2014-10-29 18:55 - 2014-11-08 22:04 - 00000217 _____ () C:\Users\ShopAaron's.com\BullseyeCoverageError.txt
2014-10-29 07:26 - 2014-10-29 07:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-29 07:25 - 2014-10-29 07:26 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-29 07:25 - 2014-10-29 07:25 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-27 15:07 - 2014-10-27 15:56 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Paizlee Teddy Bear
2014-10-27 14:04 - 2014-10-27 14:04 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Boxers
2014-10-27 09:08 - 2014-10-27 09:23 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Apple Health
2014-10-21 09:49 - 2014-10-21 09:49 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-10-21 09:48 - 2014-10-21 09:48 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Roaming\AVS4YOU
2014-10-21 09:45 - 2014-10-21 09:57 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-10-21 09:22 - 2014-10-21 09:23 - 163099288 _____ () C:\Users\ShopAaron's.com\Desktop\Sophia eagerly sucks Daddys cum.mp4
2014-10-17 19:37 - 2014-10-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-16 08:22 - 2014-10-28 21:07 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Blazer
2014-10-16 07:07 - 2014-10-09 18:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 07:07 - 2014-10-09 18:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 07:07 - 2014-10-09 18:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 07:07 - 2014-10-06 18:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 07:07 - 2014-10-06 18:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 07:07 - 2014-09-28 16:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 07:07 - 2014-09-25 14:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 07:07 - 2014-09-25 14:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 07:07 - 2014-09-25 14:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 07:07 - 2014-09-25 14:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 07:07 - 2014-09-25 14:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 07:07 - 2014-09-25 14:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 07:07 - 2014-09-25 14:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 07:07 - 2014-09-18 18:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 07:07 - 2014-09-18 17:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 07:07 - 2014-09-18 17:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 07:07 - 2014-09-18 17:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 07:07 - 2014-09-18 17:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 07:07 - 2014-09-18 17:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 07:07 - 2014-09-18 17:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 07:07 - 2014-09-18 17:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 07:07 - 2014-09-18 17:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 07:07 - 2014-09-18 17:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 07:07 - 2014-09-18 17:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 07:07 - 2014-09-18 17:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 07:07 - 2014-09-18 17:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 07:07 - 2014-09-18 17:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 07:07 - 2014-09-18 17:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 07:07 - 2014-09-18 17:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 07:07 - 2014-09-18 17:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 07:07 - 2014-09-18 17:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 07:07 - 2014-09-18 17:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 07:07 - 2014-09-18 17:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 07:07 - 2014-09-18 17:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 07:07 - 2014-09-18 17:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 07:07 - 2014-09-18 17:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 07:07 - 2014-09-18 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 07:07 - 2014-09-18 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 07:07 - 2014-09-18 17:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 07:07 - 2014-09-18 16:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 07:07 - 2014-09-18 16:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 07:07 - 2014-09-18 16:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 07:07 - 2014-09-18 16:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 07:07 - 2014-09-18 16:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 07:07 - 2014-09-18 16:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 07:07 - 2014-09-18 16:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 07:07 - 2014-09-18 16:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 07:07 - 2014-09-18 16:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 07:07 - 2014-09-18 16:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 07:07 - 2014-09-18 16:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 07:07 - 2014-09-18 16:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 07:07 - 2014-09-18 16:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 07:07 - 2014-09-18 16:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 07:07 - 2014-09-18 16:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 07:07 - 2014-09-18 16:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 07:07 - 2014-09-18 16:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 07:07 - 2014-09-18 15:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 07:07 - 2014-09-18 15:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 07:07 - 2014-09-18 15:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 07:07 - 2014-09-18 15:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 07:07 - 2014-06-18 14:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 07:06 - 2014-09-17 18:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 07:06 - 2014-09-17 17:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 07:06 - 2014-09-12 17:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 07:06 - 2014-09-12 17:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 07:06 - 2014-09-04 18:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 07:06 - 2014-09-04 17:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 07:06 - 2014-09-03 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 07:06 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 07:06 - 2014-08-28 18:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 07:06 - 2014-07-16 18:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 07:06 - 2014-07-16 18:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 07:06 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 07:06 - 2014-07-16 17:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 07:06 - 2014-07-16 17:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 07:06 - 2014-07-16 17:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 07:06 - 2014-07-16 17:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-11 06:55 - 2014-10-11 06:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-09 08:36 - 2009-07-13 20:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-09 08:36 - 2009-07-13 20:45 - 00022464 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-09 08:28 - 2010-04-03 13:50 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\SoftThinks
2014-11-09 08:28 - 2009-11-06 07:59 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-11-09 08:28 - 2009-11-06 07:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-11-09 08:28 - 2009-11-06 07:37 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-11-09 04:51 - 2010-07-24 08:24 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\CrashDumps
2014-11-07 11:02 - 2012-12-13 20:02 - 00000000 ____D () C:\Users\ShopAaron's.com\Documents\Cook'n Backups
2014-11-07 10:18 - 2010-11-10 20:12 - 00000000 ____D () C:\Users\ShopAaron's.com\Documents\Cook'n10
2014-11-06 18:45 - 2010-04-03 15:20 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Roaming\Adobe
2014-11-04 08:33 - 2009-07-13 21:13 - 00006210 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-03 19:33 - 2014-05-31 17:24 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Resume
2014-11-01 14:07 - 2010-04-03 13:50 - 00000000 ____D () C:\Users\ShopAaron's.com
2014-11-01 13:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-01 13:26 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\registration
2014-11-01 09:17 - 2011-11-27 14:54 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\NPE
2014-10-30 21:28 - 2010-11-19 18:38 - 00001019 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-30 21:28 - 2010-04-04 06:20 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-10-28 06:47 - 2009-07-13 21:08 - 00032568 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-24 09:56 - 2014-10-04 07:36 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Gun funnies
2014-10-23 13:02 - 2010-10-20 17:32 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\Windows Live
2014-10-21 09:48 - 2010-04-03 13:50 - 00098912 _____ () C:\Users\ShopAaron's.com\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-17 19:38 - 2013-10-15 19:25 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-17 19:37 - 2009-11-06 07:29 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-16 13:42 - 2014-04-29 17:28 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 12:19 - 2012-04-28 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 12:05 - 2013-08-13 20:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 11:58 - 2010-04-04 06:17 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 10:10 - 2014-08-28 16:36 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\A-1 Countertops
2014-10-16 06:58 - 2014-07-30 13:26 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\My Hand guns
2014-10-15 20:13 - 2010-04-06 21:39 - 00000000 ____D () C:\Users\ShopAaron's.com\AppData\Local\Adobe
2014-10-13 17:42 - 2014-10-04 14:42 - 00000000 ____D () C:\Users\ShopAaron's.com\Desktop\Remington 870 Magnum Express 12 ga
2014-10-11 06:55 - 2009-11-06 07:33 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-11 06:55 - 2009-11-06 07:33 - 00000000 ____D () C:\Program Files (x86)\Adobe

Some content of TEMP:
====================
C:\Users\ShopAaron's.com\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
C:\Users\ShopAaron's.com\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume2
description             Windows Boot Manager
locale                  en-us
inherit                 {globalsettings}
default                 {current}
resumeobject            {5b319acf-caf6-11de-9847-0026b90d139a}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-us
inherit                 {bootloadersettings}
recoverysequence        {5b319ad1-caf6-11de-9847-0026b90d139a}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {5b319acf-caf6-11de-9847-0026b90d139a}
nx                      OptIn
bootlog                 Yes

Windows Boot Loader
-------------------
identifier              {5b319ad1-caf6-11de-9847-0026b90d139a}
device                  ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5b319ad2-caf6-11de-9847-0026b90d139a}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{5b319ad2-caf6-11de-9847-0026b90d139a}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {5b319acf-caf6-11de-9847-0026b90d139a}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume2
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {5b319ad2-caf6-11de-9847-0026b90d139a}
description             Ramdisk Options
ramdisksdidevice        partition=\Device\HarddiskVolume2
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

 

LastRegBack: 2014-11-05 17:10

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014
Ran by ShopAaron's.com at 2014-11-09 09:54:24
Running from C:\Users\ShopAaron's.com\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton AntiVirus (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.9 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11069.2 - Cisco Consumer Products LLC)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cook'n (HKLM-x32\...\Cook'n) (Version:  - )
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.51 - Dell)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.2 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Elevated Installer (x32 Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
F4500 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free 3GP Video Converter version 5.0.44.623 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version: 5.0.44.623 - DVDVideoSoft Ltd.)
Garmin City Navigator North America NT 2011.10 Update (HKLM-x32\...\{12A3AF78-CBB5-484B-AE87-927C4DE6B9A8}) (Version: 14.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{817c6bb8-ea2d-4e12-abbc-e33c3de43f64}) (Version: 3.2.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{D17111CB-C992-42A9-9D56-C19395102AAA}) (Version: 2.4.2 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Innova OBD PC-Link (HKLM-x32\...\{55F7F5FE-EAEC-44F1-969F-D63CFDC0EBB8}) (Version: 2.2.7 - Innova Electronics)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Logitech SetPoint 6.30 (HKLM\...\SP6) (Version: 6.30.43 - Logitech)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.6.15 - Symantec Corporation)
PhatNoise Music Manager (HKLM-x32\...\PhatMan) (Version:  - )
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.6.6 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.0 - Roxio)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SnagIt 9 (HKLM-x32\...\{59991D18-A988-45AB-B1BF-5ADE6E64CD3F}) (Version: 9.0.0 - TechSmith Corporation)
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.6.1 - )
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinWay Resume Deluxe (HKLM-x32\...\{970704F5-579F-4430-A6A8-B562561B4D3D}) (Version: 14.00.013 - WinWay Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points  =========================

06-11-2014 06:08:23 End of disinfection
08-11-2014 01:58:35 After Malware removal GOOD PERFORMANCE NOW

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2096ECD3-68C4-4F5B-813D-D798590D401B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-146968359-3179086206-2102039461-1000UA => C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {267D8CB3-6B20-47AB-A995-1889E9F6094C} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2D9A795C-44A5-4811-9603-4CCB1531DB9E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {35BE86D4-4ED1-46D6-8FB5-1BE8A7A01179} - System32\Tasks\{9606C181-BE39-4934-8E98-2F672B2F98E8} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {538F44C3-B922-4358-BFD4-B16F1A8AC1FE} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-07-23] ()
Task: {5BF3A577-DE00-450B-B49D-8F291FCA07D6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-146968359-3179086206-2102039461-1000Core => C:\Users\ShopAaron's.com\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {6818E708-978E-4020-8F81-8FEC9FA76292} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-20] (Symantec Corporation)
Task: {9F5E9154-8CE3-4271-90E6-79EF6ADA50E2} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A88D517E-B0AA-4F72-9D51-CC1E1279AA65} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {B2E3E917-29EE-4D7E-AE21-36CB6E3F2D85} - System32\Tasks\PCSpeedClean_Popup => C:\Program Files (x86)\PC Speed Clean\Splash.exe
Task: {C49085BC-699D-44AD-9C7F-7E0FCA3E3321} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {D3D17F84-4897-4794-8E35-5542695E0881} - System32\Tasks\PCSpeedClean_Start => C:\Program Files (x86)\PC Speed Clean\PCSpeedClean.exe
Task: {E498108B-916E-4FE2-AFA4-1648DCC28B20} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {EC4D98C4-8F3E-4F96-9066-8D9CA1163715} - System32\Tasks\DHR32XK1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-16] (Dell Inc.)
Task: {F17F1EA8-78FD-44E5-ABDC-C111E2015A9B} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)

==================== Loaded Modules (whitelisted) =============

2009-11-06 07:30 - 2009-07-16 17:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2009-11-06 07:30 - 2009-07-16 17:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2009-11-06 07:38 - 2011-08-18 07:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-10-16 14:30 - 2014-10-16 14:30 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\1ee85489e15cf6d5c256721d357a27cd\VistaBridgeLibrary.ni.dll
2009-06-18 19:46 - 2009-06-18 19:46 - 00494064 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2009-06-18 19:46 - 2009-06-18 19:46 - 01554928 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
2009-06-18 19:46 - 2009-06-18 19:46 - 00584176 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\BBEngineAS.dll
2009-05-20 16:59 - 2009-05-20 16:59 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: PNAgent => "C:\Program Files (x86)\PhatNoise Music Manager\PNAgent.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-146968359-3179086206-2102039461-500 - Administrator - Disabled)
Guest (S-1-5-21-146968359-3179086206-2102039461-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-146968359-3179086206-2102039461-1004 - Limited - Enabled)
ShopAaron's.com (S-1-5-21-146968359-3179086206-2102039461-1000 - Administrator - Enabled) => C:\Users\ShopAaron's.com

==================== Faulty Device Manager Devices =============

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2014 04:51:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22
Exception code: 0xc00000fd
Fault offset: 0x00094652
Faulting process id: 0x6bbc
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/09/2014 03:15:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: igd10umd32.dll, version: 8.15.10.2302, time stamp: 0x4d558844
Exception code: 0xc0000005
Fault offset: 0x00053e34
Faulting process id: 0x4bb4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/08/2014 09:44:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17344, time stamp: 0x4a5bc6b7
Faulting module name: MSHTML.dll, version: 11.0.9600.17344, time stamp: 0x541b8a22
Exception code: 0xc0000005
Fault offset: 0x002ca768
Faulting process id: 0x6c60
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (11/08/2014 09:43:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 6074

Start Time: 01cffbc121092841

Termination Time: 3309

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (11/05/2014 10:29:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/05/2014 09:36:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17344 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 19f8

Start Time: 01cff9837ad2e1fd

Termination Time: 28

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (11/05/2014 09:11:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/05/2014 06:18:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/05/2014 00:44:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/05/2014 00:44:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

System errors:
=============
Error: (11/09/2014 08:29:32 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (11/09/2014 08:28:52 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/09/2014 08:28:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (11/09/2014 08:27:27 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/09/2014 08:27:27 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/09/2014 08:27:27 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/09/2014 08:27:01 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (11/09/2014 08:26:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Aspi32 service failed to start due to the following error:
%%1275

Error: (11/09/2014 08:26:47 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\aspi32.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (11/09/2014 08:24:57 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Microsoft Office Sessions:
=========================
Error: (11/09/2014 04:51:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c00000fd000946526bbc01cffc1baa51298fC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll13d74259-680f-11e4-b2bc-0026b90d139a

Error: (11/09/2014 03:15:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7igd10umd32.dll8.15.10.23024d558844c000000500053e344bb401cffc0d29058fe1C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\igd10umd32.dlla845464b-6801-11e4-b2bc-0026b90d139a

Error: (11/08/2014 09:44:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.173444a5bc6b7MSHTML.dll11.0.9600.17344541b8a22c0000005002ca7686c6001cffbe0293fc073C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll81b6cd99-67d3-11e4-b2bc-0026b90d139a

Error: (11/08/2014 09:43:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17344607401cffbc1210928413309C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (11/05/2014 10:29:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ShopAaron's.com\Desktop\Powelik removal stuff\esetsmartinstaller_enu.exe

Error: (11/05/2014 09:36:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1734419f801cff9837ad2e1fd28C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (11/05/2014 09:11:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ShopAaron's.com\Desktop\Powelik removal stuff\esetsmartinstaller_enu.exe

Error: (11/05/2014 06:18:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/05/2014 00:44:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ShopAaron's.com\Desktop\esetsmartinstaller_enu.exe

Error: (11/05/2014 00:44:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\ShopAaron's.com\Desktop\esetsmartinstaller_enu.exe

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 71%
Total physical RAM: 3932.86 MB
Available physical RAM: 1125.41 MB
Total Pagefile: 7863.89 MB
Available Pagefile: 4410.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:161.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 117D34E4)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#15
Valinorum
Posted 10 November 2014 - 05:54 AM

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 3,330 posts
Step 1
logo.png
Please download Powelikscleaner (by ESET) and save it to your Desktop.
  • Double-click ESETPoweliksCleaner.exe to start the tool.
  • Read the terms of the End-user license agreement and click Agree if you agree to them.
  • The tool will run automatically. If the cleaner finds a Poweliks infection, press the Y key on your keyboard to remove it.
  • If Poweliks was detected "Win32/Poweliks was successfully removed from your system" will be displayed. Press any key to exit the tool and reboot your PC.
  • The tool will produce a log in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.
1.png
2.png
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Powelik, Adclicker

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP