Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Please help me clean this desktop! [Closed]


  • This topic is locked This topic is locked

#1
Avalanche9

Avalanche9

    Member

  • Member
  • PipPip
  • 24 posts

Hi, my brother recently gave me his computer because "its full of viruses" and he's to lazy to clean it.. It's a decent machine, so if anyone could help me out, that would be great! It's really slow, with a dozen dodgy looking programs running at start up, malwarebytes keep fining stuff etc. I don't care for any of the programs installed, so I'd like to remove most or all of it if that is possible. I have not dared to use it much, so cant really provide much more information..  Thanks :)

 

 

OTL logfile created on: 03.11.2014 23:13:55 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Adrian\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 45,02% Memory free
8,00 Gb Paging File | 5,12 Gb Available in Paging File | 64,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 86,99 Gb Free Space | 9,34% Space Free | Partition Type: NTFS
 
Computer Name: ADRIAN-PC | User Name: Adrian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014.11.03 23:10:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adrian\Downloads\OTL (1).exe
PRC - [2014.11.03 19:45:37 | 000,523,544 | ---- | M] () -- C:\Program Files (x86)\webget\updatewebget.exe
PRC - [2014.11.03 19:44:30 | 000,523,544 | ---- | M] () -- C:\Program Files (x86)\webget\bin\utilwebget.exe
PRC - [2014.11.03 19:43:54 | 000,123,672 | ---- | M] () -- C:\ProgramData\a68d9eea-b970-45e3-ba05-b4a5e2e396bc\maintainer.exe
PRC - [2014.11.03 10:58:34 | 001,649,944 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BOASHelper.exe
PRC - [2014.11.03 10:58:32 | 001,786,648 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BOASPRT.exe
PRC - [2014.11.03 10:58:30 | 001,791,256 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BOAS.exe
PRC - [2014.11.03 10:45:38 | 000,098,584 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BrowserAdapter.exe
PRC - [2014.11.03 10:23:18 | 000,161,048 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BRT.Helper.exe
PRC - [2014.11.01 16:08:28 | 000,533,352 | ---- | M] (Pay By Ads LTD) -- C:\Users\Adrian\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe
PRC - [2014.10.22 05:05:02 | 000,854,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.08.15 14:11:19 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014.08.15 14:10:46 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.01 18:30:55 | 001,168,896 | ---- | M] (Spotify Ltd) -- C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013.10.15 12:27:38 | 003,921,880 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013.09.20 10:57:26 | 001,042,272 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013.07.25 11:19:26 | 005,624,784 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012.06.13 15:53:48 | 001,014,112 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012.04.03 13:33:00 | 000,940,168 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe
PRC - [2012.04.03 13:27:16 | 001,087,608 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
PRC - [2012.04.03 13:26:14 | 001,273,448 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
PRC - [2012.03.26 17:35:16 | 000,449,168 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
PRC - [2012.01.18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011.11.11 13:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011.10.25 13:44:42 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2011.10.25 13:44:42 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2011.10.20 12:43:56 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.08.12 11:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.02.23 21:44:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014.11.03 10:58:34 | 001,649,944 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BOASHelper.exe
MOD - [2014.11.03 10:58:32 | 001,786,648 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BOASPRT.exe
MOD - [2014.11.03 10:58:30 | 001,791,256 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BOAS.exe
MOD - [2014.11.03 10:45:38 | 000,098,584 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BrowserAdapter.exe
MOD - [2014.11.03 10:23:18 | 000,161,048 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webget.BRT.Helper.exe
MOD - [2014.11.01 16:08:29 | 000,305,152 | ---- | M] () -- C:\Users\Adrian\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\chromext.dll
MOD - [2014.10.29 12:22:56 | 000,240,128 | ---- | M] () -- C:\Program Files (x86)\webget\bin\webgetDsp.dll
MOD - [2014.10.22 05:04:57 | 008,910,664 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
MOD - [2014.10.22 05:04:51 | 001,042,760 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
MOD - [2014.10.22 05:04:49 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
MOD - [2014.10.22 05:04:48 | 001,681,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
MOD - [2014.08.15 14:10:47 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.08.15 14:10:46 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
MOD - [2014.02.06 00:52:52 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014.02.06 00:52:32 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013.05.16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013.05.16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2012.07.23 14:10:28 | 000,336,232 | ---- | M] () -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2012.06.14 11:29:16 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.06.14 05:08:28 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012.06.14 05:08:16 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012.06.14 05:08:12 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
MOD - [2012.06.14 05:08:07 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012.06.14 05:08:06 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
MOD - [2012.05.11 22:15:12 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\94b346f2ab12d38efb1331ded5783396\System.Runtime.Remoting.ni.dll
MOD - [2012.05.11 22:14:38 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012.05.11 22:12:04 | 002,335,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\e3d2577e00aef6bc9b3e235eb83634f3\Microsoft.JScript.ni.dll
MOD - [2012.05.11 16:50:34 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.11 16:50:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.11 16:50:25 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.11 16:49:06 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.05.10 18:04:17 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
MOD - [2012.05.10 18:02:19 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012.05.10 18:02:17 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
MOD - [2012.05.10 18:02:14 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012.05.10 18:02:14 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
MOD - [2012.05.10 18:02:09 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012.03.16 14:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012.03.16 14:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2012.01.04 03:51:03 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011.11.11 13:08:18 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
MOD - [2011.11.11 13:08:18 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
MOD - [2011.11.11 13:08:18 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
MOD - [2011.11.11 13:08:18 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
MOD - [2011.11.11 13:08:06 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
MOD - [2011.11.11 13:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011.08.12 11:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.11.20 13:19:56 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2010.11.20 13:19:56 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\syswow64\mswsock.dll
MOD - [2010.11.13 02:41:38 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_no_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010.11.05 02:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009.06.10 22:23:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
MOD - [2009.06.10 22:23:03 | 000,749,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014.08.15 14:10:46 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.10.10 23:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2010.09.22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014.11.03 19:45:37 | 000,523,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\webget\updatewebget.exe -- (Update webget)
SRV - [2014.11.03 19:44:30 | 000,523,544 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\webget\bin\utilwebget.exe -- (Util webget)
SRV - [2014.11.03 19:43:54 | 000,123,672 | ---- | M] () [Auto | Running] -- C:\ProgramData\a68d9eea-b970-45e3-ba05-b4a5e2e396bc\maintainer.exe -- (MaintainerSvc1.11.3209076)
SRV - [2014.04.23 23:01:04 | 000,572,096 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.04.22 10:25:14 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.03.14 15:17:00 | 000,036,392 | ---- | M] (Just Develop It) [Auto | Stopped] -- C:\Program Files (x86)\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2014.02.03 08:59:36 | 000,009,216 | ---- | M] (Hi-Rez Studios) [Auto | Paused] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.28 13:49:11 | 000,140,456 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2012.02.28 05:45:50 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2012.01.18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.10.25 13:44:42 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.23 21:44:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014.10.26 03:40:00 | 000,048,776 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{bfb10c93-5530-4015-9a3f-61dfa880af58}w64.sys -- ({bfb10c93-5530-4015-9a3f-61dfa880af58}w64)
DRV:64bit: - [2014.08.15 15:28:28 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2014.08.15 14:11:18 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014.08.15 14:10:52 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014.08.15 14:10:52 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.08.15 14:10:52 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.08.15 14:10:52 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014.08.15 14:10:52 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014.08.15 14:10:52 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.08.15 14:10:52 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014.08.12 17:30:08 | 000,061,624 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys -- ({55685567-4840-4a91-962b-49a412e9485a}w64)
DRV:64bit: - [2014.04.28 09:23:34 | 000,061,112 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys -- ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64)
DRV:64bit: - [2013.03.18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.22 11:34:36 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2012.01.18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 05:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012.01.11 07:11:20 | 000,034,304 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009.09.02 10:09:34 | 000,221,696 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009.07.17 00:51:54 | 000,028,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvamacpi.sys -- (nvamacpi)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.10 10:07:02 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.06.20 03:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.10 07:34:00 | 000,048,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.09.01 07:03:02 | 000,316,456 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mv64xx.sys -- (mv64xx)
DRV:64bit: - [2008.06.10 07:08:04 | 000,100,864 | ---- | M] (VIA Technologies, Inc.              ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viacr64.sys -- (VIACRX64)
DRV:64bit: - [2008.04.16 16:12:14 | 000,103,952 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw11.sys -- (WinTVCIUSB)
DRV:64bit: - [2008.04.16 01:54:16 | 000,388,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2007.12.18 10:57:12 | 000,059,392 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\itecir.sys -- (itecir)
DRV:64bit: - [2007.08.16 04:49:54 | 000,191,632 | ---- | M] (Promise Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FTT3.sys -- (FTT3)
DRV:64bit: - [2007.03.23 13:51:54 | 000,038,528 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw99rc.sys -- (hcw99rc)
DRV:64bit: - [2007.02.01 09:53:10 | 000,022,832 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter)
DRV:64bit: - [2007.02.01 09:53:08 | 000,164,656 | ---- | M] (Silicon Image, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SI3112r.sys -- (SI3112r)
DRV:64bit: - [2006.10.31 07:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008.10.17 10:00:00 | 000,106,040 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
IE - HKLM\..\URLSearchHook: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://no.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = no
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1F 40 8D 5B 4D B7 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\URLSearchHook: {ce18769b-c7fa-42d2-860d-17c4662c70ad} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...00000195b08d8e0
IE - HKCU\..\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}: "URL" = http://www.bing.com/...=AVASDF&PC=AV01
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADSA_no
IE - HKCU\..\SearchScopes\{6C1A09AB-E43F-4662-B271-5EFD315A2DFA}: "URL" = http://search.condui...&ctid=CT3072253
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:\Program Files (x86)\webget\bin\Pac9064.js
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..browser.startup.homepage: "http://rts.dsrlte.com?affID=na"
FF - prefs.js..extensions.enabledAddons: %7Bbfb10c93-5530-4015-9a3f-61dfa880af58%7D:1.0.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: [email protected]:9.0.2011.70
FF - prefs.js..keyword.URL: "http://rts.dsrlte.com/?q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Adrian\AppData\LocalLow\Sony Online Entertainment\npsoe.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.24 18:58:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.08.15 14:10:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014.03.11 13:46:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.03.11 13:46:34 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\ProgramData\Mozilla Firefox\components [2002.01.03 23:22:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\ProgramData\Mozilla Firefox\plugins [2002.01.03 23:22:14 | 000,000,000 | ---D | M]
 
[2009.12.07 21:34:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Extensions
[2014.10.26 14:02:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\xlb0zb1x.default\extensions
[2014.05.01 11:22:08 | 000,000,000 | ---D | M] ("Website Discovery Pro") -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profiles\xlb0zb1x.default\extensions\[email protected]
[2014.05.01 11:22:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profilesxlb0zb1x.default\extensions
[2014.05.01 11:22:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\Firefox\Profilesxlb0zb1x.default\extensions\staged
[2014.10.26 14:02:49 | 000,008,896 | ---- | M] () (No name found) -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\xlb0zb1x.default\extensions\{bfb10c93-5530-4015-9a3f-61dfa880af58}.xpi
[2012.04.17 23:39:24 | 000,000,935 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\xlb0zb1x.default\searchplugins\conduit.xml
[2014.11.01 16:08:36 | 000,001,147 | ---- | M] () -- C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\xlb0zb1x.default\searchplugins\dsrlte.xml
[2013.12.01 18:49:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.04.29 21:05:30 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011.09.07 06:28:01 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: AhnLab MyKeyDefense 2.5 (Enabled) = C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Comrade Plugin (Enabled) = C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Free Realms Installer (Enabled) = C:\Users\Adrian\AppData\LocalLow\Sony Online Entertainment\npsoe.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\3.4.9_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnckbpoocgdleejmfmafgmkngaipgol\2.3.4_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.13_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2204.148_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc\1.0.0.37_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kheplajlialegkhogehgdbhaogeikfag\1.0.1_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\5.5_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.2.6_0\
CHR - Extension: No name found = C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - No CLSID value found.
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No CLSID value found.
O4:64bit: - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre7\bin\jusched.exe" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Desura] C:\Program Files (x86)\Desura\desura.exe (Desura Pty Ltd)
O4 - HKCU..\Run: [DriverScanner] C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
O4 - HKCU..\Run: [uTorrent] C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [Yahoo! Search] C:\Users\Adrian\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe (Pay By Ads LTD)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll ()
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll (DivX, LLC)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll (DivX, LLC)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll (DivX, LLC)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAACDecode.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAACDecode.dll (DivX, LLC)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAVCDecode.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAVCDecode.dll (DivX, LLC)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll (DivX, LLC)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll (DivX, LLC)
O4 - HKLM..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\TextDecode.dll] C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\TextDecode.dll (DivX, LLC)
O4 - Startup: C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd til OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8:64bit: - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd til OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.38.159.242 84.208.20.110
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D2A4CE5-8EEA-4BBB-BA11-5DCF6039D18A}: DhcpNameServer = 84.38.159.242 84.208.20.110
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{008730ca-e850-11e0-bf83-90e6babc20fd}\Shell - "" = AutoRun
O33 - MountPoints2\{008730ca-e850-11e0-bf83-90e6babc20fd}\Shell\AutoRun\command - "" = H:\Autorun.exe
O33 - MountPoints2\{4adaccf8-2b3c-11e0-a46d-90e6babc20fd}\Shell - "" = AutoRun
O33 - MountPoints2\{4adaccf8-2b3c-11e0-a46d-90e6babc20fd}\Shell\AutoRun\command - "" = H:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.11.01 13:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\a68d9eea-b970-45e3-ba05-b4a5e2e396bc
[2014.10.26 13:31:06 | 000,048,776 | ---- | C] (StdLib) -- C:\Windows\SysNative\drivers\{bfb10c93-5530-4015-9a3f-61dfa880af58}w64.sys
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014.11.03 23:13:08 | 000,001,458 | ---- | M] () -- C:\Users\Adrian\Desktop\OTL (1) - Snarvei.lnk
[2014.11.03 23:12:04 | 000,015,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.11.03 23:12:04 | 000,015,152 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.11.03 23:03:11 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014.11.03 23:02:39 | 000,000,988 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.11.03 23:02:33 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2014.11.03 23:02:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.11.03 23:02:05 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2014.11.03 22:22:00 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.11.02 19:00:11 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2014.11.01 13:01:27 | 001,512,666 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.11.01 13:01:27 | 000,707,626 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.11.01 13:01:27 | 000,547,494 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat
[2014.11.01 13:01:27 | 000,142,630 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.11.01 13:01:27 | 000,116,126 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat
[2014.10.26 03:40:00 | 000,048,776 | ---- | M] (StdLib) -- C:\Windows\SysNative\drivers\{bfb10c93-5530-4015-9a3f-61dfa880af58}w64.sys
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014.11.03 23:13:08 | 000,001,458 | ---- | C] () -- C:\Users\Adrian\Desktop\OTL (1) - Snarvei.lnk
[2014.09.28 10:43:19 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.12.09 07:35:42 | 000,023,088 | ---- | C] () -- C:\Windows\DCEBoot64.exe
[2013.12.09 00:22:46 | 000,181,959 | ---- | C] () -- C:\Users\Adrian\AppData\Local\census.cache
[2013.12.09 00:22:39 | 000,108,383 | ---- | C] () -- C:\Users\Adrian\AppData\Local\ars.cache
[2013.12.08 17:23:30 | 000,000,036 | ---- | C] () -- C:\Users\Adrian\AppData\Local\housecall.guid.cache
[2013.08.06 20:45:10 | 000,000,011 | ---- | C] () -- C:\Users\Adrian\jagexappletviewer.preferences
[2013.08.04 22:50:53 | 000,007,649 | ---- | C] () -- C:\Users\Adrian\AppData\Local\Resmon.ResmonCfg
[2013.02.28 11:08:18 | 000,000,045 | ---- | C] () -- C:\Users\Adrian\jagex_cl_oldschool_LIVE.dat
[2013.02.28 11:08:18 | 000,000,024 | ---- | C] () -- C:\Users\Adrian\random.dat
[2012.12.03 13:42:41 | 000,000,045 | ---- | C] () -- C:\Users\Adrian\jagex_cl_runescape_LIVE.dat
[2011.03.29 19:45:48 | 000,000,094 | ---- | C] () -- C:\Users\Adrian\AppData\Local\fusioncache.dat
[2011.03.22 17:20:19 | 000,003,584 | ---- | C] () -- C:\Users\Adrian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.29 21:27:36 | 000,001,234 | RHS- | C] () -- C:\Users\Adrian\ntuser.pol
[2002.01.03 19:43:47 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2013.11.15 14:28:50 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\L
[2013.11.15 14:28:59 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\U
[2013.11.13 11:07:32 | 000,000,804 | ---- | M] () -- C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\L\[email protected]
[2011.11.17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Adrian\AppData\Local\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\L
[2011.11.17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Adrian\AppData\Local\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\U
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2014.11.03 23:03:05 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2014.11.03 23:03:05 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Users\Adrian\AppData\Local\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\n.
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014.05.18 10:37:38 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\.minecraft
[2014.01.04 21:55:32 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\AVAST Software
[2014.02.11 12:42:01 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Awesomium
[2010.12.15 20:26:32 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Bioshock
[2012.05.12 19:41:03 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Blockscape
[2012.07.16 22:32:10 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Braid
[2014.08.24 12:21:14 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\BRT
[2014.03.15 02:46:34 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Canon
[2010.10.29 15:59:11 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\DAEMON Tools
[2014.08.15 19:19:51 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\DAEMON Tools Lite
[2012.04.20 22:17:42 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\DAEMON Tools Pro
[2012.02.22 19:56:21 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\digipen
[2011.08.22 16:44:15 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\fltk.org
[2011.01.28 21:42:18 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Hive Cluster
[2012.05.10 11:23:43 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Leadertech
[2012.11.19 04:36:17 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Lionhead Studios
[2010.10.24 21:09:00 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\LolClient
[2012.03.06 06:02:57 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\LOVE
[2012.04.30 00:12:56 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\LS
[2014.02.19 14:51:22 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\LucasArts
[2010.11.25 22:44:25 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Mount&Blade Warband
[2002.01.13 08:16:11 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Opera
[2011.10.27 19:41:59 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Origin
[2011.06.23 03:38:24 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\PunkBuster
[2012.11.02 17:39:09 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\RenPy
[2012.03.21 22:30:47 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\RotMG.Production
[2011.04.08 21:47:34 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Rovio
[2011.07.22 02:05:48 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\runic games
[2009.11.29 11:43:31 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\SharePod
[2014.05.01 11:22:04 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\SimilarSites
[2012.06.26 09:01:05 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\six-updater
[2012.06.17 19:25:16 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\six-zsync
[2014.03.10 03:34:48 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Spotify
[2012.08.02 05:56:52 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\The Longest Journey
[2013.11.13 11:59:56 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\TuneUp Software
[2002.01.05 11:10:32 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Ubisoft
[2012.04.24 18:57:57 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Uniblue
[2011.01.19 14:40:24 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Unity
[2014.11.03 23:04:47 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\uTorrent
[2013.09.15 17:46:07 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\Windows Live Writer
[2012.08.20 08:56:19 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\xsecva
[2011.07.05 16:50:27 | 000,000,000 | ---D | M] -- C:\Users\Adrian\AppData\Roaming\ZombieDriver
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:AD022376
 
< End of report >
 

  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.

 

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

 

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.

Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.

IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.

NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

 

- Finally Before We Start-

 

Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

  

 

 

If you still need assistance, there is an Extras.txt file in your downloads directory from when you ran the OTL tool. Can you post the contents of this file as well?

 

Thank you.


  • 0

#3
Avalanche9

Avalanche9

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Thank you Brian!  

 

 

Here you go:

 

OTL Extras logfile created on: 03.11.2014 23:13:55 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Adrian\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 45,02% Memory free
8,00 Gb Paging File | 5,12 Gb Available in Paging File | 64,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 86,99 Gb Free Space | 9,34% Space Free | Partition Type: NTFS
 
Computer Name: ADRIAN-PC | User Name: Adrian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series" = Canon MG6300 series MP Drivers
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417000FF}" = Java™ 7 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0170000}" = Java™ SE Development Kit 7 (64-bit)
"{6532BCFB-8C63-3C63-B419-0A5FA3F1C854}" = Microsoft .NET Framework 4 Extended NOR Language Pack
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6D9DCF92-F8A3-33A2-897A-9C379448E0D8}" = Microsoft .NET Framework 4 Client Profile NOR Language Pack
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0414-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Norwegian (Bokmål)) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision-driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA kontrollpanel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafikkdriver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver til 3D Vision-kontroller 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA oppdateringer 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B8BA155B-1E75-405F-9CB4-8A99615D09DC}" = iTunes
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F20B6800-68D7-48DB-A2EB-26BB7BFD1F77}" = Windows Live Family Safety
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile NOR Language Pack" = Microsoft .NET Framework 4 Client Profile NOR Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended NOR Language Pack" = Microsoft .NET Framework 4 Extended NOR Language Pack
"MyPC Backup" = MyPC Backup 
"webget" = webget
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BE73D3C-B5AF-11E1-933A-984BE15F174E}" = Evernote v. 4.5.7
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1" = Deus Ex - Human Revolution version 1.0
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 I rampelyset
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 De fire årstider
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Helaften
"{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}" = NVIDIA PhysX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56D42B00-572C-4AE9-BCFB-CD45A3B5D0E1}" = Messenger Assistent
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = The Sims™ 3 Byliv - Stæsj
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{89D05DB6-9AC1-4EA2-89FD-859DBA14FEA4}" = Windows Live Sync
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0414-0000-0000000FF1CE}" = Microsoft Office Access MUI (Norwegian (Bokmål)) 2010
"{90140000-0015-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0414-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Norwegian (Bokmål)) 2010
"{90140000-0016-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0414-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2010
"{90140000-0018-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0414-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Norwegian (Bokmål)) 2010
"{90140000-0019-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0414-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Norwegian (Bokmål)) 2010
"{90140000-001A-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0414-0000-0000000FF1CE}" = Microsoft Office Word MUI (Norwegian (Bokmål)) 2010
"{90140000-001B-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0414-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Bokmål)) 2010
"{90140000-001F-0414-0000-0000000FF1CE}_Office14.SingleImage_{F3137115-1D72-46BE-9D42-B5DE61971F2A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0814-0000-0000000FF1CE}" = Microsoft Office Proof (Norwegian (Nynorsk)) 2010
"{90140000-001F-0814-0000-0000000FF1CE}_Office14.SingleImage_{751049E8-D99F-4DE1-9FC2-71DE06655678}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0414-1000-0000000FF1CE}_Office14.SingleImage_{BBFE07A3-B32C-4D6E-B5CA-9F420106EC9D}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0414-0000-0000000FF1CE}" = Microsoft Office Proofing (Norwegian (Bokmål)) 2010
"{90140000-002C-0414-0000-0000000FF1CE}_Office14.SingleImage_{66FC3637-893A-4837-A32C-0DD98E7F8444}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0414-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Norwegian (Bokmål)) 2010
"{90140000-006E-0414-0000-0000000FF1CE}_Office14.SingleImage_{C166254D-5FB6-4D3F-8509-3575387141B9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0414-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2010
"{90140000-00A1-0414-0000-0000000FF1CE}_Office14.SingleImage_{709415CB-DE43-4F15-96F5-148545F8EDE5}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90A40414-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Webkomponenter
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}" = The Sims™ 3 Inn i fremtiden
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{a86e0e5c-b53c-4682-918d-968772906072}" = Business Contact Manager for Outlook 2007 SP2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}" = Apple-programsupport
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Overnaturlig
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Kjæledyr
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{Clear Sky Complete v1.1.3}}_is1" = Clear Sky Complete
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1" = Cube World version 0.0.1
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = The Sims™ 3 Øyparadis
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avast" = avast! Free Antivirus
"Banished 1.0" = Banished 1.0
"Brukerregistrering for Canon MG6300 series" = Brukerregistrering for Canon MG6300 series
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Canon MG6300 series On-screen Manual" = Canon MG6300 series On-screen Manual
"Canon My Image Garden" = Canon My Image Garden
"Canon My Image Garden Design Files" = Canon My Image Garden Design Files
"Canon_IJ_Network_Scanner_Selector_EX" = Canon IJ Network Scanner Selector EX
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"Canon_IJ_Scan_Utility" = Canon IJ Scan Utility
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonQuickMenu" = Canon Quick Menu
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Dishonored_is1" = Dishonored
"DivX Setup" = DivX Setup
"Google Chrome" = Google Chrome
"Half-Life_is1" = Half-Life
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 29.0 (x86 nb-NO)" = Mozilla Firefox 29.0 (x86 nb-NO)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenAL" = OpenAL
"Origin" = Origin
"PDF Creator" = PDF Creator (Remove Only)
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"Steam App 10150" = Prototype
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 102600" = Orcs Must Die!
"Steam App 105400" = Fable III
"Steam App 105600" = Terraria
"Steam App 107100" = Bastion
"Steam App 108710" = Alan Wake
"Steam App 11020" = TrackMania Nations Forever
"Steam App 110800" = L.A. Noire
"Steam App 111800" = Blocks That Matter
"Steam App 113200" = The Binding of Isaac
"Steam App 12210" = Grand Theft Auto IV
"Steam App 1250" = Killing Floor
"Steam App 12900" = Audiosurf
"Steam App 15500" = The Wonderful End of the World
"Steam App 17470" = Dead Space
"Steam App 19000" = Silent Hill: Homecoming
"Steam App 200210" = Realm of the Mad God
"Steam App 200900" = Cave Story+
"Steam App 201870" = Assassin's Creed Revelations
"Steam App 204060" = Superbrothers: Sword & Sworcery EP
"Steam App 20500" = Red Faction: Guerrilla 
"Steam App 20510" = S.T.A.L.K.E.R.: Clear Sky
"Steam App 205100" = Dishonored
"Steam App 207320" = Ys: The Oath in Felghana
"Steam App 20900" = The Witcher: Enhanced Edition
"Steam App 20920" = The Witcher 2: Assassins of Kings Enhanced Edition
"Steam App 209330" = A Valley Without Wind
"Steam App 21090" = F.E.A.R.
"Steam App 211820" = Starbound
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 220" = Half-Life 2
"Steam App 22180" = Penumbra: Overture
"Steam App 22230" = Rock of Ages
"Steam App 22650" = Alien Breed 2: Assault
"Steam App 22690" = Worms Reloaded Demo
"Steam App 233230" = Kairo
"Steam App 240" = Counter-Strike: Source
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 259080" = Just Cause 2: Multiplayer Mod
"Steam App 26800" = Braid
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 300" = Day of Defeat: Source
"Steam App 31410" = Zombie Driver
"Steam App 320" = Half-Life 2: Deathmatch
"Steam App 32360" = The Secret of Monkey Island: Special Edition
"Steam App 32370" = Star Wars: Knights of the Old Republic
"Steam App 33230" = Assassin's Creed II
"Steam App 33910" = ARMA 2
"Steam App 33930" = ARMA 2: Operation Arrowhead
"Steam App 34830" = Sniper: Ghost Warrior
"Steam App 35140" = Batman: Arkham Asylum GOTY Edition
"Steam App 35700" = Trine
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 4000" = Garry's Mod
"Steam App 40800" = Super Meat Boy
"Steam App 41000" = Serious Sam HD: The First Encounter
"Steam App 41500" = Torchlight
"Steam App 41700" = S.T.A.L.K.E.R.: Call of Pripyat
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 43110" = Metro 2033
"Steam App 440" = Team Fortress 2
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 47780" = Dead Space 2
"Steam App 50130" = Mafia II
"Steam App 50620" = Darksiders
"Steam App 550" = Left 4 Dead 2
"Steam App 55040" = Atom Zombie Smasher 
"Steam App 55100" = HOMEFRONT
"Steam App 564" = Left 4 Dead 2 Add-on Support
"Steam App 570" = Dota 2
"Steam App 57300" = Amnesia: The Dark Descent
"Steam App 620" = Portal 2
"Steam App 630" = Alien Swarm
"Steam App 6310" = The Longest Journey
"Steam App 63710" = BIT.TRIP RUNNER
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 7940" = Call of Duty 4: Modern Warfare
"Steam App 8190" = Just Cause 2
"Steam App 8870" = BioShock Infinite
"Steam App 8980" = Borderlands
"Steam App 91310" = Dead Island
"TrackMania 2_is1" = TrackMania 2
"VLC media player" = VLC media player 2.0.1
"Warcraft III" = Warcraft III
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dachon 4k" = Dachon 4k
"Free Realms Installer" = Free Realms Installer
"Mozilla Firefox 12.0 (x86 nb-NO)" = Mozilla Firefox 12.0 (x86 nb-NO)
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"Yahoo! Search" = Yahoo! Search
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 01.11.2014 20:04:41 | Computer Name = Adrian-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4992
 
Error - 01.11.2014 20:04:42 | Computer Name = Adrian-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.11.2014 20:04:42 | Computer Name = Adrian-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6006
 
Error - 01.11.2014 20:04:42 | Computer Name = Adrian-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6006
 
Error - 01.11.2014 20:04:43 | Computer Name = Adrian-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.11.2014 20:04:43 | Computer Name = Adrian-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7005
 
Error - 01.11.2014 20:04:43 | Computer Name = Adrian-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7005
 
Error - 01.11.2014 20:04:44 | Computer Name = Adrian-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 01.11.2014 20:04:44 | Computer Name = Adrian-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8019
 
Error - 01.11.2014 20:04:44 | Computer Name = Adrian-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8019
 
[ Media Center Events ]
Error - 15.12.2010 01:39:46 | Computer Name = Adrian-PC | Source = MCUpdate | ID = 0
Description = 06:39:45 - Feil under tilkobling til Internett.  06:39:45 -     Får 
ikke kontakt med serveren..  
 
Error - 15.12.2010 17:42:59 | Computer Name = Adrian-PC | Source = MCUpdate | ID = 0
Description = 22:42:59 - Feil under tilkobling til Internett.  22:42:59 -     Får 
ikke kontakt med serveren..  
 
Error - 15.12.2010 17:43:34 | Computer Name = Adrian-PC | Source = MCUpdate | ID = 0
Description = 22:43:28 - Feil under tilkobling til Internett.  22:43:28 -     Får 
ikke kontakt med serveren..  
 
Error - 16.12.2010 18:52:31 | Computer Name = Adrian-PC | Source = MCUpdate | ID = 0
Description = 23:52:31 - Feil under tilkobling til Internett.  23:52:31 -     Får 
ikke kontakt med serveren..  
 
Error - 16.12.2010 18:52:42 | Computer Name = Adrian-PC | Source = MCUpdate | ID = 0
Description = 23:52:36 - Feil under tilkobling til Internett.  23:52:36 -     Får 
ikke kontakt med serveren..  
 
Error - 13.01.2011 12:11:43 | Computer Name = Adrian-PC | Source = MCUpdate | ID = 0
Description = 17:11:41 - Feil under tilkobling til Internett.  17:11:43 -     Får 
ikke kontakt med serveren..  
 
Error - 13.01.2011 12:12:03 | Computer Name = Adrian-PC | Source = MCUpdate | ID = 0
Description = 17:11:49 - Feil under tilkobling til Internett.  17:11:49 -     Får 
ikke kontakt med serveren..  
 
Error - 13.01.2011 13:12:45 | Computer Name = Adrian-PC | Source = MCUpdate | ID = 0
Description = 18:12:45 - Feil under tilkobling til Internett.  18:12:45 -     Får 
ikke kontakt med serveren..  
 
Error - 13.01.2011 13:12:54 | Computer Name = Adrian-PC | Source = MCUpdate | ID = 0
Description = 18:12:50 - Feil under tilkobling til Internett.  18:12:50 -     Får 
ikke kontakt med serveren..  
 
Error - 18.01.2011 07:01:41 | Computer Name = Adrian-PC | Source = MCUpdate | ID = 0
Description = 12:01:27 - Feil under tilkobling til Internett.  12:01:28 -     Får 
ikke kontakt med serveren..  
 
[ System Events ]
Error - 03.11.2014 18:02:52 | Computer Name = Adrian-PC | Source = Service Control Manager | ID = 7023
Description = Tjenesten Function Discovery Resource Publication terminerte med følgende
 feil:   %%-2147024891
 
Error - 03.11.2014 18:02:52 | Computer Name = Adrian-PC | Source = Service Control Manager | ID = 7003
Description = Tjenesten IKE and AuthIP IPsec Keying Modules avhenger av følgende
 tjeneste: BFE. Denne tjenesten er kanskje ikke installert.
 
Error - 03.11.2014 18:02:53 | Computer Name = Adrian-PC | Source = Service Control Manager | ID = 7003
Description = Tjenesten IPsec Policy Agent avhenger av følgende tjeneste: BFE. Denne
 tjenesten er kanskje ikke installert.
 
Error - 03.11.2014 18:02:55 | Computer Name = Adrian-PC | Source = Service Control Manager | ID = 7003
Description = Tjenesten Spybot-S&D 2 Security Center Service avhenger av følgende
 tjeneste: wscsvc. Denne tjenesten er kanskje ikke installert.
 
Error - 03.11.2014 18:02:57 | Computer Name = Adrian-PC | Source = Service Control Manager | ID = 7000
Description = Tjenesten BuddyVM kan ikke starte på grunn av følgende feil:   %%2
 
Error - 03.11.2014 18:05:37 | Computer Name = Adrian-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.11.2014 18:06:08 | Computer Name = Adrian-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.11.2014 18:06:16 | Computer Name = Adrian-PC | Source = DCOM | ID = 10016
Description = 
 
Error - 03.11.2014 18:06:50 | Computer Name = Adrian-PC | Source = Service Control Manager | ID = 7023
Description = Tjenesten Function Discovery Resource Publication terminerte med følgende
 feil:   %%-2147024891
 
Error - 03.11.2014 18:06:50 | Computer Name = Adrian-PC | Source = Service Control Manager | ID = 7001
Description = Tjenesten Hjemmenettverksleverandør avhenger av tjenesten Function
 Discovery Resource Publication som ikke kan starte på grunn av følgende feil:   %%-2147024891
 
 
< End of report >
 

  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thanks for the log. We do have some serious infections to remove so please stick with me until I declare your machine clean. Please follow the instructions below.
 
Step#1 - Warnings
 
The Dangers of P2P Programs
IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.
 
You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.
Here are some information sources about the dangers of P2P programs:
 
FBI - Peer to Peer Scams
USA Today Artticle on P2P Programs
File Sharing Infects 500,000 Computers
 
I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.
 
It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.
 
Please uninstall the following Peer-to-Peer program(s): uTorrent
To uninstall on Windows 7, you can:

  • Click your Start Orb in the lower left corner of your computer and select Control Panel.
  • Select Uninstall a program from the Programs Category.
  • Locate the program(s) in the list and click Uninstall.

CCleaner
I see that you have CCleaner installed. This is indeed a good product but I wanted to caution you on running the registry cleaning functionality of the tool. Please avoid this as it can do more harm than good.
 
Low on Disk Space
Your hard drive is low on space. This can adversely affect the performance of your computer. It's recommended to have at least 15% free disk space so that tools such as the automated defragger can keep your drive optimized. You would need to clean up at least 53 GB of space to obtain this.
 
Spybot Search & Destroy
I see that you have Spybot Search & Destroy. We no longer recommend this product because of the poor testing results. I recommend uninstalling this program. If you don't want to uninstall the program then please at least disable  Tea Timer while performing any of my instructions. You can re-enable it when we are all done. Instructions for that are here. If you do decide to uninstall the program, first Undo your immunization before uninstalling. You can do that by clicking the Undo  button with Spybot S&D and then remove from Add/Remove programs.
immunize.JPG
 
 
Critical Malware Found!
 
WARNING!!! - One or more of the identified infections is known to use a backdoor.
 
This allows hackers to remotely control your computer, steal critical system information and download and execute files.
I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall


We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.
 
 

 

Step#2 - Combofix
1. Download ComboFix from one of the following locations and save it to your Desktop Link 1 or Link 2
 **Note: It is important that it is saved directly to your desktop**
 
2. Close any open browsers.
* IMPORTANT - Disable your AntiVirus and any AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
If you have difficulty properly disabling your protective programs, refer to this link here.

3. Double click combofix.exe and follow the prompts.
 
4. Accept the disclaimer and allow to update if it asks
 
combofixdisclaimer.jpg
 
combofixgettingready.jpg
 
5. When finished, it shall produce a log for you.
 
6. Please include the C:\Combofix.txt in your next reply.
 
Notes:
 
*Do not mouseclick combofix's window while its running. That may cause it to stall.
*Do not "re-run" Combofix If you have a problem, reply back for further instructions.
* If you recieve an error "Illegal operation attempted on a registry key that has been marked for deletion". Please restart the computer. That will cure it.
 
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running Combofix n your own.

This tool is not a toy and not for everyday use. Combofix Should Not be used unless requested by a forum helper

 

Step#3 - Rootkit Scan
1. Download aswMBR to your desktop.
2. Right-click on aswMBR.exe and select Run as administrator to run it.
3. If you get a question about Virtualization Technology, answer Yes.
4. If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
5. Click the "Scan" button to start scan.
6. On completion of the scan click "Save log", save it to your desktop and post in your next reply.
NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

 

 

Items for your next post

1. Combofix log

2. AswMBR log

 

 

 

 


  • 0

#5
Avalanche9

Avalanche9

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Thank you!

 

Uninstalled utorrent and spybot, working on freeing up some space now.

 

Ran combo fix. Tried to run aswMBR, but during the scan it stopped working, and told me to close the program. Tried again, same thing happened.. What should I do?

 

 

 

Combofix:

 

ComboFix 14-11-09.02 - Adrian 10.11.2014  15:43:32.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.47.1044.18.4095.593 [GMT 1:00]
Kjører fra: c:\users\Adrian\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Adrian\AppData\Roaming\Love
c:\users\Adrian\AppData\Roaming\Love\mari0\options.txt
c:\users\Adrian\AppData\Roaming\xsecva
c:\users\Adrian\AppData\Roaming\xsecva\xseacc.xse
c:\windows\IsUn0414.exe
c:\windows\msdownld.tmp
.
Infisert kopi av c:\windows\system32\Services.exe ble funnet og desinfisert 
Gjenopprettet kopi fra - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe 
.
.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2014-10-10 til 2014-11-10  )))))))))))))))))))))))))))))))))
.
.
2014-11-10 15:06 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-11-10 15:06 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-11-10 15:06 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-11-10 15:06 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-11-10 15:05 . 2014-05-14 08:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-11-10 15:05 . 2014-05-14 08:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-11-10 15:05 . 2014-05-14 08:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-11-10 15:05 . 2014-05-14 08:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-11-10 15:02 . 2014-11-10 15:02 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26F5CF93-D7E2-4BAA-8957-A1DD66F5B26D}\offreg.dll
2014-11-10 14:58 . 2014-11-10 14:58 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-11-10 14:58 . 2014-11-10 14:58 -------- d-----w- c:\users\per\AppData\Local\temp
2014-11-10 14:58 . 2014-11-10 14:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-10 14:58 . 2014-11-10 14:58 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-11-10 14:29 . 2014-11-10 14:31 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2014-11-10 14:21 . 2014-11-10 14:21 -------- d-----w- c:\program files\Defraggler
2014-11-04 10:51 . 2014-11-04 10:52 -------- d-----w- c:\program files\Speccy
2014-11-03 22:27 . 2014-11-03 22:27 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-03 22:27 . 2014-11-03 22:27 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-11-03 22:27 . 2014-10-01 10:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-03 22:27 . 2014-10-01 10:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-01 12:28 . 2014-11-10 14:12 -------- d-----w- c:\programdata\a68d9eea-b970-45e3-ba05-b4a5e2e396bc
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-01 10:11 . 2013-12-01 17:40 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-03 17:48 . 2011-08-17 14:06 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-15 14:28 . 2010-10-29 14:59 386680 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-08-15 13:11 . 2014-01-04 20:54 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-15 13:10 . 2014-08-15 13:11 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-15 13:10 . 2014-01-04 20:54 92008 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-08-15 13:10 . 2014-01-04 20:54 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-15 13:10 . 2014-01-04 20:54 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-15 13:10 . 2014-01-04 20:54 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-15 13:10 . 2014-01-04 20:54 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-15 13:10 . 2014-01-04 20:54 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-15 13:10 . 2014-01-04 20:54 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-15 13:10 . 2014-08-15 13:10 43152 ----a-w- c:\windows\avastSS.scr
2013-07-22 12:00 . 2013-07-22 12:00 4188160 ----a-w- c:\program files (x86)\GUT8056.tmp
.
.
((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Desura"="c:\program files (x86)\Desura\desura.exe" [2012-02-28 2529096]
"DriverScanner"="c:\program files (x86)\Uniblue\DriverScanner\launcher.exe" [2011-10-20 338296]
"Spotify Web Helper"="c:\users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-01 1168896]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-11-05 6604568]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-15 4085896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-05 43848]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-03-26 449168]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
.
c:\users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-6-13 1014112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;c:\program files (x86)\VMLaunch\BuddyVM.sys;c:\program files (x86)\VMLaunch\BuddyVM.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 FTT3;FTT3;c:\windows\system32\DRIVERS\FTT3.sys;c:\windows\SYSNATIVE\DRIVERS\FTT3.sys [x]
R3 hcw99rc;Hauppauge Nova-DT IR Driver;c:\windows\System32\Drivers\hcw99rc.sys;c:\windows\SYSNATIVE\Drivers\hcw99rc.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys;c:\windows\SYSNATIVE\drivers\Mkd2Nadr.sys [x]
R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys;c:\windows\SYSNATIVE\drivers\Mkd3kfNt.sys [x]
R3 mv64xx;mv64xx;c:\windows\system32\DRIVERS\mv64xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv64xx.sys [x]
R3 nvamacpi;nvamacpi;c:\windows\system32\DRIVERS\NVAMACPI.sys;c:\windows\SYSNATIVE\DRIVERS\NVAMACPI.sys [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys;c:\windows\SYSNATIVE\DRIVERS\nvstusb.sys [x]
R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys;c:\windows\SYSNATIVE\DRIVERS\Prot6Flt.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SI3112r;SI3112r;c:\windows\system32\DRIVERS\SI3112r.sys;c:\windows\SYSNATIVE\DRIVERS\SI3112r.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VIACRX64;VIACRX64;c:\windows\system32\DRIVERS\viacr64.sys;c:\windows\SYSNATIVE\DRIVERS\viacr64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinTVCIUSB;WinTVCIUSB;c:\windows\system32\DRIVERS\hcw11.sys;c:\windows\SYSNATIVE\DRIVERS\hcw11.sys [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 MaintainerSvc1.11.3209076;MaintainerSvc1.11.3209076;c:\programdata\a68d9eea-b970-45e3-ba05-b4a5e2e396bc\maintainer.exe;c:\programdata\a68d9eea-b970-45e3-ba05-b4a5e2e396bc\maintainer.exe [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Andre tjenester/drivere lastet i minnet ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-01 12:22 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2014-11-10 c:\windows\Tasks\DriverScanner.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2012-04-24 11:43]
.
2014-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-13 10:17]
.
2014-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-13 10:17]
.
2014-11-10 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2011-12-18 12:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-15 13:10 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Tilleggsskanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&ksporter til Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Se&nd til OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 84.38.159.242 84.208.20.110
FF - ProfilePath - c:\users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\xlb0zb1x.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
user_pref(extensions.autoDisableScopes,14);
.
- - - - TOMME PEKERE FJERNET - - - -
.
URLSearchHooks-{ce18769b-c7fa-42d2-860d-17c4662c70ad} - (no file)
BHO-{ce18769b-c7fa-42d2-860d-17c4662c70ad} - (no file)
Toolbar-{ce18769b-c7fa-42d2-860d-17c4662c70ad} - (no file)
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre7\bin\jusched.exe
AddRemove-TrackMania 2_is1 - c:\games\TrackMania 2\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_USERS\S-1-5-21-41113278-582576069-4287591673-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:94,7e,4b,ea,f0,05,43,ad,84,40,69,eb,d7,87,1f,a3,17,5b,2d,5c,32,f8,f3,
   88,45,64,d7,6c,f6,a5,44,92,2d,b8,13,02,22,ba,1c,d2,8c,aa,db,c0,95,cc,7c,7d,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-41113278-582576069-4287591673-1004\Software\SecuROM\License information*]
"datasecu"=hex:1a,02,35,25,9c,92,70,40,0c,76,e4,4e,96,a8,0f,88,fe,6a,9b,0a,94,
   da,67,dd,2a,26,2d,17,9e,35,62,40,8b,26,01,f9,03,91,52,53,90,b9,fc,07,51,c9,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
c:\program files\AVAST Software\Avast\AvastEmUpdate.exe
.
**************************************************************************
.
Tidspunkt ferdig: 2014-11-10  16:23:09 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt  2014-11-10 15:23
.
Pre-Run: 66 178 699 264 byte ledig
Post-Run: 71 240 609 792 byte ledig
.
- - End Of File - - 0AA66A093BEE9C7D61E32D84BA3202C4
A36C5E4F47E84449FF07ED3517B43A31

  • 0

#6
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Step#1 - Combofix Script
 
1. Please start by opening Notepad and copy/paste the entire text from in the box below into the notepad window:



KILLALL::

Folder::
c:\program files (x86)\Spybot - Search & Destroy
c:\programdata\a68d9eea-b970-45e3-ba05-b4a5e2e396bc
c:\windows\SysWOW64\Drivers\X6va008

Driver::
X6va008
MaintainerSvc1.11.3209076

DDS::
IE: Translate this web page with Babylon -

Reboot::

 
2. Save it to your desktop as CFScript.txt
3. Referring to the picture below, drag CFScript.txt onto ComboFix.exe
CFScriptB-4.gif.pagespeed.ce.9SFFpFAors.
4. This will let ComboFix run again.
5. Restart if you are prompted to.
6. When finished, it shall produce a log for you. Post the contents of that log in your next reply. If you are required to reboot you can obtain the log from C:\Combofix.txt
 
**Note#1**
Do not mouseclick combofix's window while it's running. That may cause it to stall.
 
Step#2 - TDSSKiller - Check for Infected MBR/BCD Entries
 
Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Right-click on TDSSKiller.exe and select Run as administrator. Allow to run if prompted.
  • Accept the End User License Agreement & KSN Statement
  • Click on Change parameters.
  • Another window will appear.
  • Check "Verify file digital signatures" and "Detect TDLFS file system".
  • Check "Loaded modules" under the Objects to scan section. You will be prompted to reboot. Please do so.
  • Reboot.JPG
  • Once the computer is rebooted, TDDSKiller will open again.
  • Click the Start Scan button.
  • The scan should only take a few minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. If there are multiple logs, please post the most current.

 

Items for your next Post

1. Combofix Script Log

2. TDSS Log


  • 0

#7
Avalanche9

Avalanche9

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
Sorry about the late reply, I've been away for a few days. Here is the combofix log, the TDSS din't find anything at all. though the log was so massive my computer refused to post the message when I pasted it here. If you still need it I'll try again.
 
 
 
ComboFix 14-11-09.02 - Adrian 15.11.2014  20:10:40.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.47.1044.18.4095.2746 [GMT 1:00]
Kjører fra: c:\users\Adrian\Desktop\ComboFix.exe
Command switches brukt :: c:\users\Adrian\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Spybot - Search & Destroy
c:\programdata\a68d9eea-b970-45e3-ba05-b4a5e2e396bc
c:\programdata\a68d9eea-b970-45e3-ba05-b4a5e2e396bc\maintainer.bak
c:\programdata\a68d9eea-b970-45e3-ba05-b4a5e2e396bc\maintainer.exe
c:\programdata\ntuser.pol
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Drivere/Tjenester   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA008
-------\Service_MaintainerSvc1.11.3209076
-------\Service_X6va008
.
.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2014-10-15 til 2014-11-15  )))))))))))))))))))))))))))))))))
.
.
2014-11-15 19:28 . 2014-11-15 19:28 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-11-15 19:28 . 2014-11-15 19:28 -------- d-----w- c:\users\per\AppData\Local\temp
2014-11-15 19:28 . 2014-11-15 19:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-14 23:17 . 2014-11-15 19:36 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34546A70-42D3-4847-9971-0A43338DC173}\offreg.dll
2014-11-14 17:58 . 2014-10-20 01:37 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34546A70-42D3-4847-9971-0A43338DC173}\mpengine.dll
2014-11-14 17:17 . 2014-11-14 17:17 -------- d-----w- c:\users\Adrian\AppData\Local\Logitech® Webcam Software
2014-11-14 17:15 . 2014-11-14 17:15 -------- d-----w- c:\users\Adrian\AppData\Local\Evernote
2014-11-11 04:07 . 2014-11-11 04:07 -------- d-----w- c:\windows\Migration
2014-11-11 03:08 . 2014-11-11 03:08 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-11-11 01:10 . 2014-11-15 01:56 -------- d-----w- c:\windows\system32\MRT
2014-11-11 01:07 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-11-11 01:07 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-11-11 01:07 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-11-11 01:07 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-11-11 01:07 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-11-11 01:07 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-11-11 01:06 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-11-11 01:06 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-11-10 22:57 . 2014-11-10 22:57 3231832 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dcompiler_46.dll
2014-11-10 22:57 . 2014-11-10 22:57 220784 ----a-w- c:\program files (x86)\Mozilla Firefox\sandboxbroker.dll
2014-11-10 15:06 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-11-10 15:06 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-11-10 15:06 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-11-10 15:06 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-11-10 15:05 . 2014-05-14 08:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-11-10 15:05 . 2014-05-14 08:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-11-10 15:05 . 2014-05-14 08:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-11-10 15:05 . 2014-05-14 08:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-11-10 14:21 . 2014-11-10 19:34 -------- d-----w- c:\program files\Defraggler
2014-11-04 10:51 . 2014-11-04 10:52 -------- d-----w- c:\program files\Speccy
2014-11-03 22:27 . 2014-11-03 22:27 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-03 22:27 . 2014-11-03 22:27 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-11-03 22:27 . 2014-10-01 10:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-03 22:27 . 2014-10-01 10:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-15 01:50 . 2011-04-10 10:51 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-11-04 13:30 . 2009-11-17 10:09 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-01 10:11 . 2013-12-01 17:40 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-03 17:48 . 2011-08-17 14:06 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-07-22 12:00 . 2013-07-22 12:00 4188160 ----a-w- c:\program files (x86)\GUT8056.tmp
.
.
((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Desura"="c:\program files (x86)\Desura\desura.exe" [2012-02-28 2529096]
"DriverScanner"="c:\program files (x86)\Uniblue\DriverScanner\launcher.exe" [2011-10-20 338296]
"Spotify Web Helper"="c:\users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-01 1168896]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-11-05 6604568]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-15 4085896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-05 43848]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-03-26 449168]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
.
c:\users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-6-13 1014112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R1 hklkrfkp;hklkrfkp;c:\windows\system32\drivers\hklkrfkp.sys;c:\windows\SYSNATIVE\drivers\hklkrfkp.sys [x]
R2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;c:\program files (x86)\VMLaunch\BuddyVM.sys;c:\program files (x86)\VMLaunch\BuddyVM.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 FTT3;FTT3;c:\windows\system32\DRIVERS\FTT3.sys;c:\windows\SYSNATIVE\DRIVERS\FTT3.sys [x]
R3 hcw99rc;Hauppauge Nova-DT IR Driver;c:\windows\System32\Drivers\hcw99rc.sys;c:\windows\SYSNATIVE\Drivers\hcw99rc.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys;c:\windows\SYSNATIVE\drivers\Mkd2Nadr.sys [x]
R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys;c:\windows\SYSNATIVE\drivers\Mkd3kfNt.sys [x]
R3 mv64xx;mv64xx;c:\windows\system32\DRIVERS\mv64xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv64xx.sys [x]
R3 nvamacpi;nvamacpi;c:\windows\system32\DRIVERS\NVAMACPI.sys;c:\windows\SYSNATIVE\DRIVERS\NVAMACPI.sys [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys;c:\windows\SYSNATIVE\DRIVERS\nvstusb.sys [x]
R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys;c:\windows\SYSNATIVE\DRIVERS\Prot6Flt.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SI3112r;SI3112r;c:\windows\system32\DRIVERS\SI3112r.sys;c:\windows\SYSNATIVE\DRIVERS\SI3112r.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VIACRX64;VIACRX64;c:\windows\system32\DRIVERS\viacr64.sys;c:\windows\SYSNATIVE\DRIVERS\viacr64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinTVCIUSB;WinTVCIUSB;c:\windows\system32\DRIVERS\hcw11.sys;c:\windows\SYSNATIVE\DRIVERS\hcw11.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-01 12:22 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2014-11-15 c:\windows\Tasks\DriverScanner.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2012-04-24 11:43]
.
2014-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-13 10:17]
.
2014-11-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-13 10:17]
.
2014-11-15 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2011-12-18 12:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-15 13:10 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre7\bin\jusched.exe" [BU]
"MRT"="c:\windows\system32\MRT.exe" [2014-11-15 103374192]
.
------- Tilleggsskanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&ksporter til Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Se&nd til OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 84.38.159.242 84.208.20.110
FF - ProfilePath - c:\users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\xlb0zb1x.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
user_pref(extensions.autoDisableScopes,14);
.
- - - - TOMME PEKERE FJERNET - - - -
.
BHO-{ce18769b-c7fa-42d2-860d-17c4662c70ad} - (no file)
Toolbar-{ce18769b-c7fa-42d2-860d-17c4662c70ad} - (no file)
AddRemove-TrackMania 2_is1 - c:\games\TrackMania 2\unins000.exe
.
.
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_USERS\S-1-5-21-41113278-582576069-4287591673-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:94,7e,4b,ea,f0,05,43,ad,84,40,69,eb,d7,87,1f,a3,17,5b,2d,5c,32,f8,f3,
   88,45,64,d7,6c,f6,a5,44,92,2d,b8,13,02,22,ba,1c,d2,8c,aa,db,c0,95,cc,7c,7d,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-41113278-582576069-4287591673-1004\Software\SecuROM\License information*]
"datasecu"=hex:1a,02,35,25,9c,92,70,40,0c,76,e4,4e,96,a8,0f,88,fe,6a,9b,0a,94,
   da,67,dd,2a,26,2d,17,9e,35,62,40,8b,26,01,f9,03,91,52,53,90,b9,fc,07,51,c9,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
.
**************************************************************************
.
Tidspunkt ferdig: 2014-11-15  21:44:55 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt  2014-11-15 20:44
ComboFix2.txt  2014-11-10 15:23
.
Pre-Run: 95 145 091 072 byte ledig
Post-Run: 95 471 558 656 byte ledig
.
- - End Of File - - 1C7271E26E5A0C4DB8D26AE2C769AEC8
A36C5E4F47E84449FF07ED3517B43A31

  • 0

#8
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Can you try attaching the TDSS log instead of copy/pasting the log? If you preview your post you should be presented with the option to attach a file.

Attach.JPG

 

 

If it's too big to attach, do you have a dropbox or skydrive account you can use? If not you can always use a service such as https://www.sendspace.com/ to attach your file and then you can share the link.

 

Let me know. Thanks.


  • 0

#9
Avalanche9

Avalanche9

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Try this.

 

https://www.sendspace.com/file/4e7815


  • 0

#10
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Bingo. Thanks. I'll put together next steps.


  • 0

Advertisements


#11
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

OK, please do the following.
 
Step#1 - Combofix Script
 
1. Disable your AV. Instructions for doing so are here if need be.
2. Please start by opening Notepad and copy/paste the entire text from in the box below into the notepad window: (don't include the word Quote at the beginning)
 

Driver::
hklkrfkp
 
DDS::
IE: Translate with Babylon -

3. Save it to your desktop as CFScript.txt
4. Referring to the picture below, drag CFScript.txt onto ComboFix.exe
CFScriptB-4.gif.pagespeed.ce.9SFFpFAors.
5. This will let ComboFix run again.
6. Restart your machine whether or not you are prompted to.
7. When finished, it shall produce a log for you. Post the contents of that log in your next reply. If you are required to reboot you can obtain the log from C:\Combofix.txt
 
**Note#1**
Do not mouseclick combofix's window while it's running. That may cause it to stall.
 
**Note#2**
When Combofix finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture files to submit for analysis. Ensure you are connected to the internet and click OK on the message box.
 
**Note#3**
If after the reboot you get errors about programs being marked for deletion then reboot, that will cure it.
 
 
Step#2 - Uninstalls
 
Please uninstall the following programs one at a time. Instructions for doing so are here.
If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot. All of these programs are either outdated, malware/adware, have a bad reputation or are not recommended. If you absolutely must have one of them I suggest that you wait until you are declared clean before reinstalling.
Java™ 7 (64-bit)
Java 7 Update 51
MyPC Backup
webget
Uniblue DriverScanner

 
 
Step#3 - FRST Scan
 
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.
 
 
  
 
Items for your next post
1. Combofix log
2. FRST and Addition logs


  • 0

#12
Avalanche9

Avalanche9

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Thank you!

 

The Javas and Uniblue driverscanner uninstalled easily, webget an MyPc Backup are not in the program list..?

 

 

Combfix:

 

ComboFix 14-11-17.01 - Adrian 18.11.2014  15:34:06.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.47.1044.18.4095.2529 [GMT 1:00]
Kjører fra: c:\users\Adrian\Desktop\ComboFix.exe
Command switches brukt :: c:\users\Adrian\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((((((((   Drivere/Tjenester   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_hklkrfkp
.
.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2014-10-18 til 2014-11-18  )))))))))))))))))))))))))))))))))
.
.
2014-11-18 14:56 . 2014-11-18 14:56 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D8B49EF5-A217-4B84-91AF-2EE47813C5B6}\offreg.dll
2014-11-18 14:50 . 2014-11-18 14:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-11-18 14:50 . 2014-11-18 14:50 -------- d-----w- c:\users\per\AppData\Local\temp
2014-11-18 14:50 . 2014-11-18 14:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-18 14:50 . 2014-11-18 14:50 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2014-11-18 14:24 . 2014-11-18 14:24 -------- d-----w- c:\users\Adrian\AppData\Local\CrashDumps
2014-11-18 14:07 . 2014-11-02 04:20 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D8B49EF5-A217-4B84-91AF-2EE47813C5B6}\mpengine.dll
2014-11-16 01:54 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-11-14 17:17 . 2014-11-14 17:17 -------- d-----w- c:\users\Adrian\AppData\Local\Logitech® Webcam Software
2014-11-14 17:15 . 2014-11-14 17:15 -------- d-----w- c:\users\Adrian\AppData\Local\Evernote
2014-11-11 04:07 . 2014-11-11 04:07 -------- d-----w- c:\windows\Migration
2014-11-11 03:08 . 2014-11-11 03:08 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-11-11 01:10 . 2014-11-15 21:12 -------- d-----w- c:\windows\system32\MRT
2014-11-11 01:07 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-11-11 01:07 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-11-11 01:07 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-11-11 01:07 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-11-11 01:07 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-11-11 01:07 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-11-11 01:06 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-11-11 01:06 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-11-10 22:57 . 2014-11-10 22:57 3231832 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dcompiler_46.dll
2014-11-10 22:57 . 2014-11-10 22:57 220784 ----a-w- c:\program files (x86)\Mozilla Firefox\sandboxbroker.dll
2014-11-10 15:06 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-11-10 15:06 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-11-10 15:06 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-11-10 15:06 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-11-10 15:05 . 2014-05-14 08:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-11-10 15:05 . 2014-05-14 08:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-11-10 15:05 . 2014-05-14 08:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-11-10 15:05 . 2014-05-14 08:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-11-10 14:21 . 2014-11-10 19:34 -------- d-----w- c:\program files\Defraggler
2014-11-04 10:51 . 2014-11-04 10:52 -------- d-----w- c:\program files\Speccy
2014-11-03 22:27 . 2014-11-03 22:27 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-03 22:27 . 2014-11-03 22:27 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-11-03 22:27 . 2014-10-01 10:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-03 22:27 . 2014-10-01 10:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-15 01:50 . 2011-04-10 10:51 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-11-04 13:30 . 2009-11-17 10:09 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-10-01 10:11 . 2013-12-01 17:40 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-09-03 17:48 . 2011-08-17 14:06 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-07-22 12:00 . 2013-07-22 12:00 4188160 ----a-w- c:\program files (x86)\GUT8056.tmp
.
.
((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Desura"="c:\program files (x86)\Desura\desura.exe" [2012-02-28 2529096]
"DriverScanner"="c:\program files (x86)\Uniblue\DriverScanner\launcher.exe" [2011-10-20 338296]
"Spotify Web Helper"="c:\users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-01 1168896]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-11-05 6604568]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2011-10-25 103896]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-15 4085896]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-05 43848]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-04-03 1273448]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2012-03-26 449168]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
.
c:\users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-6-13 1014112]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM;c:\program files (x86)\VMLaunch\BuddyVM.sys;c:\program files (x86)\VMLaunch\BuddyVM.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 FTT3;FTT3;c:\windows\system32\DRIVERS\FTT3.sys;c:\windows\SYSNATIVE\DRIVERS\FTT3.sys [x]
R3 hcw99rc;Hauppauge Nova-DT IR Driver;c:\windows\System32\Drivers\hcw99rc.sys;c:\windows\SYSNATIVE\Drivers\hcw99rc.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv_x64.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys;c:\windows\SYSNATIVE\drivers\Mkd2Nadr.sys [x]
R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys;c:\windows\SYSNATIVE\drivers\Mkd3kfNt.sys [x]
R3 mv64xx;mv64xx;c:\windows\system32\DRIVERS\mv64xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv64xx.sys [x]
R3 nvamacpi;nvamacpi;c:\windows\system32\DRIVERS\NVAMACPI.sys;c:\windows\SYSNATIVE\DRIVERS\NVAMACPI.sys [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys;c:\windows\SYSNATIVE\DRIVERS\nvstusb.sys [x]
R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys;c:\windows\SYSNATIVE\DRIVERS\Prot6Flt.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SI3112r;SI3112r;c:\windows\system32\DRIVERS\SI3112r.sys;c:\windows\SYSNATIVE\DRIVERS\SI3112r.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VIACRX64;VIACRX64;c:\windows\system32\DRIVERS\viacr64.sys;c:\windows\SYSNATIVE\DRIVERS\viacr64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinTVCIUSB;WinTVCIUSB;c:\windows\system32\DRIVERS\hcw11.sys;c:\windows\SYSNATIVE\DRIVERS\hcw11.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-11-01 12:22 1089352 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2014-11-18 c:\windows\Tasks\DriverScanner.job
- c:\program files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2012-04-24 11:43]
.
2014-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-13 10:17]
.
2014-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-13 10:17]
.
2014-11-15 c:\windows\Tasks\RMSchedule.job
- c:\program files (x86)\PC Tools Registry Mechanic\RegMech.exe [2011-12-18 12:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-15 13:10 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre7\bin\jusched.exe" [BU]
.
------- Tilleggsskanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&ksporter til Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Se&nd til OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 84.38.159.242 84.208.20.110
FF - ProfilePath - c:\users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\xlb0zb1x.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search
FF - prefs.js: keyword.URL - hxxps://www.google.com/search
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - TOMME PEKERE FJERNET - - - -
.
BHO-{ce18769b-c7fa-42d2-860d-17c4662c70ad} - (no file)
Toolbar-{ce18769b-c7fa-42d2-860d-17c4662c70ad} - (no file)
SafeBoot-24617340.sys
AddRemove-TrackMania 2_is1 - c:\games\TrackMania 2\unins000.exe
.
.
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_USERS\S-1-5-21-41113278-582576069-4287591673-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:94,7e,4b,ea,f0,05,43,ad,84,40,69,eb,d7,87,1f,a3,17,5b,2d,5c,32,f8,f3,
   88,45,64,d7,6c,f6,a5,44,92,2d,b8,13,02,22,ba,1c,d2,8c,aa,db,c0,95,cc,7c,7d,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-41113278-582576069-4287591673-1004\Software\SecuROM\License information*]
"datasecu"=hex:1a,02,35,25,9c,92,70,40,0c,76,e4,4e,96,a8,0f,88,fe,6a,9b,0a,94,
   da,67,dd,2a,26,2d,17,9e,35,62,40,8b,26,01,f9,03,91,52,53,90,b9,fc,07,51,c9,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andre Kjørende Prosesser ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
.
**************************************************************************
.
Tidspunkt ferdig: 2014-11-18  16:02:25 - maskinen ble startet på nytt
ComboFix-quarantined-files.txt  2014-11-18 15:02
ComboFix2.txt  2014-11-15 20:44
ComboFix3.txt  2014-11-10 15:23
.
Pre-Run: 93 763 317 760 byte ledig
Post-Run: 98 855 727 104 byte ledig
.
- - End Of File - - FA254CA0F72C63F26E09223263441D26
A36C5E4F47E84449FF07ED3517B43A31
 

 

 

 

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2014
Ran by Adrian (administrator) on ADRIAN-PC on 18-11-2014 16:19:36
Running from C:\Users\Adrian\Downloads
Loaded Profiles: Adrian & UpdatusUser (Available profiles: Adrian & per & UpdatusUser & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Norsk, bokmål (Norge)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-10-25] (PC Tools)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-15] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAACDecode.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAACDecode.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAVCDecode.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAVCDecode.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\TextDecode.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\TextDecode.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Run: [Desura] => C:\Program Files (x86)\Desura\desura.exe [2529096 2012-02-28] (Desura Pty Ltd)
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Run: [Spotify Web Helper] => C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-01] (Spotify Ltd)
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6604568 2013-11-05] (SUPERAntiSpyware)
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-41113278-582576069-4287591673-1007\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-41113278-582576069-4287591673-1004\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-41113278-582576069-4287591673-1004\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1F408D5B4DB7CA01
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = no
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
URLSearchHook: HKLM-x32 - (No Name) - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2786678
SearchScopes: HKU\S-1-5-21-41113278-582576069-4287591673-1004 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-41113278-582576069-4287591673-1004 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-41113278-582576069-4287591673-1004 -> {6C1A09AB-E43F-4662-B271-5EFD315A2DFA} URL = http://search.condui...&ctid=CT3072253
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Påloggingshjelp for Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} ->  No File
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {ce18769b-c7fa-42d2-860d-17c4662c70ad} ->  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {ce18769b-c7fa-42d2-860d-17c4662c70ad} -  No File
Toolbar: HKU\S-1-5-21-41113278-582576069-4287591673-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 84.38.159.242 84.208.20.110
 
FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\xlb0zb1x.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF DefaultSearchUrl: https://www.google.com/search
FF Homepage: about:home
FF NewTab: about:newtab
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandasecurity.com/activescan -> C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-41113278-582576069-4287591673-1004: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Adrian\AppData\LocalLow\Sony Online Entertainment\npsoe.dll No File
FF Plugin HKU\S-1-5-21-41113278-582576069-4287591673-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-41113278-582576069-4287591673-1004: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bok-NO.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\gulesider-NO.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qxl-NO.xml
FF Extension: Website Discovery Pro - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\xlb0zb1x.default\Extensions\[email protected] [2014-05-01]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-04-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-04]
 
Chrome: 
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-14]
CHR Extension: (Google Docs) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-14]
CHR Extension: (Google Drive) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-14]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-14]
CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-14]
CHR Extension: (Google Sheets) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-14]
CHR Extension: (Avast Online Security) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-14]
CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-14]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-11-14]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-15]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-15] (AVAST Software)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-03] (Hi-Rez Studios) [File not signed]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-15] ()
S3 FTT3; C:\Windows\system32\DRIVERS\FTT3.sys [191632 2007-08-16] (Promise Technology, Inc.)
S3 hcw99rc; C:\Windows\System32\Drivers\hcw99rc.sys [38528 2007-03-23] (Hauppauge Computer Works, Inc.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
S3 Mkd2Nadr; C:\Windows\SysWOW64\drivers\Mkd2Nadr.sys [106040 2008-10-17] (AhnLab, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-10-31] ()
S3 mv64xx; C:\Windows\system32\DRIVERS\mv64xx.sys [316456 2008-09-01] (Marvell Semiconductor, Inc.)
S3 nvamacpi; C:\Windows\system32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 nvrd64; C:\Windows\system32\DRIVERS\nvrd64.sys [175648 2009-08-04] (NVIDIA Corporation)
S3 NvStUSB; C:\Windows\system32\DRIVERS\nvstusb.sys [48160 2009-06-10] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SI3112r; C:\Windows\system32\DRIVERS\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22832 2007-02-01] (Silicon Image, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-15] (Duplex Secure Ltd.)
S3 VIACRX64; C:\Windows\system32\DRIVERS\viacr64.sys [100864 2008-06-10] (VIA Technologies, Inc.              )
S3 WinTVCIUSB; C:\Windows\system32\DRIVERS\hcw11.sys [103952 2008-04-16] (Hauppauge Computer Works, Inc.)
U3 a40xey1h; C:\Windows\System32\Drivers\a40xey1h.sys [0 ] (Microsoft Corporation)
U3 avewnbf4; C:\Windows\System32\Drivers\avewnbf4.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Mkd3kfNt; system32\drivers\Mkd3kfNt.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E}; \??\C:\Program Files (x86)\VMLaunch\BuddyVM.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-18 16:19 - 2014-11-18 16:20 - 00027166 _____ () C:\Users\Adrian\Downloads\FRST.txt
2014-11-18 16:19 - 2014-11-18 16:19 - 00000000 ____D () C:\FRST
2014-11-18 16:18 - 2014-11-18 16:19 - 00001407 _____ () C:\Users\Adrian\Desktop\FRST64 - Snarvei.lnk
2014-11-18 16:17 - 2014-11-18 16:18 - 02117120 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2014-11-18 16:02 - 2014-11-18 16:02 - 00017188 _____ () C:\ComboFix.txt
2014-11-18 15:24 - 2014-11-18 15:24 - 00000000 ____D () C:\Users\Adrian\AppData\Local\CrashDumps
2014-11-16 02:54 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-11-15 22:01 - 2014-11-15 22:02 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Adrian\Desktop\tdsskiller.exe
2014-11-14 18:18 - 2014-11-14 18:18 - 00111208 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-14 18:17 - 2014-11-14 18:17 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-14 18:17 - 2014-11-14 18:17 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Logitech® Webcam Software
2014-11-14 18:15 - 2014-11-14 18:15 - 00000020 ___SH () C:\Users\Adrian\ntuser.ini
2014-11-14 18:15 - 2014-11-14 18:15 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Evernote
2014-11-11 04:47 - 2014-11-16 02:54 - 00024701 _____ () C:\Windows\IE11_main.log
2014-11-11 02:10 - 2014-11-15 22:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-11 02:07 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-11-11 02:07 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-11-11 02:07 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-11-11 02:07 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-11-11 02:07 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-11-11 02:07 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-11-11 02:06 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-11-11 02:06 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-11-10 16:28 - 2014-11-10 16:29 - 05194752 _____ (AVAST Software) C:\Users\Adrian\Desktop\aswMBR.exe
2014-11-10 16:06 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-10 16:06 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-10 16:06 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-10 16:06 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-10 16:05 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-10 16:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-10 16:05 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-10 16:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-10 15:38 - 2014-11-18 16:02 - 00000000 ____D () C:\Qoobox
2014-11-10 15:38 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-10 15:38 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-10 15:38 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-10 15:38 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-10 15:38 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-10 15:38 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-10 15:38 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-10 15:38 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-10 15:37 - 2014-11-18 15:51 - 00000000 ____D () C:\Windows\erdnt
2014-11-10 15:33 - 2014-11-18 15:29 - 05598319 ____R (Swearware) C:\Users\Adrian\Desktop\ComboFix.exe
2014-11-10 15:27 - 2014-11-10 15:27 - 16409960 _____ (Safer Networking Limited ) C:\Users\Adrian\Desktop\spybotsd162.exe
2014-11-10 15:22 - 2014-11-10 15:22 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-11-10 15:21 - 2014-11-10 20:34 - 00000000 ____D () C:\Program Files\Defraggler
2014-11-10 15:21 - 2014-11-10 15:21 - 00001684 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-11-10 15:20 - 2014-11-10 15:20 - 04362512 _____ (Piriform Ltd) C:\Users\Adrian\Desktop\dfsetup218.exe
2014-11-10 15:20 - 2014-11-10 15:20 - 04362512 _____ (Piriform Ltd) C:\Users\Adrian\Desktop\dfsetup218 (1).exe
2014-11-04 13:30 - 2014-11-04 13:30 - 00001289 _____ () C:\Users\Public\Desktop\The Sims™ 4.lnk
2014-11-04 13:07 - 2014-11-04 13:16 - 00000000 ____D () C:\Users\Adrian\Downloads\sim4
2014-11-04 11:51 - 2014-11-04 11:52 - 00000000 ____D () C:\Program Files\Speccy
2014-11-04 11:51 - 2014-11-04 11:51 - 04890736 _____ (Piriform Ltd) C:\Users\Adrian\Downloads\spsetup126.exe
2014-11-04 11:51 - 2014-11-04 11:51 - 00000756 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-11-03 23:29 - 2014-11-03 23:29 - 00074460 _____ () C:\Users\Adrian\Downloads\Extras.Txt
2014-11-03 23:27 - 2014-11-03 23:27 - 00147536 _____ () C:\Users\Adrian\Downloads\OTL.Txt
2014-11-03 23:27 - 2014-11-03 23:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-03 23:27 - 2014-11-03 23:27 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-03 23:27 - 2014-11-03 23:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-03 23:27 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-03 23:27 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-03 23:13 - 2014-11-03 23:13 - 00001458 _____ () C:\Users\Adrian\Desktop\OTL (1) - Snarvei.lnk
2014-11-03 23:12 - 2014-11-03 23:12 - 00602112 _____ (OldTimer Tools) C:\Users\Adrian\Downloads\OTL (2).exe
2014-11-03 23:10 - 2014-11-03 23:10 - 00602112 _____ (OldTimer Tools) C:\Users\Adrian\Downloads\OTL (1).exe
2014-11-01 16:08 - 2014-11-01 16:08 - 00003500 _____ () C:\Windows\System32\Tasks\Yahoo! Search Updater
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-18 16:13 - 2009-11-17 11:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-18 16:05 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-18 16:05 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-18 16:01 - 2014-08-18 14:50 - 01902858 _____ () C:\Windows\WindowsUpdate.log
2014-11-18 15:55 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-18 15:54 - 2014-08-16 07:02 - 00007572 _____ () C:\Windows\setupact.log
2014-11-18 15:54 - 2010-02-13 11:10 - 00000988 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-18 15:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-18 15:53 - 2014-08-18 10:45 - 00104806 _____ () C:\Windows\PFRO.log
2014-11-18 15:52 - 2009-07-14 03:34 - 94400512 _____ () C:\Windows\system32\config\software.bak
2014-11-18 15:52 - 2009-07-14 03:34 - 18350080 _____ () C:\Windows\system32\config\system.bak
2014-11-18 15:52 - 2009-07-14 03:34 - 00278528 _____ () C:\Windows\system32\config\default.bak
2014-11-18 15:52 - 2009-07-14 03:34 - 00102400 _____ () C:\Windows\system32\config\sam.bak
2014-11-18 15:52 - 2009-07-14 03:34 - 00032768 _____ () C:\Windows\system32\config\security.bak
2014-11-18 15:27 - 2010-02-13 11:10 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-18 15:24 - 2014-04-29 21:05 - 00001131 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-18 14:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-11-18 14:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-11-18 14:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-11-18 14:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-11-18 14:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-18 14:23 - 2009-07-14 10:53 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-18 14:23 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-18 14:23 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-18 14:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-11-18 14:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-11-15 23:22 - 2010-02-13 11:10 - 00003988 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 23:22 - 2010-02-13 11:10 - 00003736 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 19:20 - 2011-12-19 19:00 - 00000418 _____ () C:\Windows\SysWOW64\AppLog.log
2014-11-15 19:20 - 2011-12-18 19:17 - 00000288 _____ () C:\Windows\Tasks\RMSchedule.job
2014-11-15 03:22 - 2009-11-17 10:53 - 01494768 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-15 03:22 - 2009-07-14 10:16 - 00549550 _____ () C:\Windows\system32\perfh014.dat
2014-11-15 03:22 - 2009-07-14 10:16 - 00117342 _____ () C:\Windows\system32\perfc014.dat
2014-11-15 03:22 - 2009-07-14 06:13 - 01494768 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-15 02:50 - 2011-04-10 11:51 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-14 18:15 - 2009-11-27 17:32 - 00000000 ____D () C:\Users\Adrian
2014-11-11 04:08 - 2002-01-03 19:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-11 03:46 - 2009-07-14 03:34 - 00000658 _____ () C:\Windows\win.ini
2014-11-10 23:57 - 2013-12-01 18:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 19:00 - 2010-11-27 23:08 - 00000000 ____D () C:\Users\Administrator
2014-11-10 18:48 - 2009-11-28 16:21 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Google
2014-11-10 16:23 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-10 16:00 - 2013-11-22 17:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-10 15:19 - 2012-03-22 18:28 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\uTorrent
2014-11-04 14:30 - 2009-11-17 11:09 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-04 13:40 - 2014-02-20 14:40 - 00000000 ____D () C:\Users\Adrian\Documents\Electronic Arts
2014-11-04 13:22 - 2014-08-15 16:27 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-11-03 23:27 - 2013-12-01 18:40 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Malwarebytes
2014-11-03 19:45 - 2014-01-04 21:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-01 16:08 - 2014-09-29 14:03 - 00003496 _____ () C:\Windows\System32\Tasks\Yahoo! Search
2014-11-01 13:31 - 2010-07-29 17:49 - 00002212 _____ () C:\Users\Adrian\Desktop\Google Chrome.lnk
 
ZeroAccess:
C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}
C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\L\[email protected]
C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\L\201d3dde
C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\L\4cce1f70
C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\L\6715e287
C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}\L\76603ac3
 
ZeroAccess:
C:\Users\Adrian\AppData\Local\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-01 16:26
 
==================== End Of Log ============================
 
 
Addition:
 
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2014
Ran by Adrian at 2014-11-18 16:21:32
Running from C:\Users\Adrian\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
A Valley Without Wind (HKLM-x32\...\Steam App 209330) (Version:  - )
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Alien Breed 2: Assault (HKLM-x32\...\Steam App 22650) (Version:  - )
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple-programsupport (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
ARMA 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version:  - Ubisoft)
Atom Zombie Smasher  (HKLM-x32\...\Steam App 55040) (Version:  - )
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - BestGameEver)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Banished 1.0 (HKLM-x32\...\Banished 1.0) (Version: 1.0 - Cat-A-Cat)
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios Ltd.)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
Blocks That Matter (HKLM-x32\...\Steam App 111800) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
Brukerregistrering for Canon MG6300 series (HKLM-x32\...\Brukerregistrering for Canon MG6300 series) (Version:  - Canon Inc.‎)
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Call of Duty® 4 - Modern Warfare™ (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty® 4 - Modern Warfare™ (x32 Version: 1.6 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Clear Sky Complete (HKLM-x32\...\{Clear Sky Complete v1.1.3}}_is1) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dachon 4k (HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Dachon 4k) (Version:  - Markus Persson)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version:  - Valve)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dead Space 2 (HKLM-x32\...\Steam App 47780) (Version:  - Visceral Games)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Deus Ex - Human Revolution version 1.0 (HKLM-x32\...\{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1) (Version: 1.0 - Square Enix)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version:  - )
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version:  - Monolith )
Fable III (HKLM-x32\...\Steam App 105400) (Version:  - )
Free Realms Installer (HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Free Realms Installer) (Version: 1.0.3.118 - Sony Online Entertainment)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Half-Life (HKLM-x32\...\Half-Life_is1) (Version: Half-Life - Non Steam - KingSOFT DVD)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HOMEFRONT (HKLM-x32\...\Steam App 55100) (Version:  - THQ)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java™ SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)
Kairo (HKLM-x32\...\Steam App 233230) (Version:  - Richard Perrin)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Left 4 Dead 2 Add-on Support (HKLM-x32\...\Steam App 564) (Version:  - Valve)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Assistent (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1, norsk språkpakke (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2003 Webkomponenter (HKLM-x32\...\{90A40414-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 12.0 (x86 nb-NO) (HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Mozilla Firefox 12.0 (x86 nb-NO)) (Version: 12.0 - Mozilla)
Mozilla Firefox 33.1 (x86 nb-NO) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 nb-NO)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA 3D Vision-driver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 285.62 - NVIDIA Corporation)
NVIDIA Driver til 3D Vision-kontroller 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 285.62 - NVIDIA Corporation)
NVIDIA Grafikkdriver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.62 - NVIDIA Corporation)
NVIDIA oppdateringer 1.5.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.5.20 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
PC Tools Registry Mechanic 11.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.0 - PC Tools)
PDF Creator (Remove Only) (HKLM-x32\...\PDF Creator) (Version:  - )
Penumbra: Overture (HKLM-x32\...\Steam App 22180) (Version:  - Frictional Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Prototype (HKLM-x32\...\Steam App 10150) (Version:  - Radical Entertainment)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )
Red Faction: Guerrilla  (HKLM-x32\...\Steam App 20500) (Version:  - Volition)
Rock of Ages (HKLM-x32\...\Steam App 22230) (Version:  - )
S.T.A.L.K.E.R.: Call of Pripyat (HKLM-x32\...\Steam App 41700) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Clear Sky (HKLM-x32\...\Steam App 20510) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version:  - Croteam)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Silent Hill: Homecoming (HKLM-x32\...\Steam App 19000) (Version:  - Konami)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1970.1 - Hi-Rez Studios)
Sniper: Ghost Warrior (HKLM-x32\...\Steam App 34830) (Version:  - City Interactive S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spotify (HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Spotify) (Version: 0.9.6.72.ge389c074 - Spotify AB)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1042 - SUPERAntiSpyware.com)
Superbrothers: Sword & Sworcery EP (HKLM-x32\...\Steam App 204060) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Longest Journey (HKLM-x32\...\Steam App 6310) (Version:  - Funcom)
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version:  - LucasArts)
The Sims 4 (HKLM-x32\...\{703E96B5-DEF9-4F71-ABC1-78ABB75DE989}) (Version: 1.0.797.20 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Byliv - Stæsj (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 De fire årstider (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Helaften (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 I rampelyset (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Inn i fremtiden (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Kjæledyr (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Overnaturlig (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Øyparadis (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
The Wonderful End of the World (HKLM-x32\...\Steam App 15500) (Version:  - Dejobaan Games)
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games, Inc.)
TrackMania 2 (HKLM-x32\...\TrackMania 2_is1) (Version: RePack - Ultra)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UE3Redist (x32 Version: 1.00.0000 - Epic Games) Hidden
Unity Web Player (HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{89D05DB6-9AC1-4EA2-89FD-859DBA14FEA4}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Worms Reloaded Demo (HKLM-x32\...\Steam App 22690) (Version:  - Team17)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Ys: The Oath in Felghana (HKLM-x32\...\Steam App 207320) (Version:  - Falcom)
Zombie Driver (HKLM-x32\...\Steam App 31410) (Version:  - EXOR Studios)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-41113278-582576069-4287591673-1004_Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
14-11-2014 17:55:55 Windows Update
15-11-2014 01:41:55 Windows Update
16-11-2014 00:37:56 Windows Update
18-11-2014 14:31:07 ComboFix created restore point
18-11-2014 15:09:30 Removed Java™ 7 (64-bit)
18-11-2014 15:12:48 Removed Java 7 Update 51
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2014-11-18 15:54 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02193F2F-FC99-4F9C-A9BD-683C2216E6CA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0D188B32-1512-43FB-838D-DC183068E728} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\update.exe [2011-10-25] (PC Tools)
Task: {2B9DDF91-EE00-4551-9F1E-6ED02F8B6D83} - System32\Tasks\{DA80DFA3-5605-4A5A-9618-62792A7D2708} => Chrome.exe http://ui.skype.com/...all?page=tsMain
Task: {2BCBBDA4-70DB-48BD-BC0B-737C29289994} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3ED23CB9-A402-4E0D-8282-B4C196874C7A} - System32\Tasks\{09AB6897-1BED-4CBF-A01D-DE7FBE2E6BA6} => D:\SETUP.EXE
Task: {47007F08-E7D5-4BA1-855C-D9304936006C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {731CAEE4-3689-4C3A-B9C6-30D1DB8A3529} - System32\Tasks\{F9153D87-6A11-4CFA-8878-5ADFDA90DE23} => D:\SETUP.EXE
Task: {75825693-A73B-42A9-98C0-86277D701717} - System32\Tasks\Yahoo! Search Updater => C:\Users\Adrian\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrsetup.exe <==== ATTENTION
Task: {9F110BE2-FC55-4801-A745-D52C9A8127B0} - System32\Tasks\RMSchedule => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe [2011-10-25] (PC Tools)
Task: {9F3A7641-2BEC-4640-8C0E-DF96D07A28C3} - System32\Tasks\{503E6934-355F-4F11-890E-037549D4CB4F} => D:\tony2.exe
Task: {AE4D9ED4-6D63-4673-9CC4-0944936C8375} - System32\Tasks\{6B8DFAC2-CE7A-4529-8DB6-B374D7EA5D82} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {D4EB0095-9EA0-4B62-BAD7-BC5C95E28515} - System32\Tasks\{D5100DE6-6E6B-4BDC-B12C-176113C8B219} => H:\tony2.exe
Task: {D52ACC87-E554-4D5A-8CE7-593986C213F8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-15] (AVAST Software)
Task: {E4E081C7-F636-4917-BA32-811ED9D6CCAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {ED99C5EB-B66C-4BE1-B4FD-4DFCCC771BE8} - System32\Tasks\Yahoo! Search => C:\Users\Adrian\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-08-02 15:19 - 2010-03-15 10:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-08-15 14:10 - 2014-08-15 14:10 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-18 14:18 - 2014-11-18 14:18 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\14111801\algo.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-01 13:31 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-01 13:31 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-01 13:31 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-01 13:31 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: Babylon Client => C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-41113278-582576069-4287591673-500 - Administrator - Disabled) => C:\Users\Administrator
Adrian (S-1-5-21-41113278-582576069-4287591673-1004 - Administrator - Enabled) => C:\Users\Adrian
ASPNET (S-1-5-21-41113278-582576069-4287591673-1009 - Limited - Enabled)
Gjest (S-1-5-21-41113278-582576069-4287591673-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-41113278-582576069-4287591673-1005 - Limited - Enabled)
per (S-1-5-21-41113278-582576069-4287591673-1007 - Limited - Enabled) => C:\Users\per
UpdatusUser (S-1-5-21-41113278-582576069-4287591673-1010 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo tunnelkort
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/18/2014 03:23:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Programnavn med feil: CNQMUPDT.EXE, versjon: 2.0.0.0, tidsangivelse: 0x4f7a7000
Modulnavn med feil: CNMDWLD.DLL, versjon: 1.0.0.0, tidsangivelse: 0x4f5eedc8
Unntakskode: 0xc0000005
Feilforskyvning: 0x000023c6
Feil prosess-ID: 0x1068
Feil starttid for program: 0xCNQMUPDT.EXE0
Feil programbane: CNQMUPDT.EXE1
Feil modulbane: CNQMUPDT.EXE2
Rapport-ID: CNQMUPDT.EXE3
 
Error: (11/16/2014 02:30:08 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT-MYNDIGHET)
Description: Produkt: Microsoft Office 2007 Primary Interop Assemblies - Oppdateringen Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition ble ikke installert. Feilkode 1603. Windows Installer kan opprette logger for enklere feilsøking for installasjon av programvarepakker. Bruk følgende kobling for informasjon om loggstøtte: http://go.microsoft....k/?LinkId=23127
 
Error: (11/16/2014 02:30:08 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT-MYNDIGHET)
Description: Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product.
 
Error: (11/15/2014 07:20:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585
 
Error: (11/15/2014 07:20:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585
 
Error: (11/15/2014 07:20:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/15/2014 07:20:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8019
 
Error: (11/15/2014 07:20:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8019
 
Error: (11/15/2014 07:20:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/15/2014 07:20:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7021
 
 
System errors:
=============
Error: (11/18/2014 04:00:33 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Tjenesten Windows Update hang ved oppstart.
 
Error: (11/18/2014 03:56:24 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Tjenesten Hjemmenettverkslytter terminerte med tjenestespesifikk feil %%-2147023143.
 
Error: (11/18/2014 03:54:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten BuddyVM kan ikke starte på grunn av følgende feil: 
%%2
 
Error: (11/18/2014 03:54:38 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Tjenesten Internet Connection Sharing (ICS) avhenger av følgende tjeneste: BFE. Denne tjenesten er kanskje ikke installert.
 
Error: (11/18/2014 03:54:38 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Tjenesten IKE and AuthIP IPsec Keying Modules avhenger av følgende tjeneste: BFE. Denne tjenesten er kanskje ikke installert.
 
Error: (11/18/2014 03:54:11 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Tjenesten Windows Firewall avhenger av følgende tjeneste: BFE. Denne tjenesten er kanskje ikke installert.
 
Error: (11/18/2014 03:51:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Tjenesten PEVSystemStart er merket som en interaktiv tjeneste. Men systemet er konfigurert for ikke å tillate interaktive tjenester. Denne tjenesten vil muligens ikke fungere som den skal.
 
Error: (11/18/2014 03:50:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Tjenesten PEVSystemStart er merket som en interaktiv tjeneste. Men systemet er konfigurert for ikke å tillate interaktive tjenester. Denne tjenesten vil muligens ikke fungere som den skal.
 
Error: (11/18/2014 03:43:20 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Tjenesten PEVSystemStart er merket som en interaktiv tjeneste. Men systemet er konfigurert for ikke å tillate interaktive tjenester. Denne tjenesten vil muligens ikke fungere som den skal.
 
Error: (11/18/2014 03:19:45 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Tjenesten Hjemmenettverkslytter terminerte med tjenestespesifikk feil %%-2147023143.
 
 
Microsoft Office Sessions:
=========================
Error: (11/18/2014 03:23:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CNQMUPDT.EXE2.0.0.04f7a7000CNMDWLD.DLL1.0.0.04f5eedc8c0000005000023c6106801d0033b30504671C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXEC:\Program Files (x86)\Canon\Quick Menu\CNMDWLD.DLL827656af-6f2e-11e4-99fa-90e6babc20fd
 
Error: (11/16/2014 02:30:08 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT-MYNDIGHET)
Description: Microsoft Office 2007 Primary Interop AssembliesSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition1603(NULL)(NULL)(NULL)
 
Error: (11/16/2014 02:30:08 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT-MYNDIGHET)
Description: Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (11/15/2014 07:20:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585
 
Error: (11/15/2014 07:20:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585
 
Error: (11/15/2014 07:20:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/15/2014 07:20:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8019
 
Error: (11/15/2014 07:20:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8019
 
Error: (11/15/2014 07:20:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/15/2014 07:20:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7021
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-11-15 20:27:21.072
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:27:20.939
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:27:20.808
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:27:20.677
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:10:13.749
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:10:13.613
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:10:13.474
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:10:13.337
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-10 15:58:13.227
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-10 15:58:13.147
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 91%
Total physical RAM: 4095.12 MB
Available physical RAM: 345.41 MB
Total Pagefile: 8188.43 MB
Available Pagefile: 3911.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.51 GB) (Free:91.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: () (Fixed) (Total:232.87 GB) (Free:68.07 GB) exFAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1CA1A154)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 3B2464B8)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#13
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts
Thank you. Things are looking better but still a lot to clean up. Please follow the instructions below. 
 
 
Step#1 - FRST Fix
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   3.52KB   64 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.
 
Step#2 - JRT
 
Note: Please disable your Antivirus Software before doing Step#1.
1. Download Junkware Removal Tool to your desktop.
2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
3, The tool will open and start scanning your system.
4. Please be patient as this can take a while to complete depending on your system's specifications.
5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
6. Close the text file and reboot your machine.
7. After your machine is rebooted, please re-enable your antivirus.
8. Post the contents of JRT.txt into your next message.
 
Step#3 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Clean"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.
 
 
Step#4 - FSS Scanner

 
1. Please download Farbar Service Scanner to your desktop.
2. Make sure that ALL the options are checked:
3. Press "Scan".
4. It will create a log (FSS.txt) in the same directory the tool is run.
5. Please copy and paste the log to your reply.

 

Step#5 - Fresh Set of Logs
 
1. Right click on FRST64.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. Because you selected the Addition.txt check box this log will be created as well. Please copy and paste this log as well.

 

If you haven't already you can re-enable your Antivirus software.

 

  
 
Things For Your Next Post:
Please post the logs in the order requested. Please don't attach the logs unless I request it.

1. FRST Fix Log

2. JRT Log

3. AdwCleaner log

4. FSS Log
5. Fresh FRST and Addition logs

 


  • 0

#14
Avalanche9

Avalanche9

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Thanks again!

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-11-2014
Ran by Adrian at 2014-11-20 15:55:54 Run:1
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian & per & UpdatusUser (Available profiles: Adrian & per & UpdatusUser & Administrator)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-41113278-582576069-4287591673-1007\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-41113278-582576069-4287591673-1004\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-41113278-582576069-4287591673-1004\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKLM-x32 - (No Name) - {ce18769b-c7fa-42d2-860d-17c4662c70ad} - No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...&ctid=CT2786678
SearchScopes: HKU\S-1-5-21-41113278-582576069-4287591673-1004 -> {6C1A09AB-E43F-4662-B271-5EFD315A2DFA} URL = http://search.condui...&ctid=CT3072253
BHO-x32: No Name -> {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} ->  No File
BHO-x32: No Name -> {ce18769b-c7fa-42d2-860d-17c4662c70ad} ->  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {ce18769b-c7fa-42d2-860d-17c4662c70ad} -  No File
Toolbar: HKU\S-1-5-21-41113278-582576069-4287591673-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bok-NO.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\gulesider-NO.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qxl-NO.xml
FF Extension: Website Discovery Pro - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\xlb0zb1x.default\Extensions\[email protected] [2014-05-01]
C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}
C:\Users\Adrian\AppData\Local\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd}
Task: {75825693-A73B-42A9-98C0-86277D701717} - System32\Tasks\Yahoo! Search Updater => C:\Users\Adrian\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrsetup.exe <==== ATTENTION
Task: {ED99C5EB-B66C-4BE1-B4FD-4DFCCC771BE8} - System32\Tasks\Yahoo! Search => C:\Users\Adrian\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.15.4\dsrlte.exe <==== ATTENTION
2014-11-10 16:00 - 2013-11-22 17:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-10 15:19 - 2012-03-22 18:28 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\uTorrent
2014-11-10 15:27 - 2014-11-10 15:27 - 16409960 _____ (Safer Networking Limited ) C:\Users\Adrian\Desktop\spybotsd162.exe
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
EmptyTemp:
 
 
 
*****************
 
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Windows\CurrentVersion\Policies\system\\LogonHoursAction => value deleted successfully.
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DontDisplayLogonHoursWarnings => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-41113278-582576069-4287591673-1007\User => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-41113278-582576069-4287591673-1004\User => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-41113278-582576069-4287591673-1004\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{ce18769b-c7fa-42d2-860d-17c4662c70ad} => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key not found.
"HKU\S-1-5-21-41113278-582576069-4287591673-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6C1A09AB-E43F-4662-B271-5EFD315A2DFA}" => Key deleted successfully.
"HKCR\CLSID\{6C1A09AB-E43F-4662-B271-5EFD315A2DFA}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ce18769b-c7fa-42d2-860d-17c4662c70ad}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{ce18769b-c7fa-42d2-860d-17c4662c70ad}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ce18769b-c7fa-42d2-860d-17c4662c70ad} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{ce18769b-c7fa-42d2-860d-17c4662c70ad}" => Key not found.
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => Key not found.
Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5-x64 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bok-NO.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\gulesider-NO.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qxl-NO.xml => Moved successfully.
C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\xlb0zb1x.default\Extensions\[email protected] => Moved successfully.
C:\Windows\Installer\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd} => Moved successfully.
C:\Users\Adrian\AppData\Local\{51f86cc0-0eca-8a0e-721a-097fcb8e45bd} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75825693-A73B-42A9-98C0-86277D701717}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75825693-A73B-42A9-98C0-86277D701717}" => Key deleted successfully.
C:\Windows\System32\Tasks\Yahoo! Search Updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Search Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED99C5EB-B66C-4BE1-B4FD-4DFCCC771BE8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED99C5EB-B66C-4BE1-B4FD-4DFCCC771BE8}" => Key deleted successfully.
C:\Windows\System32\Tasks\Yahoo! Search => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Search" => Key deleted successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\Users\Adrian\AppData\Roaming\uTorrent => Moved successfully.
C:\Users\Adrian\Desktop\spybotsd162.exe => Moved successfully.
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F =========
 
Operasjonen er utf›rt.
 
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder" /F =========
 
Operasjonen er utf›rt.
 
 
 
========= End of Reg: =========
 
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
Operasjonen er utf›rt.
 
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
Operasjonen er utf›rt.
 
 
 
========= End of Reg: =========
 
EmptyTemp: => Removed 1.4 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by Adrian on 20.11.2014 at 18:10:51,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update webget
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util webget
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT2720081
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT3072253
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2720081
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3072253
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNToolbarInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNToolbarInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Babylon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Babylon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_daemon-tools_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_daemon-tools_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updatewebget_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\updatewebget_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilwebget_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\utilwebget_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webget_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webget_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webget_setup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webget_setup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnStub_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNToolbarInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNToolbarInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPartnerCobrandingTool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskPartnerCobrandingTool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_daemon-tools_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_daemon-tools_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilwebget_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\utilwebget_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\webget_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\webget_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\webget_setup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\webget_setup_RASMANCS
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\genericasktoolbar.dll"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\interface\{ac71b60e-94c9-4ede-ba46-e146747bb67e}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\ProgramData\AlawarWrapper
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\Users\Adrian\appdata\locallow\babylon-english"
Successfully deleted: [Folder] "C:\Users\Adrian\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\pc speed maximizer"
Successfully deleted: [Folder] "C:\Program Files (x86)\sitefinder"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\babylon"
Successfully deleted: [Folder] "C:\Users\Adrian\documents\optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{00BC1CA7-2789-42CA-B0C2-6158733C4762}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{00C47285-7316-4B67-9910-A81294E8E3B3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{012ABE80-1167-47DC-90EF-CD1A4AE2F2C7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{01AFF57C-9AFE-4FFA-A698-A3AD6677C526}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0210C103-3BED-401F-9F83-EA7F50669275}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{029A045C-E88B-4E28-99FA-C4454386CDE9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{02D8C70B-73D5-4993-B02C-A0D1F2816EE4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{031EB4A4-5509-422D-AB67-F18137A7CDD3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{033069D3-2866-4321-B930-5D31511E7BE5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{033ED9F1-FDAA-4E93-8EC6-EE0DD70A957F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0374EEEB-99D6-4E40-9186-A8A93799DB34}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{03B39634-135E-4C1B-BA56-F65DDA7700D9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{041E7673-B2E1-4451-8B94-BA17D3FBD17B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0480E10B-89F8-41EE-8EE1-5807ACA2DC78}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{04CCADE1-BD97-4D62-BDAB-766FC53BF786}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0504B303-E1A8-49AD-92F7-047BF34F5343}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{052D0775-2E45-4914-B8EA-9D5A3F580F98}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{05A49907-A696-4936-A040-2D116F86C964}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0661B770-6A40-4FC1-A484-53C8190C442C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{069FA2F9-2D09-4215-8890-7C1DB67C0891}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{06BC04B4-4988-4CC1-B60A-3FE2A935908E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{06DD0B49-95ED-4135-9CBB-3C1B944977D6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{07554DF1-90E6-4926-911A-1F66DB9CC997}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{077180A6-5F55-481E-8551-D4156CF686D7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{07753059-AF7E-477D-B09B-063C912DB6FA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{07BDC920-BF82-4F64-BA85-ADA1B36BB413}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{07F93780-FD94-483D-A2DA-2AC706B2B9DD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{08025B32-F54D-463C-8099-556AC53C2193}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{08E2DD50-6013-4C34-BD68-F3EE3E4C096E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{08E61282-BAF7-441F-ACEC-10F982400CBC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{09219BC0-AA44-4576-A8B7-BB6E14F902DF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0926F7D8-D7F7-4E9B-8AA0-B864BAAC1C2B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{093B3464-B812-4A48-8771-B040B3FC31EC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{094C9428-28D0-4273-BE59-8F5677280D63}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{09989BF5-FF21-4854-B9BB-7C4E42FD1A1E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{09D80585-B454-4B3F-B733-25B3FA02A72D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{09E9EB0B-9992-43ED-96CE-F161EE358A41}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0A36028C-AF01-402F-9819-D0FF83851297}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0A521248-64B7-4FB8-B82E-568D28A8344D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0A53368C-8726-48B4-829D-F2401D78AA62}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0A744509-48A7-4610-80AC-D9F704D45DD0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0B7825FA-1AB8-4434-A16E-7784A638053D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0BA9F38D-00A5-4489-BB06-1A5267C6A146}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0CE16DC6-7C8B-4D28-89FF-9C73103035F2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0CE5437C-6E83-4601-8AA3-456FE3914495}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0D8BB9E8-AC0B-476B-9475-10448F50B6E2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0D8CC54A-D41B-45D8-8C8D-31A61FDE0018}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0D8E2756-52B4-4639-AC30-65B3120D579A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0D9C2D7C-0B15-46B1-998A-396457E5C574}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0DDBDD1F-7230-4425-8BA8-527578CB8605}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0E42CE56-7D7A-45BC-AC1B-B65E03056A3A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0E5B0B1D-8391-46F1-B6B2-5C76CC32A51A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0E8969D9-F656-4A40-9E97-BC99F675B3E5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0EFD7835-F829-4B9F-B234-A96FA82EF2A8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0F5179DB-B72A-42A9-B3C1-E905E8991202}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0F73F9E9-1A22-40CD-B5B3-444A69320676}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0F759FCB-138F-4F40-A296-196385FC643B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0FBFE1E8-EEBE-402F-A7FD-A9584D3BBE9C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{0FC1AE36-595C-489D-83E9-D56A4AFA3C0B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{10594525-0E7E-4ADA-B8C1-240F9B848AA7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{10E7DF6F-F96F-43D2-94DA-F29D4364B801}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{10F5D5E5-A7C0-42DE-9141-FA6D1D4FF792}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{111B9730-E440-4502-A4F8-C7CA1334D225}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{113AB94E-C7D2-4E86-9A91-ADE623B9837F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{11542182-984F-4B96-A398-6A0C8BE8D4A2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{115E4DE5-F7DB-485D-973F-49AD13E9BC21}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{11F2DEB5-32D3-4DA5-A76F-01C71AB478F0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{120F5545-7A02-4F52-817E-D2E4FBB518C8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{12824EAE-EAB1-4BDB-A4B5-4402AE3790C3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1283811D-2F72-444F-9156-D05C0DF6351D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{129BAE3C-1F6B-4419-A1FD-3C9324DCB3C1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{12CA6D29-9199-463C-B4B1-CBB9B9F76F0D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{12CAAFC4-1766-47A6-B16D-6CDEE92C12DA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{12FCBC31-3726-4A74-9DBC-F87BC5FA707B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{138C0DBE-507D-41BD-A83A-87C6F4193C5E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{13C84559-A9E9-4B33-A4AD-DA082784B42B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{13E1D244-581B-4A61-A4F0-75838AC75442}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{141FE3A8-32DD-4D43-B558-AA80A40549A0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{14C09D66-99BA-418E-BFCA-4836A1A5D7F3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{154F5F10-1922-4FC4-9266-898FA3160632}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{15C1F756-07B3-4489-9874-E4DD26AE7AE4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{169CF24D-A722-4AB5-B7B6-B07048907686}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{16E07D41-9137-4945-B5AA-CB4A3BB2549D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{170DFD7E-9F84-4982-BDB6-E51F84E729D2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{17145635-0E72-4800-8F75-80B1C496D81D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1723A73D-4957-438A-9104-81356297B4BF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{17F06B70-DD4C-446D-BC5C-A71049B5E941}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{18779D2A-927F-4A7F-A2C9-A5EDE0A9133C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{187BFF54-CE82-4129-9867-AD6A0619D5B2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{18ACB6F4-188B-4A5B-B62B-8CACF11F0CB2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{18B3FF46-42A7-46D6-8190-006B8872F07B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{18F3F97D-0E33-44FF-AF88-F22950FCFD73}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{19174E82-8B40-4C27-883B-4C0607DDD334}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1955A8CB-9E42-4819-AC31-1344A67BE6E2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{19A861C4-BC30-49EA-9D3F-699AC91BAF35}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{19D1E591-938E-4351-BEC8-5B9BED65B451}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1A614EFE-6027-4117-95AE-D5DF18B25B1A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1A629740-44D5-456E-A92D-2FD5E663EC84}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1A98BC5D-D12D-43EA-BDB2-5AF57CDB7953}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1A98FCAA-6FEC-4DFA-A93D-72AB98679E41}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1A9A3007-5E5B-4894-8FA3-02B810809A06}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1ADC9D83-E704-40DB-9FBF-8821342987F5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1AE4E4DB-3CB0-4179-B1A1-605B9EC2527B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1AF140BA-7A53-4235-AF85-2651B78D8682}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1B71E7CE-9114-453E-A041-704FA980291D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1B96295A-6E07-4C7C-A5CA-E80AE454C7A2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1BDA8A11-8877-443A-ACCB-BF64EFDFF88C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1BE2FA10-D4C0-4042-B909-2835D516F11E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1C582677-1F64-4799-BD75-40859F4175A5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1CB3C58C-780E-461C-8466-818898299971}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1CC9732A-3EE0-4632-AE21-C19732C3D25A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1D111C2F-D459-4400-9258-2525AA84451F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1D5A74B6-4DCB-42C3-A96F-D4B26BDB6B13}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1D92258D-63AD-4A0F-8F2D-AF0EE178B7FF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1DB88745-C62E-4F13-9577-F3ADFF0C12A5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1E0A56CE-E31D-4428-9DB7-E819930070DD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1E7CF449-A9A0-400A-A5A0-19C51FB710A2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1E8ACDAA-84B8-4B1D-A35A-F63A92FCAA87}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1E8B6297-4BF0-4148-973A-D7F0F72BB113}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1EE0B1D9-596D-4BA0-A231-A269192C078E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1EE45A4B-1662-4071-8667-9BEC3E63DCB0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1EE75FE6-1627-4546-BC05-0BCE972D7624}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1EF5880C-E143-4994-8321-CBCB367648D7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1F01E4DA-C9AB-4983-8DD3-510C6E131FCE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1F7392A9-1FEE-46DF-A5C4-D04E967681FD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{1FC38602-C181-4CC3-B9A3-ACCBA289192F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{203B3866-DBB9-4BC1-8070-67522489C530}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2082FF67-E0BD-4903-BDB2-E56BA4741B52}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{209CF87A-119F-43A9-A63F-5116D14DE664}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{20C22916-E1F7-44A6-BDA7-09E21DF3077D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{20DBAE45-F120-49CE-A22C-1E7E671CC296}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{20F26453-746F-4D48-839E-CECF62D15C1F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{21351CDF-C8B5-4381-A39B-3BB183D53B83}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{21866B76-AA80-4086-BF0A-2952EC50B3EE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{21924B14-EE0B-4657-96DC-F25B0F3DE0A2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{21A3F1AD-CD34-4A9A-94B1-D68DC0984EB9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{21C235E7-C6FB-4D9E-8D2F-7114A2623A4D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{21F080A7-60DB-4B89-811A-39B7DE437F06}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{225635BA-6B15-4186-BC03-9D2EE1FDF348}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{22A394B3-C961-4780-BC4D-1CF64AD0930A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{22B0B788-BE36-42B9-B5ED-82B15A018CEB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{22C78C2D-ED07-4DDA-AAA4-D611C755256C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{23A50FE3-C38A-4391-8C03-1A8645221DDB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{23CE7DC6-2997-4B9D-9E7E-05B3FE767A5F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{24095B03-A98D-41D1-ADB2-AAC1B739C45B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2486FFF8-6F78-45EB-9533-2EFA87FD95B6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{24BB46FA-1493-4AD9-B12C-B3F92295011A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{24F8C040-99DD-4091-BF28-5CE56FD06981}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2510708E-EEC6-469F-9D82-9DB17A2B7E51}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{254B726E-2E2B-4124-A0EF-452948564D5E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{254D228B-68FC-45E1-B44F-355E6C2D4617}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{261A933D-02FE-4CD6-AF72-EE45945A7505}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{268FED3E-E441-4766-B5CE-4166DF1CE3D4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{26BD338A-8198-4265-A2EF-DC5179F4129B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{26F0921B-DA6D-44D3-8671-7A1A0906DF78}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2785A99D-348C-47DC-8CD0-9A66B54AA73F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{27BB0E1A-1781-457A-90E0-92650C155CBA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{280D61F1-8D7A-460F-8E59-2245D33D126F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{284B5814-4A7E-42FA-8D1B-DD7AE2ADB406}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2886A7D2-323F-4557-932D-ABAA2BD6D0EC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{28A9457F-F8DB-4586-980E-AED620AEC347}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{28E17DCB-7BFE-4926-BE83-3EA5C1AB4A1A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2909A7B4-5828-4CC5-8451-264D66B8B794}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{29327034-26B0-4329-B36A-1C60484B0B20}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{293DA66B-6F8C-4A56-BFA7-CF397D636AB7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{29AD86B1-8E45-4046-BD58-16D2A2F9A03E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{29FC248D-7419-4A00-92DD-4C9227EA72DD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2A92CBEE-764B-4CF8-A944-D9C73F2C6CCE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2AF2C287-6B9F-428C-9E73-46E7EDD8D767}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2B16AA9F-73A4-4A89-8ADF-9E1658F05C1F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2BCDCC91-89A5-423E-9E61-E85F9983287F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2BCE8AFB-13CD-4109-B1CB-0DEA97EDBF88}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2BE21F04-6F4A-4F5C-A64A-B34542B6F919}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2BE4E4C1-A771-4373-8B24-A9785F711888}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2C22CEBD-99BB-4F6D-8E61-B2900490698C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2C89D527-C6D0-408D-A57F-37196D981AE8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2CA34ADB-0A9A-432E-A71B-B3314D6BE6E3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2D111704-FC6D-46B9-831C-00965DB233AD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2D30ED54-DA78-470D-ABAE-4ED10FFD785B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2D529D81-23FC-4D42-A5A0-EEE0F1672671}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2D52C59F-C03A-485B-B35F-2DC8BE56822F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2D794F6A-EFB5-4069-9FA5-08E8129EC9DE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2E8DAAD5-45DD-4B9E-A5FE-E105D44C7D0C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2EBDDE1F-22F1-41F0-A831-F7A300B21D20}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2EF0A9EE-893E-4F3F-AB9D-2838F60C08B3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{2FECF998-3383-46BA-8790-F9A5EF43DF27}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3003E96C-B4B2-4C87-A5D2-0481BB22B515}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3005B99C-5481-4D5C-81FD-29B425102C89}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{303476D3-37A7-4887-A549-7886EC74F217}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{30B81D97-B84F-4E78-93C3-D8538D03C536}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{30BA55BC-87DC-45E4-AC00-ED3F4C4B0D12}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{30BFB687-163E-464F-BDB7-5FDF2FFD244B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{30D112DB-7612-42BD-886C-B0AA0C85C5E6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{31254098-EC85-4ADD-9AB5-808DDC9FB5E2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{314FF0C6-50B9-4F59-A641-C1D918125222}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{31626875-53A1-4E5E-8A4F-23A01B37E70B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{316B4920-D016-48AA-A87A-6BAF8DF536D6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{328D0D28-8B1A-4A2E-A99A-FC8A6A55FEA3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3297006A-8DDC-43B4-923B-027F6820D19A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{32A50CE6-F495-4B90-A270-F5D853508A4D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{33F677D9-04CF-483D-B560-9E792801B7EF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{33F98552-39E7-42E1-90F2-7057EB4B30F4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{34448EA5-AD98-43DD-AB92-4D7C8672EE8A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{34589CBB-B8ED-42B3-9F1F-E3924CCBE3C1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{345BB7C4-620D-4AA3-9504-A9B6FFDFBDCD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{352679B7-22BA-4BD2-8639-A55E120D3823}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{36A17899-92B8-40B3-95B1-8B6EEACFA17F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{36E7B71C-018B-4191-94D2-C787B9F7D0D4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{372D33E7-EECB-4BF3-8E18-718AE7AE26B2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{382FCE25-3207-4897-879F-B68FB2B6EFD4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{388524C2-84E9-4B46-944C-2937323C242A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{38DD46A2-D644-4C40-B832-F62471ED2391}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3939BEC2-91E9-4340-9F34-5A1F4C8A3280}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{394C55A0-B4A5-40D5-A67F-727A9A583344}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3A690148-8869-415A-AAE7-09A19776DAA3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3A800C9E-A3B4-4F2B-BDD2-02B3E352AAB5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3ADD9DAA-F2FE-464C-8B29-9D2061473194}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3BD8E7ED-3E01-40E0-9FAE-D51CECED68F0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3BDAEF50-612F-43D6-9075-B223950B8F8C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3C6A428E-5F69-4679-93D9-0FED79701E9A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3CF31BD5-214B-4027-BDE5-405E0522C8D6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3E7D03E2-29C7-4592-A6A9-323B621B5A61}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3F0A0E03-4E5D-44AB-A074-8F97C4AAAC2D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3FC3C200-B22F-456C-B6CC-A0E70AAA6E6F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{3FEF8E7B-E7B7-430F-99CA-9B4BE74120ED}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4004B6AD-F4E5-498C-94E5-C433E19758CF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4029DA2A-CDAF-4755-87C8-CD0905CB6894}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{40312185-D6E9-41C5-AEDD-87E0D41C2FA4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{413D87EF-9BD8-4F62-8FBF-973983B124DA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{41647D70-CF7E-468D-9832-C3BB127D1048}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{41E156C8-67FE-4A3F-A6F1-F6BE7163546C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{425DF239-D022-47E3-85AC-5A6A09810156}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{426B9163-A777-41BA-A35C-9F9ECC16EAE5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{428DBFC6-1F18-4852-BFD0-0E7CD5F96977}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{428E686B-E6BA-4257-85A7-F4759A9ACC19}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{42B42BE0-ECEF-47EF-BB76-AF4844B2A584}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{43F4D27F-75B9-474E-9C95-F16A45B5A67A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{44409C6C-B39B-4715-8353-A471479BEC15}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4447D58E-1063-4BC3-A10D-49864ADAF4AE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{44507A62-D133-4C89-A521-1CBA7229FAC2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{455050C6-F91A-40EF-8AF4-13BDDA9968A7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4552C2B7-FECA-4F90-809E-3E723343475F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{455F55E2-34FB-4234-86B3-D2627E1190FF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{456550F9-767B-4E16-8F54-F09AD1F6876C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{460C454C-8FFC-43CC-A5D3-03C26D6FFB8D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{472132EA-9407-4049-A3D9-4497743374D0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{47CBD22B-12D6-4982-BB05-193C68722AAF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{48AE40BF-1265-4CE4-9307-312422A9C744}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{48CC0D9F-F84E-410E-A827-5BF17F209D72}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{49AFA1CE-5645-4F8E-A91E-DF937EE40398}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{49BFD35E-3858-459E-B8BB-E90404FAB74A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{49C1138A-79FA-4828-8F5D-7BF746C382D3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{49C3A98C-2EE1-4ADF-8B50-F03978206F3B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{49DD32E7-BBAF-45ED-92E4-DB2995F2401B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4A43854C-F90A-4BC7-9D0A-DD4C38EB746C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4A7F5BEF-68E4-472A-97B7-E4F9910C46F6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4AD7E380-F81B-4E80-B7FE-2C19E5F88B39}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4B38232B-F71B-4B0B-BEB5-1F0928859663}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4BC97314-BF93-40C7-9426-273FBFFEBE8A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4BE544AF-D686-4EE6-B2E9-31F1AFC5AF66}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4C4D5CDE-94FD-487B-B95C-8845FDF35963}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4CF44CD6-5199-452E-91E8-A877C49CCA55}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4D4B9CEF-2D01-437B-812D-F3D252F6121A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4D68EF15-2143-47C0-849E-D52A2F1A92C7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4D70EBCE-7F01-4ABA-9574-AB6FD2DB838E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4D736B0C-C022-425E-B021-FA8AA62F759E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4DCAC817-0452-4A0B-A334-ABDF887417A3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4DDC6B05-B0B5-4EB4-9421-AFBDCA12650C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4E154B4A-3AB2-4AE0-A570-0EDFEB21CBC1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4E4BAC09-D7F0-4187-B650-30A45F3D1170}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4E869757-A296-4DB0-B1D4-D6C2A9CF2A77}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4E980C56-5ED8-4D4C-B62B-9755578A35CB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4EB88F45-F5BB-47A9-B60B-F6B65634A5FE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4ED46BE5-86E5-4B62-8059-AC81969ACE6D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4EE0194E-7170-4FEF-8077-75AB8FEAC9DB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4EEDD242-CC0E-4947-B521-C6B9E2B2FD19}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4F06535F-5FEA-4B32-AF2D-87B9A2A20D48}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4FB7104C-375D-4F63-81D6-ECE7DCFDE776}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{4FEB6693-C8AE-418B-A8E4-0C38A4456ECC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{50BC67AE-7752-4155-A31F-B53447E53201}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{50DCD06A-ACAD-409D-AE9D-769A6DCD9614}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{514BE1B2-5AA9-499D-8289-A5067278FD36}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{516190E1-AA9D-43FD-B01F-0F59D14FC3B4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{518E93E3-4B92-4816-8E91-DE52EA233EF9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{51E19F17-AF57-443B-A5CB-190747F32243}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{52064426-2FC4-4287-B9A4-0CA9D26BC167}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{52244309-4AD9-47BD-AB15-31E120A38443}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{522F116B-5197-493C-A8DF-1C1388747222}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{522F2B36-3186-4C5B-9B46-05DE7762A5B3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{529FFAA5-2831-4EBD-AA01-867FD81F0B42}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{52D74B92-476B-477F-8D04-110E5FE61F4F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{52FDCC40-9E24-4EAB-840E-92DAD72F46B5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{52FF17F6-D9F9-4D26-B8F6-419C9CE4F7CB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{530FFF41-4B8D-4FCF-B4C3-03AE042BA621}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5311C35B-F30C-408A-A64D-9CADEAA58CB4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5341C355-4D94-44D0-9C93-7F4C4385F008}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{53536E5C-8A63-415F-B78D-3AB454ADBD1F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{535867D3-47F6-4C7B-8285-71F1DEC2643D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{53C7300E-4EAB-4A90-A759-19781F3756F5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{53DA2B67-33A6-453D-9F18-E371CF25B6FA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{53E140FB-91F8-46E8-8026-D221DC46EE43}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{544F2F0C-F274-4714-86B8-1D74241FC79B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{545BE6B8-3ECD-4BB1-9F30-A5459F4AD5C1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{54A0A62C-C8E9-4920-B89E-F4F97DFC56FE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{54A230F9-4DC3-4FA3-81AE-A0506BCADAC0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{54E26A84-E0BE-4D08-B562-FFD048990FBD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{54FB2DEE-7562-444A-8D44-94B4D417653F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{55B914D8-D572-4921-A1C0-1ADC964568C0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{55B91607-EB6A-4F35-8145-14B99BD3C540}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{56252CCF-0479-4EC7-9CB3-4BDB9DEFEAEC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5629E93B-5CC1-4568-8047-094F6E3BFB49}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{565AC942-33BC-4EFF-B7B2-5CF1C2878B8F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{56AD5AAE-E9DD-443D-A9E0-8DE1B3550DF1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{56B28AD2-C807-41EA-B206-8DFC93DDBDB3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{56ED5740-84E3-4FBF-BB60-AB89311EB66C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{571B75D6-C02C-4A9C-85ED-13A12E805939}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5736AEBC-9ED3-48A6-B97A-D69D70892B2B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{57F88E45-A05A-45C6-A553-58D78B587152}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{58066097-C19C-495A-9646-9FFDC9442B43}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5866DEAE-15D4-450B-A7B0-3991ED687098}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5870CEAB-4FDB-402F-B124-821A4E5F23B6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{58D3497C-A504-4040-B136-76BD70996E6A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{592DBEEF-3677-4F38-8F6F-AB66BF8CDC5F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{593B6D40-067D-4421-9796-E38E6EF8E14F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{596D7E74-0809-4182-A506-8E7611E04AC0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{59A91853-1B7F-4592-AF15-686EAEA5FF5D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{59C5361E-EF76-4325-BBF1-FD16ABF6A48A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{59C5A6D9-1CD6-40B7-89C4-B4A837C37EE6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5A42464C-31A1-4376-A092-C295CD3EAB71}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5A9FCE85-2E0A-46C0-A9DF-C8AE0F6FEDC1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5AF02497-E0EC-449B-AF63-3FE578CA7C91}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5BA84C24-D579-48EC-81E3-16BA258F0E69}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5BB0351E-C291-45F2-A8A6-2F63D0326B4A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5BF2856C-2BA4-4A15-9ECA-762DF347B55D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5C0213DC-27FE-4861-90FE-47D6D56923D3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5C4DDCD1-C4AA-481C-A988-96781BBBB11E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5CEBD38A-4565-4B09-85BF-3C37A93CCDD9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5D63CB4A-8138-4F20-A60E-8F855A3F9BF3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5DA59896-4522-46CD-930B-9A38C5A67FE9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5E345EFF-5ADA-4FEC-9BC9-92D6B0F6F472}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{5F1AB0F2-6CA1-4333-920C-0141DC80BFBA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{600E530E-9037-4041-B89F-7EBD22E3920A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{60423415-14F2-4816-9BCF-3BE13715E2ED}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{604F6800-FDC1-40C5-8757-E5CFC9932557}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{607DB7CD-68D9-4FFD-8094-75327FA7A361}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{60AC6714-047F-42BA-90F3-7A67FEFD55A0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{610085A9-E211-4468-A0A2-2E298632CC63}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{61097D65-5C5B-4808-A202-06DE63681695}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{61D66472-C6D3-4037-8ECA-A391DCA12A5B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{61D8E57B-95AF-4CA1-B9B5-8F05990A0941}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6216BD8B-79B3-43FE-98FA-87F0DEB5170C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{621BEE2B-46AD-449F-AA12-B71440B2F086}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{622CE1B0-9C8F-4829-AF56-CE613291DF3E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{62709741-58AC-4616-9FBB-87957D3790A7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{62874D99-E982-48EE-B8C0-4670F46B376E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6381F955-7BFF-4AD9-B6AF-D707F58D9DE5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6417CC89-E337-4C3F-BF61-16FC35D05F8F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{645162FB-943A-410C-9BC7-9125A48B7022}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{64D296C2-6C78-4AD4-89C3-19BA9C1F22E5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{64E93812-5AEA-4958-8B64-537BEAE1C4A3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{64FC65B4-5218-458C-9F2F-078C336DF539}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6500900D-139B-4719-A9F9-4CCDD2908A88}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{650CA9A3-8751-4987-8DAE-F84CB0AA3E2B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{653463D3-5970-41D7-889E-3BA106B86E24}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6551D014-A8EF-47B0-B5D3-366AEF0015E7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{656E9370-4A4C-4E3B-A438-1605DFC47C54}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{65A590C9-BD26-4431-A4BB-54CDA8C1808E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{65D06360-25A0-48D8-BB9D-BDF4E32B478A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{65DA0F14-3E29-40B8-AB7A-E03A44AB0249}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{65F3F8AC-DB98-402E-85EC-AD44C8CBB402}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{664D14C5-5015-4E0F-A11B-C465EA449A9D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{666F734B-896D-4D6D-B39D-48D05059579F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{66DE29B0-BEDA-4FA3-B04D-67FE0753C7ED}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{671EC605-F346-4618-8577-95F5A4CA1262}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{674B4339-4BEF-4962-8B5D-E9D3C4B002B2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6809E236-FFF4-4A52-BDF2-949274718FB2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{681722D5-373D-4A10-B0F5-EEBF8BD5DCA0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{681F71E0-D6F8-460C-A70C-08D747FCF8C3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{682787EC-1BE8-49E0-9B1D-0DB5E3EFE647}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{68704F26-7BE1-4F1D-A4BF-61A2C624EF92}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{68A09973-6678-456C-97F9-37D91DEC7585}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{68C40027-A84E-4D3A-A5A3-D958FAD1F045}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{68DDE1E9-B3D6-4BBB-BF58-7CF5A636E7C7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{68E1A90E-60C9-437F-9366-914190D48BAB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{69517883-875A-40D1-9499-89B0FF65B2EA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{698F7020-CF41-4BC1-81AE-5E1A5AB5214C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6A0B8007-617A-4583-A0CA-53050603F8B4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6A6BF5F3-477C-4371-A492-96190B30BFF4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6AA7FA81-41CE-42CD-A2C4-4B5133BF52F3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6ABA92FE-2E95-4991-B4FC-CD6186E0AE44}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6BB37D59-7EDC-419E-9936-98DEF3983E12}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6BDDA77B-5D37-4FA6-BED3-F727B0CD456F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6C125161-5389-4D4D-B081-9B20E0BE48B7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6C7C0600-467A-4EAA-A739-C74F63D92DAA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6C8D97F7-64F0-43AE-A877-5C753277F61B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6D03D689-6E8F-40FE-9CED-726155FF22D7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6D473559-E6D5-4F5F-B2B5-52235017FCA5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6D6C9D15-EEAE-46B1-8AA2-9422A8720F1F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6DB017BA-A2FD-4C1A-A3C2-E3A9BEB9297F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6DCC6B67-01BF-41EF-BE89-173307C5A649}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6E474AFF-ABB3-492A-AAED-141993125B7F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6E85282F-B504-492F-AEAD-132535F09D41}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6EEEE792-B98B-4C6A-86A3-4380DEB9EF38}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6F27E145-FF35-4C4D-9B2A-BF020BC47F54}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{6FE61962-07D9-4473-B66B-4445B0FB50D3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{70815912-03A8-4B43-BAF6-E2C2453FD434}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{70D3274E-CAA9-46AA-A383-3CF7FE63AC66}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{711BF02C-A29B-4C8A-839A-36E3F6B295A6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{71760CD0-7680-4957-9D07-42FC6051FE31}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{71DE8953-E69E-4DD1-9536-BDBD29E2D015}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{721D6E04-B062-4B8C-9F58-FE153B647A24}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{73358721-8C83-4C1E-9D01-EE03289AB103}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{73490E4D-4674-48E6-8D17-A310AEFD380B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{73525889-15C3-4AA1-94D9-B95E802F66E5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{73CAC50F-1D1A-417C-9B68-82D6F9C7FD96}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{73DC7578-668E-4F4C-B7A7-8F4D0994D011}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{740F929A-D828-4738-A613-723C1C4ED0AB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{742ECD9C-CD4D-4D60-83A0-736B4699AD83}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7445CD97-2EC4-4719-B0DA-FFDDD3D088EE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{74D49BCC-F460-4D7C-88C2-C4CF8F7A4ABA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{74FD119F-BAEF-43A7-9BBD-8EB45398D468}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7513D810-C778-4FBA-84C3-8F4A6163A9DD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{75CC4E93-6263-4119-895F-DB95067B22C5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{75D634A8-8F08-49EA-861F-DA339AF7684B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{75F920D9-8609-4C73-B6FD-310ABE581FBD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{76541745-1AB7-4B62-9FC5-AEC70BDB0C19}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{769DE255-333F-4EEC-A88C-109A1016E1BF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{76DB3EAD-CE2C-4209-81B6-76A8780438AB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{76E1F604-E529-41B4-8782-CA9283FE5D60}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{76FED87A-F944-4C3D-9894-0F906752B625}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7711E672-4E5A-43D1-9AA9-5D2BDD851C79}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{773A89FC-7BBF-48A3-BE2A-1590CC4152D9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{776022ED-2A87-481D-A015-A8D53753D084}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7774FC2A-92FC-4877-AB4B-31F7D868F8B7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{779DE6F7-D737-46B5-8141-1DE6CA36D65D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{77A46FC2-9C73-496C-9C4E-400127576766}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{77B40761-A013-4C97-9143-E94851C62AB0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{77DBDE24-099A-48FB-95A2-E810748E1987}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{77E0599B-3B24-4DC5-8259-5A82B1EFCF64}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{78299A2A-3F5F-4E48-851C-6C3BA6C8B00F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7861C5E4-07FE-4C51-8E3C-6C6A994A2223}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{788661A2-1CFD-44C7-A737-ADBC3C424B52}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{789CA2C7-5529-492D-A4BD-B0AD2CE00A1C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{78BC4DE1-7059-4F28-9BA3-EDD446CE995B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7917022C-EE7A-4A6E-B1A9-25A4C6D4D9D2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7921B13C-B1DA-4DDF-BFFE-4E4B4451C7C4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{793E1C5F-AC2C-4CBB-A3FF-85FD5583BC88}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7944D186-3445-4000-BE30-6B0ED5886F7D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7ACA57C3-869D-49C4-AA61-8EE02F939D6E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7B0D8DB6-EE2F-41D4-9CC4-99E06E1BDE9C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7B3EE794-87B6-4BBF-B4F0-66F1BD18408D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7B854CDD-6388-47CD-ABFB-59F4FB607766}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7BD5CE8C-1787-4B64-965B-E5C01A13E5D2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7C09D1F4-869B-42A6-BF7C-A92E2DE887D5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7C13FA01-B244-4E36-9F3B-0D0056BEF711}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7C4CF800-617E-4304-94C9-F1D7CC8C2085}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7C57EB8B-C76F-41D0-8325-92799833407B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7D19477C-96A1-4782-B6C4-BF818D898C75}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7D24B2B6-BF01-4E13-A2F9-C3417D6A7D13}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7DB959F5-C94F-401D-B40B-993B9A5F5D0B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7DC0EACD-728E-4B7B-A209-FE5BEDDED350}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7E106D82-1990-4266-8E94-3E81EE81A160}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7E1DB847-5327-4456-86F9-B97E4344410D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7F962C84-BB91-4726-89CB-EDD84DF88D62}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{7FB99288-4120-4D20-8E1C-5294104D01B2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{80078D87-898F-489B-A551-7AEC322FEC2C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{802E9068-9734-49F9-B6DE-66AF506E66A0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8071D116-9030-4D7B-9BF0-8DB94A756FEB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{807547D2-0120-489E-98A4-0A180D88ED2D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8085F0E9-8187-42C4-B754-FEF4165513BD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{80ABDB4E-0095-4727-BEFF-0C8D2E56B4F2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{80B0681B-5DF6-4440-88D0-E1E5CF20EDBC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{80BEFADC-CF50-4B0C-957D-BC6898425E68}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{815DB6EC-0644-4454-98D4-6BCDE4CE79C0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{81A760BC-A81A-4352-9D28-1B24ADB6B1C9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8227D892-2054-451F-8A4C-326E58BE0BED}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{82996391-5749-428A-A0FD-7EE946ED7F87}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8341A381-1F25-4A02-BE8B-362B8B135CD6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{836D2808-F331-410E-839D-B5205E123FB5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{83963622-E67A-4FC8-B47D-3FCB0D1A8CC9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{83AC373F-0D93-4E9B-94E7-291CC863D1F0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8447F807-5277-4A39-85EA-293FFF0DE44D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8457B7AA-0182-410F-8863-AE071D3281FF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{845CADC5-1781-4D7E-88F3-FA3010A900AB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{846B4ABF-E2B6-4709-AD14-11FC87088A52}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{84FBFFA3-734B-4269-8239-37B4FF92832D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8518A0E3-8E82-442A-AE1D-317D871267C3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8549D2A4-65C3-42BC-B880-A26702767990}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{85D4DCD4-2399-4F38-BA9C-C4FE736F6A90}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{85E43CE1-DD50-47EB-8DEB-BEA738A0ECA6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{863A3092-7C27-40BC-A267-33BE89AAC991}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{869E5AB3-322B-46EE-B84D-EECFB9AD715F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{86AFEA43-AF35-4F63-98E1-2D91572428EE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{86C11A6B-8B0C-4658-90F0-FC0A8B9C1FBE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{86C52DB1-6DD5-49AB-885D-26D00ED29DBB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{87322BBB-948C-464A-A181-2C634E4B562F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8836240F-521B-4A44-B4CB-B125F3EFAAAE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{885381D9-DE8E-4370-A6D6-9A6DC621008C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{886D104C-ECCB-426F-B881-EA3D3B10E518}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{888EB4EA-C6DC-49B5-B97A-17D95673D819}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8909FFAB-E82F-476F-8143-A5162E756061}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8940346F-0D6B-44FD-92AD-9DEE6A7B48B5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{89A425FF-D67E-490E-8A5D-6CF560176AAB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{89B40EB7-6372-40EF-B079-BA60FF4272B9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8A03FC51-0547-479D-9EA8-762FA3FC0450}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8A680D56-C736-4C1A-B472-4B863274F47F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8A724150-0657-4186-BE1F-76412B2C9D98}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8A877B28-1592-46C5-A07A-4572D083910F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8AB00E29-11C0-4105-BDA6-DB2794ACDAAE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8AB6EF14-E869-4EB8-A63D-4E48273F72DF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8AD7168A-8923-4B43-A2A4-5DFF0F378DD1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8AFA8497-19C5-4C54-86B9-08777CD87DC5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8B1D5C83-6586-4B14-910C-0BB4E8D0E9F2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8B389FA5-E57A-4494-B514-A984B9AA0A40}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8B531C94-31B4-4147-84AF-86C2C6E6A693}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8B5E0C2A-283E-4EFF-80BC-A0E477E1564F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8B7929DE-4869-49BA-8A8E-D875125E6A1A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8B814281-6CAA-44B4-8ED3-7BF105CAD1EE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8B8DC951-F516-4F1B-A8F5-DEA7A0B76626}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8BBAFDA5-FAC5-4686-B0CB-7CD013601193}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8BEB14A0-1EE9-4629-9A68-5CB85881533B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8BED8133-BA6B-40DD-9CCB-9B7C79CA98A8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8C3DCE24-B1EC-4C09-871E-BBBC8811CC82}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8C9AED1E-3C8D-42BB-8F90-872CBF5ECCCA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8CB8634C-986B-47B5-99AA-215B9C19DD3D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8CE08254-6EB1-4BD7-AC85-121796531E80}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8CFC01E5-5A9F-4AB7-9592-ACC60FFEFBD6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8D0CB3C6-8ECF-4C4B-9BC4-5106F17A4ECA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8D20DD17-6A7F-4DE5-9505-93F77D1E353C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8D5FD804-A1B8-4486-930C-F7817C389240}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8DBFE239-886F-4E7B-B786-FD2AFDA8BF69}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8DFDEE9C-661A-40B5-9554-811F2A2A79C1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8E24C36C-1EF1-4720-9C85-A85C31C25046}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8E72387F-BBFF-4FC3-A967-F8DF4CC6E288}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8EB47FCF-7458-49CE-963F-389261296874}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8EE59887-738B-4879-BD15-45C8CCE43392}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8FB3AC50-80F0-42A6-A885-FA5BAA9BFBF5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{8FD11315-DA1C-4D24-B811-FD159059DB20}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9017916D-5FBE-47DA-B558-01FDD215ECA2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{91395491-1313-47B2-A85D-059098824600}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{933EE37F-E91C-4239-8756-4AFA06D625D0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{935920D0-C0DA-4320-9DFF-3D3EE652DED4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{93639507-DC85-40B4-8D95-F50E83A635CB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9374FD28-CE1D-4E8F-97D8-1513F0F70FE6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{93BFA340-84A7-4475-82D1-ADD04777F299}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{93C8452F-D6FF-411B-8E2C-17E9F55E1843}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{93F0408B-8027-4799-B98D-0260709DE9C2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{944EA72E-8B5E-4772-AF34-D8BEDCBD035E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{946B3B20-DBB2-4672-8C52-3BC5FA2B80D0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{948C871E-0075-44AB-A5EE-B5F3AD0D191B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{94983BA8-2DE5-4235-BAE1-D899E3AA3FBC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{94D6CEF6-2B79-479C-B20D-F4FF494D0F1E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{953A005F-A460-4FAE-BD5D-0FC7F565A6E7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{95D2BAD0-124D-41AE-B817-6E18432B4009}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{95D7FC5F-DD4B-4957-8B2B-D74D647C5F53}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{95E95F29-3AA3-4D43-8FB7-79E7A2331F38}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{95EFC552-A1DE-498B-AFA5-E816F2546C81}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{96FC29D4-2925-43C7-998E-0E02FFA8D50D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{971053B4-BB23-4B77-B633-E640968BD8F5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{972A7AC8-28DA-4A8B-AF1A-AF2FFE7A11AA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{97AD5D9E-89AC-4964-BFD8-DA15925B8A67}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{97D6A70F-0546-415C-86F0-DCB060DC353B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{98002937-9B08-41E8-A32B-570111021F4A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9860469E-F9A1-48E7-B3F9-A13939B36ECA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{99131763-BB18-4459-858E-D3C50F1BA66D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9971A600-9077-4A49-8EA0-354362263F31}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{99742CA0-55A6-4FA3-B8B4-9F84567436C9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{99C1174D-AE35-4B07-8ECA-E90529A51086}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9ABD3044-DA36-4284-9C61-DD03CFFA53BD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9AC115E0-021F-4027-B4CB-6594C8A3F38C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9B2CEDD5-F294-430C-AD06-F2F85F0DFB7B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9BE65633-C5D4-49B8-AE30-EF06B163F806}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9C1FEB5F-5621-484B-A48B-1288287D3CB7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9C2AB849-E9B8-4627-8D43-43E92DDC6892}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9C464CEE-C328-4F63-AD2D-B8B3A092F588}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9CBC56B1-A6E5-4B4C-98DB-5A146DBEFC0F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9D065C37-F327-4DEE-874D-5BDEE1C46614}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9DDC3595-55AC-433A-80A3-9DC4CF3F1A34}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9E168027-FD9A-4C3A-AAB3-F69B473A70E7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9E357FA4-BC25-4408-8B93-7F44D72B9168}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9E8C1FC3-1D4B-4210-BCD1-E0FACFBF8158}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9EA55561-FCE7-4532-B407-C9DD17C6B993}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9EB594EB-7AAA-4469-817A-116139700AA6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9F6EC5F4-2E5C-45B1-A7A6-3A707E5B2E73}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9F988957-C965-4467-96CA-C009253A5AAB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{9FFBD52F-EEFD-4E4D-B2B4-35622BD66EDB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A09FA110-469A-4825-870F-24F8838522F0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A0FFD321-22F1-48C4-90C3-CFE8C26D0F10}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A198DCFC-4D6C-4774-B47B-5618E1699DA1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A1D9A1F2-E072-43B3-AE75-EE74D2670E6F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A1F58DA1-E1ED-4440-8941-B1FCB6376AC5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A24B9004-617C-4511-8A7B-CF4ABB321E8E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A2D262D5-9654-4D31-8438-2C10C0FB7ED0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A308F70C-69F3-43A5-BA2E-52018C18E1C0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A386F56C-BEDF-4750-BB83-F2F92A8DA8DA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A39E3F4B-32F5-4D43-A582-70EC559A9FA6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A438E540-344D-4236-9E59-149C3A88D37A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A56DC835-F475-445E-98FB-FBCCC79AD969}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A592E21C-FBDF-498A-92B5-7A270061E78F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A5E7A3F2-B2E5-48A2-94FA-C2DCFD137DA8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A5F2355F-C36B-4CEA-8074-87B317988757}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A63088F8-CE6D-4D5E-8FB3-B4D50A339BD9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A6656D68-8D07-47E8-AF55-ED61230C756D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A7136BFE-D2E9-41AA-BCB9-2F6F0B69D6F7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A764206D-51CE-4634-9206-9CECEFDA22D1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A7DB9564-3194-41E1-8F2D-876B5AFE4889}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A853CBA2-2924-4D90-B990-3D98C23B0C56}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A903820A-1FDD-4FA3-B65E-16221C97E9AF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A90B1DB9-D6AE-4682-8E66-0716F10F8CD9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A9103C49-E511-4F96-BDF4-439B0F7F11C6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{A91B6849-FD79-489E-A2D1-ECCD6EE3157F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AA4C3825-EAF9-4AC0-9D1D-1DBDC49A7FDE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AA6598CB-447D-4C70-965D-CDD149E7859B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AA84DE49-53C0-4FEF-BE20-CBB7D30CA6C4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AA9879B7-6C4D-4102-A451-BE0AC536DFFE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AAB51D2F-2E35-4BB6-9659-BF02F01CAEE8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AB4DC81C-F1DD-4107-A2F3-1E2D0432A243}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AB80DBDC-5117-476D-B1E5-AD639A1EA777}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AB822AAE-1AFD-48B8-A348-A1A92DD401F2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{ABBC0D42-3DD5-4738-8322-1876AF1FA09A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{ABD523B4-C851-4A0A-A584-10B6830F6867}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AC68A36A-39A2-465F-A23E-88682B0F4BC5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AC91D068-7FCA-4AD9-B93B-8886AE0E7863}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{ACA169B1-C4A7-4524-9A51-BF52D9F071DD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AD02C04A-C818-442C-8F32-901961BD6E08}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AD48E6E8-D58A-425B-A22A-08DDC7862663}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{ADA4523F-45AF-4E20-B9DF-5B2A51A2E898}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{ADEBE173-5D41-4660-B7F0-3880A28EEFCF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AE1FDE06-C5B8-4D2E-AD42-B5D27D91C5FE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AEAA1229-9F04-4D51-98CE-6E5D3D2F5BC2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AEE471E2-7E51-40A2-A092-AA3BE59FB375}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AF2F8688-3F34-4EAC-896D-836B48C834C5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AF6BFF68-7C3B-4BCF-8805-D4D8FE5FA5B9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AFAED94A-3112-4150-BC02-FD7D73880718}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{AFEA47D0-606C-406A-BFEE-AA5EAB1410A1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B02B03F9-6AFF-4AA1-A0CC-EEA08C5BE6BC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B1188391-EA61-4606-BFA3-026F8821B268}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B1C135B7-FE9E-43B5-AC87-E89DAC5753F5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B1E48B12-67AF-49D0-93A2-2D2054537BE5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B2292FE9-88CC-4410-8F77-D58104BCD8DA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B290F0D1-D654-4F4C-8F24-9EE93C133242}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B291BBBF-F876-42D8-9476-B36717C02C93}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B2A9A98A-7AC6-4B15-A93B-95A0082D457B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B2D00B17-E4BA-468A-BF97-23800CEBB3DA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B31FDC03-3913-4CD8-958F-688219D5FEF5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B3337132-6ACD-44F0-B0D4-B47EFA620A3C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B337FDEC-B0E4-4F61-856D-C5B58513FD64}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B381E1BD-81FF-4CE0-AA1E-4ABAB19AC884}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B392EED8-D4E6-4996-BE98-3087CE2A2993}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B460996B-A023-4225-ABBC-766E81079054}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B4929652-E785-4875-9E61-BD981BD17788}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B4B06FE8-62CC-4BFB-8000-B324E8F54214}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B4D3C0AD-DAEF-4598-B1EE-F3FB9190155D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B4DBBC0D-B142-4266-A0A8-B91992BEA6E8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B53B15B5-AAFB-49DF-B8FA-236CA2D8387B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B5543D9D-21FA-4943-96C5-A86A15F736BC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B5894727-D656-42D2-884B-832CC2410B5B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B6059DF2-E19E-49B3-B335-B8237E9AE567}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B62864F2-2B28-4D42-A141-F366B361FF0A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B64A0179-E319-42D3-B8C5-ADDED6A2EF79}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B6A05281-1553-4943-9385-1077284424CC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B6F67B75-A0A2-45CC-A453-27F76B4F4EDC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B822BF0C-3A0B-418C-8403-CF8A6A692070}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B84F8E9F-A7CE-4DB1-B82B-26564241C561}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B8B46A14-B2A4-4C5F-AC6C-EDF767F53274}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B8E5A8C6-3D0D-4C72-A13D-DC76E543FEA3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{B998B107-6E2E-4952-B2A6-9D3C718D52ED}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BA1F02A1-21D6-47D1-BF86-28522EDF6B4C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BA2F2FEB-9598-49D4-A430-98A95790B21B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BAC72F24-E8E9-4D28-89D0-1EC1D6C091D6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BACA1D40-1726-48B8-8D28-C76A6CDF2D22}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BB47C661-D24F-42EF-8E57-74C74AB0AF25}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BB49D992-82F2-4D90-B9C1-33288BB25C4B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BB4B4792-18D6-47F0-B3F6-61BE2D365642}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BB5CB2AB-C4FB-4506-8E58-43F3CD0F5C27}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BB7249D3-CCC9-4ACB-981A-619D96E7052C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BB9F271A-09CF-4068-8262-3A0982DA00EB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BBD38B5D-0459-4CA7-95E8-222FA74FC92C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BBF6138A-E76F-4784-BB68-16C165FDBD5B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BC34C796-CE9F-43EE-AD85-E225678B2FBA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BD1DFE60-46BF-41A8-AD04-405CB0829C71}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BD3FC5DB-587C-46EA-B34E-684CDD5E3A82}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BD619373-3B80-44D8-9EAD-288DF92FC379}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BD9ADFA2-D515-4380-B95B-E2E1C65E2EBF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BDA9E1A9-2100-404B-81F1-CEC40584408E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BE1643C0-FB94-4AD8-89B4-F3C4D6FE38CB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BE9BDD91-517C-48C5-8814-123164D403AC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BEC62AA9-1D31-402C-B295-B49086FE20B9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BF37FDD7-9B17-4169-AB69-B405D346F677}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BF3EA4E6-2A06-48E6-8D9E-717628A393DD}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{BFDA5F10-F827-4473-8415-40D389249DCA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C01AE8CC-E4BB-4004-8EDB-F49333316CAE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C041CCF0-154F-4994-95B5-CAB0FADFE116}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C05630D3-367E-4010-B874-8B7DFC528BF8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C0BF515A-F316-424E-AB2C-7A3168E10BDF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C0CAB3D7-5054-4E6D-B668-161514849523}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C0E0F031-6423-4912-9CBF-9444CB3E362B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C0EECECF-3475-4DB3-9D1A-0DAC43092D83}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C1278651-1E0D-43AE-AD7F-004431C23794}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C13DDCAA-4C5A-4992-96A8-1F2B76B78956}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C162FD10-B928-4D31-B65A-59330E9ACA13}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C1C6F080-170B-47DD-9438-7D6EA0F3D412}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C218CBB7-2918-4FF8-9508-D52A28E0154A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C251C631-384F-436B-93E0-5B70AD182136}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C2A8CC2D-DB79-4BC7-9922-9929025FA8B4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C2D88B4B-B441-410A-9F13-D9AC8EE56E2A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C2EE9CDD-0013-4649-8A14-5C8520069DBE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C2FF3BE6-1851-429D-817D-B1F15606119A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C340786F-8227-41D0-9E30-5752EAB0E94A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C4461FA3-A3D5-4BA8-B025-6F9A929A260E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C495AC79-BF3E-4BE6-8588-85E0C546F4E0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C4BA5C7C-FB69-439E-83B4-7E6B89B53224}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C4C1E850-38D9-47CF-9964-1C530CC22326}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C4DCC0EA-DEA2-4C8D-8B0B-E76312656579}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C4FDDC9A-6C45-4A4D-A8AC-CF31CFDADB2C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C52D125B-9D96-43C5-B7E3-BDF0DF2C850D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C5426EC1-C735-4965-9989-516A93EDCE31}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C5DEBE6F-F724-4763-85F8-FD5B0F13BED9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C5FF2930-1B50-4DB9-B9B2-E4E4D7A7889F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C6055B56-6ECD-42B7-9A97-A6D1DFA5D44B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C6FAB669-CBAF-43FA-BBD3-331D12724897}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C6FABFCF-0F6D-4820-B97A-4CBABA505317}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C7359F1D-65B0-458B-9ABC-89489DF9BF3E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C7CE4671-51FD-4ACF-A669-CBCCD2C555EC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C7F76947-5F1C-4110-BE39-1674438767F1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C83E14A3-0706-4EE0-B17E-FF0CE287A21E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C851FA0D-D5EF-45F5-9AE3-A851894991CB}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C8753064-70AA-4EC0-9904-8B5BB88F5786}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C89DBEE1-73F4-43D7-8FA9-1FC39C6A8123}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C8CF46B6-2A0E-4ABD-925C-8B30F66344A5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{C945AA70-620C-4432-8527-BA62FDD8FA8C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CA4C845D-4816-4E7C-BE81-D66A0DA27788}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CA67188D-4B43-464D-9C98-16FB6F2AED0F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CAC7B1E7-1EB9-4483-9932-0250E653F6F0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CAECCBF1-541F-4D31-9B0C-5DB71D3FEE61}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CB3B57DB-3B83-48D4-9A78-875AE62DC40B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CBB43137-B8F9-4FAD-846B-6700B443F3C5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CBD4094D-8837-40AB-ADBD-5D4480BAB01B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CC190BA8-C349-4F79-83B6-95D8BA4CA8E3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CC4FDCE6-7176-4499-A3B1-D6FBD9CC2012}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CC75640E-0087-4372-ABB5-45844B1BB897}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CCD2A5C1-E49B-43F2-8FDA-D73BFA3567ED}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CCD66D70-EFD8-4E22-81DC-62DA10E53682}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CCD9C935-E903-4F14-A4E3-911851D26AF2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CCEEB915-5F5F-4803-A051-4A3CAA56D7F0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CD7F29B6-854F-4338-939B-01075CFDC9E7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CDA8AEE3-7711-4067-ABB9-6C9FAC6E367E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CE2E5350-E738-4398-AAE1-9E59344D7182}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CE42BCE0-1A50-40AF-9298-90918C0F7661}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CE53B390-A7B9-4F64-8CD6-611E9FF7AD1A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CE6AECE0-CB37-4B26-94F6-F40005E19772}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CE752E58-1390-4A21-91A0-467534D2E71F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CE91914F-4D60-4441-B430-77977EB1B245}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CE946E25-24AB-41B9-ADCE-F13C89427AE6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CED4B7C0-E816-4787-A448-F02921FE45A9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CEF96BBE-D1F3-4367-B75C-C0D0C92E9896}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CF04D0D5-D23D-4E78-8152-0F3E402BE116}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CF1E9AC5-E1B0-4730-AE8C-876C7825DBD0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CF2904ED-8C89-4EE9-AC4F-EDE5C9BCB331}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CF3D6274-AD45-4C16-8815-A8EDAB335241}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CF51A7D5-7574-4D2D-B56B-D1E331BCEA94}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{CF5B8F22-63CA-45B9-88CC-0CF418301378}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D07B5393-8AB4-434A-AF55-15CB7FD4AA39}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D0BC90D6-AB6C-463F-AC9B-03A1D63A9C9E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D0E109D0-E4D4-42DA-AA78-978B17C18D3B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D12BA4CC-5254-4BFD-85C1-931E4D08790B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D13A3F0B-30C0-45D3-94EE-2C96E6EED099}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D150D2AE-2ED3-4BC3-B5AE-E9390293E225}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D1572BC5-F934-4997-909E-45FC424A0588}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D17BE725-8DC9-4131-9B1F-EEFF8DA6B4D4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D1D2E5B7-CD58-45BE-A7AA-BBF47BB0B608}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D1F733A7-9A9F-46CA-8762-E7FF3CE159E3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D25DF684-3DEC-4D49-B84F-BC8DBCB4100D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D2D008A1-DB61-437D-A4BF-7B9F35A08F5E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D31025FE-095B-4A52-91C5-04C4EDA44745}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D31296B2-61C9-4C3F-9AB4-A7148CE713AF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D36DE455-3EFE-4AF0-8351-02215D59886C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D386948D-961D-4D14-9476-C3A521843950}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D3B1B616-149B-40EF-8DB7-D84FE83D51EC}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D3CA513C-24DB-4C31-AA79-FB654A38BE16}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D3F349DE-E419-48C1-B514-9098551E2E50}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D485D4B1-11D0-4B25-AF62-8815B4DB2FE1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D4873AA8-F879-4FF0-ACDB-543ADC73F2FE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D524F7B5-67CC-4AEE-A7FB-1167FA1712ED}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D5BA4424-324A-42AF-B20A-106DC2DE84B0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D671CCB2-CFD9-4D36-B094-8C79293949E0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D672F44D-E4D0-48A4-8F77-B98C9C1B73EA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D690034E-85E7-4891-A155-65F813856E9F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D6959F75-E3A9-4E05-84D6-AF107E228C6F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D69A009C-3CE1-4A76-9B08-32D224C6B228}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D6AEEB1B-455D-4871-9815-9950DC6DEAE5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D6F82D54-1F02-4D01-93C0-CE9075E7E746}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D7050899-5E2E-4483-AA8F-4DE4A418B5FF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D84E4FDD-C226-4D0C-B8D3-C7CB8ED6CDF0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D8DE2D98-2CB9-4601-9CA0-D878E6F581B9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D996016C-62F4-4AEF-9BC5-27486229E3AF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{D99A0FA6-4BDC-499F-82BD-915553A49BFF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DA1CAB49-359A-4E6C-ADB0-B76BCF88DAAF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DA3FA1ED-EAC3-48CB-8202-2C1612B10127}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DA40B61A-B7FB-4C39-B6D4-E281D7332129}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DA8B14F9-2AFD-4697-B248-78AACD21E899}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DB55A922-8490-48BD-AFDA-3DF566FAFF56}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DB55CE0E-AB64-46AD-BC9F-1287537D8F64}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DBC359C8-5FF4-4916-86D4-6B075F52680F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DBE6932C-D734-4C35-AE32-0BF87EFA0C0E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DC052AAD-5D2F-4F91-96D6-521AE5D9D5F7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DC3FF2DC-83CE-4051-B149-4B76F261045A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DC874D56-053A-432F-8380-BA5039A9DFF8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DC9C0C75-86E1-41BC-AB8F-5172F0058839}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DCD2A075-836E-4049-B713-FD94696222FF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DD301272-D74F-4C75-A61D-13517EB117E7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DE047848-00B3-4350-B251-BFC0E560190E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DE7F503F-2701-43BB-A24A-C93F75F73222}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DEA91417-B6C6-4190-BC80-417611D494BF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DF085F1B-FAD0-4DB1-8DF1-7594E1FB97A6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{DF25C298-C10F-4772-B28D-F4FEDE6AD6C4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E0E8BB15-0D6D-423B-B7F9-B9745DC9A994}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E13BCEC9-BF5C-4DDE-9989-00E9E0646C5F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E1525E6A-50C5-4B85-88BB-305E9C9BCF76}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E1BB51FC-EC61-46F1-A47D-2A0B49B41A93}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E1E25D57-5BAC-433D-AA72-C7E3BFBF6496}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E20F9119-1DCB-4DDB-A13C-DF289F8703E3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E2315515-E3C4-4FF4-B08B-B37D4898D205}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E293C191-2F7A-4FC5-AD05-550482908636}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E2AFA2AF-E116-4480-9907-7CA343C7A43D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E2D1DAF0-FBED-4FC5-A3CF-D935A4B931B1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E32B5897-F05C-4693-8C57-6BA8EB4E0558}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E3D6066A-48A5-426F-BF03-42359BED60A9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E4843BA6-61AD-4D5C-B63B-0F53F2AA6DE9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E4CF5BFE-8FA1-4B56-9280-4C2B018D1CC6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E50AB37E-A89D-46DD-A314-EC20A530A617}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E51A666A-21D3-4A05-8676-EDEF5BAF9A34}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E5452C2C-13B7-4426-AAFA-BB45ED6DEB39}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E5AE7243-C93E-4784-9095-C11A7E147CA2}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E617C55A-0D10-4943-9F8A-D1F353EB7959}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E6872F9C-AD98-415F-B68F-A84066B0D7B1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E712957A-BC9B-481C-B700-ECA4935DCC4E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E7937378-C277-4032-9555-8F110D613D0C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E83687DA-DF28-42DD-9FC9-49932CC2AF62}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E8D293B1-91D7-499A-BDBB-8BDB3A8260CF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E8E7667A-0776-4C1C-83B9-0DDF7EF7766D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E912C08F-7641-4D44-B3FA-095A575079AA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E94D858C-957D-4A68-9958-5113ED2365CE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E981F697-5DD1-47AB-8AD3-0B9E4F4B5F99}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{E9F9A2BB-D9F1-44E6-A641-4DF7EEAD08F3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EA13E6E5-D1EF-4A27-B837-14F0CDB9F8A4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EB074A83-349E-46A9-9C95-F639BB47F875}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EB1F5190-3718-4D71-9CF9-D2CCE3460E82}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EB2B5C08-64E4-4FFE-8A24-0391B6A3767E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EB393C24-3C4F-4C43-8BC3-72FF887C700A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EB734A96-7F64-401B-8AB7-CE0237DAD147}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EBD93B34-6E6D-411A-B2B8-4ABF886B0568}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EBF7C5A1-7ADF-449D-AD88-35DABC053323}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EC39E5E7-6B06-4E08-9625-A94C52EEEC0A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EC6CC468-B198-42DC-A9D9-E1606722EBA0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EC92E40E-CE1C-4587-A6F2-F843284D14AF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EC963567-7465-44F9-BC1B-93A108372C19}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{ECA78930-B4EF-472D-BFFD-37733AC2B557}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{ECB4ADA6-7A73-4BFB-92CA-9D821AFF208C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{ED39D118-28F3-430D-93A0-F91716AD7205}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EE29CFA3-685A-4EF4-AB36-095FF8D6EE40}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EEC6DE85-B819-4F2C-BAE9-2241BC7055C0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EECD4428-40C3-4764-912F-C3CCD4D7B9B5}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{EED46466-AFFC-4844-A560-4B9F0697AF6D}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F01ADBD1-D98A-4FA7-B9D0-239C8EA45454}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F0616301-5A2B-4260-ABA5-07B68BD6DB61}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F0623F78-B3B7-454E-9F20-3B88CAFD0306}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F069D010-68FB-4C5F-9CEE-2ADC0EBB7BFE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F0843D86-A1AB-496A-8812-C81555A796B7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F0930E82-770C-4698-AC99-8D3DDAB92C6E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F12D9685-6B7D-4E3C-9ECD-F40F03DF51D4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F13638A1-B293-4131-A5C0-EE58CEDAE1F7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F196C519-73E0-4902-8D15-C851CF81DA47}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F1ADC6CE-6E6F-4900-9C93-661BFD8F6C4E}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F2550A60-E1D3-480C-8434-60799D761B8F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F2743A79-CB69-4FB4-AAA9-0D0829D62A19}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F2B4B2C2-5A3A-4009-AD3D-18605EDA6276}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F2D939D8-F9B9-438C-A27E-C4C9072D5ED1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F2E6B31C-0B02-4CE6-8333-A6DE83EBDEC1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F32C3EFC-6746-4E22-90B9-FE878570578A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F35ACE69-8398-462F-A526-7B5FE43AB86C}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F3615816-033C-42CF-BD24-253BF0428C68}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F38B1357-9270-48A7-8D3C-652FF847F275}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F489B0C4-20FE-40B2-A9D8-22489638C1C3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F4A66545-E772-435F-B033-BFD9ECB522C0}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F4E55F64-8CBC-4161-9B9D-7E6E25ED0FED}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F5322333-9052-4C36-B0AA-F845F99159B8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F577FD12-10E9-45C9-870D-F0994A742F77}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F59E749C-400B-4C04-8F5E-50A98E484164}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F71013A9-6DC6-4FBB-B341-ADD317DB7688}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F7C0478C-016B-4F90-94D9-0A398F4C59B9}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F7D0F0F7-6937-4CA8-8863-50E764EA1EF3}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F8579379-E4FD-4DF7-B932-49CC1DDDF1AE}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F8959CEF-A395-488F-935C-D30B37575D51}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F8B43848-6499-459C-818E-ABCC3CA43C85}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F910CC9F-5D06-41F8-8EB1-5004E7EF847B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F988F446-045C-417E-A8E9-D8FB71ED4519}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{F99C277F-D485-4DDE-9DC5-CE4DF6C219DA}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FA19ECAA-DCB5-40E7-914B-EBBC9F2297E8}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FA5650DA-1C8B-4891-98BD-A220FB159DD1}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FAB32E55-C291-49D0-AB50-A47740C63E24}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FB3853CA-6177-4C3A-BE3A-5140EEC7ABC4}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FB5D7D0C-532F-4394-9304-881DEA192490}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FB8F794A-4A19-440D-84AB-1886EC346C26}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FE1DEDE5-1CAC-4E50-8054-EF0647774CDF}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FE6001D7-AA94-4CA9-9E1B-16C462FE4C38}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FE798508-CE3C-46E0-A87E-F29D2CE1B11F}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FED85861-D2D1-4580-8381-F3E5E8EB2104}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FF03FCA8-15B4-4773-BB79-3D08F9958117}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FF343630-02D3-48D6-A2D3-5804D6F3135B}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FF7CBF04-A042-4328-85C7-7F142347CCC7}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FF982D9A-13D5-413A-BDC5-F578005809E6}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FFBC5014-4A64-4CD8-A8E3-BFAA7C6B2B3A}
Successfully deleted: [Empty Folder] C:\Users\Adrian\appdata\local\{FFF066A2-D8BA-4C40-B61D-77F813EBFB45}
 
 
 
~~~ FireFox
 
Successfully deleted: [Folder] C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\xlb0zb1x.default\extensions\staged
Successfully deleted the following from C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\xlb0zb1x.default\prefs.js
 
user_pref("CT2720081.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2720081.CTID", "CT2720081");
user_pref("CT2720081.CurrentServerDate", "9-11-2010");
user_pref("CT2720081.DialogsAlignMode", "LTR");
user_pref("CT2720081.DownloadReferralCookieData", "");
user_pref("CT2720081.EMailNotifierPollDate", "Tue Nov 09 2010 16:57:35 GMT+0100");
user_pref("CT2720081.FeedLastCount129248891425073064", 160);
user_pref("CT2720081.FeedPollDate129225116238185771", "Tue Nov 09 2010 16:57:35 GMT+0100");
user_pref("CT2720081.FeedPollDate129225147492879732", "Tue Nov 09 2010 16:57:35 GMT+0100");
user_pref("CT2720081.FeedPollDate129245643951202078", "Tue Nov 09 2010 16:57:35 GMT+0100");
user_pref("CT2720081.FeedPollDate129245643951202084", "Tue Nov 09 2010 16:57:35 GMT+0100");
user_pref("CT2720081.FeedTTL129225116238185771", 40);
user_pref("CT2720081.FeedTTL129225147492879732", 40);
user_pref("CT2720081.FeedTTL129245643951202078", 40);
user_pref("CT2720081.FeedTTL129245643951202084", 40);
user_pref("CT2720081.FirstServerDate", "12-10-2010");
user_pref("CT2720081.FirstTime", true);
user_pref("CT2720081.FirstTimeFF3", true);
user_pref("CT2720081.FirstTimeSettingsDone", true);
user_pref("CT2720081.FixPageNotFoundErrors", true);
user_pref("CT2720081.GroupingServerCheckInterval", 1440);
user_pref("CT2720081.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2720081.Initialize", true);
user_pref("CT2720081.InitializeCommonPrefs", true);
user_pref("CT2720081.InstallationAndCookieDataSentCount", 2);
user_pref("CT2720081.InstallationType", "UnknownIntegration");
user_pref("CT2720081.InstalledDate", "Tue Oct 12 2010 22:37:03 GMT+0200");
user_pref("CT2720081.InvalidateCache", false);
user_pref("CT2720081.IsGrouping", false);
user_pref("CT2720081.IsMulticommunity", false);
user_pref("CT2720081.IsOpenThankYouPage", false);
user_pref("CT2720081.IsOpenUninstallPage", true);
user_pref("CT2720081.LanguagePackLastCheckTime", "Tue Nov 09 2010 16:57:37 GMT+0100");
user_pref("CT2720081.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2720081.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2720081.LastLogin_2.7.2.0", "Tue Nov 09 2010 16:57:35 GMT+0100");
user_pref("CT2720081.LatestVersion", "2.7.2.0");
user_pref("CT2720081.Locale", "en");
user_pref("CT2720081.LoginCache", 4);
user_pref("CT2720081.MCDetectTooltipHeight", "83");
user_pref("CT2720081.MCDetectTooltipUrl", "hxxp://@[email protected]/rank/tooltip/?version=1");
user_pref("CT2720081.MCDetectTooltipWidth", "295");
user_pref("CT2720081.RadioIsPodcast", false);
user_pref("CT2720081.RadioLastCheckTime", "Tue Nov 09 2010 16:57:35 GMT+0100");
user_pref("CT2720081.RadioLastUpdateIPServer", "3");
user_pref("CT2720081.RadioLastUpdateServer", "129248947734170000");
user_pref("CT2720081.RadioMediaID", "21079850");
user_pref("CT2720081.RadioMediaType", "Media Player");
user_pref("CT2720081.RadioMenuSelectedID", "EBRadioMenu_CT272008121079850");
user_pref("CT2720081.RadioStationName", "AHL%20-%20Grand%20Rapids%20Griffins");
user_pref("CT2720081.RadioStationURL", "hxxp://cdncon.wm.llnwd.net/cdncon_neulion1_ahl_griffins?eid=2037&pid=2037&gid=101]]");
user_pref("CT2720081.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2720081&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT2720081.SearchFromAddressBarIsInit", true);
user_pref("CT2720081.SearchInNewTabEnabled", true);
user_pref("CT2720081.SearchInNewTabIntervalMM", 1440);
user_pref("CT2720081.SearchInNewTabLastCheckTime", "Tue Nov 09 2010 16:57:35 GMT+0100");
user_pref("CT2720081.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2720081.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2720081.SettingsCheckIntervalMin", 120);
user_pref("CT2720081.SettingsLastCheckTime", "Tue Nov 09 2010 16:57:35 GMT+0100");
user_pref("CT2720081.SettingsLastUpdate", "1286735985");
user_pref("CT2720081.ThirdPartyComponentsInterval", 504);
user_pref("CT2720081.ThirdPartyComponentsLastCheck", "Tue Nov 09 2010 16:57:35 GMT+0100");
user_pref("CT2720081.ThirdPartyComponentsLastUpdate", "1246790578");
user_pref("CT2720081.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
user_pref("CT2720081.Uninstall", true);
user_pref("CT2720081.UserID", "UN55642567423741161");
user_pref("CT2720081.WeatherNetwork", "");
user_pref("CT2720081.WeatherPollDate", "Tue Nov 09 2010 16:57:36 GMT+0100");
user_pref("CT2720081.WeatherUnit", "C");
user_pref("CT2720081.alertChannelId", "1112366");
user_pref("CT2720081.clientLogIsEnabled", false);
user_pref("CT2720081.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2720081.myStuffEnabled", true);
user_pref("CT2720081.myStuffPublihserMinWidth", 400);
user_pref("CT2720081.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2720081.myStuffServiceIntervalMM", 1440);
user_pref("CT2720081.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2720081.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
user_pref("CommunityToolbar.ConduitSearchList", "Conduit Apps Customized Web Search,uTorrentControl2 Customized Web Search");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wNaokyQn90mMItP1sym06A==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "V3ke+ogt4ejn0sB1xPR3nw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "bM8wQLfFAEKgVLVF/G5zig==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634303635100000000");
user_pref("CommunityToolbar.EngineOwner", "");
user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar");
user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Adrian\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\xlb0zb1x.default\\conduitCommon\\modules\\3.12.0.8");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
user_pref("CommunityToolbar.ToolbarsList", "CT2720081");
user_pref("CommunityToolbar.ToolbarsList2", "CT2720081,ConduitEngine");
user_pref("CommunityToolbar.ToolbarsList4", "");
user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon Jul 18 2011 17:41:45 GMT+0200");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Feb 01 2012 19:12:04 GMT+0100");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Feb 01 2012 19:11:56 GMT+0100");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "b7222c53-94f4-4b88-a382-7d5eab44c4e1");
user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon May 07 2012 15:11:14 GMT+0200");
user_pref("CommunityToolbar.globalUserId", "824f3846-aeb5-44ca-9561-e3e999234026");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
user_pref("CommunityToolbar.killedEngine", true);
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Jun 20 2012 14:27:21 GMT+0200");
user_pref("CommunityToolbar.notifications.alertEnabled", false);
user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu May 10 2012 02:48:13 GMT+0200");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Jun 26 2012 14:46:00 GMT+0200");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "41bf2121-75be-4221-8f3d-e238a00e51a3");
user_pref("CommunityToolbar.originalHomepage", "hxxp://search.babylon.com/?babsrc=HP_ss&affID=101285&mntrId=24f7758800000000000000195b08d8e0");
user_pref("CommunityToolbar.originalSearchEngine", "Search the web (Babylon)");
user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Tue Nov 09 2010 16:57:38 GMT+0100");
user_pref("CommunityToolbar.twitter.user_2557521.LastCheckTime", "Tue Nov 09 2010 16:57:38 GMT+0100");
user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Tue Nov 09 2010 16:57:38 GMT+0100");
user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Tue Nov 09 2010 16:57:38 GMT+0100");
user_pref("CommunityToolbar.undefined", "");
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Emptied folder: C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\xlb0zb1x.default\minidumps [22 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.11.2014 at 18:15:56,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
 

# AdwCleaner v4.101 - Report created 20/11/2014 at 23:57:05
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Adrian - ADRIAN-PC
# Running from : C:\Users\Adrian\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\Users\Adrian\Documents\PC Speed Maximizer
File Deleted : C:\Users\Adrian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Babylon.lnk
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Key Deleted : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Key Deleted : HKLM\SOFTWARE\Classes\.bdc
Key Deleted : HKLM\SOFTWARE\Classes\.bgl
Key Deleted : HKLM\SOFTWARE\Classes\.bof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BabyDict
Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss
Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C430996F-4AA8-4AA8-81DE-F54432CD5786}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Key Deleted : HKCU\Software\Babylon
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\webget
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Cheat Engine\OpenCandy
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Uniblue
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16448
 
 
-\\ Mozilla Firefox v33.1 (x86 nb-NO)
 
[xlb0zb1x.default\prefs.js] - Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Adrian\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\xlb0zb1x.default\\conduitCommon\\modules\\3.12.0.8");
 
-\\ Google Chrome v38.0.2125.111
 
[C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3072253
[C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3072253
 
*************************
 
AdwCleaner[R0].txt - [5098 octets] - [20/11/2014 20:51:31]
AdwCleaner[S0].txt - [4824 octets] - [20/11/2014 23:57:05]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4884 octets] ##########
 
 
 
 

Farbar Service Scanner Version: 21-07-2014
Ran by Adrian (administrator) on 22-11-2014 at 19:49:39
Running from "C:\Users\Adrian\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.
 
bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
 
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
 
 
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-11-2014 01
Ran by Adrian (administrator) on ADRIAN-PC on 22-11-2014 19:53:07
Running from C:\Users\Adrian\Desktop
Loaded Profiles: Adrian & per & UpdatusUser (Available profiles: Adrian & per & UpdatusUser & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Norsk, bokmål (Norge)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Spotify Ltd) C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2011-10-25] (PC Tools)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-15] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\Direct3DVideoOutput.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DirectSoundAudioOutput.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAACDecode.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAACDecode.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAVCDecode.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXAVCDecode.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXDeinterlaceFilter.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\TextDecode.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\TextDecode.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DivXPlaybackModule.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Run: [Desura] => C:\Program Files (x86)\Desura\desura.exe [2529096 2012-02-28] (Desura Pty Ltd)
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Run: [Spotify Web Helper] => C:\Users\Adrian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-01] (Spotify Ltd)
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6604568 2013-11-05] (SUPERAntiSpyware)
HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-41113278-582576069-4287591673-1007\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-41113278-582576069-4287591673-1007\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-41113278-582576069-4287591673-1007\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\S-1-5-21-41113278-582576069-4287591673-1007\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-41113278-582576069-4287591673-1007\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-41113278-582576069-4287591673-1007\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-41113278-582576069-4287591673-1007\...\MountPoints2: {75987811-d9c0-11de-bb7b-806e6f6e6963} - D:\autorun.exe -auto
Startup: C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1F408D5B4DB7CA01
HKU\S-1-5-21-41113278-582576069-4287591673-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = no
HKU\S-1-5-21-41113278-582576069-4287591673-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x42F9843E13F2CA01
HKU\S-1-5-21-41113278-582576069-4287591673-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://no.msn.com/?ocid=iehp
HKU\S-1-5-21-41113278-582576069-4287591673-1007\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = no
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-41113278-582576069-4287591673-1004 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-41113278-582576069-4287591673-1004 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Påloggingshjelp for Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-41113278-582576069-4287591673-1007 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 84.38.159.242 84.208.20.110
 
FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\xlb0zb1x.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF DefaultSearchUrl: https://www.google.com/search
FF Homepage: about:home
FF NewTab: about:newtab
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandasecurity.com/activescan -> C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-41113278-582576069-4287591673-1004: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Adrian\AppData\LocalLow\Sony Online Entertainment\npsoe.dll No File
FF Plugin HKU\S-1-5-21-41113278-582576069-4287591673-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Adrian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-41113278-582576069-4287591673-1004: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKU\S-1-5-21-41113278-582576069-4287591673-1007: @ahnlab.com/asp/npmkd25aos -> C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25aos.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-04-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-04]
 
Chrome: 
=======
CHR Profile: C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-14]
CHR Extension: (Google Docs) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-14]
CHR Extension: (Google Drive) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-14]
CHR Extension: (YouTube) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-14]
CHR Extension: (Google Search) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-14]
CHR Extension: (Google Sheets) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-14]
CHR Extension: (Avast Online Security) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-14]
CHR Extension: (Google Wallet) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-14]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-11-14]
CHR Extension: (Gmail) - C:\Users\Adrian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-15]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-15] (AVAST Software)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-03] (Hi-Rez Studios) [File not signed]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2011-10-25] (PC Tools)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-15] ()
S3 FTT3; C:\Windows\system32\DRIVERS\FTT3.sys [191632 2007-08-16] (Promise Technology, Inc.)
S3 hcw99rc; C:\Windows\System32\Drivers\hcw99rc.sys [38528 2007-03-23] (Hauppauge Computer Works, Inc.)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
S3 Mkd2Nadr; C:\Windows\SysWOW64\drivers\Mkd2Nadr.sys [106040 2008-10-17] (AhnLab, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-10-31] ()
S3 mv64xx; C:\Windows\system32\DRIVERS\mv64xx.sys [316456 2008-09-01] (Marvell Semiconductor, Inc.)
S3 nvamacpi; C:\Windows\system32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 nvrd64; C:\Windows\system32\DRIVERS\nvrd64.sys [175648 2009-08-04] (NVIDIA Corporation)
S3 NvStUSB; C:\Windows\system32\DRIVERS\nvstusb.sys [48160 2009-06-10] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SI3112r; C:\Windows\system32\DRIVERS\SI3112r.sys [164656 2007-02-01] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22832 2007-02-01] (Silicon Image, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-08-15] (Duplex Secure Ltd.)
S3 VIACRX64; C:\Windows\system32\DRIVERS\viacr64.sys [100864 2008-06-10] (VIA Technologies, Inc.              )
S3 WinTVCIUSB; C:\Windows\system32\DRIVERS\hcw11.sys [103952 2008-04-16] (Hauppauge Computer Works, Inc.)
U3 a6v6ktxn; C:\Windows\System32\Drivers\a6v6ktxn.sys [0 ] (Microsoft Corporation)
U3 az9rpflq; C:\Windows\System32\Drivers\az9rpflq.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Mkd3kfNt; system32\drivers\Mkd3kfNt.sys [X]
S3 Prot6Flt; system32\DRIVERS\Prot6Flt.sys [X]
S2 {09BB444F-B2E2-4009-BAF2-7B727681223E}; \??\C:\Program Files (x86)\VMLaunch\BuddyVM.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-22 19:53 - 2014-11-22 19:55 - 00027532 _____ () C:\Users\Adrian\Desktop\FRST.txt
2014-11-22 19:52 - 2014-11-22 19:52 - 00000000 ____D () C:\Users\Adrian\Desktop\FRST-OlderVersion
2014-11-22 19:49 - 2014-11-22 19:49 - 00003076 _____ () C:\Users\Adrian\Desktop\FSS.txt
2014-11-22 19:48 - 2014-11-22 19:48 - 00415232 _____ (Farbar) C:\Users\Adrian\Desktop\FSS.exe
2014-11-20 20:51 - 2014-11-20 23:57 - 00000000 ____D () C:\AdwCleaner
2014-11-20 20:49 - 2014-11-20 20:50 - 02140160 _____ () C:\Users\Adrian\Desktop\AdwCleaner.exe
2014-11-20 18:15 - 2014-11-20 18:15 - 00116140 _____ () C:\Users\Adrian\Desktop\JRT.txt
2014-11-20 18:10 - 2014-11-20 18:10 - 00000000 ____D () C:\Windows\ERUNT
2014-11-20 18:09 - 2014-11-20 18:09 - 01707532 _____ (Thisisu) C:\Users\Adrian\Desktop\JRT.exe
2014-11-20 17:54 - 2014-11-20 17:54 - 00000282 __RSH () C:\Users\Adrian\ntuser.pol
2014-11-18 16:21 - 2014-11-18 16:22 - 00044214 _____ () C:\Users\Adrian\Downloads\Addition.txt
2014-11-18 16:19 - 2014-11-22 19:53 - 00000000 ____D () C:\FRST
2014-11-18 16:19 - 2014-11-18 16:22 - 00040409 _____ () C:\Users\Adrian\Downloads\FRST.txt
2014-11-18 16:18 - 2014-11-18 16:19 - 00001407 _____ () C:\Users\Adrian\Desktop\FRST64 - Snarvei.lnk
2014-11-18 16:17 - 2014-11-22 19:52 - 02118144 _____ (Farbar) C:\Users\Adrian\Desktop\FRST64.exe
2014-11-18 16:02 - 2014-11-18 16:02 - 00017188 _____ () C:\ComboFix.txt
2014-11-18 15:24 - 2014-11-18 15:24 - 00000000 ____D () C:\Users\Adrian\AppData\Local\CrashDumps
2014-11-16 02:54 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-11-15 22:01 - 2014-11-15 22:02 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Adrian\Desktop\tdsskiller.exe
2014-11-14 18:18 - 2014-11-14 18:18 - 00111208 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-14 18:17 - 2014-11-14 18:17 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-14 18:17 - 2014-11-14 18:17 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Logitech® Webcam Software
2014-11-14 18:15 - 2014-11-14 18:15 - 00000020 ___SH () C:\Users\Adrian\ntuser.ini
2014-11-14 18:15 - 2014-11-14 18:15 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Evernote
2014-11-11 04:47 - 2014-11-22 03:57 - 00066892 _____ () C:\Windows\IE11_main.log
2014-11-11 02:10 - 2014-11-15 22:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-11 02:07 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-11-11 02:07 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-11-11 02:07 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-11-11 02:07 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-11-11 02:07 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-11-11 02:07 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-11-11 02:06 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-11-11 02:06 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-11-10 16:28 - 2014-11-10 16:29 - 05194752 _____ (AVAST Software) C:\Users\Adrian\Desktop\aswMBR.exe
2014-11-10 16:06 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-10 16:06 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-10 16:06 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-10 16:06 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-10 16:05 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-10 16:05 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-10 16:05 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-10 16:05 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-10 15:38 - 2014-11-18 16:02 - 00000000 ____D () C:\Qoobox
2014-11-10 15:38 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-10 15:38 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-10 15:38 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-10 15:38 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-10 15:38 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-10 15:38 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-10 15:38 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-10 15:38 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-10 15:37 - 2014-11-18 15:51 - 00000000 ____D () C:\Windows\erdnt
2014-11-10 15:33 - 2014-11-18 15:29 - 05598319 ____R (Swearware) C:\Users\Adrian\Desktop\ComboFix.exe
2014-11-10 15:22 - 2014-11-10 15:22 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-11-10 15:21 - 2014-11-10 20:34 - 00000000 ____D () C:\Program Files\Defraggler
2014-11-10 15:21 - 2014-11-10 15:21 - 00001684 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-11-10 15:20 - 2014-11-10 15:20 - 04362512 _____ (Piriform Ltd) C:\Users\Adrian\Desktop\dfsetup218.exe
2014-11-10 15:20 - 2014-11-10 15:20 - 04362512 _____ (Piriform Ltd) C:\Users\Adrian\Desktop\dfsetup218 (1).exe
2014-11-04 13:30 - 2014-11-04 13:30 - 00001289 _____ () C:\Users\Public\Desktop\The Sims™ 4.lnk
2014-11-04 13:07 - 2014-11-04 13:16 - 00000000 ____D () C:\Users\Adrian\Downloads\sim4
2014-11-04 11:51 - 2014-11-04 11:52 - 00000000 ____D () C:\Program Files\Speccy
2014-11-04 11:51 - 2014-11-04 11:51 - 04890736 _____ (Piriform Ltd) C:\Users\Adrian\Downloads\spsetup126.exe
2014-11-04 11:51 - 2014-11-04 11:51 - 00000756 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-11-03 23:29 - 2014-11-03 23:29 - 00074460 _____ () C:\Users\Adrian\Downloads\Extras.Txt
2014-11-03 23:27 - 2014-11-03 23:27 - 00147536 _____ () C:\Users\Adrian\Downloads\OTL.Txt
2014-11-03 23:27 - 2014-11-03 23:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-03 23:27 - 2014-11-03 23:27 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-03 23:27 - 2014-11-03 23:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-03 23:27 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-03 23:27 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-03 23:13 - 2014-11-03 23:13 - 00001458 _____ () C:\Users\Adrian\Desktop\OTL (1) - Snarvei.lnk
2014-11-03 23:12 - 2014-11-03 23:12 - 00602112 _____ (OldTimer Tools) C:\Users\Adrian\Downloads\OTL (2).exe
2014-11-03 23:10 - 2014-11-03 23:10 - 00602112 _____ (OldTimer Tools) C:\Users\Adrian\Downloads\OTL (1).exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-22 19:47 - 2014-08-18 14:50 - 01302975 _____ () C:\Windows\WindowsUpdate.log
2014-11-22 19:47 - 2010-02-13 11:10 - 00000988 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-22 19:27 - 2010-02-13 11:10 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-22 19:00 - 2011-12-18 19:17 - 00000288 _____ () C:\Windows\Tasks\RMSchedule.job
2014-11-22 15:30 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-22 15:30 - 2009-07-14 05:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-22 15:22 - 2014-08-16 07:02 - 00008300 _____ () C:\Windows\setupact.log
2014-11-22 15:22 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-22 15:12 - 2009-07-14 10:53 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-22 15:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-11-22 15:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-11-22 15:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-11-22 15:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-11-22 15:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-11-22 15:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-11-22 15:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-11-22 15:11 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-22 15:11 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-22 02:11 - 2014-01-04 21:54 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-20 23:58 - 2014-08-18 10:45 - 00106916 _____ () C:\Windows\PFRO.log
2014-11-20 20:34 - 2011-12-19 19:00 - 00000418 _____ () C:\Windows\SysWOW64\AppLog.log
2014-11-20 17:54 - 2009-11-27 17:32 - 00000000 ____D () C:\Users\Adrian
2014-11-20 15:55 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-20 15:48 - 2014-01-04 21:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-18 16:13 - 2009-11-17 11:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-18 15:55 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-18 15:52 - 2009-07-14 03:34 - 94400512 _____ () C:\Windows\system32\config\software.bak
2014-11-18 15:52 - 2009-07-14 03:34 - 18350080 _____ () C:\Windows\system32\config\system.bak
2014-11-18 15:52 - 2009-07-14 03:34 - 00278528 _____ () C:\Windows\system32\config\default.bak
2014-11-18 15:52 - 2009-07-14 03:34 - 00102400 _____ () C:\Windows\system32\config\sam.bak
2014-11-18 15:52 - 2009-07-14 03:34 - 00032768 _____ () C:\Windows\system32\config\security.bak
2014-11-18 15:24 - 2014-04-29 21:05 - 00001131 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-15 23:22 - 2010-02-13 11:10 - 00003988 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-15 23:22 - 2010-02-13 11:10 - 00003736 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 03:22 - 2009-11-17 10:53 - 01494768 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-11-15 03:22 - 2009-07-14 10:16 - 00549550 _____ () C:\Windows\system32\perfh014.dat
2014-11-15 03:22 - 2009-07-14 10:16 - 00117342 _____ () C:\Windows\system32\perfc014.dat
2014-11-15 03:22 - 2009-07-14 06:13 - 01494768 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-15 02:50 - 2011-04-10 11:51 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-11 04:08 - 2002-01-03 19:39 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-11 03:46 - 2009-07-14 03:34 - 00000658 _____ () C:\Windows\win.ini
2014-11-10 23:57 - 2013-12-01 18:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 19:00 - 2010-11-27 23:08 - 00000000 ____D () C:\Users\Administrator
2014-11-10 18:48 - 2009-11-28 16:21 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Google
2014-11-10 16:23 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-04 14:30 - 2009-11-17 11:09 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-04 13:40 - 2014-02-20 14:40 - 00000000 ____D () C:\Users\Adrian\Documents\Electronic Arts
2014-11-04 13:22 - 2014-08-15 16:27 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-11-03 23:27 - 2013-12-01 18:40 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Malwarebytes
2014-11-01 13:31 - 2010-07-29 17:49 - 00002212 _____ () C:\Users\Adrian\Desktop\Google Chrome.lnk
 
Some content of TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe
C:\Users\Adrian\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-01 16:26
 
==================== End Of Log ============================
 
 
 
 
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-11-2014 01
Ran by Adrian at 2014-11-22 19:55:50
Running from C:\Users\Adrian\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
A Valley Without Wind (HKLM-x32\...\Steam App 209330) (Version:  - )
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Alan Wake (HKLM-x32\...\Steam App 108710) (Version:  - Remedy Entertainment)
Alien Breed 2: Assault (HKLM-x32\...\Steam App 22650) (Version:  - )
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple-programsupport (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
ARMA 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version:  - Ubisoft)
Atom Zombie Smasher  (HKLM-x32\...\Steam App 55040) (Version:  - )
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - BestGameEver)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Banished 1.0 (HKLM-x32\...\Banished 1.0) (Version: 1.0 - Cat-A-Cat)
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios Ltd.)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
Blocks That Matter (HKLM-x32\...\Steam App 111800) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None, Inc.)
Brukerregistrering for Canon MG6300 series (HKLM-x32\...\Brukerregistrering for Canon MG6300 series) (Version:  - Canon Inc.‎)
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Call of Duty® 4 - Modern Warfare™ (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty® 4 - Modern Warfare™ (x32 Version: 1.6 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6300_series) (Version: 1.00 - Canon Inc.)
Canon MG6300 series On-screen Manual (HKLM-x32\...\Canon MG6300 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Clear Sky Complete (HKLM-x32\...\{Clear Sky Complete v1.1.3}}_is1) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dachon 4k (HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Dachon 4k) (Version:  - Markus Persson)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version:  - Valve)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dead Space 2 (HKLM-x32\...\Steam App 47780) (Version:  - Visceral Games)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Deus Ex - Human Revolution version 1.0 (HKLM-x32\...\{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1) (Version: 1.0 - Square Enix)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version:  - )
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version:  - Monolith )
Fable III (HKLM-x32\...\Steam App 105400) (Version:  - )
Free Realms Installer (HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Free Realms Installer) (Version: 1.0.3.118 - Sony Online Entertainment)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Half-Life (HKLM-x32\...\Half-Life_is1) (Version: Half-Life - Non Steam - KingSOFT DVD)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HOMEFRONT (HKLM-x32\...\Steam App 55100) (Version:  - THQ)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java™ SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)
Kairo (HKLM-x32\...\Steam App 233230) (Version:  - Richard Perrin)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Left 4 Dead 2 Add-on Support (HKLM-x32\...\Steam App 564) (Version:  - Valve)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Assistent (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1, norsk språkpakke (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2003 Webkomponenter (HKLM-x32\...\{90A40414-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 12.0 (x86 nb-NO) (HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Mozilla Firefox 12.0 (x86 nb-NO)) (Version: 12.0 - Mozilla)
Mozilla Firefox 33.1 (x86 nb-NO) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 nb-NO)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA 3D Vision-driver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 285.62 - NVIDIA Corporation)
NVIDIA Driver til 3D Vision-kontroller 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 285.62 - NVIDIA Corporation)
NVIDIA Grafikkdriver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.62 - NVIDIA Corporation)
NVIDIA oppdateringer 1.5.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.5.20 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
PC Tools Registry Mechanic 11.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.0 - PC Tools)
PDF Creator (Remove Only) (HKLM-x32\...\PDF Creator) (Version:  - )
Penumbra: Overture (HKLM-x32\...\Steam App 22180) (Version:  - Frictional Games)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Prototype (HKLM-x32\...\Steam App 10150) (Version:  - Radical Entertainment)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )
Red Faction: Guerrilla  (HKLM-x32\...\Steam App 20500) (Version:  - Volition)
Rock of Ages (HKLM-x32\...\Steam App 22230) (Version:  - )
S.T.A.L.K.E.R.: Call of Pripyat (HKLM-x32\...\Steam App 41700) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Clear Sky (HKLM-x32\...\Steam App 20510) (Version:  - GSC Game World)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version:  - Croteam)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Silent Hill: Homecoming (HKLM-x32\...\Steam App 19000) (Version:  - Konami)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1970.1 - Hi-Rez Studios)
Sniper: Ghost Warrior (HKLM-x32\...\Steam App 34830) (Version:  - City Interactive S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spotify (HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\Spotify) (Version: 0.9.6.72.ge389c074 - Spotify AB)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1042 - SUPERAntiSpyware.com)
Superbrothers: Sword & Sworcery EP (HKLM-x32\...\Steam App 204060) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Longest Journey (HKLM-x32\...\Steam App 6310) (Version:  - Funcom)
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version:  - LucasArts)
The Sims 4 (HKLM-x32\...\{703E96B5-DEF9-4F71-ABC1-78ABB75DE989}) (Version: 1.0.797.20 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Byliv - Stæsj (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims™ 3 De fire årstider (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Helaften (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 I rampelyset (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Inn i fremtiden (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Kjæledyr (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Overnaturlig (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Øyparadis (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
The Wonderful End of the World (HKLM-x32\...\Steam App 15500) (Version:  - Dejobaan Games)
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games, Inc.)
TrackMania 2 (HKLM-x32\...\TrackMania 2_is1) (Version: RePack - Ultra)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UE3Redist (HKU\S-1-5-21-41113278-582576069-4287591673-1007\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
UE3Redist (x32 Version: 1.00.0000 - Epic Games) Hidden
Unity Web Player (HKU\S-1-5-21-41113278-582576069-4287591673-1004\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{89D05DB6-9AC1-4EA2-89FD-859DBA14FEA4}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Worms Reloaded Demo (HKLM-x32\...\Steam App 22690) (Version:  - Team17)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Ys: The Oath in Felghana (HKLM-x32\...\Steam App 207320) (Version:  - Falcom)
Zombie Driver (HKLM-x32\...\Steam App 31410) (Version:  - EXOR Studios)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-41113278-582576069-4287591673-1004_Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
16-11-2014 00:37:56 Windows Update
18-11-2014 14:31:07 ComboFix created restore point
18-11-2014 15:09:30 Removed Java™ 7 (64-bit)
18-11-2014 15:12:48 Removed Java 7 Update 51
19-11-2014 00:20:27 Windows Update
20-11-2014 13:44:02 Windows Update
21-11-2014 00:32:50 Windows Update
22-11-2014 01:38:36 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2014-11-18 15:54 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02193F2F-FC99-4F9C-A9BD-683C2216E6CA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0D188B32-1512-43FB-838D-DC183068E728} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\update.exe [2011-10-25] (PC Tools)
Task: {2B9DDF91-EE00-4551-9F1E-6ED02F8B6D83} - System32\Tasks\{DA80DFA3-5605-4A5A-9618-62792A7D2708} => Chrome.exe http://ui.skype.com/...all?page=tsMain
Task: {2BCBBDA4-70DB-48BD-BC0B-737C29289994} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3ED23CB9-A402-4E0D-8282-B4C196874C7A} - System32\Tasks\{09AB6897-1BED-4CBF-A01D-DE7FBE2E6BA6} => D:\SETUP.EXE
Task: {47007F08-E7D5-4BA1-855C-D9304936006C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {731CAEE4-3689-4C3A-B9C6-30D1DB8A3529} - System32\Tasks\{F9153D87-6A11-4CFA-8878-5ADFDA90DE23} => D:\SETUP.EXE
Task: {9F110BE2-FC55-4801-A745-D52C9A8127B0} - System32\Tasks\RMSchedule => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe [2011-10-25] (PC Tools)
Task: {9F3A7641-2BEC-4640-8C0E-DF96D07A28C3} - System32\Tasks\{503E6934-355F-4F11-890E-037549D4CB4F} => D:\tony2.exe
Task: {AE4D9ED4-6D63-4673-9CC4-0944936C8375} - System32\Tasks\{6B8DFAC2-CE7A-4529-8DB6-B374D7EA5D82} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {D4EB0095-9EA0-4B62-BAD7-BC5C95E28515} - System32\Tasks\{D5100DE6-6E6B-4BDC-B12C-176113C8B219} => H:\tony2.exe
Task: {D52ACC87-E554-4D5A-8CE7-593986C213F8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-15] (AVAST Software)
Task: {E4E081C7-F636-4917-BA32-811ED9D6CCAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RMSchedule.job => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-08-02 15:19 - 2010-03-15 10:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-07-29 00:08 - 2011-07-29 00:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2011-11-11 13:07 - 2011-11-11 13:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 11:19 - 2011-08-12 11:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-08-15 14:10 - 2014-08-15 14:10 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-11-22 15:06 - 2014-11-22 15:06 - 02903552 _____ () C:\Program Files\AVAST Software\Avast\defs\14112200\algo.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-01 13:31 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-01 13:31 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2012-03-16 14:42 - 2012-03-16 14:42 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-03-16 14:42 - 2012-03-16 14:42 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2011-11-11 13:08 - 2011-11-11 13:08 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-11-11 13:08 - 2011-11-11 13:08 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-11-11 13:08 - 2011-11-11 13:08 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-11-11 13:08 - 2011-11-11 13:08 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 13:08 - 2011-11-11 13:08 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2014-08-15 14:10 - 2014-08-15 14:10 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-07-23 14:10 - 2012-07-23 14:10 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-11-01 13:31 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-01 13:31 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-11-01 13:31 - 2014-10-22 05:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-41113278-582576069-4287591673-500 - Administrator - Disabled) => C:\Users\Administrator
Adrian (S-1-5-21-41113278-582576069-4287591673-1004 - Administrator - Enabled) => C:\Users\Adrian
ASPNET (S-1-5-21-41113278-582576069-4287591673-1009 - Limited - Enabled)
Gjest (S-1-5-21-41113278-582576069-4287591673-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-41113278-582576069-4287591673-1005 - Limited - Enabled)
per (S-1-5-21-41113278-582576069-4287591673-1007 - Limited - Enabled) => C:\Users\per
UpdatusUser (S-1-5-21-41113278-582576069-4287591673-1010 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo tunnelkort
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/22/2014 04:44:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15693
 
Error: (11/22/2014 04:44:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15693
 
Error: (11/22/2014 04:44:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/22/2014 03:27:25 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT-MYNDIGHET)
Description: Produkt: Microsoft Office 2007 Primary Interop Assemblies - Oppdateringen Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition ble ikke installert. Feilkode 1603. Windows Installer kan opprette logger for enklere feilsøking for installasjon av programvarepakker. Bruk følgende kobling for informasjon om loggstøtte: http://go.microsoft....k/?LinkId=23127
 
Error: (11/22/2014 03:27:25 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT-MYNDIGHET)
Description: Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product.
 
Error: (11/21/2014 07:53:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27176
 
Error: (11/21/2014 07:53:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27176
 
Error: (11/21/2014 07:53:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/21/2014 02:24:00 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT-MYNDIGHET)
Description: Produkt: Microsoft Office 2007 Primary Interop Assemblies - Oppdateringen Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition ble ikke installert. Feilkode 1603. Windows Installer kan opprette logger for enklere feilsøking for installasjon av programvarepakker. Bruk følgende kobling for informasjon om loggstøtte: http://go.microsoft....k/?LinkId=23127
 
Error: (11/21/2014 02:24:00 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT-MYNDIGHET)
Description: Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product.
 
 
System errors:
=============
Error: (11/22/2014 07:47:12 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Tjenesten Hjemmenettverkslytter terminerte med tjenestespesifikk feil %%-2147023143.
 
Error: (11/22/2014 03:26:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070005: Sikkerhetsoppdatering for Windows 7 for x64-baserte systemer (KB2978668).
 
Error: (11/22/2014 03:26:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070005: Oppdatering for Windows 7 for x64-baserte systemer (KB2852386).
 
Error: (11/22/2014 03:26:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070005: Sikkerhetsoppdatering for Windows 7 for x64-baserte systemer (KB2862152).
 
Error: (11/22/2014 03:26:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070005: Sikkerhetsoppdatering for Microsoft .NET Framework 3.5.1 for Windows 7 og Windows Server 2008 R2 SP1 for x64-baserte systemer (KB2736422).
 
Error: (11/22/2014 03:26:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070005: Sikkerhetsoppdatering for Microsoft .NET Framework 3.5.1 på Windows 7 og Windows Server 2008 R2 for x64-baserte systemer (KB2832414).
 
Error: (11/22/2014 03:26:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070005: Oppdatering for Microsoft .NET Framework 3.5.1 på Windows 7 og Windows Server 2008 R2 SP1 for x64-baserte systemer (KB2836943).
 
Error: (11/22/2014 03:26:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070005: Sikkerhetsoppdatering for Windows 7 for x64-baserte systemer (KB3006226).
 
Error: (11/22/2014 03:26:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070005: Sikkerhetsoppdatering for Windows 7 for x64-baserte systemer (KB2993651).
 
Error: (11/22/2014 03:26:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80070005: Oppdatering for Windows 7 for x64-baserte systemer (KB2729094).
 
 
Microsoft Office Sessions:
=========================
Error: (11/22/2014 04:44:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15693
 
Error: (11/22/2014 04:44:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15693
 
Error: (11/22/2014 04:44:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/22/2014 03:27:25 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT-MYNDIGHET)
Description: Microsoft Office 2007 Primary Interop AssembliesSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition1603(NULL)(NULL)(NULL)
 
Error: (11/22/2014 03:27:25 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT-MYNDIGHET)
Description: Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (11/21/2014 07:53:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27176
 
Error: (11/21/2014 07:53:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27176
 
Error: (11/21/2014 07:53:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (11/21/2014 02:24:00 AM) (Source: MsiInstaller) (EventID: 1024) (User: NT-MYNDIGHET)
Description: Microsoft Office 2007 Primary Interop AssembliesSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition1603(NULL)(NULL)(NULL)
 
Error: (11/21/2014 02:24:00 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT-MYNDIGHET)
Description: Product: Microsoft Office 2007 Primary Interop Assemblies -- Please install Microsoft Office 2007 before installing this product.(NULL)(NULL)(NULL)(NULL)(NULL)
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-11-15 20:27:21.072
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:27:20.939
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:27:20.808
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:27:20.677
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:10:13.749
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:10:13.613
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:10:13.474
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-15 20:10:13.337
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-10 15:58:13.227
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-11-10 15:58:13.147
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Quad CPU Q9550 @ 2.83GHz
Percentage of memory in use: 91%
Total physical RAM: 4095.12 MB
Available physical RAM: 348.48 MB
Total Pagefile: 8188.43 MB
Available Pagefile: 3369.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.51 GB) (Free:92.67 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive g: () (Fixed) (Total:232.87 GB) (Free:68.07 GB) exFAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1CA1A154)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 3B2464B8)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 

  • 0

#15
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

I apologize for the delay. Somehow I missed the response. I'm reviewing your logs now and see that there is still work to be done. I'll post back shortly.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP