Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop is slow. Won't download content on browser. Several wifi dr


  • Please log in to reply

#1
givemefood

givemefood

    Member

  • Member
  • PipPip
  • 26 posts

Based on Ron's help from my last topic, I started off with an OTL scan, and here are the results:

 

OTL.txt

----------

OTL logfile created on: 12/18/2014 4:48:35 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\rry\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.92 Gb Total Physical Memory | 2.12 Gb Available Physical Memory | 54.03% Memory free
7.83 Gb Paging File | 5.29 Gb Available in Paging File | 67.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.13 Gb Total Space | 4.40 Gb Free Space | 0.99% Space Free | Partition Type: NTFS
Drive D: | 3.11 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: rry-PC | User Name: rry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/12/18 16:48:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\rry\Downloads\OTL.exe
PRC - [2014/12/09 12:30:23 | 000,337,520 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/10/29 23:25:46 | 004,673,432 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\rry\AppData\Local\Akamai\netsession_win.exe
PRC - [2014/03/26 10:00:06 | 001,004,864 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
PRC - [2014/03/26 10:00:06 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
PRC - [2012/09/23 20:43:48 | 003,477,640 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
PRC - [2012/09/23 20:43:36 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/16 10:33:06 | 002,748,736 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/05/16 10:30:18 | 001,688,384 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/04/29 18:18:16 | 000,885,760 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2011/04/13 10:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/14 01:21:34 | 000,974,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2010/12/14 01:21:30 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2010/12/14 01:21:18 | 000,901,184 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/12/14 01:21:12 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2009/02/23 18:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/12/09 12:30:23 | 003,758,192 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/10/16 02:40:03 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\446bc9f0c3b5824fab519cb5fec5af1b\WindowsFormsIntegration.ni.dll
MOD - [2014/10/16 02:38:57 | 019,696,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\316b149dbb031d0e35c9d57bb2fc4b6e\System.ServiceModel.ni.dll
MOD - [2014/10/16 02:37:54 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\38d6578b4fe29bede85ffff08e3697b6\PresentationFramework-SystemXml.ni.dll
MOD - [2014/10/16 02:34:38 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\3646375313dd2b8e3afecbf945960336\PresentationFramework.ni.dll
MOD - [2014/10/16 02:34:28 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\006d28e7c86f3e70db90ce06ea2f33fb\PresentationCore.ni.dll
MOD - [2014/10/16 02:34:19 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/10/16 02:34:17 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\94bbd298ec8575f3c6151a59538a109c\WindowsBase.ni.dll
MOD - [2014/10/16 02:34:15 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014/10/16 02:34:11 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014/10/16 02:34:08 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014/10/16 02:34:08 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014/10/16 02:34:03 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014/10/16 02:34:02 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014/10/16 02:34:00 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/07/31 11:16:44 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/07/31 11:16:12 | 001,044,776 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/19 07:26:34 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/02/19 07:05:41 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2013/06/17 11:35:10 | 000,478,400 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
MOD - [2011/05/16 10:33:06 | 002,748,736 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/04/29 18:18:16 | 000,885,760 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2011/04/29 18:13:50 | 002,225,664 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2011/04/29 18:13:48 | 007,938,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/11/21 21:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/15 13:37:16 | 000,707,888 | ---- | M] () [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe -- (LavasoftAdAwareService11)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/12/17 14:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/12/17 14:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/12/17 14:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010/11/29 15:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 21:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014/12/09 22:58:18 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/12/09 12:30:23 | 000,114,800 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/26 10:00:06 | 000,214,512 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe -- (avp)
SRV - [2014/03/20 17:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/10/23 07:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/09/23 20:43:36 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/16 10:30:18 | 001,688,384 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/03/24 08:08:04 | 000,148,360 | ---- | M] (Dell Products, LP.) [Auto | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2011/01/27 16:13:50 | 000,226,624 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/12/14 01:21:34 | 000,974,912 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2010/12/14 01:21:30 | 001,298,496 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2010/12/14 01:21:18 | 000,901,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/08/25 20:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/04 11:07:22 | 000,503,080 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/12/10 21:14:02 | 000,129,752 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2014/08/21 12:30:50 | 000,727,592 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2014/08/21 12:30:50 | 000,601,360 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2014/08/21 12:30:50 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2014/07/28 13:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2014/07/10 14:09:30 | 000,389,240 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2014/07/10 14:09:30 | 000,150,256 | ---- | M] (BitDefender LLC) [File_System | On_Demand | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys -- (gzflt)
DRV:64bit: - [2014/07/10 14:08:36 | 000,102,992 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2014/07/10 14:08:36 | 000,093,160 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys -- (BdfNdisf)
DRV:64bit: - [2014/03/26 10:00:02 | 000,178,272 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2014/03/26 10:00:00 | 000,625,248 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2014/03/26 10:00:00 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2014/03/26 10:00:00 | 000,115,296 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
DRV:64bit: - [2014/03/26 10:00:00 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2014/03/26 10:00:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2014/03/26 10:00:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2013/05/14 16:34:44 | 000,055,904 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2013/04/12 14:34:48 | 000,015,456 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/23 07:12:12 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011/05/13 14:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/04/26 11:04:22 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/04/26 11:04:20 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/03/31 22:35:12 | 000,355,960 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/03/26 19:19:48 | 012,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/10 17:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 17:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/01/20 11:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011/01/12 20:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/12/21 20:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/12/14 08:18:50 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2010/12/14 08:18:26 | 000,053,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2010/12/14 08:10:10 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2010/12/14 01:21:06 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010/12/01 11:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/11/30 17:02:54 | 000,412,264 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/29 15:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/03/10 16:16:36 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010/02/26 19:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/10 12:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/08 10:56:26 | 000,053,632 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motodrv.sys -- (MotDev)
DRV:64bit: - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2005/09/23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 17:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {BD6D96EF-2C70-426B-9BB5-95017B2D9E15}
IE:64bit: - HKLM\..\SearchScopes\{BD6D96EF-2C70-426B-9BB5-95017B2D9E15}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {BD6D96EF-2C70-426B-9BB5-95017B2D9E15}
IE - HKLM\..\SearchScopes\{BD6D96EF-2C70-426B-9BB5-95017B2D9E15}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {BD6D96EF-2C70-426B-9BB5-95017B2D9E15}
IE - HKCU\..\SearchScopes\{3B9D7A0B-B85D-4B72-8786-3E72B9EA4A81}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*;127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://google.com"
FF - prefs.js..extensions.enabledAddons: web2pdfextension%40web2pdf.adobedotcom:2.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - prefs.js..keyword.URL: "http://search.mywebs...ter&searchfor="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@IBM.com/WDPlugin,version=1: C:\Program Files\Mozilla Firefox\plugins [2014/12/09 12:30:18 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@IBM.com/WDPlugin,version=1: C:\Program Files\Mozilla Firefox\plugins [2014/12/09 12:30:18 | 000,000,000 | ---D | M]
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/07/28 05:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/07/28 05:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/07/28 05:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/07/28 05:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected] [2014/07/28 05:08:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014/12/08 10:56:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/12/09 12:30:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 34.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/12/09 12:30:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
 
[2011/12/21 10:02:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rry\AppData\Roaming\Mozilla\Extensions
[2014/12/04 08:00:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rry\AppData\Roaming\Mozilla\Firefox\Profiles\wayk30wt.default\extensions
[2014/12/08 10:56:14 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES (X86)\ADOBE\ACROBAT 11.0\ACROBAT\BROWSER\WCFIREFOXEXTN
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2014/12/12 14:22:17 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (BitTorrentBar Toolbar) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (BitTorrentBar Toolbar) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\rry\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\RunOnce: [Adobe Speed Launcher] 1418937914 File not found
O4 - Startup: C:\Users\rry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm ()
O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} https://w3-03.ibm.co...n/gpwsx-4.1.cab (gpwsx.plugin)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAE3CFCA-76C4-4824-87D4-BA11F09D7C6C}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4CA195D-4D9A-4808-B617-A06E93EF6C19}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 360 Days ==========
 
[2014/12/17 16:23:02 | 000,000,000 | ---D | C] -- C:\Users\rry\Documents\Velan
[2014/12/12 14:24:49 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/12/12 14:06:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/12/12 14:06:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/12/12 14:06:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/12/12 14:04:43 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/12/12 14:03:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/12/11 03:03:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2014/12/11 03:03:24 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2014/12/11 03:03:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2014/12/11 03:03:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2014/12/11 03:03:23 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2014/12/11 03:03:23 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2014/12/11 03:03:23 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2014/12/11 03:03:23 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2014/12/11 03:03:23 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2014/12/11 03:03:22 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2014/12/10 20:19:09 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/12/10 20:19:09 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/12/10 20:19:09 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/12/10 20:19:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/12/10 20:19:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/12/10 20:19:09 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/12/10 20:19:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/12/10 20:19:08 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/12/10 20:19:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/12/10 20:19:07 | 002,052,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/12/10 20:19:07 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/12/10 20:19:07 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/12/10 20:19:07 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/12/10 20:19:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/12/10 20:19:06 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/12/10 20:19:06 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/12/10 20:19:06 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/12/10 20:19:06 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/12/10 20:19:06 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/12/10 20:19:05 | 002,125,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/12/10 20:19:05 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/12/10 20:19:05 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/12/10 20:19:04 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/12/10 20:19:02 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/12/10 20:19:02 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/12/10 20:19:02 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/12/10 20:19:00 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/12/10 20:19:00 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/12/10 20:19:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/12/10 20:18:59 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/12/10 20:18:59 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/12/10 20:18:58 | 006,039,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/12/10 20:18:58 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/12/10 20:18:55 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/12/10 20:18:55 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/12/10 20:06:29 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/12/10 20:03:48 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\charmap.exe
[2014/12/10 20:03:48 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\charmap.exe
[2014/12/10 20:03:44 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2014/12/10 20:03:44 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/12/10 20:03:44 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2014/12/10 20:03:43 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2014/12/10 20:03:43 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2014/12/10 20:03:43 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2014/12/10 20:03:43 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2014/12/10 20:03:43 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2014/12/09 12:30:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/12/08 11:19:56 | 000,000,000 | ---D | C] -- C:\Users\rry\AppData\Roaming\SolidDocuments
[2014/12/08 10:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/12/08 10:49:20 | 000,000,000 | ---D | C] -- C:\Users\rry\Desktop\Adobe Acrobat XI
[2014/11/27 13:30:38 | 000,000,000 | ---D | C] -- C:\Users\rry\AppData\Roaming\Lavasoft
[2014/11/27 08:09:44 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2014/11/27 07:40:33 | 000,000,000 | ---D | C] -- C:\Users\rry\AppData\Roaming\LavasoftStatistics
[2014/11/27 07:40:32 | 002,084,072 | ---- | C] (Bitdefender) -- C:\Windows\SysNative\bdnc.dll
[2014/11/27 07:40:30 | 001,061,776 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\bdsmtpp.dll
[2014/11/27 07:40:30 | 000,209,984 | ---- | C] (BitDefender) -- C:\Windows\SysNative\BdFirewallSDK.dll
[2014/11/27 07:40:30 | 000,195,016 | ---- | C] (BitDefender) -- C:\Windows\SysNative\httproxy.dll
[2014/11/27 07:40:30 | 000,155,912 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\bdpop3p.dll
[2014/11/27 07:40:30 | 000,122,928 | ---- | C] (BitDefender) -- C:\Windows\SysNative\OEMbdpredir.dll
[2014/11/27 07:40:30 | 000,096,160 | ---- | C] (BitDefender) -- C:\Windows\SysNative\bdpredir.dll
[2014/11/27 07:40:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2014/11/27 07:38:52 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/11/27 07:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/11/18 14:56:48 | 001,202,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FM20.DLL
[2014/11/13 03:40:48 | 000,000,000 | -HSD | C] -- C:\Users\rry\AppData\Local\EmieBrowserModeList
[2014/11/12 03:45:31 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/11/12 03:45:31 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/11/12 03:45:31 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/11/12 03:45:31 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014/11/12 03:45:31 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014/11/12 03:44:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/11/12 03:44:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/11/12 03:44:43 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2014/11/12 03:44:43 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2014/11/12 03:44:36 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/11/12 03:44:36 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/11/12 03:44:35 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/11/12 03:44:35 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/11/12 03:44:35 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014/11/12 03:44:25 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/11/12 03:44:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/11/12 03:44:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/11/12 03:43:56 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/11/12 03:43:47 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/11/11 11:53:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2014/11/11 11:19:24 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2014/10/16 03:23:31 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014/10/16 03:23:31 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014/10/16 03:23:31 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2014/10/16 03:23:31 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2014/10/16 03:23:31 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2014/10/16 03:23:30 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2014/10/16 03:23:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2014/10/16 03:23:09 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2014/10/16 03:23:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2014/10/16 03:23:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2014/10/16 03:23:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2014/10/16 03:23:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2014/10/16 03:23:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2014/10/16 03:23:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2014/10/16 03:23:08 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2014/10/16 03:23:07 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2014/10/15 06:23:17 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014/10/15 06:23:17 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014/10/15 06:23:11 | 003,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/10/15 06:23:09 | 003,722,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/10/15 06:23:09 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/10/15 06:23:09 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/10/15 06:23:09 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/10/15 06:23:09 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2014/10/15 06:23:09 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/10/15 06:23:09 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/10/04 09:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/10/04 09:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/10/04 09:12:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/10/04 09:12:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/10/04 09:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/10/01 00:27:56 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/10/01 00:27:56 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/09/12 02:02:09 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/09/12 02:02:09 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/09/11 15:26:45 | 001,031,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/09/11 15:26:45 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/09/11 15:25:41 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/08/29 18:30:58 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/21 12:30:50 | 000,727,592 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2014/08/21 12:30:50 | 000,601,360 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2014/08/21 12:30:50 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2014/08/17 02:01:42 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2014/08/17 02:01:42 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2014/08/17 02:01:41 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2014/08/17 02:01:41 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2014/08/17 02:01:39 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2014/08/17 02:01:39 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2014/08/17 02:01:15 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/17 02:01:15 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/16 17:51:30 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/08/16 17:51:29 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/08/16 17:51:29 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/08/16 17:51:29 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/08/16 17:51:29 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/08/16 17:47:59 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/08/02 18:18:58 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/02 18:18:58 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/02 18:18:58 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/08/02 18:18:37 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/02 18:18:37 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/02 18:18:37 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/02 18:18:37 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/02 18:18:37 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/08/02 18:18:37 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/08/02 18:18:23 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/02 18:18:23 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/02 18:18:23 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/02 18:18:23 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/07/28 13:52:00 | 006,112,072 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2014/07/28 13:52:00 | 000,054,784 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2014/07/25 01:35:46 | 000,875,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr120_clr0400.dll
[2014/07/24 22:47:06 | 000,869,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr120_clr0400.dll
[2014/07/23 11:43:44 | 000,000,000 | -HSD | C] -- C:\Users\rry\AppData\Local\EmieUserList
[2014/07/23 11:43:44 | 000,000,000 | -HSD | C] -- C:\Users\rry\AppData\Local\EmieSiteList
[2014/07/23 08:36:30 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/07/23 08:36:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/07/23 08:36:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/07/23 08:26:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/07/23 08:17:24 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/07/23 08:17:24 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/07/23 08:17:22 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/07/23 08:17:22 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/07/23 08:17:21 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/07/23 08:17:20 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/07/23 08:17:20 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/07/23 08:17:20 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/07/23 08:17:20 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/07/23 08:17:20 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/07/23 08:17:20 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/07/23 08:17:20 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/07/23 08:17:20 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/07/23 08:17:20 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/07/23 08:17:20 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/07/23 08:17:20 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/07/23 08:17:20 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/07/23 08:17:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/07/23 08:17:00 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/07/23 08:17:00 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/07/23 08:16:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/07/23 08:16:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/07/23 08:16:54 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/07/23 08:16:54 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/07/23 08:16:52 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/07/23 08:16:51 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/07/23 08:16:34 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/07/23 08:16:34 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/07/23 08:16:34 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/07/23 08:12:02 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/07/23 08:12:02 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/07/23 08:12:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/07/23 08:12:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/07/23 08:11:35 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/07/23 08:11:35 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/07/23 08:11:35 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/07/23 08:11:35 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/07/23 08:11:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/07/23 08:11:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/07/23 08:11:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/07/23 08:11:35 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/07/23 08:11:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/07/23 08:11:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/07/10 14:09:30 | 000,389,240 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\Trufos.sys
[2014/07/10 14:08:36 | 000,093,160 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2014/07/07 06:09:31 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/07 06:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/07 06:09:16 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/07 06:09:16 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/07 06:09:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/06/23 07:18:14 | 000,000,000 | ---D | C] -- C:\Users\rry\Documents\rry
[2014/05/14 17:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
[2014/03/31 21:46:48 | 001,070,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2014/03/31 21:46:48 | 000,130,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2014/03/26 10:00:02 | 000,178,272 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys
[2014/03/26 10:00:00 | 000,625,248 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2014/03/26 10:00:00 | 000,458,336 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2014/03/26 10:00:00 | 000,115,296 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2014/03/26 10:00:00 | 000,029,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klmouflt.sys
[2014/03/26 10:00:00 | 000,029,280 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klkbdflt.sys
[2014/03/23 07:26:14 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/03/23 07:26:14 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/03/07 20:46:33 | 000,000,000 | ---D | C] -- C:\Users\rry\Desktop\Yuvan Project
[2014/02/19 06:58:54 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/19 06:58:54 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/19 06:58:53 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/19 06:58:53 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/19 06:58:53 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/19 06:58:53 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/19 06:58:53 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/19 06:58:52 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/19 06:58:48 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/19 06:58:48 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/19 06:58:48 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/19 06:58:48 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/19 06:58:48 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/19 06:58:48 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/19 06:58:48 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/19 06:58:48 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/19 06:58:48 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/19 06:58:36 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/03 20:13:40 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/02/03 20:12:01 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/02/03 20:09:52 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/02/03 20:09:45 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/02/03 20:09:45 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/02/03 20:09:45 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/02/03 20:09:45 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/02/03 20:09:45 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/02/03 20:09:45 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/02/03 20:09:45 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/02/03 20:09:45 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/02/03 20:09:45 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/02/03 20:09:45 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/02/03 20:09:45 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/02/03 20:09:45 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/02/03 20:09:45 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/02/03 20:09:45 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/02/03 20:09:45 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/02/03 20:09:45 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/02/03 20:09:45 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/02/03 20:09:45 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/02/03 20:09:45 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/02/03 20:09:45 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/02/03 20:09:45 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/02/03 20:09:45 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/02/03 20:09:45 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/02/03 20:09:45 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/02/03 20:09:45 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/02/03 20:09:45 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/02/03 20:09:45 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/02/03 20:09:45 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/02/03 20:09:45 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/02/03 20:09:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/02/03 20:09:45 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/02/03 20:09:45 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/02/03 20:09:45 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/02/03 20:09:45 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/02/03 20:09:45 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/02/03 20:09:45 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/02/03 20:09:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/02/03 20:09:45 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/02/03 20:09:45 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/02/03 20:09:45 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/02/03 20:09:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/02/03 20:09:45 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/02/03 20:09:45 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/02/03 20:09:45 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/30 08:09:18 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/30 08:09:18 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/30 08:09:17 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[1 C:\Users\rry\Desktop\*.tmp files -> C:\Users\rry\Desktop\*.tmp -> ]
 
========== Files - Modified Within 360 Days ==========
 
[2014/12/18 16:39:25 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/18 16:33:41 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/12/18 16:33:41 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/12/18 16:26:33 | 000,002,267 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/12/18 16:25:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/18 16:24:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/12/18 16:24:49 | 3153,727,488 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/18 15:58:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/12/16 18:12:51 | 000,101,437 | ---- | M] () -- C:\Users\rry\Desktop\untitled.png
[2014/12/15 16:31:10 | 000,786,622 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/12/15 16:31:10 | 000,665,576 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/12/15 16:31:10 | 000,123,352 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/12/12 14:22:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/12/10 21:14:02 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/12/10 13:24:10 | 005,090,184 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/12/09 22:58:18 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/12/09 22:58:18 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/12/08 10:57:11 | 000,002,142 | ---- | M] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014/12/08 10:57:11 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014/12/03 10:06:22 | 004,869,905 | ---- | M] () -- C:\Users\rry\Desktop\rry_fax2.jpg
[2014/12/03 10:05:37 | 005,829,787 | ---- | M] () -- C:\Users\rry\Desktop\rry_fax1.jpg
[2014/11/27 07:39:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/11/21 22:06:11 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/11/21 21:50:39 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/11/21 21:50:10 | 000,580,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/11/21 21:49:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/11/21 21:48:20 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/11/21 21:40:41 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/11/21 21:37:10 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/11/21 21:35:43 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/11/21 21:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/11/21 21:34:51 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/11/21 21:34:07 | 006,039,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/11/21 21:26:31 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/11/21 21:22:40 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/11/21 21:14:16 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/11/21 21:09:12 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/11/21 21:08:06 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/11/21 21:07:17 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/11/21 21:06:32 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/11/21 21:05:02 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/11/21 21:05:01 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/11/21 20:58:54 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/11/21 20:56:40 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/11/21 20:55:16 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/11/21 20:54:30 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/11/21 20:49:29 | 000,718,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/11/21 20:49:28 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/11/21 20:47:10 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/11/21 20:46:58 | 002,125,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/11/21 20:40:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/11/21 20:36:14 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/11/21 20:35:24 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/11/21 20:22:49 | 002,052,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/11/21 20:21:57 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/11/21 20:03:42 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/11/21 19:54:44 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/11/21 14:39:09 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2014/11/18 14:56:48 | 001,202,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\FM20.DLL
[2014/11/14 16:56:51 | 000,013,108 | ---- | M] () -- C:\Users\rry\Desktop\images.png
[2014/11/10 22:09:06 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/11/09 10:04:09 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/10/29 21:03:43 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\charmap.exe
[2014/10/29 20:45:43 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\charmap.exe
[2014/10/24 20:57:59 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/10/24 20:32:37 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/10/17 21:05:23 | 000,861,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/10/17 21:05:21 | 004,121,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2014/10/17 20:33:13 | 003,209,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2014/10/13 21:13:00 | 003,241,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/10/13 21:12:57 | 001,460,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/10/13 21:09:31 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014/10/13 21:07:31 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/10/13 20:47:30 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014/10/13 20:46:02 | 000,681,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/10/08 17:02:32 | 000,012,235 | ---- | M] () -- C:\Users\rry\Desktop\images.jpg
[2014/10/08 17:02:16 | 000,007,378 | ---- | M] () -- C:\Users\rry\Desktop\imagesAI5R49SR.jpg
[2014/10/04 09:13:17 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/10/02 21:12:23 | 000,310,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/10/02 21:12:22 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2014/10/02 21:12:22 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2014/10/02 21:12:00 | 000,500,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/10/02 21:11:54 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014/10/02 21:11:51 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014/10/02 21:11:51 | 000,296,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014/10/02 21:11:49 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2014/10/02 20:45:03 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2014/10/02 20:45:03 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2014/10/02 20:45:03 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2014/10/02 20:44:42 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014/10/02 20:44:25 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2014/10/01 11:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/10/01 11:11:16 | 000,093,400 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/09/29 17:08:31 | 000,009,542 | ---- | M] () -- C:\Users\rry\Desktop\imagesCAU04BE1.jpg
[2014/09/24 21:08:38 | 000,371,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/09/24 20:40:50 | 000,519,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/09/19 04:42:47 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/09/12 02:43:02 | 000,779,172 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/09/04 00:23:20 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014/09/04 00:04:15 | 000,372,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014/08/22 21:07:00 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/21 12:30:50 | 000,727,592 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2014/08/21 12:30:50 | 000,601,360 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2014/08/21 12:30:50 | 000,261,056 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2014/08/21 01:40:32 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/08/21 01:23:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/08/11 21:02:49 | 000,878,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2014/08/11 20:36:37 | 000,701,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2014/08/01 06:53:22 | 001,031,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/08/01 06:35:06 | 000,793,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/07/28 13:52:00 | 006,112,072 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2014/07/28 13:52:00 | 000,054,784 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2014/07/25 01:35:46 | 000,875,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr120_clr0400.dll
[2014/07/24 22:47:06 | 000,869,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr120_clr0400.dll
[2014/07/16 21:07:58 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsta.dll
[2014/07/16 21:07:39 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/07/16 21:07:37 | 003,722,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/07/16 21:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/07/16 21:07:08 | 001,118,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/07/16 20:39:42 | 003,221,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/07/16 20:39:30 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/07/16 20:39:08 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/07/13 21:02:45 | 001,216,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/07/10 14:09:34 | 002,084,072 | ---- | M] (Bitdefender) -- C:\Windows\SysNative\bdnc.dll
[2014/07/10 14:09:30 | 000,389,240 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\Trufos.sys
[2014/07/10 14:08:36 | 000,195,016 | ---- | M] (BitDefender) -- C:\Windows\SysNative\httproxy.dll
[2014/07/10 14:08:36 | 000,155,912 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\SysNative\bdpop3p.dll
[2014/07/10 14:08:36 | 000,122,928 | ---- | M] (BitDefender) -- C:\Windows\SysNative\OEMbdpredir.dll
[2014/07/10 14:08:36 | 000,093,160 | ---- | M] (BitDefender LLC) -- C:\Windows\SysNative\drivers\BdfNdisf6.sys
[2014/07/10 14:08:34 | 001,061,776 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\SysNative\bdsmtpp.dll
[2014/07/10 14:08:34 | 000,209,984 | ---- | M] (BitDefender) -- C:\Windows\SysNative\BdFirewallSDK.dll
[2014/07/10 14:08:34 | 000,156,936 | ---- | M] () -- C:\Windows\SysNative\bdfwcore.dll
[2014/07/10 14:08:34 | 000,096,160 | ---- | M] (BitDefender) -- C:\Windows\SysNative\bdpredir.dll
[2014/07/08 21:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2014/07/08 21:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2014/07/08 21:03:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2014/07/08 21:03:23 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2014/07/08 21:03:22 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2014/07/08 20:31:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2014/07/08 20:31:42 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2014/07/08 20:31:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2014/07/08 20:31:42 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2014/07/08 20:31:41 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2014/07/06 21:06:37 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2014/07/06 21:06:13 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2014/07/06 21:06:02 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2014/07/06 21:02:55 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2014/07/06 20:40:13 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2014/07/06 20:39:50 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2014/07/06 20:39:42 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2014/07/06 20:37:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2014/06/30 17:24:50 | 000,008,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2014/06/30 17:14:53 | 000,008,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2014/06/26 21:08:12 | 002,777,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/06/26 20:45:52 | 002,285,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/06/23 22:29:36 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/06/18 17:23:33 | 001,943,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2014/06/18 17:23:33 | 000,156,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mscorier.dll
[2014/06/18 17:23:33 | 000,073,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mscories.dll
[2014/06/18 17:23:32 | 001,131,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2014/06/18 17:23:32 | 000,156,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2014/06/18 17:23:32 | 000,081,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2014/06/17 21:18:30 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\osk.exe
[2014/06/17 20:51:32 | 000,646,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\osk.exe
[2014/06/15 15:19:50 | 000,032,768 | ---- | M] () -- C:\Windows\SysNative\persistent_q.db-shm
[2014/06/15 15:19:50 | 000,003,176 | ---- | M] () -- C:\Windows\SysNative\persistent_q.db-wal
[2014/06/15 15:19:50 | 000,001,024 | ---- | M] () -- C:\Windows\SysNative\persistent_q.db
[2014/06/06 05:10:34 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/06/06 04:44:17 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/06/06 01:16:07 | 000,035,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/06/06 01:12:57 | 000,035,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/06/03 05:02:37 | 000,112,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/06/03 05:02:21 | 000,504,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/06/03 05:02:12 | 001,941,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/06/03 04:29:50 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/06/03 04:29:40 | 001,805,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/05/14 18:00:35 | 000,002,336 | ---- | M] () -- C:\Users\rry\Desktop\Safe Money.lnk
[2014/05/14 17:09:24 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
[2014/05/14 11:23:52 | 000,038,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/05/14 11:23:47 | 000,044,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/05/14 11:23:46 | 000,058,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/05/14 11:23:42 | 000,036,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/05/14 11:23:38 | 000,700,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/05/14 11:23:38 | 000,581,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/05/14 11:21:04 | 002,620,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/05/14 11:20:45 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/05/14 11:17:10 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/05/14 08:23:04 | 000,198,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/05/14 08:23:04 | 000,179,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/05/14 08:20:46 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/05/14 08:17:14 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/04/24 21:34:59 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/04/20 20:57:56 | 000,058,595 | ---- | M] () -- C:\Users\rry\Desktop\rry-Passport USANI1558414.pdf
[2014/04/11 21:19:38 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/04/11 21:19:38 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/04/11 21:19:37 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/04/04 21:47:09 | 000,288,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/03/31 21:46:48 | 001,070,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2014/03/31 21:46:48 | 000,130,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSSTDFMT.DLL
[2014/03/26 10:00:02 | 000,178,272 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys
[2014/03/26 10:00:00 | 000,625,248 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2014/03/26 10:00:00 | 000,458,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2014/03/26 10:00:00 | 000,115,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2014/03/26 10:00:00 | 000,029,792 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klim6.sys
[2014/03/26 10:00:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klmouflt.sys
[2014/03/26 10:00:00 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klkbdflt.sys
[2014/03/26 09:41:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014/03/26 09:25:14 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014/03/09 16:48:52 | 000,171,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2014/03/09 16:48:51 | 001,389,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2014/03/09 16:47:43 | 000,099,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2014/03/09 16:47:42 | 000,619,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2014/03/04 04:47:01 | 005,550,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/03/04 04:44:21 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/03/04 04:44:21 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/03/04 04:44:21 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/03/04 04:44:20 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/03/04 04:44:03 | 000,722,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/03/04 04:44:03 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/03/04 04:44:00 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/03/04 04:44:00 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/03/04 04:43:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/03/04 04:43:56 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/03/04 04:43:56 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/03/04 04:43:55 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/03/04 04:43:55 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/03/04 04:20:11 | 003,969,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/03/04 04:20:11 | 003,914,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/03/04 04:17:38 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/03/04 04:17:19 | 000,538,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/03/04 04:17:19 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/03/04 04:17:08 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/03/04 04:17:08 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/03/04 04:17:07 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/03/04 04:17:06 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/03/04 04:17:05 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/03/04 04:16:54 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/03/04 04:16:18 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/03/04 03:09:30 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/03/04 03:09:29 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/02/03 21:35:56 | 000,190,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/02/03 21:35:35 | 000,027,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/02/03 21:28:36 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iologmsg.dll
[2014/02/03 21:00:39 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iologmsg.dll
[2014/02/03 20:09:52 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/02/03 20:09:45 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/02/03 20:09:45 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/02/03 20:09:45 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/02/03 20:09:45 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/02/03 20:09:45 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/02/03 20:09:45 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/02/03 20:09:45 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/02/03 20:09:45 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/02/03 20:09:45 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/02/03 20:09:45 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/02/03 20:09:45 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/02/03 20:09:45 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/02/03 20:09:45 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/02/03 20:09:45 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/02/03 20:09:45 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/02/03 20:09:45 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/02/03 20:09:45 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/02/03 20:09:45 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/02/03 20:09:45 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/02/03 20:09:45 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/02/03 20:09:45 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/02/03 20:09:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/02/03 20:09:45 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/02/03 20:09:45 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/02/03 20:09:45 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/02/03 20:09:45 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/02/03 20:09:45 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/02/03 20:09:45 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/02/03 20:09:45 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/02/03 20:09:45 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/02/03 20:09:45 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/02/03 20:09:45 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/02/03 20:09:45 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/02/03 20:09:45 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/02/03 20:09:45 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/02/03 20:09:45 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/02/03 20:09:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/02/03 20:09:45 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/02/03 20:09:45 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/02/03 20:09:45 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/02/03 20:09:45 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/02/03 20:09:45 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/02/03 20:09:45 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/02/03 20:09:45 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/02/03 20:09:45 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/02/03 20:09:45 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/28 21:32:18 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/01/28 21:06:47 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[1 C:\Users\rry\Desktop\*.tmp files -> C:\Users\rry\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/12/12 14:06:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/12/12 14:06:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/12/12 14:06:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/12/12 14:06:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/12/12 14:06:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/12/08 10:57:11 | 000,002,212 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
[2014/12/08 10:57:11 | 000,002,142 | ---- | C] () -- C:\Users\Public\Desktop\Adobe FormsCentral.lnk
[2014/12/08 10:57:11 | 000,002,051 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
[2014/12/08 10:57:11 | 000,002,028 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
[2014/12/08 10:57:10 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
[2014/12/03 10:06:21 | 004,869,905 | ---- | C] () -- C:\Users\rry\Desktop\rry_fax2.jpg
[2014/12/03 10:05:36 | 005,829,787 | ---- | C] () -- C:\Users\rry\Desktop\rry_fax1.jpg
[2014/11/27 07:40:30 | 000,156,936 | ---- | C] () -- C:\Windows\SysNative\bdfwcore.dll
[2014/11/27 07:40:19 | 000,002,267 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/11/27 07:39:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2014/11/14 16:57:31 | 000,013,108 | ---- | C] () -- C:\Users\rry\Desktop\images.png
[2014/11/11 11:19:26 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk
[2014/10/08 17:07:49 | 000,007,378 | ---- | C] () -- C:\Users\rry\Desktop\imagesAI5R49SR.jpg
[2014/10/08 17:03:22 | 000,101,437 | ---- | C] () -- C:\Users\rry\Desktop\untitled.png
[2014/10/04 09:13:17 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/09/29 17:15:45 | 000,009,542 | ---- | C] () -- C:\Users\rry\Desktop\imagesCAU04BE1.jpg
[2014/09/29 17:08:48 | 000,012,235 | ---- | C] () -- C:\Users\rry\Desktop\images.jpg
[2014/06/15 15:19:50 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\persistent_q.db-shm
[2014/06/15 15:19:50 | 000,003,176 | ---- | C] () -- C:\Windows\SysNative\persistent_q.db-wal
[2014/06/15 15:19:50 | 000,001,024 | ---- | C] () -- C:\Windows\SysNative\persistent_q.db
[2014/05/14 18:00:35 | 000,002,336 | ---- | C] () -- C:\Users\rry\Desktop\Safe Money.lnk
[2014/05/14 17:10:47 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
[2014/04/20 20:57:56 | 000,058,595 | ---- | C] () -- C:\Users\rry\Desktop\rry-Passport USANI1558414.pdf
[2014/02/03 20:09:45 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/02/03 20:09:45 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/09/28 17:40:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 21:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 20:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
 

 

Extras.txt

------------

OTL Extras logfile created on: 12/18/2014 4:48:35 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\rry\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.92 Gb Total Physical Memory | 2.12 Gb Available Physical Memory | 54.03% Memory free
7.83 Gb Paging File | 5.29 Gb Available in Paging File | 67.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.13 Gb Total Space | 4.40 Gb Free Space | 0.99% Space Free | Partition Type: NTFS
Drive D: | 3.11 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: rry-PC | User Name: rry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0400696E-B4ED-4408-9F8E-6B5E5917D93F}" = lport=49195 | protocol=6 | dir=in | name=akamai netsession interface |
"{18980013-F7D1-468E-B868-E2E465ACEDBF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BF92EB9-A23C-4BBA-81B3-1B28A2318B23}" = lport=137 | protocol=17 | dir=in | app=system |
"{1EC8BD8F-5D27-459D-B1C4-1AC963927E63}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{235BF094-7855-48C0-949E-F75DA76D3E29}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2427D1FF-ABAF-436F-A89F-0F43310BF1D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{25BA2995-BFF5-4479-A622-9C59C7B55C1D}" = lport=139 | protocol=6 | dir=in | app=system |
"{2C2C5127-07A0-4369-A21A-53F382DF03F9}" = rport=139 | protocol=6 | dir=out | app=system |
"{360FD79F-6B6E-4FF2-848E-A8F30E0ABCBD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{405F656E-E716-42FD-AC29-434C3168E6E7}" = rport=137 | protocol=17 | dir=out | app=system |
"{4C0529F7-E2C5-48DC-B3F3-E01800432186}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{59B36CCA-437A-4528-A291-E7133B1BDC83}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{619EE774-2C4B-4E64-A76D-5C31AD5D9699}" = rport=10243 | protocol=6 | dir=out | app=system |
"{61AF10A0-A12C-4CA4-B02F-00B8224874B2}" = lport=138 | protocol=17 | dir=in | app=system |
"{6B22D771-7F53-47E7-91FD-DB68CE5A88EE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6C2CC718-AD5F-4659-B3F1-78CCE9AC80B6}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{76D2FE79-9BD1-4B43-A450-01B84A1BE17A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7A96A65D-49CB-44EF-B058-F11D86C49F46}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{80B114B0-D566-4317-9B8B-46E393997BFA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{831A6AA3-8D77-4B99-A33D-83FC25E73B17}" = lport=10243 | protocol=6 | dir=in | app=system |
"{93D862BA-1CC3-44EA-AD65-F315EFF467D1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BE63F077-D1FA-452F-B49C-84C98A9F7D73}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CB7349EB-8836-4C9F-B0C1-65333F28F5E5}" = rport=445 | protocol=6 | dir=out | app=system |
"{CBB4D004-4644-469E-AECC-FD95D4C5C43F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CC4EFF50-2221-4B05-9593-85D389234AFF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D22E22A0-81E1-4E17-9502-2B60327AC16A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{D53A60E4-7EFE-419F-AA7E-8676608BFE68}" = rport=138 | protocol=17 | dir=out | app=system |
"{D693633C-E75B-455E-94CB-C0BE988C45F6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FC39F8D0-4BF6-410E-ADA0-7CDBD8554659}" = lport=445 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0682D817-CDD6-43C9-B01B-387F3CF4E450}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{200566F9-811B-43B3-9BBB-8ED463EA0187}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{26A57E1C-ED59-4D18-A3F0-35682FFF5244}" = dir=in | app=c:\program files\dell stage\dell stage\accuweather\accuweather.exe |
"{2C5312C3-B586-4F3F-81F5-0298545BC886}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{32B7E7CD-D898-4616-AEE1-EFAB46B8AE9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{34AD9C4F-ABF3-4C22-BC03-03FB8EE43F50}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{36516C8B-C36A-496A-8DCA-8177770D86F8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{39A9D520-4AC1-40F8-8384-17EAC46A91A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C72BD8F-582B-4706-8CB9-19910BF58DEA}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{3DDEBAE3-B711-4414-ABD6-E35B5C34686E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3E13A9CF-1150-4808-99F2-F3131C0298D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3EA93229-1A76-4EF7-967D-807A119EE2D8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3FDB32E4-D678-4682-A23C-17E14BFC377B}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
"{480DD57D-9CBF-4D21-90A1-F9DF2A1CD458}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{48B5689A-F3CF-4645-885A-C21890A0F3D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4AF1FB84-D1E5-4FBF-B2BC-7B52C6E90942}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{4C39229B-E9A4-46D7-AB86-8D3C080CA94E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{52565B52-D533-4120-B653-151046342800}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{550EADCC-7AAC-4774-8652-4B07D96733B7}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{553FFC41-9F94-4131-B234-673038128591}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{56022BA8-4798-46C5-96A9-E0DCBAE8677E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5FEBE17A-8B7C-4028-AB0D-9701123DB510}" = protocol=58 | dir=out | [email protected],-28546 |
"{79CDAE60-40AE-40DE-B01B-EC24AC3244B5}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{7EF21BEA-3533-40C7-B54D-146192DBCD38}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{7FCA992A-E259-44BA-9236-949C6BB61FF0}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{815BB7E5-4ADD-4C60-8C94-CEAFF39EBE94}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8B394CB5-A92C-43A5-BC45-70A3FFE0CB41}" = dir=in | app=c:\program files\dell stage\dell stage\stage_primary.exe |
"{91C74258-2FC1-44CC-AC46-79BB2CB86456}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A23F0B30-45C3-455B-868B-909A7305AEA5}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{AACD8FBF-33DC-4E68-A877-ADFE414DDCB0}" = protocol=58 | dir=in | [email protected],-28545 |
"{B4471957-8B9F-4E68-98D2-9DCBB17CED1A}" = protocol=6 | dir=out | app=system |
"{B54DB770-A32F-4F49-9B50-E91B0A75089C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B78B63F5-9E0D-4E5F-B51C-32D1C17F3E51}" = protocol=1 | dir=in | [email protected],-28543 |
"{B8ED1A43-65E0-4EBC-9250-44423DB9AE33}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{BDC7B391-AE96-49D3-A55C-3B086F560ADF}" = dir=in | app=c:\program files\dell stage\musicstage\musicstageengine.exe |
"{C52C9258-601E-4EFA-AEAA-454D97728E0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C617F331-1284-4D94-BFB0-7BBD276B91AC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CB1C6512-45DA-45DF-85F3-950524CD1C13}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{CF105AD7-AE89-453D-9F12-8B35F7CB1028}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{D1815C6C-3355-480E-9795-FFD6B7C504BF}" = protocol=1 | dir=out | [email protected],-28544 |
"{D3FECB00-EC4B-49DC-9355-86CBBD97CDF6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{EB1D42D3-CFF3-4E06-954B-5CE5E9940908}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{EBE8FC9B-16AF-4738-8167-7F98565C5E83}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{EC7E8A96-F4E3-4CFF-B4F3-82B577DFCF9E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EF9DF297-FE22-4587-9C80-D1A32AE1310E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F0DA357F-60D6-4D1A-AC29-A81EA88D0A62}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{F861CC5A-2FCD-462E-832A-E39CD5539EE7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{FA5C7975-0987-4B64-B52A-160F718F7E43}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{1AC08262-5CC9-4B88-B12E-4851391B8023}C:\users\rry\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\rry\appdata\local\akamai\netsession_win.exe |
"TCP Query User{800CAB86-6727-4C5B-A347-8C29A0EEFA9D}C:\users\rry\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\rry\appdata\local\akamai\netsession_win.exe |
"TCP Query User{DA9B3256-F5E8-4E15-B4C0-DCDBA2E9793F}C:\program files\ibm\infoprint select\ipnotify.exe" = protocol=6 | dir=in | app=c:\program files\ibm\infoprint select\ipnotify.exe |
"TCP Query User{E0C714CE-EAB9-4EC9-9D75-7FA72B49FCD7}C:\program files\ibm\infoprint select\ipnotify.exe" = protocol=6 | dir=in | app=c:\program files\ibm\infoprint select\ipnotify.exe |
"UDP Query User{096BA8F0-275F-4E06-A5D4-4F8E2F19F181}C:\program files\ibm\infoprint select\ipnotify.exe" = protocol=17 | dir=in | app=c:\program files\ibm\infoprint select\ipnotify.exe |
"UDP Query User{1F171C68-4DD9-493F-99C6-09369A9328A3}C:\users\rry\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\rry\appdata\local\akamai\netsession_win.exe |
"UDP Query User{32CAB5EB-9A25-4FE7-ABD5-C035BB727178}C:\program files\ibm\infoprint select\ipnotify.exe" = protocol=17 | dir=in | app=c:\program files\ibm\infoprint select\ipnotify.exe |
"UDP Query User{D4698847-E2FC-4752-9D9E-47EDACC8FAC8}C:\users\rry\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\rry\appdata\local\akamai\netsession_win.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{235E711E-20A7-4BF4-8913-B295343A4996}" = AvcEngine
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java™ 6 Update 24 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel® PROSet/Wireless WiFi Software
"{2D2820A1-F214-4B7A-912E-A87E5608CF10}" = Motorola Mobile Drivers Installation 5.0.0
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5A80B0BA-79AF-4B11-B851-CCB9F7977AC0}" = Intel® PROSet/Wireless Software for Bluetooth® Technology
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}" = AdAwareUpdater
"{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater" = Ad-Aware Antivirus
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Driver
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{721A858C-9C26-4832-8958-CDAFFC596E3D}" = AntispamEngine
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{877C7A27-7529-4B0C-BA7B-4D697E90DDC1}" = FirewallEngine
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A8F67345-FA75-4E99-AEBA-DE9BFE708A49}" = OnlineThreatsEngine
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B678797F-DF38-4556-8A31-8B818E261868}" = Apple Mobile Device Support
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel® Turbo Boost Technology Monitor 2.0
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CC347FC6-C8D7-493A-B70E-1D89E22691A7}" = AntimalwareEngine
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E56846B3-745F-443C-9C17-BC371A0902E0}" = AdAwareInstaller
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F46AA0F1-E284-4878-A462-5F11B9166C0E}" = iTunes
"ProInst" = Intel PROSet Wireless
"Recuva" = Recuva
"WinRAR archiver" = WinRAR 4.01 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03703CBB-563D-45CE-8B35-CB04CAB258BE}" = Intel® WiDi
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0EEBAFB5-CB0F-4E1A-A33F-4ECAF15CE2F9}" = Dell Digital Delivery
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10 Platinum HD
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}" = Nero 10 Menu TemplatePack 1
"{43FBAB46-5969-4200-9958-1FF81FEE506F}" = Nero 10 Movie ThemePack 1
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66AF6743-9222-499E-8F09-7613033274E8}" = InfoPrint Select
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Internet Security
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70F19404-B96C-4EBB-AD2B-3574F8736197}" = Nero 10 Movie ThemePack 2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85BEC8F6-9AA3-43FF-B56B-8276277137B3}" = Nero 10 Video TransitionPack 1
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}" = Dell MusicStage
"{92146419-AE44-4C8B-A48B-0ABB1B5EC026}" = Nero 10 Menu TemplatePack 3
"{92A10E9D-EA00-4A46-8F22-EEA660992D61}" = Nero 10 Sample Videos
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{96ED4B78-300E-4033-AE6C-C115CEB4DF07}" = Nero 10 ClipartPack
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C5C8B8B-D972-4901-B3A4-0987E288A0C3}" = IBM SmartCloud Meetings for IBM
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}" = Nero 10 Movie ThemePack 4
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA31EA7B-7917-4000-949B-38E91F848A25}" = Internet Explorer
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}" = Dell Home Systems Service Agreement
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.1) MUI
"{ACD15FDF-FC42-4175-B477-576F92FF2256}" = Nero 10 Sample ImagePack
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{C16A92EF-017B-4839-9C75-FBADB5A1FA27}" = TrustedID
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}" = Dell Marketplace Webslice IE8
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D91CBC0D-D45B-4FE7-AF44-E2BDD302CD9F}" = WebSlingPlayer ActiveX
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}" = Nero 10 Movie ThemePack 3
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}" = Dell Stage
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E712C273-7564-4C8E-AA59-0FA19BC35117}" = Nero 10 Menu TemplatePack 2
"{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}" = Cozi
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}" = Nero 10 PiP EffectPack 1
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2F7D8E1-03A2-11E1-AA2E-F04DA23A5C58}" = MSVCRT Redists
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 15 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"BitTorrent" = BitTorrent
"BitTorrentBar Toolbar" = BitTorrentBar Toolbar
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Dell Webcam Central" = Dell Webcam Central
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
"InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}" = Kaspersky Internet Security
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.3.1025
"MotoHelper" = MotoHelper 2.0.45 Driver 5.0.0
"Mozilla Firefox 34.0.5 (x86 en-US)" = Mozilla Firefox 34.0.5 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"ScanWiz" = ScanWiz
"VDC_is1" = Video Download Converter version 1.0.0.0
"VLC media player" = VLC media player 2.1.2
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12/7/2013 10:32:21 AM | Computer Name = rry-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
 Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component
 version required by the application conflicts with another component version already
 active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 12/7/2013 10:32:55 AM | Computer Name = rry-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 12/7/2013 10:36:15 AM | Computer Name = rry-PC | Source = TOASTER.EXE | ID = 0
Description = An Unhandled Exception occured. The process cannot access the file
'C:\Users\rry\AppData\local\softthinks\scheduler.xml' because it is being used
 by another process.    at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)

   at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
 SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)     at System.IO.FileStream..ctor(String
 path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)     at
 System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)     at
 System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)

   at System.Xml.XmlTextReaderImpl.OpenUrlDelegate(Object xmlResolver)     at System.Threading.CompressedStack.runTryCode(Object
 userData)     at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode
 code, CleanupCode backoutCode, Object userData)     at System.Threading.CompressedStack.Run(CompressedStack
 compressedStack, ContextCallback callback, Object state)     at System.Xml.XmlTextReaderImpl.OpenUrl()

   at System.Xml.XmlTextReaderImpl.Read()     at System.Xml.XmlLoader.Load(XmlDocument
 doc, XmlReader reader, Boolean preserveWhitespace)     at System.Xml.XmlDocument.Load(XmlReader
 reader)     at System.Xml.XmlDocument.Load(String filename)     at Toaster.SchedulerReader.read()

   at Toaster.Notifications.FullSystemBackup.FsbHelper.IsFsbScheduledNow()     at
Toaster.MainWindowViewModel.NotificationsTimerTick(Object sender, EventArgs e)    
 at System.Windows.Threading.DispatcherTimer.FireTick(Object unused)     at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
 callback, Object args, Boolean isSingleParameter)     at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
 source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
 
Error - 12/7/2013 11:14:11 AM | Computer Name = rry-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
 Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component
 version required by the application conflicts with another component version already
 active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 12/7/2013 7:34:17 PM | Computer Name = rry-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
 10\Nero SoundTrax\NMDllHost.exe.Manifest".Error in manifest or policy file "C:\Program
 Files (x86)\Nero\Nero 10\Nero SoundTrax\NFD\NFD.MANIFEST" on line 3.  Component identity
 found in manifest does not match the identity of the component requested.  Reference
 is NFD,type="win32",version="5.2.0.0".  Definition is NFD,type="win32",version="5.0.0.0".
Please
 use sxstrace.exe for detailed diagnosis.
 
Error - 12/7/2013 7:35:16 PM | Computer Name = rry-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\Program Files (x86)\Cozi
 Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component
 version required by the application conflicts with another component version already
 active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 12/7/2013 7:35:53 PM | Computer Name = rry-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files (x86)\Common
 Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
 Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3.  The value
 "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
 "version" in element "assemblyIdentity" is invalid.
 
Error - 12/9/2013 1:15:05 PM | Computer Name = rry-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 12/9/2013 1:15:12 PM | Computer Name = rry-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
 Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component
 version required by the application conflicts with another component version already
 active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 12/9/2013 1:15:17 PM | Computer Name = rry-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files (x86)\Cozi
 Express\CoziExpress.exe".Error in manifest or policy file "" on line .  A component
 version required by the application conflicts with another component version already
 active.  Conflicting components are:.  Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
[ System Events ]
Error - 12/16/2014 6:37:36 AM | Computer Name = rry-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:33:17 AM on ?12/?16/?2014 was unexpected.
 
Error - 12/16/2014 6:35:00 AM | Computer Name = rry-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
 Event Log service to connect.
 
Error - 12/16/2014 6:35:00 AM | Computer Name = rry-PC | Source = Service Control Manager | ID = 7000
Description = The Windows Event Log service failed to start due to the following
 error:   %%1053
 
Error - 12/16/2014 6:35:00 AM | Computer Name = rry-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Windows
 Audio service to connect.
 
Error - 12/16/2014 6:35:00 AM | Computer Name = rry-PC | Source = Service Control Manager | ID = 7000
Description = The Windows Audio service failed to start due to the following error:
   %%1053
 
Error - 12/16/2014 6:42:49 AM | Computer Name = rry-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 12/18/2014 5:23:46 PM | Computer Name = rry-PC | Source = NetBT | ID = 4300
Description = The driver could not be created.
 
Error - 12/18/2014 5:23:46 PM | Computer Name = rry-PC | Source = NetBT | ID = 4300
Description = The driver could not be created.
 
Error - 12/18/2014 5:25:30 PM | Computer Name = rry-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
 response from the SftService service.
 
Error - 12/18/2014 5:28:35 PM | Computer Name = rry-PC | Source = Service Control Manager | ID = 7034
Description = The Dell Digital Delivery Service service terminated unexpectedly.
  It has done this 1 time(s).
 
 
< End of report >
 


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hello,

You're already getting help from Ron, is that correct ?

Joe
  • 0

#3
givemefood

givemefood

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

Well he helped me with my other PC. So I am not sure if he is helping with this particular issue. I dont know.


  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
If this is a different pc, I'll help you.


First

Drive C: | 446.13 Gb Total Space | 4.40 Gb Free Space | 0.99% Space Free | Partition Type: NTFS

Your C drive is out of free space, you need 20% or the drive will enventually fail for you.
Remove programs you're not using, delete pictures, videos, documents or move them to an external drive in order to free up space.

Next you have 2 Anti Virus programs running.
  • Kaspersky Internet Security 14.0.0
  • Ad-Aware Antivirus
The real-time protection of two antivirus programs may conflict with each other and cause the following:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.[* ]Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
  • Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.
Please uninstall one of them.

Next this might help on the free space


Download TFC by OldTimer http://oldtimer.geekstogo.com/TFC.exe to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

Let me know when you have 20 to 15% Free space and that you have uninstalled 1 of the Anti Virs programs and we will start from there.

Thanks
Joe :)
  • 0

#5
givemefood

givemefood

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

thanks Joe. Did everything you suggested, and now my C: has 56GB free space.

 

Please suggest next steps.


  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Very good.

I want to see a different scan that consists of 2 Log reports called FRST.TXT and Additions.txt. The most important thing is to download the tool to the desktop.. Not the downloads folder./

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

#7
givemefood

givemefood

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

FRST.txt

-----------

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by rry (administrator) on rry-PC on 19-12-2014 14:33:24
Running from C:\Users\rry\Desktop
Loaded Profile: rry (Available profiles: rry)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Akamai Technologies, Inc.) C:\Users\rry\AppData\Local\Akamai\netsession_win.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Akamai Technologies, Inc.) C:\Users\rry\AppData\Local\Akamai\netsession_win.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-12-17] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-04-29] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\...\Run: [Akamai NetSession Interface] => C:\Users\rry\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\...\RunOnce: [Adobe Speed Launcher] => 1419009470
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
Startup: C:\Users\rry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
BootExecute: autocheck autochk * lsdelete

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {BD6D96EF-2C70-426B-9BB5-95017B2D9E15} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {BD6D96EF-2C70-426B-9BB5-95017B2D9E15} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {BD6D96EF-2C70-426B-9BB5-95017B2D9E15} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {BD6D96EF-2C70-426B-9BB5-95017B2D9E15} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 -> DefaultScope {BD6D96EF-2C70-426B-9BB5-95017B2D9E15} URL =
SearchScopes: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 -> {BD6D96EF-2C70-426B-9BB5-95017B2D9E15} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\mskapbho.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: BitTorrentBar Toolbar -> {88c7f2aa-f93f-432c-8f0e-b7d85967a527} -> C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
DPF: HKLM-x32 {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} https://w3-03.ibm.co...n/gpwsx-4.1.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\rry\AppData\Roaming\Mozilla\Firefox\Profiles\wayk30wt.default
FF Homepage: hxxp://google.com
FF Keyword.URL: hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=4DB91E96-E812-43DF-BEBB-413F19D35A15&n=77fc22f2&ind=2013012722&p2=^HJ^xdm017^YY^us&si=pconverter&searchfor=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @IBM.com/WDPlugin,version=1 -> C:\Program Files\Mozilla Firefox\plugins ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2704821723-1422953371-2779263932-1001: @IBM.com/WDPlugin,version=1 -> C:\Program Files\Mozilla Firefox\plugins ()
FF user.js: detected! => C:\Users\rry\AppData\Roaming\Mozilla\Firefox\Profiles\wayk30wt.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-12-08]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-12-18]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-12-18]
FF Extension: No Name - [email protected] [Not Found]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\rry\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-12-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-12-18]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\rry\AppData\Local\Temp\crx75FB.tmp [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2010-12-14] (Intel Corporation) [File not signed]
R2 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-12-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [974912 2010-12-14] (Intel Corporation) [File not signed]
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-12-18] (McAfee, Inc.)
S4 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [226624 2011-01-27] ()
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-12-23] (Lavasoft AB)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-10] (Malwarebytes Corporation)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-12-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 14:33 - 2014-12-19 14:34 - 00024924 _____ () C:\Users\rry\Desktop\FRST.txt
2014-12-19 14:33 - 2014-12-19 14:33 - 00000000 ____D () C:\FRST
2014-12-19 14:32 - 2014-12-19 14:32 - 02121216 _____ (Farbar) C:\Users\rry\Desktop\FRST64.exe
2014-12-19 09:18 - 2014-12-19 09:18 - 00448512 _____ (OldTimer Tools) C:\Users\rry\Desktop\TFC.exe
2014-12-18 18:21 - 2014-12-19 12:42 - 00001806 _____ () C:\Users\Public\Desktop\McAfee Multi Access - Total Protection.lnk
2014-12-18 18:19 - 2014-12-19 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-12-18 18:19 - 2014-12-19 12:20 - 00000000 __RSD () C:\Users\rry\Documents\McAfee Vaults
2014-12-18 18:19 - 2014-12-18 18:19 - 00000000 ____D () C:\Users\rry\AppData\Local\McAfee File Lock
2014-12-18 18:19 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2014-12-18 18:19 - 2013-09-09 11:11 - 00074560 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\McPvDrv.sys
2014-12-18 18:18 - 2014-12-18 23:24 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-12-18 18:18 - 2014-12-18 18:20 - 00000000 ____D () C:\Program Files\McAfee
2014-12-18 18:18 - 2014-12-18 18:18 - 00000000 ____D () C:\Program Files\McAfee.com
2014-12-18 18:18 - 2014-12-18 18:18 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2014-12-18 17:49 - 2014-12-18 17:51 - 00000000 ____D () C:\Program Files\stinger
2014-12-18 17:48 - 2014-12-18 18:20 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-12-18 17:48 - 2014-12-18 17:49 - 00189912 _____ (McAfee, Inc.) C:\Windows\system32\mfevtps.exe
2014-12-18 17:48 - 2014-12-18 17:48 - 05160608 _____ (McAfee, Inc.) C:\Users\rry\Downloads\McAfeeSetup-LINK.exe
2014-12-18 17:01 - 2014-12-18 17:01 - 00097938 _____ () C:\Users\rry\Downloads\Extras.Txt
2014-12-18 17:00 - 2014-12-18 17:00 - 00230332 _____ () C:\Users\rry\Downloads\OTL.Txt
2014-12-18 16:48 - 2014-12-18 16:48 - 00602112 _____ (OldTimer Tools) C:\Users\rry\Downloads\OTL.exe
2014-12-18 16:39 - 2014-12-13 00:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 16:39 - 2014-12-12 22:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 16:23 - 2014-12-17 16:23 - 00000000 ____D () C:\Users\rry\Documents\Velan
2014-12-14 20:15 - 2014-12-17 02:10 - 00000000 ____D () C:\Users\rry\Downloads\www.TamilRockers.com - Naaigal Jaakirathai (2014)[1080p HD - AVC - MP4 - 2.5GB - Tamil]
2014-12-14 20:15 - 2014-12-16 20:37 - 00000000 ____D () C:\Users\rry\Downloads\www.TamilRockers.com - Thirudan Police (2014)[720p HD - AVC - MP4 - 1.4GB - Tamil]
2014-12-14 20:15 - 2014-12-14 20:15 - 00000000 ____D () C:\Users\rry\Downloads\www.TamilRockers.com - Gnana Kirukkan (2014)[1080p HD - AVC - MP4 - 3.6GB - Tamil]
2014-12-12 14:24 - 2014-12-12 14:24 - 00030243 _____ () C:\ComboFix.txt
2014-12-12 14:06 - 2011-06-26 01:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-12 14:06 - 2010-11-07 12:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-12 14:06 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-12 14:06 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-12 14:06 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-12 14:06 - 2000-08-30 19:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-12 14:06 - 2000-08-30 19:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-12 14:06 - 2000-08-30 19:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-12 14:04 - 2014-12-12 14:24 - 00000000 ____D () C:\Qoobox
2014-12-12 14:03 - 2014-12-12 14:22 - 00000000 ____D () C:\Windows\erdnt
2014-12-11 03:03 - 2014-10-17 21:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:03 - 2014-10-17 20:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 03:03 - 2014-07-06 21:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 03:03 - 2014-07-06 21:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 03:03 - 2014-07-06 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 03:03 - 2014-07-06 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 03:03 - 2014-07-06 20:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 03:03 - 2014-07-06 20:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 03:03 - 2014-07-06 20:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 03:03 - 2014-07-06 20:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 20:19 - 2014-11-26 20:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 20:19 - 2014-11-26 20:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 20:19 - 2014-11-21 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 20:19 - 2014-11-21 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 20:19 - 2014-11-21 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 20:19 - 2014-11-21 21:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 20:19 - 2014-11-21 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 20:19 - 2014-11-21 21:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 20:19 - 2014-11-21 21:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 20:19 - 2014-11-21 21:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 20:19 - 2014-11-21 21:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 20:19 - 2014-11-21 21:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 20:19 - 2014-11-21 21:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 20:19 - 2014-11-21 21:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 20:19 - 2014-11-21 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 20:19 - 2014-11-21 21:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 20:19 - 2014-11-21 21:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 20:19 - 2014-11-21 21:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 20:19 - 2014-11-21 21:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 20:19 - 2014-11-21 21:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 20:19 - 2014-11-21 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 20:19 - 2014-11-21 21:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 20:19 - 2014-11-21 21:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 20:19 - 2014-11-21 20:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 20:19 - 2014-11-21 20:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 20:19 - 2014-11-21 20:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 20:19 - 2014-11-21 20:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 20:19 - 2014-11-21 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 20:19 - 2014-11-21 20:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 20:19 - 2014-11-21 20:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 20:19 - 2014-11-21 20:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 20:19 - 2014-11-21 20:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 20:19 - 2014-11-21 20:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 20:19 - 2014-11-21 20:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 20:19 - 2014-11-21 20:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 20:19 - 2014-11-21 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 20:19 - 2014-11-21 20:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 20:19 - 2014-11-21 20:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 20:19 - 2014-11-21 20:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 20:19 - 2014-11-21 20:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 20:19 - 2014-11-21 20:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 20:19 - 2014-11-21 20:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 20:19 - 2014-11-21 20:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 20:19 - 2014-11-21 20:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 20:19 - 2014-11-21 19:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 20:19 - 2014-11-21 19:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 20:19 - 2014-11-10 20:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 20:19 - 2014-11-07 22:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 20:19 - 2014-11-07 21:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 20:18 - 2014-11-21 22:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 20:18 - 2014-11-21 21:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 20:18 - 2014-11-21 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 20:18 - 2014-11-21 21:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 20:18 - 2014-11-21 21:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 20:18 - 2014-11-21 21:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 20:18 - 2014-11-21 20:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 20:18 - 2014-11-21 20:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 20:06 - 2014-11-10 22:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 20:06 - 2014-11-10 21:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 20:03 - 2014-10-29 21:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 20:03 - 2014-10-29 20:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 20:03 - 2014-10-02 21:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 20:03 - 2014-10-02 21:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 20:03 - 2014-10-02 21:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 20:03 - 2014-10-02 21:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 20:03 - 2014-10-02 21:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 20:03 - 2014-10-02 20:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 20:03 - 2014-10-02 20:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 20:03 - 2014-10-02 20:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 20:03 - 2014-10-02 20:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 20:03 - 2014-10-02 20:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 12:30 - 2014-12-09 12:30 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-08 10:57 - 2014-12-08 10:57 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-12-08 10:57 - 2014-12-08 10:57 - 00002212 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-12-08 10:57 - 2014-12-08 10:57 - 00002142 _____ () C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2014-12-08 10:57 - 2014-12-08 10:57 - 00002051 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-12-08 10:57 - 2014-12-08 10:57 - 00002028 _____ () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2014-12-08 10:56 - 2014-12-08 10:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-08 10:49 - 2014-12-08 10:50 - 00000000 ____D () C:\Users\rry\Desktop\Adobe Acrobat XI
2014-12-04 08:20 - 2014-12-04 08:22 - 00000000 ____D () C:\Users\rry\Downloads\Toy Story That Time Forgot(2014)720p DD5.1 NedSubs TBS
2014-12-02 12:44 - 2014-12-03 11:26 - 00000000 ____D () C:\Users\rry\Downloads\NFL Week15 12-19-2010 PHI at NYG
2014-11-29 15:28 - 2014-11-29 15:44 - 00000000 ____D () C:\Users\rry\Downloads\The.Hundred-Foot.Journey.2014.720p.BluRay.x264-SPARKS[rarbg]
2014-11-29 15:25 - 2014-12-05 21:26 - 00000000 ____D () C:\Users\rry\Downloads\Sherlock - Season 1 (2010) 720p MKV x264 AC3 BRrip [Pioneer]
2014-11-27 07:40 - 2014-11-27 07:40 - 00000000 ____D () C:\Users\rry\AppData\Roaming\LavasoftStatistics
2014-11-27 07:39 - 2014-11-27 07:39 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-11-21 14:43 - 2014-11-21 14:43 - 00000000 ____D () C:\Users\rry\Downloads\Uthama Puthiran (1958) Tamil Xvid 1.0g - No Subs, Shivaji Ganesan, Padmini [DDR]
2014-11-19 09:28 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 09:28 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 09:28 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 09:28 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 13:58 - 2013-05-22 13:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-19 13:39 - 2013-09-14 18:35 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 13:19 - 2011-06-30 06:36 - 01680438 _____ () C:\Windows\WindowsUpdate.log
2014-12-19 12:28 - 2009-07-13 23:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-19 12:28 - 2009-07-13 23:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-19 12:18 - 2011-06-30 04:56 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-12-19 12:17 - 2013-09-14 18:35 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-19 12:17 - 2012-02-27 05:35 - 00089372 _____ () C:\aaw7boot.log
2014-12-19 12:17 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-19 12:17 - 2009-07-13 23:51 - 00120834 _____ () C:\Windows\setupact.log
2014-12-19 10:28 - 2012-02-26 15:48 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-12-19 09:18 - 2011-06-30 05:17 - 00000000 ____D () C:\ProgramData\Sonic
2014-12-19 09:14 - 2010-11-20 22:47 - 00208564 _____ () C:\Windows\PFRO.log
2014-12-19 08:48 - 2014-05-14 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2014-12-18 23:23 - 2011-06-30 05:11 - 00000000 ____D () C:\ProgramData\McAfee
2014-12-18 21:50 - 2011-09-28 12:29 - 00000000 ____D () C:\Users\rry\AppData\Roaming\BitTorrent
2014-12-18 17:49 - 2014-06-20 10:26 - 00786296 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\mfehidk.sys
2014-12-18 16:22 - 2011-10-01 13:31 - 00000000 ____D () C:\Users\rry\AppData\Roaming\vlc
2014-12-16 16:15 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-15 16:31 - 2009-07-14 00:13 - 00786622 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-12 14:22 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-11 04:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 03:35 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 03:19 - 2013-10-20 11:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:19 - 2011-11-12 16:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:07 - 2011-10-06 07:10 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 21:14 - 2014-07-07 06:09 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-10 20:35 - 2012-12-31 09:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-10 14:43 - 2011-09-28 11:47 - 00158240 _____ () C:\Users\rry\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-10 13:24 - 2009-07-13 23:45 - 05090184 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-09 22:58 - 2013-05-22 13:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 22:58 - 2012-05-29 05:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 22:58 - 2011-10-22 06:01 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-08 11:00 - 2011-09-30 18:10 - 00000000 ____D () C:\Users\rry\AppData\Local\Adobe
2014-12-08 10:58 - 2011-11-17 21:20 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-12-08 10:54 - 2011-06-30 04:55 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-05 13:31 - 2014-10-11 07:35 - 00000000 ____D () C:\Users\rry\Downloads\The Lunchbox (2013) - 720p BRRip - x264 - Untouched DTS - ESubs - [Team ExDR]
2014-11-24 14:04 - 2010-11-20 22:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-21 14:39 - 2014-11-11 11:19 - 00001789 _____ () C:\Users\Public\Desktop\Recuva.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 18:11

==================== End Of Log ============================

 

 

Addition.txt

--------------

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by rry at 2014-12-19 14:35:03
Running from C:\Users\rry\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Akamai NetSession Interface (HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.8.0.29626 - BitTorrent Inc.)
BitTorrentBar Toolbar (HKLM-x32\...\BitTorrentBar Toolbar) (Version: 6.6.0.19 - BitTorrentBar)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.55 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.55 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{0EEBAFB5-CB0F-4E1A-A33F-4ECAF15CE2F9}) (Version: 1.5.1249.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell Marketplace Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Stage (HKLM-x32\...\{E2EBA7C0-8072-447F-856D-FFEE8D15B23B}) (Version: 1.5.201.0 - Fingertapps)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 7.1.13400.42.0 - Nero AG) Hidden
IBM SmartCloud Meetings for IBM (HKLM-x32\...\{9C5C8B8B-D972-4901-B3A4-0987E288A0C3}) (Version: 8.5.10.40 - IBM Corporation)
InfoPrint Select (HKLM-x32\...\{66AF6743-9222-499E-8F09-7613033274E8}) (Version: 4.3.0 - InfoPrint Solutions Company)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2345 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{5A80B0BA-79AF-4B11-B851-CCB9F7977AC0}) (Version: 1.0.1.0489 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® WiDi (HKLM-x32\...\{03703CBB-563D-45CE-8B35-CB04CAB258BE}) (Version: 2.1.38.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java™ 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Java™ 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Multi Access - Total Protection (HKLM-x32\...\MSC) (Version: 12.8.992 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.154 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MotoHelper 2.0.45 Driver 5.0.0 (HKLM-x32\...\MotoHelper) (Version: 2.0.45 - Motorola)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 5.0.0 (Version: 5.0.0 - Motorola Inc.) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 ClipartPack (HKLM-x32\...\{96ED4B78-300E-4033-AE6C-C115CEB4DF07}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Menu TemplatePack 1 (HKLM-x32\...\{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}) (Version: 10.2.10000.0.0 - Nero AG)
Nero 10 Menu TemplatePack 2 (HKLM-x32\...\{E712C273-7564-4C8E-AA59-0FA19BC35117}) (Version: 10.2.10000.0.0 - Nero AG)
Nero 10 Menu TemplatePack 3 (HKLM-x32\...\{92146419-AE44-4C8B-A48B-0ABB1B5EC026}) (Version: 10.2.10100.1.0 - Nero AG)
Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Movie ThemePack 2 (HKLM-x32\...\{70F19404-B96C-4EBB-AD2B-3574F8736197}) (Version: 10.2.10100.1.0 - Nero AG)
Nero 10 Movie ThemePack 3 (HKLM-x32\...\{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}) (Version: 10.2.10100.1.0 - Nero AG)
Nero 10 Movie ThemePack 4 (HKLM-x32\...\{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}) (Version: 10.2.10100.1.0 - Nero AG)
Nero 10 PiP EffectPack 1 (HKLM-x32\...\{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}) (Version: 10.2.10000.0.0 - Nero AG)
Nero 10 Sample ImagePack (HKLM-x32\...\{ACD15FDF-FC42-4175-B477-576F92FF2256}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Sample Videos (HKLM-x32\...\{92A10E9D-EA00-4A46-8F22-EEA660992D61}) (Version: 10.2.10000.11.0 - Nero AG)
Nero 10 Video TransitionPack 1 (HKLM-x32\...\{85BEC8F6-9AA3-43FF-B56B-8276277137B3}) (Version: 10.2.10000.0.0 - Nero AG)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.6.11000.11.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.2.10700.7.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10300.1.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.11100.12.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10300.5.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.12300.27.100 - Nero AG)
Nero Multimedia Suite 10 Platinum HD (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.5.10900 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.8.10400.3.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10600.7.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.8.10200.1.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11100.10.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.2.14700.9.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.8.10400.2.100 - Nero AG)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.15 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
ScanWiz (HKLM-x32\...\ScanWiz) (Version: 2.20 - Softi Software)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Video Download Converter version 1.0.0.0 (HKLM-x32\...\VDC_is1) (Version: 1.0.0.0 - ) <==== ATTENTION
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebSlingPlayer ActiveX (HKLM-x32\...\{D91CBC0D-D45B-4FE7-AF44-E2BDD302CD9F}) (Version: 1.5.7158 - Sling Media)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

18-12-2014 23:25:56 Scheduled Checkpoint
19-12-2014 03:00:16 Windows Update
19-12-2014 10:26:33 AA11

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2014-12-12 14:22 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1803F9FC-AEFB-4C3C-8794-BB5F5B0D68A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {5602AC28-4CD8-42D5-85E5-5F52982F68E8} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {7A632DFF-72B9-4D5C-A774-F15C7BBC72F7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-14] (Google Inc.)
Task: {82D094E9-754E-48EE-8962-791E21A3DC0D} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {894ED880-A6A7-45FE-9FFA-B83F91165678} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {94D03F17-F5D9-4A27-8E23-A77AF5B78FE6} - System32\Tasks\4803 => Wscript.exe C:\Users\rry\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {957BC11E-61E5-4736-8AF6-ABC951AF0A26} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {A28009A7-B8E3-4E7C-87A2-369DF2C4928E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-14] (Google Inc.)
Task: {A690D62F-3A47-47D4-B08D-30FEB6866C30} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {AA6D854D-709A-4C4C-8ADF-751B4AB99C8E} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-02-22 10:41 - 2010-03-15 23:14 - 00268800 _____ () C:\Windows\System32\selpms.dll
2012-02-22 10:41 - 2010-03-15 23:13 - 01132544 _____ () C:\Windows\System32\pdclntif.dll
2010-11-10 22:53 - 2010-11-10 22:53 - 00817136 _____ () C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll
2011-09-28 14:22 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-06-30 06:16 - 2011-03-26 18:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-04-29 18:18 - 2011-04-29 18:18 - 00885760 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2011-06-30 04:56 - 2011-05-16 10:33 - 02748736 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-04-29 18:13 - 2011-04-29 18:13 - 07938048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2011-04-29 18:13 - 2011-04-29 18:13 - 02225664 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2014-12-09 12:30 - 2014-12-09 12:30 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: fsssvc => 3
MSCONFIG\Services: Lavasoft Ad-Aware Service => 2
MSCONFIG\Services: MotoHelper => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^InfoPrint Select Notification.lnk => C:\Windows\pss\InfoPrint Select Notification.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^rry^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

========================= Accounts: ==========================

Administrator (S-1-5-21-2704821723-1422953371-2779263932-500 - Administrator - Disabled)
Guest (S-1-5-21-2704821723-1422953371-2779263932-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2704821723-1422953371-2779263932-1002 - Limited - Enabled)
rry (S-1-5-21-2704821723-1422953371-2779263932-1001 - Administrator - Enabled) => C:\Users\rry

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/19/2014 00:23:36 PM) (Source: TOASTER.EXE) (EventID: 0) (User: )
Description: An Unhandled Exception occured.
The process cannot access the file 'C:\Users\rry\AppData\local\softthinks\scheduler.xml' because it is being used by another process.
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
   at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)
   at System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)
   at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
   at System.Xml.XmlTextReaderImpl.OpenUrlDelegate(Object xmlResolver)
   at System.Threading.CompressedStack.runTryCode(Object userData)
   at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData)
   at System.Threading.CompressedStack.Run(CompressedStack compressedStack, ContextCallback callback, Object state)
   at System.Xml.XmlTextReaderImpl.OpenUrl()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
   at System.Xml.XmlDocument.Load(XmlReader reader)
   at System.Xml.XmlDocument.Load(String filename)
   at Toaster.SchedulerReader.read()
   at Toaster.Notifications.FullSystemBackup.FsbHelper.IsFsbScheduledNow()
   at Toaster.Notifications.FullSystemBackup.FsbHelper.CheckReminder()
   at Toaster.Helper.CheckReminders(ObservableCollection`1 notificationHelpers)
   at Toaster.MainWindowViewModel.NotificationsTimerTick(Object sender, EventArgs e)
   at System.Windows.Threading.DispatcherTimer.FireTick(Object unused)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)

Error: (12/19/2014 00:20:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/19/2014 00:18:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/19/2014 00:18:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/19/2014 00:18:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/19/2014 10:28:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/19/2014 10:28:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/19/2014 10:27:25 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/19/2014 10:26:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/19/2014 09:38:52 AM) (Source: TOASTER.EXE) (EventID: 0) (User: )
Description: An Unhandled Exception occured.
The process cannot access the file 'C:\Users\rry\AppData\local\softthinks\scheduler.xml' because it is being used by another process.
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
   at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)
   at System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)
   at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
   at System.Xml.XmlTextReaderImpl.OpenUrlDelegate(Object xmlResolver)
   at System.Threading.CompressedStack.runTryCode(Object userData)
   at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData)
   at System.Threading.CompressedStack.Run(CompressedStack compressedStack, ContextCallback callback, Object state)
   at System.Xml.XmlTextReaderImpl.OpenUrl()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
   at System.Xml.XmlDocument.Load(XmlReader reader)
   at System.Xml.XmlDocument.Load(String filename)
   at Toaster.SchedulerReader.read()
   at Toaster.Notifications.FullSystemBackup.FsbHelper.IsFsbScheduledNow()
   at Toaster.Notifications.FullSystemBackup.FsbHelper.CheckReminder()
   at Toaster.Helper.CheckReminders(ObservableCollection`1 notificationHelpers)
   at Toaster.MainWindowViewModel.NotificationsTimerTick(Object sender, EventArgs e)
   at System.Windows.Threading.DispatcherTimer.FireTick(Object unused)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


System errors:
=============
Error: (12/19/2014 00:20:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/19/2014 00:18:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 10.0.0.5.
The computer with the IP address 10.0.0.9 did not allow the name to be claimed by
this computer.

Error: (12/19/2014 09:37:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/19/2014 09:34:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (12/19/2014 09:19:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/19/2014 09:18:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/19/2014 08:44:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/18/2014 09:57:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/18/2014 09:56:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Ad-Aware Service 11 service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/18/2014 09:55:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avp service.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-12 14:17:32.757
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-12-12 14:17:32.679
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-05-14 18:08:31.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 18:08:31.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 18:07:18.889
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 18:07:18.889
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 18:07:15.209
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 18:07:15.209
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 18:07:14.979
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-05-14 18:07:14.969
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 48%
Total physical RAM: 4010.17 MB
Available physical RAM: 2053.89 MB
Total Pagefile: 8018.52 MB
Available Pagefile: 5646.85 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:446.13 GB) (Free:56.66 GB) NTFS
Drive d: (Strega Nona) (CDROM) (Total:3.11 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 07F2837E)
Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=446.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#8
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hello,

What Anti Virus program are you using ?
  • 0

#9
givemefood

givemefood

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

I recently installed McAfee


  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Ok,

Don't make anymore changes to the computer as we work.

I see you ran Combofix. Were you getting help or did you just run it ?

Do you have the Combofix.txt log? It would be located here---> C:\ComboFix.txt

I also want to run the kaspersky removal tool see link below:

http://media.kaspers.../kavremover.exe
1. Save the file to the desktop.
2. Agree to the use.
3. Enter code and run the tool.

Post the combofix log if you have it.
Let me know you have run the kaspersky removal tool.

Thanks
Joe :)
  • 0

Advertisements


#11
givemefood

givemefood

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

I had already uninstalled Kaspersky. Heres the log for Combo.txt. I had tried to run it myself last week:

 

ComboFix 14-12-10.03 - rry 12/12/2014  14:08:20.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4010.1945 [GMT -5:00]
Running from: c:\users\rry\Downloads\ComboFix.exe
AV: Ad-Aware Antivirus *Enabled/Updated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Kaspersky Internet Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
FW: Kaspersky Internet Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Ad-Aware Antivirus *Enabled/Updated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Kaspersky Internet Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\rry\Documents\~WRL0001.tmp
c:\users\rry\Documents\~WRL0002.tmp
c:\users\rry\Documents\~WRL0005.tmp
c:\windows\SysWow64\NeW
c:\windows\SysWow64\NeW\IBMMenu.dll
.
.
(((((((((((((((((((((((((   Files Created from 2014-11-12 to 2014-12-12  )))))))))))))))))))))))))))))))
.
.
2014-12-12 19:21 . 2014-12-12 19:21    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-12-11 08:03 . 2014-07-07 02:06    55808    ----a-w-    c:\windows\system32\rrinstaller.exe
2014-12-11 08:03 . 2014-07-07 02:06    24576    ----a-w-    c:\windows\system32\mfpmp.exe
2014-12-11 08:03 . 2014-07-07 02:02    2048    ----a-w-    c:\windows\system32\mferror.dll
2014-12-11 08:03 . 2014-07-07 01:37    2048    ----a-w-    c:\windows\SysWow64\mferror.dll
2014-12-11 08:03 . 2014-10-18 01:33    3209728    ----a-w-    c:\windows\SysWow64\mf.dll
2014-12-11 08:03 . 2014-07-07 02:06    206848    ----a-w-    c:\windows\system32\mfps.dll
2014-12-11 08:03 . 2014-07-07 01:40    103424    ----a-w-    c:\windows\SysWow64\mfps.dll
2014-12-11 08:03 . 2014-07-07 01:39    50176    ----a-w-    c:\windows\SysWow64\rrinstaller.exe
2014-12-11 08:03 . 2014-07-07 01:39    23040    ----a-w-    c:\windows\SysWow64\mfpmp.exe
2014-12-11 08:03 . 2014-10-18 02:05    4121600    ----a-w-    c:\windows\system32\mf.dll
2014-12-11 01:18 . 2014-11-22 02:34    814080    ----a-w-    c:\windows\system32\jscript9diag.dll
2014-12-11 01:18 . 2014-11-22 01:47    1359360    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2014-12-11 01:18 . 2014-11-22 02:50    580096    ----a-w-    c:\windows\system32\vbscript.dll
2014-12-11 01:18 . 2014-11-22 02:34    6039552    ----a-w-    c:\windows\system32\jscript9.dll
2014-12-11 01:18 . 2014-11-22 03:13    950784    ----a-w-    c:\program files\Internet Explorer\iedvtool.dll
2014-12-11 01:18 . 2014-11-22 01:28    2358272    ----a-w-    c:\windows\system32\wininet.dll
2014-12-11 01:18 . 2014-11-27 01:43    293040    ----a-w-    c:\program files\Internet Explorer\sqmapi.dll
2014-12-11 01:18 . 2014-11-22 02:48    88064    ----a-w-    c:\windows\system32\MshtmlDac.dll
2014-12-11 01:18 . 2014-11-22 02:09    199680    ----a-w-    c:\windows\system32\msrating.dll
2014-12-11 01:18 . 2014-11-22 01:09    382976    ----a-w-    c:\program files\Internet Explorer\IEShims.dll
2014-12-11 01:18 . 2014-11-22 03:13    25059840    ----a-w-    c:\windows\system32\mshtml.dll
2014-12-11 01:18 . 2014-11-22 02:08    1016832    ----a-w-    c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2014-12-11 01:18 . 2014-11-22 03:00    10949120    ----a-w-    c:\program files\Internet Explorer\F12Resources.dll
2014-12-11 01:06 . 2014-11-11 03:09    1424384    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2014-12-11 01:06 . 2014-11-11 02:44    1230336    ----a-w-    c:\windows\SysWow64\WindowsCodecs.dll
2014-12-11 01:03 . 2014-10-30 02:03    165888    ----a-w-    c:\windows\system32\charmap.exe
2014-12-11 01:03 . 2014-10-30 01:45    155136    ----a-w-    c:\windows\SysWow64\charmap.exe
2014-12-11 01:03 . 2014-10-03 02:12    310272    ----a-w-    c:\windows\system32\WsmWmiPl.dll
2014-12-11 01:03 . 2014-10-03 02:12    2020352    ----a-w-    c:\windows\system32\WsmSvc.dll
2014-12-11 01:03 . 2014-10-03 02:12    346624    ----a-w-    c:\windows\system32\WSManMigrationPlugin.dll
2014-12-11 01:03 . 2014-10-03 02:11    266240    ----a-w-    c:\windows\system32\WSManHTTPConfig.exe
2014-12-11 01:03 . 2014-10-03 01:45    1177088    ----a-w-    c:\windows\SysWow64\WsmSvc.dll
2014-12-11 01:03 . 2014-10-03 02:12    181248    ----a-w-    c:\windows\system32\WsmAuto.dll
2014-12-11 01:03 . 2014-10-03 01:45    248832    ----a-w-    c:\windows\SysWow64\WSManMigrationPlugin.dll
2014-12-11 01:03 . 2014-10-03 01:45    214016    ----a-w-    c:\windows\SysWow64\WsmWmiPl.dll
2014-12-11 01:03 . 2014-10-03 01:45    145920    ----a-w-    c:\windows\SysWow64\WsmAuto.dll
2014-12-11 01:03 . 2014-10-03 01:44    198656    ----a-w-    c:\windows\SysWow64\WSManHTTPConfig.exe
2014-12-09 17:32 . 2014-12-11 10:34    75888    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{B4ABF53C-30BF-48F9-B115-9AF8AD5D970F}\offreg.dll
2014-12-09 17:30 . 2014-12-09 17:30    --------    d-----w-    c:\program files\Mozilla Firefox
2014-12-09 15:53 . 2014-11-02 04:20    11632448    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{B4ABF53C-30BF-48F9-B115-9AF8AD5D970F}\mpengine.dll
2014-12-08 16:19 . 2014-12-08 16:19    --------    d-----w-    c:\users\rry\AppData\Roaming\SolidDocuments
2014-11-27 18:30 . 2014-11-27 18:30    --------    d-----w-    c:\users\rry\AppData\Roaming\Lavasoft
2014-11-27 13:09 . 2014-11-27 13:09    --------    d-----w-    c:\programdata\BitDefender
2014-11-27 12:40 . 2014-07-10 19:09    2084072    ----a-w-    c:\windows\system32\bdnc.dll
2014-11-27 12:40 . 2014-07-10 19:08    195016    ----a-w-    c:\windows\system32\httproxy.dll
2014-11-27 12:40 . 2014-07-10 19:08    155912    ----a-w-    c:\windows\system32\bdpop3p.dll
2014-11-27 12:40 . 2014-07-10 19:08    122928    ----a-w-    c:\windows\system32\OEMbdpredir.dll
2014-11-27 12:40 . 2014-07-10 19:08    96160    ----a-w-    c:\windows\system32\bdpredir.dll
2014-11-27 12:40 . 2014-07-10 19:08    209984    ----a-w-    c:\windows\system32\BdFirewallSDK.dll
2014-11-27 12:40 . 2014-07-10 19:08    156936    ----a-w-    c:\windows\system32\bdfwcore.dll
2014-11-27 12:40 . 2014-07-10 19:08    1061776    ----a-w-    c:\windows\system32\bdsmtpp.dll
2014-11-27 12:38 . 2014-11-27 12:38    --------    d-----w-    c:\program files\Lavasoft
2014-11-27 12:20 . 2014-11-27 12:20    --------    d-----w-    c:\program files\Common Files\Lavasoft
2014-11-19 14:28 . 2014-11-11 03:08    241152    ----a-w-    c:\windows\system32\pku2u.dll
2014-11-19 14:28 . 2014-11-11 03:08    728064    ----a-w-    c:\windows\system32\kerberos.dll
2014-11-19 14:28 . 2014-11-11 02:44    186880    ----a-w-    c:\windows\SysWow64\pku2u.dll
2014-11-19 14:28 . 2014-11-11 02:44    550912    ----a-w-    c:\windows\SysWow64\kerberos.dll
2014-11-18 19:56 . 2014-11-18 19:56    1202848    ----a-w-    c:\windows\SysWow64\FM20.DLL
2014-11-13 08:40 . 2014-11-13 08:40    --------    d-sh--w-    c:\users\rry\AppData\Local\EmieBrowserModeList
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-11 08:07 . 2011-10-06 12:10    112710672    ----a-w-    c:\windows\system32\MRT.exe
2014-12-11 02:14 . 2014-07-07 11:09    129752    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-10 03:58 . 2012-05-29 10:44    701104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-10 03:58 . 2011-10-22 11:01    71344    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-04 19:30 . 2010-11-21 03:27    275080    ------w-    c:\windows\system32\MpSigStub.exe
2014-10-25 01:57 . 2014-11-12 08:44    77824    ----a-w-    c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-12 08:44    67584    ----a-w-    c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-12 08:43    861696    ----a-w-    c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-12 08:43    571904    ----a-w-    c:\windows\SysWow64\oleaut32.dll
2014-10-14 02:16 . 2014-11-12 08:45    155064    ----a-w-    c:\windows\system32\drivers\ksecpkg.sys
2014-10-14 02:13 . 2014-11-12 08:45    683520    ----a-w-    c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-12 08:43    3241984    ----a-w-    c:\windows\system32\msi.dll
2014-10-14 02:12 . 2014-11-12 08:45    1460736    ----a-w-    c:\windows\system32\lsasrv.dll
2014-10-14 02:09 . 2014-11-12 08:45    146432    ----a-w-    c:\windows\system32\msaudite.dll
2014-10-14 02:07 . 2014-11-12 08:45    681984    ----a-w-    c:\windows\system32\adtschema.dll
2014-10-14 01:50 . 2014-11-12 08:45    22016    ----a-w-    c:\windows\SysWow64\secur32.dll
2014-10-14 01:50 . 2014-11-12 08:43    2363904    ----a-w-    c:\windows\SysWow64\msi.dll
2014-10-14 01:49 . 2014-11-12 08:45    96768    ----a-w-    c:\windows\SysWow64\sspicli.dll
2014-10-14 01:47 . 2014-11-12 08:45    146432    ----a-w-    c:\windows\SysWow64\msaudite.dll
2014-10-14 01:46 . 2014-11-12 08:45    681984    ----a-w-    c:\windows\SysWow64\adtschema.dll
2014-10-10 00:57 . 2014-11-12 08:43    3198976    ----a-w-    c:\windows\system32\win32k.sys
2014-10-03 02:12 . 2014-11-12 08:44    500224    ----a-w-    c:\windows\system32\AUDIOKSE.dll
2014-10-03 02:11 . 2014-11-12 08:44    284672    ----a-w-    c:\windows\system32\EncDump.dll
2014-10-03 02:11 . 2014-11-12 08:44    680960    ----a-w-    c:\windows\system32\audiosrv.dll
2014-10-03 02:11 . 2014-11-12 08:44    440832    ----a-w-    c:\windows\system32\AudioEng.dll
2014-10-03 02:11 . 2014-11-12 08:44    296448    ----a-w-    c:\windows\system32\AudioSes.dll
2014-10-03 01:44 . 2014-11-12 08:44    442880    ----a-w-    c:\windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44 . 2014-11-12 08:44    374784    ----a-w-    c:\windows\SysWow64\AudioEng.dll
2014-10-03 01:44 . 2014-11-12 08:44    195584    ----a-w-    c:\windows\SysWow64\AudioSes.dll
2014-10-01 16:11 . 2014-07-07 11:09    63704    ----a-w-    c:\windows\system32\drivers\mwac.sys
2014-10-01 16:11 . 2014-07-07 11:09    93400    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-10-01 16:11 . 2013-04-05 11:05    25816    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-09-25 02:08 . 2014-10-01 05:27    371712    ----a-w-    c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 05:27    519680    ----a-w-    c:\windows\SysWow64\qdvd.dll
2014-09-19 09:42 . 2014-11-12 08:44    210944    ----a-w-    c:\windows\system32\wdigest.dll
2014-09-19 09:42 . 2014-11-12 08:44    86528    ----a-w-    c:\windows\system32\TSpkg.dll
2014-09-19 09:42 . 2014-11-12 08:44    342016    ----a-w-    c:\windows\system32\schannel.dll
2014-09-19 09:42 . 2014-11-12 08:44    314880    ----a-w-    c:\windows\system32\msv1_0.dll
2014-09-19 09:42 . 2014-11-12 08:44    309760    ----a-w-    c:\windows\system32\ncrypt.dll
2014-09-19 09:42 . 2014-11-12 08:44    22016    ----a-w-    c:\windows\system32\credssp.dll
2014-09-19 09:23 . 2014-11-12 08:44    172032    ----a-w-    c:\windows\SysWow64\wdigest.dll
2014-09-19 09:23 . 2014-11-12 08:44    65536    ----a-w-    c:\windows\SysWow64\TSpkg.dll
2014-09-19 09:23 . 2014-11-12 08:44    248832    ----a-w-    c:\windows\SysWow64\schannel.dll
2014-09-19 09:23 . 2014-11-12 08:44    221184    ----a-w-    c:\windows\SysWow64\ncrypt.dll
2014-09-19 09:23 . 2014-11-12 08:44    259584    ----a-w-    c:\windows\SysWow64\msv1_0.dll
2014-09-19 09:23 . 2014-11-12 08:44    17408    ----a-w-    c:\windows\SysWow64\credssp.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2011-05-09 09:49    176936    ----a-w-    c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\rry\AppData\Local\Akamai\netsession_win.exe" [2014-10-30 4673432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-29 885760]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-31 43816]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-09-01 152392]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2012-09-24 3477640]
.
c:\users\rry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2012-7-6 576000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys;c:\windows\SYSNATIVE\DRIVERS\motodrv.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 klflt;klflt;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
R4 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys;c:\windows\SYSNATIVE\DRIVERS\Lbd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys;c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [x]
S1 bdfwfpf;bdfwfpf;c:\program files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys;c:\program files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys;c:\windows\SYSNATIVE\DRIVERS\avc3.sys [x]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys;c:\windows\SYSNATIVE\DRIVERS\avchv.sys [x]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys;c:\windows\SYSNATIVE\DRIVERS\avckf.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 gzflt;gzflt;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-29 03:58]
.
2014-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-14 23:35]
.
2014-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-14 23:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-08 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-08 391512]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-08 415064]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-03-29 608112]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2010-12-14 10222080]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe" [2014-10-15 8925504]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;192.168.*.*;127.0.0.1:9421;<local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} - hxxps://w3-03.ibm.com/tools/print/plugin/gpwsx-4.1.cab
FF - ProfilePath - c:\users\rry\AppData\Roaming\Mozilla\Firefox\Profiles\wayk30wt.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=4DB91E96-E812-43DF-BEBB-413F19D35A15&n=77fc22f2&ind=2013012722&p2=^HJ^xdm017^YY^us&si=pconverter&searchfor=
FF - ExtSQL: !HIDDEN! 2013-01-24 18:17; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files (x86)\VideoDownloadConverter_4z\bar\1.bin
FF - user.js: extensions.autoDisableScopes - 14
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-GoogleDriveSync - c:\program files (x86)\Google\Drive\googledrivesync.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-Lavasoft Ad-Aware Service
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-12-12  14:24:43
ComboFix-quarantined-files.txt  2014-12-12 19:24
.
Pre-Run: 7,105,884,160 bytes free
Post-Run: 17,386,754,048 bytes free
.
- - End Of File - - FA07989BBBD048BC1C7F1AC95ABE8C8B
 


  • 0

#12
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Hello,
 

I had already uninstalled Kaspersky.

Okay. But still run the tool I gave you. It may get rid of hidden registry entries left over that we may not see.

Please remove these out dated Java versions from your programs installed list (Programs & Features).
  • Java 6 Update 24
  • Java 6 Update 31
Note
Due to multiple security problems with Java we are now recommending that it not be installed at all unless you absolutely know you need it.

Next

A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 -> DefaultScope {BD6D96EF-2C70-426B-9BB5-95017B2D9E15} URL =
SearchScopes: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 -> {BD6D96EF-2C70-426B-9BB5-95017B2D9E15} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\mskapbho.dll No File
BHO-x32: BitTorrentBar Toolbar -> {88c7f2aa-f93f-432c-8f0e-b7d85967a527} -> C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll No File
Toolbar: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} -  No File
FF Keyword.URL: hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=4DB91E96-E812-43DF-BEBB-413F19D35A15&n=77fc22f2&ind=2013012722&p2=^HJ^xdm017^YY^us&si=pconverter&searchfor=
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected]
FF Extension: No Name - [email protected] [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\rry\AppData\Local\Temp\crx75FB.tmp [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [Not Found]
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
Task: {94D03F17-F5D9-4A27-8E23-A77AF5B78FE6} - System32\Tasks\4803 => Wscript.exe C:\Users\rry\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {AA6D854D-709A-4C4C-8ADF-751B4AB99C8E} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
Emptytemp:
reboot:
end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

In your next reply post:
Fixlog.txt, located on the desktop.

Thanks
Joe :)
  • 0

#13
givemefood

givemefood

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

Followed everything to the letter.

 

Here's the result.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
Ran by rry at 2014-12-19 17:31:21 Run:1
Running from C:\Users\rry\Desktop
Loaded Profile: rry (Available profiles: rry)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 -> DefaultScope {BD6D96EF-2C70-426B-9BB5-95017B2D9E15} URL =
SearchScopes: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 -> {BD6D96EF-2C70-426B-9BB5-95017B2D9E15} URL =
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\mskapbho.dll No File
BHO-x32: BitTorrentBar Toolbar -> {88c7f2aa-f93f-432c-8f0e-b7d85967a527} -> C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll No File
Toolbar: HKLM-x32 - BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-2704821723-1422953371-2779263932-1001 -> No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} -  No File
FF Keyword.URL: hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=4DB91E96-E812-43DF-BEBB-413F19D35A15&n=77fc22f2&ind=2013012722&p2=^HJ^xdm017^YY^us&si=pconverter&searchfor=
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\[email protected]
FF Extension: No Name - [email protected] [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\rry\AppData\Local\Temp\crx75FB.tmp [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [Not Found]
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
Task: {94D03F17-F5D9-4A27-8E23-A77AF5B78FE6} - System32\Tasks\4803 => Wscript.exe C:\Users\rry\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {AA6D854D-709A-4C4C-8ADF-751B4AB99C8E} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
Emptytemp:
reboot:
end
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}" => Key deleted successfully.
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BD6D96EF-2C70-426B-9BB5-95017B2D9E15}" => Key deleted successfully.
"HKCR\CLSID\{BD6D96EF-2C70-426B-9BB5-95017B2D9E15}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => Key deleted successfully.
"HKCR\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}" => Key not found.
"HKCR\CLSID\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}" => Key not found.
"HKCR\Wow6432Node\CLSID\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}" => Key not found.
HKU\S-1-5-21-2704821723-1422953371-2779263932-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => value deleted successfully.
"HKCR\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}" => Key not found.
Firefox Keyword.URL deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => Value not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\[email protected] => Value not found.
FF Extension: No Name - [email protected] [Not Found] not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hakdifolhalapjijoafobooafbilfakh" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pjldcfjmnllhmgjclecdnfampinooman" => Key not found.
avchv => Service deleted successfully.
catchme => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94D03F17-F5D9-4A27-8E23-A77AF5B78FE6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94D03F17-F5D9-4A27-8E23-A77AF5B78FE6}" => Key deleted successfully.
C:\Windows\System32\Tasks\4803 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4803" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA6D854D-709A-4C4C-8ADF-751B4AB99C8E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA6D854D-709A-4C4C-8ADF-751B4AB99C8E}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefire" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mfevtp" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys" => Key deleted successfully.

=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========  netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


=========  netsh int ipv4 reset =========

Reseting Interface, OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========  netsh int ipv6 reset =========

Reseting Interface, OK!
Restart the computer to complete this action.


========= End of CMD: =========

EmptyTemp: => Removed 158 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====


  • 0

#14
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 8,087 posts
Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
  • Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.


    In your next reply post;
    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log
    Thanks
    Joe :)

  • 0

#15
givemefood

givemefood

    Member

  • Topic Starter
  • Member
  • PipPip
  • 26 posts

AdwCleaner(S0),txt

-----------------------------

 

# AdwCleaner v4.105 - Report created 19/12/2014 at 20:31:00
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : rry - rry-PC
# Running from : C:\Users\rry\Desktop\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\video download converter
Folder Deleted : C:\Program Files (x86)\adawaretb
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Program Files (x86)\BitTorrentBar
Folder Deleted : C:\Program Files (x86)\video download converter
Folder Deleted : C:\Users\rry\AppData\Local\Conduit
Folder Deleted : C:\Users\rry\AppData\Local\VideoDownloadConverter_4z
Folder Deleted : C:\Users\rry\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\rry\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\rry\AppData\LocalLow\BitTorrentBar
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\rry\AppData\Roaming\Mozilla\Firefox\Profiles\wayk30wt.default\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FF48DBA6-5DD8-4D10-9EB0-0FA968502E66}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 en-US)

[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=4DB91E96-E812-43DF-BEBB-413F19D35A15&n=77fc22f2&ind=2013012722&p2=^HJ^xdm017^YY^us&si=[...]
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=4DB91E96-E812-43DF-BEBB-413F19D35A15&n=77fc22f2&p2=^HJ^xdm017^YY^us&si=pconverter");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", false);
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.user.defined", true);
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013012722");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm017^YY^us");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "4DB91E96-E812-43DF-BEBB-413F19D35A15");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1395429247897");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "19019");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[wayk30wt.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "[email protected]");

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [8563 octets] - [19/12/2014 20:27:54]
AdwCleaner[S0].txt - [8776 octets] - [19/12/2014 20:31:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8836 octets] ##########
 

 

JRT.txt

----------

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by rry on Fri 12/19/2014 at 21:54:50.23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ad-aware browsing protection"
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\rry\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\rry\AppData\Roaming\thinstall"
Successfully deleted: [Folder] "C:\Users\rry\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\rry\appdata\local\thinstall"
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{00810D79-09CD-4EA3-8B31-B507AD9B70F8}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{01495BF2-C046-4715-B6C0-DB54BABBF420}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{01A2B9AD-97D7-4A8A-8F68-C9AF1D60FFB2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{02899B45-8AAD-4E78-9078-459186832890}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{02BAE617-85EB-4C93-88A1-22800B57907A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{040B48B5-B040-4C0D-BFA2-DFF5E50F3AB7}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{0488C9E8-BAC7-4972-9257-62BE4A620104}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{054F6BC4-BAE5-450A-A99D-87D9C79F726C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{057B39AB-1E0A-4D9C-B66F-CA1ACB616D8F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{06546DB5-CFFD-46DD-A196-9279C37AE226}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{069EF9B2-3D61-4404-9B4E-D4AD749CF201}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{06AD5EF2-D15E-4C20-B60B-119C39175A83}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{0716F4C2-B8D6-42DF-801A-EA27FE653C91}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{085D202D-4AE8-4473-B418-B359BC0B9FFD}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{096A4C9B-AAB2-491A-9462-4ACC264F13FF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{0A98918B-533D-4047-9B85-1A6A9E21472B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{0AB93262-672A-4A1F-93BC-73AB734BDA37}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{0AFB2D1B-DD90-45A8-8044-A09CB6C29500}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{0B7727E7-84FD-4DBF-96CE-ABAC44CEAE90}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{0D6B143C-6C1F-4042-A45A-C1A556A6C761}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{0DE8804C-4987-493B-9A9D-954323113C5F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{0F7054F9-B7CB-4911-B297-FC382963EF32}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1115E57A-494F-4E5C-AAE7-FCA71353C25A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{117B9590-1255-4150-9F11-CF460AD19DC5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{12722F75-6FC0-42AB-9533-488717633103}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{13129723-48DE-4167-A051-211CE580DF30}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{145082B0-5D4A-4CCA-AF42-8540FCDEF82E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{15453A96-B4E3-4D86-B06D-9BABE1E2896F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1575809D-49C5-4BD9-A29B-7E6479E287E4}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{164D3C0D-F8B9-48E5-82FE-3E307FC08D7C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{17EFF792-5674-4804-BF0F-5B760A0677F9}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1880892F-23E7-4E25-ACB8-8D276E5BDF2B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{188717A3-1357-4289-B8C3-4BAC86B03789}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1902D718-0D89-4D92-8282-FA98F8964F73}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1914965C-6AAA-429F-BD9C-A146E9FB3F11}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1A241961-C8F5-4871-97FE-2DE619CC0108}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1B805170-DAD1-4465-94CC-C367FB19D9CF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1C2FA0EB-FCC8-40E0-9EC4-D65D4C7D3BA2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1C4D50DD-9B0B-435A-BFFD-EE86DB2DE101}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1D053FFD-BBA0-4880-9A6C-3A8BCF78E51D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1D2C52B4-775A-4059-95BE-7D24F0C2F2FE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1D4EC644-BFF2-45B3-B897-5EB52F85A64D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1ECFD161-AA56-4694-A594-38A2225BA1D2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1FC64256-4BD4-4001-9EEE-BA9A9975AF65}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{1FF2BC87-6C93-451F-BB2B-1208E59F1936}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{20F96155-A27F-4D68-BF5A-5705E1D0CC76}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{21379102-88EC-4E4C-A2AD-A695000598DF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{21B27753-6D7A-47F3-8E1E-8CC21636E02B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{2383568B-534F-4C12-9FFE-69BA14B2798A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{238C63B1-E887-4B77-AEBE-61F9AFF15541}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{24DB7F6B-45FF-499A-85DE-87B8BAC20BE0}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{2613758B-108E-43D7-9981-8BC56A0E1B39}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{26367092-A68C-4363-9254-5B33E9926A52}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{27FE3D5A-1D4F-47C1-B266-24A45C6EA309}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{281D38A3-B66D-4F18-B92F-AA29B532F04B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{286B7753-CB76-4352-9EC6-E18329426361}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{28CEC612-6A41-4607-9B48-54D2E350F23E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{2947F31F-855B-41AC-BCA7-E45517C63094}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{2A1B5953-FB2C-402A-BF91-0BF5C07B4134}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{2A733109-18F6-47DA-8A54-301814F262BF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{2C6AD8E2-8FD9-4ECF-80F8-47DA058FC6AE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{2D04085F-FFF8-486D-97FF-BFD86B7B9875}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{2EF04DE1-68BD-4A1E-A2A1-9F44ED079759}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{2F7B5B85-D668-4998-AEF2-5EA64454A9EC}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3042064D-F640-4E87-9FA7-03283A8DC6A8}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{304679A4-1341-4CA8-A625-1330B19D4190}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{30DE1C78-78E0-49B6-9EE5-54446B9A2210}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3156061E-61D9-4B1B-AEA5-3FF53DD057BE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{31EF32CD-9A46-434A-96B4-740328E4E5C2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{321740DB-DD61-4438-9566-E54A48111EF3}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{32CD27DC-C22E-4455-9E88-B81A08543330}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{33519ABA-C3F9-4F02-AD69-92730837C231}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{344E732D-25C6-43CF-A7E0-465EEFA17D1B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{34BA4472-0EB0-4FDB-8A29-1D16F5F80504}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{354E5BB4-BFC7-4AA7-B139-780766938E5D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{358E1B62-570C-4426-A9CA-ACE2B3D9DB82}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{35ED4223-F3C1-44D5-BCA0-0EC589398ED9}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{35F2C0C5-113B-4894-AF86-232A78A1C613}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{36038A25-58E1-4843-BEDE-CB782B980D5F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{373EA478-9577-4DF8-B34E-6E1E3AA400E2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3741F5A8-B0A4-4EFF-B295-5A988042E4A1}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{375A3535-5731-4A8B-AA2F-4A8D3C9B9B03}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{37B5A1B2-5CEF-4453-B3C0-5CA823905460}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{37B5E71C-307E-44A8-827C-B15EEF1BE3A0}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{37F3ACB8-1A38-4BA9-9BE7-5F4C6FAF0010}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{38BAAC77-2526-4932-AE6D-B47EF5B8083B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3913E7DE-EE86-494D-A995-F372715C6E5C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3AB2C631-3D4C-42CE-B27F-CF763E3C3BB6}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3AE49329-F81F-409F-A89A-3698BE7D3A1D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3B1E1161-CF1E-4D80-869D-21B6EF910B05}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3B5B5DC6-C9CD-440E-93BB-661DC90DC42B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3B876588-0566-4A56-AB9A-BC6CE8376C04}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3BCE286F-12D3-4225-A781-7DC3C1B8B604}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3CB48082-66CB-40A1-96B2-7C4AD1C84606}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3CD09F73-919E-418A-BE6A-9B3CB2720ACE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3D367A8A-6419-4505-9445-9FD87B227EF4}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3D6BC034-5242-4450-8DA1-4757BAAF81F4}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3D72DE9C-0A5B-4F8D-82D4-593B4DB3A530}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{3F32D930-DB95-4DE2-89A4-85F5E13AE04A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{40463587-1B8A-4CE0-95EC-CBC43192739E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{4097A827-8996-48A6-8F30-2ABD548E2626}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{40DF4103-2840-4828-A0A2-3C7E984CC549}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{413BC102-45F1-4A3E-832F-CC67E8C0F1EE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{41BDD851-7024-4855-8375-7C43336BB985}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{42068939-2B20-490A-A0F8-1D8049E8B96B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{422B817C-22A1-4720-9DBB-5722196DE175}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{429D6122-7E98-499C-87D1-2D8808D494D9}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{430816C5-6350-45F4-945F-2DBC952A1E05}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{431AAC24-8D02-43B3-89EE-63AE81017543}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{441EDDF9-6FA0-4BF6-B47C-FF6297AB13E9}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{442936D3-B900-4DFB-A256-CAAA4117F507}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{443E520F-F0BD-4678-9860-8A4D951D07FB}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{45BDF747-9063-421C-9C83-2236916473E2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{462674D6-4856-42D8-8A17-B4EF93093EB2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{46968EBD-22EC-4755-8902-E4E8353F7175}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{46A80813-D025-4CBD-B158-2F04C8B522BB}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{475BEEFE-36D4-4DE7-A7FE-DEFD6CA59F3F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{482F9613-F7D8-4B47-BD23-BDB521CF0592}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{489C19E4-D38B-4139-BC83-F674F1DB872E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{49888ABC-D49C-4F23-89F9-06144CE3C46D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{49A8CA80-4DB5-49C1-9258-22B7C6BF9620}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{49EFA572-D8FD-47E9-BC1B-14D143E21ED7}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{4A367A27-004E-489E-81CA-50694566CC86}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{4BBC246A-BC53-4907-94E8-C57DF40F35A5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{4C6B1C13-4C56-4027-9F72-55B8C84E559E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{4CF634B9-98AA-4433-B1B0-E08CB5C77171}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{4D19BA53-BD7D-40CB-B30F-7E6178BD77C6}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{4E0F0596-93C8-4443-A6E2-C2D61E544C26}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{4EB5A32F-37AA-4AE4-8832-5C19387E53A4}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{4ECCDBAA-8CDA-4FCB-870B-1965C55B7C9D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{501CD0F4-D447-46B9-96E2-7FA28E7213B2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5029A667-F0E8-4ACA-8FDE-94BE456C156F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{507354E7-2627-47B5-8E97-9B11F44C69C0}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{50A628F6-24E2-4D3F-A462-98ED670D5E7B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{51130C68-5554-4DF9-8100-BCCF0642FC8E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{51F5134A-A9F5-46B2-A43C-93F17F8F50E5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5236B8A0-71D1-4145-9FA7-6CCAC8059DDF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{533EA6D9-384C-4D24-9DDD-7F79551B1430}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{538A3C15-1A77-4284-9932-9154B50950CF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{53E131E1-11EC-491C-A5B6-0F1C5B721531}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5472F97B-3CD4-4CC3-884D-513DC63D8FC5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{54973F8E-206F-4244-A1E2-F2AF43E597D6}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{551A96D6-CE5C-4A26-8D6F-A6B085F7DF32}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5523FB9F-614A-4D20-8141-FC2BD618AC6F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5662331C-C4CC-4DF5-ABC8-6E509A723B9C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{569FC719-4984-4A58-898F-1F80C94528D5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{57D5BDA9-EDDC-4E68-9DD4-5D02E39E86F7}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{57FE3D50-9802-4E42-BA14-7485CE85F566}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{58BAB981-40DE-4057-B1C0-872B340209CC}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{58F25D7F-ABA8-4CF3-BA4B-CF1E51364A1A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{59D24427-9B92-416A-8453-4F12944C438D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5AC9C3FF-10DA-4AC9-8F71-0B017F882771}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5C9B1FDD-0A59-43EB-AE06-49BB89C890B2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5CC6F9E2-FABD-45A6-92C1-D54A5AED2B94}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5CCEE8E2-3E1A-429C-A7D6-66D5F19CAE69}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5D8EAFE2-C3BF-4C54-AD35-C988D2B80B2F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5D9EF7B5-FF58-4399-9C38-8028CFE24770}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5E1DB09B-A28F-4C04-9EE4-0416A8685E4C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5E559257-F2D4-4FC9-820C-DA41C40EEAA7}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5EBD0502-CC36-49F4-B30D-FFAB0296FB0B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5F4477AF-738A-4DEE-9114-42B1CC424BCD}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5F5CED35-20C1-4C96-8ED4-8F9F5D016F1A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{5F92A0C7-C502-452B-9119-387EE22EF9CF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{600D4BDA-EF86-4CB4-AA04-40D509D31219}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6194AC37-0AF2-4361-B1A6-457AFC57B28F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{61BC9A23-F1AE-484A-8D56-22C3873850B4}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{627946ED-4DCA-4243-8FFF-AA8B12A8EEB5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{627C496F-5C47-4A15-BEB6-4CC46B280007}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{637C427A-0889-4D66-973F-7D02ACE1A6FE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{64188DFE-F70A-466B-ADB1-F8E6A6A8782C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6449CEF1-1F03-44A7-8D5A-00C91856C868}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{64612AB9-06FC-4508-8F63-2911DA7B93BA}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{64D2CE4D-BAED-4793-814D-ECDBA608965A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6538E772-0545-4D94-871E-BFE5FB4B2E49}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{65C466B9-B54F-4362-8A96-487A471BCF54}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{65FCEC49-ED5F-42BF-A5FD-8EE627932440}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{67A5F16E-2AD4-4B74-BC1D-7DA3474AE884}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{67D775F4-656B-4200-AD42-554E2118F605}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{68DD079B-D551-43CD-9BDB-C6BFB0BEC6D3}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{68EC5046-0C83-455F-A147-7AF39C081B12}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{69C612B2-B8CE-4283-8FDE-7D9FDC03BB46}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6A6B6CB8-063D-42A8-BB04-B0B13885432B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6A7AB145-1797-40E4-9C7B-E724C416093E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6A8B87B5-59C3-43F7-ACB6-11BADE28E5A8}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6B2F3BFC-49DA-4701-9D51-AD91384C3482}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6B6F6037-79A5-45FE-BF1C-3598375077CD}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6C777305-13BB-4F19-BA9C-AB0C338B0DBD}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6DB50820-48BF-4C71-957C-DF672925A544}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6DF033D9-97E2-4FF8-AFC2-89B826F27199}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6E38FEE4-A236-4789-99ED-D9456406FE10}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6E92C3B3-93BE-45D8-8CCA-DD62BA9F999C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6F47DEF2-0346-49F8-9C4F-0C977C1D6F30}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{6FE8F791-EE9A-42B8-B608-7D2A124CF9A2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{710FA6CC-1803-44E0-9BE9-25D0EF0145D8}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{719D3367-5E22-4114-8A09-3242B1629D38}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{722BC388-67F5-4008-BA64-E58B917B6350}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{74175767-3250-42C1-92F5-D0290874B644}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{749C9558-7BBA-4A96-9E32-7CD96372FF96}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{74BB7B98-DEF9-4FF3-88C6-BC416BA2BCCB}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{76127B83-03B7-4C96-96A9-778848E4418C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{767C43F4-7008-4ED6-8C8C-75C3EB7C3B2B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{777F6D51-2519-4C9C-A9BE-CDD4F269AA2E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{794D0118-10E7-4D29-874A-6299E5FC439C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7ABDB4DA-67B7-41E8-9733-BB4031429551}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7B5F7175-5776-4529-9DCC-2212144C2260}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7BB6B00D-2B4A-43C3-AA47-9D3C1F5B06E6}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7CE52DAE-24E0-4C8C-8801-237FC681FA46}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7D099772-AE7B-410B-B569-E2143D323000}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7D243D69-7CB7-4FF0-BC91-F237EF29C7EA}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7DCEE9C7-48E2-4D7E-BCB6-5EFD25C62AB0}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7EFCE21A-62F1-4D5A-A087-38925C110299}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7F34B06B-6357-4C7C-B565-F2A10DFC83BF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7F40545A-9BE2-4915-9158-65E29A8497C3}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{7FCB9F50-E486-42C8-8628-A620C8D50224}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{80797746-FFBC-4221-8F2E-8BB5413C3785}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{80F25313-5A9B-4067-B34E-CEA259F7C5D7}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{816873B5-46D6-4F22-A887-BF614BB98739}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{8222510E-D5FA-46B6-B5EA-74DD103F7094}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{83996437-5941-4838-9DAB-DBA3D83F293E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{83BE780F-4A14-4B51-82FC-DFDFD220B552}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{84A79771-0EB2-4141-8935-50783B9F078D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{85A7058B-143C-4B54-91A5-9C79F1E5B43F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{85EF60A9-EE08-4C2E-B0B1-B65989717051}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{8613FF59-727F-45E1-BEBD-8435E2FBFF4D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{86FA9CAB-E754-44BE-8283-3B929F0703A5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{878B5879-62AA-4BCB-9A9F-B1DAE9F52DE2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{879DEEE0-9E81-473C-8A10-D4E9DBA6D973}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{88089EF2-A2EB-4220-B662-252961724451}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{89296A10-75B0-43A7-905A-46C6CE38FD69}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{894793A0-1C8C-4CEF-B980-F3B61B6E0E32}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{8AC9F50F-07C4-44AA-A42D-25AE44A388EE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{8B7511AC-F539-47EC-B81B-2420248CAE73}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{8C0839BA-EBD5-4DA5-89D8-4F5A5CCD0B30}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{8C1DCC50-A93C-4BAF-91CA-DE2FC978300C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{8C575F24-6C40-493A-ABDD-1C7568AD3A75}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{8C84343C-6CB1-467B-9419-18939FE4CECD}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{8EEE6A1B-19D9-48F1-A7C1-EB9DC2AE3502}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{8F4A2F14-7C94-416E-9139-E3FCE466A2DA}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{90B0D007-4417-43A6-9D7A-935351F1BAB4}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{918074CA-2E2B-4000-B46C-C4799563E38D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{919DF5C7-CF4E-4CD6-A441-9BA002AB677F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9314A1AD-0583-43F2-9D5C-D1683303B843}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9355F861-044D-492D-9E3A-BFBD26B29E23}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{93B69E0D-E7C6-4585-9EFE-ACF8FAE34227}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{93C5DB58-22E7-492A-9294-3E3038FB8274}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{94527443-725B-47A9-B4B1-062A4D16ACBD}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9479C291-662D-4A72-B937-B5D19EC4068A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{94961A9A-451F-4291-8673-29E9B8B75AF2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{94BE4B99-620E-4F7C-8FAB-CB0A2B54DDB6}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9550DD81-E8EF-457B-B3F2-6A7E4CAD795E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9654BB64-329F-4DE0-8D21-E57FF7234D07}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{96D24363-CC15-4ABE-8D61-439909258804}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{982D8DBA-1B41-4A36-83C1-5444B9583D8B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{989A16F0-EB93-4742-9461-7E56A245CDE4}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{98A97591-0974-4FB7-9B84-4428D3A54A2D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{98E496C8-93EE-4341-AF44-F7F3A25CB370}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9A2DED14-223A-4996-A450-8301674F86C2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9B05E22B-9169-409F-A6E3-1D444B8F34F4}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9B917208-73BF-4123-AF91-4B7E112E35EE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9C2E58FD-3B5F-4D9E-9943-1B19769A0184}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9CD5C60E-2A52-4CD4-8BEE-9F371667509C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9D03C2D3-32E4-4778-96D5-382D13779743}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9D62662F-D6AD-462E-A8EA-57AC3EB49E05}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{9E63A417-0132-4FCC-8252-95FB7251486E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A02C3024-760F-4115-9D39-17938CEB9D5E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A0D410F6-9321-4AF3-BD72-36BFF1D7EC86}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A0DEFB9C-5F90-464F-AA95-5B98283489CB}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A16DA610-D1C8-44AD-BF5E-DFC163C8CEA0}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A4DA7FB8-C204-43C5-A3AA-8BC0BA39EC78}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A51DF676-9D7C-47B8-8A7C-6D01C36387FB}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A70C0D21-86A5-4937-8A17-4DF6B2EEE1FE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A7915250-454F-4FAC-9055-0FF9DDF5F743}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A80DF764-F41E-4B3B-9E5B-360A056EF8DF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A88D0A78-835E-44C8-82D1-FD91BE4D3189}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A956EE8E-EFDD-4E36-9B3E-AF2548644038}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A993C0E3-F5A0-4D76-BC8F-72AB23EB348B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{A9ADE03F-4D0B-46C4-A0A4-B72D26117332}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AA179136-CFC9-4964-92DB-75B9D0FB5626}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AAAB9C01-0A07-4EDB-B418-8A3E2489EABF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AB6AECFE-A5EC-4276-821A-A17122C318B0}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{ABF50F53-1ADC-4BCD-B363-3F4EF6513A0B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AC029468-3784-4B0F-9207-2DFC147A518A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AC51609E-1CEC-40A6-8F93-318C1E3BC03D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AC5E5138-E1DB-43C4-B539-FC981F075F56}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AD031BAC-7E77-44C0-978C-E0F50502C633}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AD6C1D80-5F19-4774-808B-07ED5E02C6FF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AE7D0D5C-19A2-4ADD-A939-27B9B9713B06}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AEDEED10-24B6-4B20-BA5C-4D90CBEC37B4}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AEDF9C3C-52EB-4DC2-B32D-AD85C8B9CD97}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AF5A1D73-F284-4314-B814-553BF59E493D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{AFE064A3-9E86-4710-A7F8-CD5E03645E08}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B0538FC3-2EFF-4CE6-B150-C87547B9C0FD}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B09D9702-BD52-4A8D-9B41-306F9B2E595A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B212C487-94F6-468C-B683-96119331C358}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B52E6D6D-5F96-41F8-9FAF-9FEA2604B4F5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B55D21F2-5DAF-4C04-B306-2BD2160BD4C9}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B5798A5C-4F07-4599-BEF8-4A43CA8E2778}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B5DA1C82-CB11-45A4-BCEB-A0462BF38E84}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B8026DF2-4874-4AA2-B1E7-8738F581BB27}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B80C6423-1F84-4C05-863A-5003B0A836A0}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B850FD5E-FEFE-4DD7-AE11-D86A4E6F88AA}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B981E6A0-DC2D-444E-8100-4EBD9A1F6257}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B98EC868-2FD6-4B9C-8F04-8D481C406E58}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{B9A55CB8-BE0A-4C69-9BF7-42311383B6E3}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{BA8F3808-CE5B-46C8-BE8D-F65A757C9839}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{BB50323B-3D34-479A-8E0D-5DAE9070175C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{BB538044-BEBF-4F71-8948-370B880801F2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{BB6F45F9-DBC2-4AE1-8B4E-AB6A5B645887}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{BC638DBA-289F-4563-AE73-4575B9029D78}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{BCA54DFE-AB9C-4E14-9201-364A2392B284}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{BD9BF166-67C2-45BB-A80F-58F6A556B065}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{BF398449-8914-49B7-A4FC-48827C0D929F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{BF95C937-DCE0-4122-B4EC-892758D2AB3F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C021D07D-75ED-4DEA-A553-B39602A28F55}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C0556288-AB68-4579-A72E-4690189796BF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C1C8AC00-809C-4631-9C0E-3DE314D7CE9E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C1FE9EF8-969C-4CF1-AF09-A58E05B89615}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C2533055-682A-4827-AB6B-7470135082E5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C2FB7236-57CB-4BE6-ACDC-9485F1D1D9E5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C3003FC8-CB8E-4B20-AB4B-DCD803F5A612}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C396C91A-1AE3-455F-AE73-0BD7CB591D5B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C39D8085-DC1A-4266-A43A-64981D6B0EA7}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C3D7C81B-7E2B-4A7C-BD35-17F272E3C767}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C5B0E7DD-043A-44AB-8DA5-BB025DD7C801}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C6B737E9-C5C7-4AC9-9135-5F43BE1E6DE5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{C88C0283-EAF4-4BC3-B7B8-7C18EF4F69B1}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{CAB85F00-377F-44F5-B358-93D10A53ECD0}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{CB5624EE-5C82-486A-9CF1-543A61B4DDC1}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{CBCAA986-777E-4B02-9C8D-FB937C117471}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{CEAACAC9-01C9-4C54-8EE9-6E143AD0658E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{CEBD2F35-A9F1-478B-9868-B3423F0228CB}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{CF622614-353E-42D9-92F9-AC884FF24CE1}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{CFA09D30-9197-4E28-89B1-315C682A813F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{D13B060C-8274-4452-A20C-D1968CE3BE65}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{D1F83829-3DF4-4F70-B463-A631778F57FE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{D273534C-FAF4-44A3-90A0-41E648CF0D18}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{D31A9C2D-F6F8-4670-BF46-1CAF7514DFC9}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{D42B3178-DF10-48B9-B8FC-E2F806CB19DA}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{D4630AA1-9722-42D6-A45B-FF9DFECFEE21}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{D5FA14BF-C58E-473A-9F6A-773C02197292}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{D6717F5C-2C4A-4DAE-A58D-78F708B4CC27}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{D6F5607D-88D9-45E7-8429-C953187DB558}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{D8D8B608-F3AF-4197-A0D8-696FF3F790CE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{DA3281EC-9A45-4946-8459-21BF9E483647}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{DB534915-BA8E-4F4A-8E6B-C38B71D97C85}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{DBC7BC27-CA0A-4F9F-8900-F7B7CF27D4C9}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{DC7281BC-9CAC-4DED-ACDA-5E2DC45CE3C5}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{DE7CAC46-B2F2-4577-A901-732F54B631AA}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{DF47E6AF-3EA4-443C-B84D-BF73AD82C773}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{DFF24576-1A0B-4582-A0DC-B5B3FFF74E66}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E0FD818B-97BB-4953-A609-930E29E545F4}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E156A59F-4ABE-44A9-83D1-692F080559FD}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E26090DA-8103-48AD-A914-965C5043C64F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E282FC94-B4A5-43E8-95B0-20B5B1C8BAFC}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E3121EA1-368F-497A-AD78-7ADDF63BFC4A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E3340532-D6F5-495B-8353-75523DF54E55}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E4B1AD76-7744-4AEC-95E9-3EEED616273B}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E4B67D93-8B11-4AD7-9F6B-6B485A9C207F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E4CF9BD2-0CEF-4DF7-BAB0-9C37920BCA7A}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E68BAF05-B5EF-46AA-89ED-1DE40D3292C7}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E70D5345-49B1-402E-84E7-722AD8B6A8A9}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E84DA28B-7939-4E7B-B9F9-2393460602BE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E8630D20-FD0E-46EF-8DE3-EF6DEB88AF06}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E936E9BE-10E3-42C2-8A56-40E8CB3FE453}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{E94FF0CA-BF9E-4D55-84B1-B3EEE7C55762}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{EAFE9CBB-EF92-47D2-A560-B815CBF29037}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{EC3D696B-EEAF-4E43-B12A-960D9B8A5C5D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{EC577529-3F47-4FF4-A64F-C46A77EDDBCD}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{ECBC56AD-31FA-4CE6-ADE8-1E51022CB837}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{ED9CC9C2-A598-45C6-9DB2-924C1C14ACE2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F00D9825-4E3D-4725-9026-33368592BCDF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F080D06B-0BA9-43B5-81E8-4807FD1C7730}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F18C93D6-5255-41C4-92C5-614A1C195D29}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F1ECD27E-7528-4D5F-8F33-668611DB56E9}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F49F3639-693A-4F31-866C-51688C58AD5D}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F4BB4390-E9A1-4D8A-A455-E9018D5AA467}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F50DE317-EA31-4905-9BAB-0ED52E46A07F}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F5BEE1FD-684A-4209-82FC-B4D4976E8D30}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F5BF3312-1FF2-4A00-B478-4E02FD4C09E9}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F5C86C59-F40F-4014-A565-B3C8B3239FA7}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F621BE0F-42AC-480B-9AA0-B37ECF238FE3}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F6DEDC2C-0B89-4DEA-911A-441C00253D57}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F6F073D5-58DB-4234-A465-F29C7FC80CA3}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F6F7AE36-F5B9-4C9C-8987-D985DBC411E0}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F70E451E-AD40-45A3-B68A-8BD4A7D29AFF}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F7AF2152-B32E-4693-B20B-311FC53A5448}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F8680447-716A-4194-94B6-0606910F04E1}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F87488F0-BFED-4FB7-A4A6-7DC455B868E6}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F8CC4E72-2809-4504-9FE4-99FB323F026E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F8FE866C-B70C-4163-9E7B-6DB842E9CE3E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F956C8C8-1398-4CFA-8EC6-E0E7CDB9E435}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{F9B4DAEC-23D9-494C-A28C-E883E1067DCE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{FAC89007-DB68-4C57-BD80-EE98F953D8C0}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{FB427DA4-3463-449F-8458-8BEAD3C8B52C}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{FBB50545-6DC5-477A-B92F-848A377AD5E2}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{FC3804FF-5298-4420-9DC8-AA5F127BB234}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{FC6A0E40-BABA-4F9B-BD23-06711DBEC68E}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{FD52CB4B-F60B-4BA0-BB55-100EF5038197}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{FE2079D4-DE93-4C75-962A-3BCD140FB9DE}
Successfully deleted: [Empty Folder] C:\Users\rry\appdata\local\{FF0D091E-CCDE-4AD8-B291-982953E34B8C}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 12/19/2014 at 21:57:50.44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP