Solved Win64/patched.A threat messing with my system

J

JKJones

Posts: 19   +0
Yesterday I downloaded a few files and I recall at some point one I got something saying some thing along the lines of "Services and controller app would like to connect to the internet" and I allowed it. This morning I'm getting a bunch of threat alerts from AVG telling me that C:/windows/system32/services.exe is infected, yet no options to get rid of it. I ignored this for a while and now I'm getting different threat alerts talking about backdoors and trojans and whatnot, google and other obliviously safe sites being identified as malicious, random audio files being played, different things popping up asking for permission. AVG says the threats name is win64/patched.A. I have no idea what to do, help would be appreciated. Heres all the stuff I'm supposed to do.

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.14.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
JKJones :: JKJ [administrator]

14/07/2013 6:50:06 PM
mbam-log-2013-07-14 (18-50-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 284843
Time elapsed: 22 minute(s), 46 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> 5036 -> Delete on reboot.

Memory Modules Detected: 1
C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Delete on reboot.

Registry Keys Detected: 21
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Quarantined and deleted successfully.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Quarantined and deleted successfully.

Registry Values Detected: 4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Browser companion helper (PUP.Blabbers) -> Data: C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 -> Quarantined and deleted successfully.
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Quarantined and deleted successfully.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Quarantined and deleted successfully.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 4
C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> Delete on reboot.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Quarantined and deleted successfully.

Files Detected: 85
C:\Program Files (x86)\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\Local\Temp\pricepeep_130001_0101.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\JKJones\Downloads\FLVPlayerSetup_MMM.exe (PUP.Adware.Installcore) -> Quarantined and deleted successfully.
C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Quarantined and deleted successfully.
C:\Users\JKJones\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Delete on reboot.
C:\Program Files (x86)\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\updater.ini (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_83.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar183.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0e9d25e4292d98ba32a6fe97d13727da (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\0e9d25e4292d98ba32a6fe97d13727da_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2d974ac953014884136c9d1e3e60e88b (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2d974ac953014884136c9d1e3e60e88b_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2e74403c227112bec523796d5a77d77e (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\2e74403c227112bec523796d5a77d77e_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\34551036bc3f914365494bfba21e22b3 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\34551036bc3f914365494bfba21e22b3_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\35be5402f067ffc68e907e81a84fb1f3 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\35be5402f067ffc68e907e81a84fb1f3_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4468a69fab52be44633277819d2769e5 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4468a69fab52be44633277819d2769e5_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\5408239ba224620fe9430fa7e1ccfe35 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\5408239ba224620fe9430fa7e1ccfe35_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\740ef46a3ebcc6c5788c773f32cc9b53 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\740ef46a3ebcc6c5788c773f32cc9b53_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\758b14a5f80e224d51582746d31fff04 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\758b14a5f80e224d51582746d31fff04_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\7efb9aab6fcb49f138e15f423901eca1 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\7efb9aab6fcb49f138e15f423901eca1_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\80bdd74895296ba59ed249e55290d5c8 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\80bdd74895296ba59ed249e55290d5c8_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\82e860d8be1ad29b10cec9faf04916f5 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\82e860d8be1ad29b10cec9faf04916f5_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\9042735b0a03cc0cbc1dd8ecd0cac9ea (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\9042735b0a03cc0cbc1dd8ecd0cac9ea_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\91ed24cba47f3cabaaaf7bdb0e620066_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\953da8e419e22f1346e1c44b4fea115d (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\953da8e419e22f1346e1c44b4fea115d_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\998b6d8279010664133f982651782355 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\998b6d8279010664133f982651782355_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\b5a0035d59ed62ea458d6ab3b1e14240 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\b5a0035d59ed62ea458d6ab3b1e14240_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d4e14468ab597a9937d3a03727ecccaa (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d4e14468ab597a9937d3a03727ecccaa_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\dc6668d28979688b1e2066d1dcaef0f6 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Quarantined and deleted successfully.
C:\Users\JKJones\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Quarantined and deleted successfully.

(end)

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635
Run by JKJones at 19:25:38 on 2013-07-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.5612.3230 [GMT -4:00]
.
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\windows\system32\svchost.exe -k HPService
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskeng.exe
C:\windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Switcher\Switcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\JKJones\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JKJones\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\windows\system32\sppsvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\windows\system32\NOTEPAD.EXE
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\windows\SysWOW64\svchost.exe" -k LocalServiceDns
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8EDA33F5-56A7-11E2-B7EF-B4749FFD668A}
uSearch Bar = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
uSearch Page = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
uDefault_Page_URL = hxxp://samsung.msn.com
uSearchAssistant = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
BHO: Samsung BHO Class: {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Codecv Class: {DD547721-AFCD-878F-0951-9368D3ACAD4E} - C:\ProgramData\Codecv\bhoclass.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} -
BHO: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Community Smart Bar: {ae07101b-46d4-4a98-af68-0333ea26e113} -
TB: DealBulldog Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} -
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [Switcher] "C:\Program Files (x86)\Switcher\Switcher.exe" /quiet
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Google Update] "C:\Users\JKJones\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MurGee.com Auto Keyboard] C:\Program Files (x86)\Auto Keyboard\AutoKeyboard.exe :silent
uRun: [AutoTyperMurGee] C:\Program Files (x86)\Auto Typer by MurGee\AutoTyper.exe :settings
uRun: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [AdobeBridge] <no file>
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {328ECD19-C167-40eb-A0C7-16FE7634105E} - {94BB0C4C-B957-479A-85E4-42F53B89F681} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
LSP: mswsock.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: NameServer = 64.71.255.204 64.71.255.198
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3} : DHCPNameServer = 64.71.255.204 64.71.255.198
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3}\2454C4C4231313 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3}\351696E696D27657563747 : DHCPNameServer = 64.71.255.198 192.168.33.1
TCP: Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3}\452554E444E65647 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{C10B2787-67F7-4AC5-AD6C-87C0903AF9FC} : DHCPNameServer = 64.71.255.205 64.71.255.253
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
x64-TB: Community Smart Bar: {ae07101b-46d4-4a98-af68-0333ea26e113} -
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [MRT] "C:\windows\System32\MRT.exe" /R
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\JKJones\AppData\Roaming\Mozilla\Firefox\Profiles\avw53iy5.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\JKJones\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Users\JKJones\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
FF - ExtSQL: !HIDDEN! 2011-10-17 01:07; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2011-7-17 78976]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2011-7-17 38528]
R0 AVGIDSHA;AVGIDSHA;C:\windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R1 Avgfwfd;AVG network filter service;C:\windows\System32\drivers\avgfwd6a.sys [2011-5-23 48992]
R1 Avgldx64;AVG AVI Loader Driver;C:\windows\System32\drivers\avgldx64.sys [2012-11-8 307040]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\windows\System32\drivers\avgtdia.sys [2013-4-11 384800]
R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2012-11-8 45856]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2011-7-16 13824]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-7-17 204288]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2012-12-5 2321560]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-6-26 1598128]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2011-7-17 115216]
R3 AVGIDSDriver;AVGIDSDriver;C:\windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]
R3 AVGIDSFilter;AVGIDSFilter;C:\windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
R3 BTWAMPFL;BTWAMPFL;C:\windows\System32\drivers\btwampfl.sys [2011-10-15 349736]
R3 btwl2cap;Bluetooth L2CAP Service;C:\windows\System32\drivers\btwl2cap.sys [2011-10-15 39464]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2011-4-14 31088]
R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\drivers\ETD.sys [2011-7-17 138024]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-7-16 533096]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-1 183560]
S3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2011-7-14 289704]
S3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);C:\windows\System32\drivers\HPMo4DE3.sys [2012-7-30 25088]
S3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);C:\windows\System32\drivers\HPub4DE3.sys [2012-7-30 18432]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\windows\System32\drivers\netaapl64.sys [2011-8-2 22528]
S3 Samsung UPD Service;Samsung UPD Service;C:\windows\System32\SUPDSvc.exe [2011-7-17 166704]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 VSPerfDrv100;Performance Tools Driver 10.0;C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-17 68440]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-10-17 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-07-14 22:49:23--------d-----w-C:\Users\JKJones\AppData\Roaming\Malwarebytes
2013-07-14 22:45:37--------d-----w-C:\ProgramData\Malwarebytes
2013-07-14 22:45:3625928----a-w-C:\windows\System32\drivers\mbam.sys
2013-07-14 22:45:36--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-14 22:45:04--------d-----w-C:\Users\JKJones\AppData\Local\Programs
2013-07-14 21:49:22--------d-----w-C:\Rustbfix
2013-07-14 21:16:46--------d-----w-C:\windows\System32\MRT
2013-07-12 19:03:59--------d-----w-C:\Program Files (x86)\ReNamer
2013-07-11 01:13:219216----a-w-C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 01:13:2154784----a-w-C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-11 01:13:214608----a-w-C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 01:13:21392704----a-w-C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-11 01:13:18624128----a-w-C:\windows\System32\qedit.dll
2013-07-11 01:13:18509440----a-w-C:\windows\SysWow64\qedit.dll
2013-07-11 01:13:161887744----a-w-C:\windows\System32\WMVDECOD.DLL
2013-07-11 01:13:161620480----a-w-C:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 01:13:023153920----a-w-C:\windows\System32\win32k.sys
2013-07-11 01:13:001732608----a-w-C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-11 01:12:591402880----a-w-C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-11 01:12:591393152----a-w-C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-11 01:12:591367040----a-w-C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 01:12:58936448----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 01:12:401643520----a-w-C:\windows\System32\DWrite.dll
2013-07-11 01:12:391247744----a-w-C:\windows\SysWow64\DWrite.dll
.
==================== Find3M ====================
.
2013-06-26 22:09:3045856----a-w-C:\windows\System32\drivers\avgtpx64.sys
2013-06-13 23:15:1371048----a-w-C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-13 23:15:13692104----a-w-C:\windows\SysWow64\FlashPlayerApp.exe
2013-06-11 23:43:371767936----a-w-C:\windows\SysWow64\wininet.dll
2013-06-11 23:43:002877440----a-w-C:\windows\SysWow64\jscript9.dll
2013-06-11 23:42:5861440----a-w-C:\windows\SysWow64\iesetup.dll
2013-06-11 23:42:58109056----a-w-C:\windows\SysWow64\iesysprep.dll
2013-06-11 23:26:202241024----a-w-C:\windows\System32\wininet.dll
2013-06-11 23:25:163958784----a-w-C:\windows\System32\jscript9.dll
2013-06-11 23:25:1367072----a-w-C:\windows\System32\iesetup.dll
2013-06-11 23:25:13136704----a-w-C:\windows\System32\iesysprep.dll
2013-06-11 22:51:4571680----a-w-C:\windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:5889600----a-w-C:\windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:182706432----a-w-C:\windows\System32\mshtml.tlb
2013-06-07 02:37:522706432----a-w-C:\windows\SysWow64\mshtml.tlb
2013-05-21 05:03:459728---ha-w-C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-13 05:51:01184320----a-w-C:\windows\System32\cryptsvc.dll
2013-05-13 05:51:001464320----a-w-C:\windows\System32\crypt32.dll
2013-05-13 05:51:00139776----a-w-C:\windows\System32\cryptnet.dll
2013-05-13 05:50:4052224----a-w-C:\windows\System32\certenc.dll
2013-05-13 04:45:55140288----a-w-C:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:551160192----a-w-C:\windows\SysWow64\crypt32.dll
2013-05-13 04:45:55103936----a-w-C:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43:551192448----a-w-C:\windows\System32\certutil.exe
2013-05-13 03:08:10903168----a-w-C:\windows\SysWow64\certutil.exe
2013-05-13 03:08:0643008----a-w-C:\windows\SysWow64\certenc.dll
2013-05-10 05:49:2730720----a-w-C:\windows\System32\cryptdlg.dll
2013-05-10 03:20:5424576----a-w-C:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:011910632----a-w-C:\windows\System32\drivers\tcpip.sys
2013-05-01 07:59:1294208----a-w-C:\windows\SysWow64\QuickTimeVR.qtx
2013-05-01 07:59:1269632----a-w-C:\windows\SysWow64\QuickTime.qts
2013-04-26 05:51:36751104----a-w-C:\windows\System32\win32spl.dll
2013-04-26 04:55:21492544----a-w-C:\windows\SysWow64\win32spl.dll
2013-04-25 23:30:321505280----a-w-C:\windows\SysWow64\d3d11.dll
2013-04-17 07:02:061230336----a-w-C:\windows\SysWow64\WindowsCodecs.dll
2013-04-17 06:24:461424384----a-w-C:\windows\System32\WindowsCodecs.dll
.
============= FINISH: 19:30:21.01 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 15/10/2011 1:22:29 PM
System Uptime: 14/07/2013 7:20:06 PM (0 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | 305V4A/305V4A
Processor: AMD A6-3410MX APU with Radeon(tm) HD Graphics | P0 | 1600/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 231 GiB total, 43.092 GiB free.
D: is FIXED (NTFS) - 344 GiB total, 317.112 GiB free.
E: is CDROM (UDF)
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP194: 11/07/2013 11:57:56 AM - Windows Update
RP195: 14/07/2013 5:04:10 PM - Windows Update
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
?? ??? ?? Windows Live Mesh ActiveX ???
??? ActiveX ?? Windows Live Mesh ???? ??????? ???????
???? ??? Windows Live
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????
?????? ??????? ?? Windows Live
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????
??????? Windows Live Mesh ActiveX ??(????)
??????? Windows Live Mesh ActiveX ???
???????? ?????????? Windows Live
????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???)
?????????? Windows Live
??????????? ?? Windows Live
64 Bit HP CIO Components Installer
Acoustica Effects Pack
Acoustica Mixcraft 5
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color Video Profiles AE CS4
Adobe Community Help
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Download Assistant
Adobe Dynamiclink Support
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Illustrator CS5.1
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Player
Adobe MotionPicture Color Files CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS6
Adobe Reader XI (11.0.03)
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe XMP Panels CS4
Agatha Christie - Death on the Nile
AMD APP SDK Runtime
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Client Installation Program
ATI Catalyst Install Manager
µTorrent
Auto Keyboard v1.2
Auto Typer by MurGee v1.2
AVG 2012
AVG Security Toolbar
„Windows Live Essentials“
„Windows Live Mesh ActiveX“ nuotoliniu ryšiu valdiklis
„Windows Live“ fotogalerija
Bejeweled 2 Deluxe
Bing Bar
Bonjour
Broadcom 802.11 Network Adapter
BrowserCompanion
BSR Screen Recorder 6
BufferChm
Build-a-lot
C4700
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help English
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Portuguese
CCC Help Spanish
CCleaner
CDBurnerXP
Chuzzle Deluxe
ClipX
Codec Updater
Codecv
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Control ActiveX de Windows Live Mesh para conexiones remotas
Control ActiveX Windows Live Mesh pentru conexiuni la distan?a
Controle ActiveX do Windows Live Mesh para Conexões Remotas
Controlo ActiveX do Windows Live Mesh para Ligações Remotas
Coupon Printer for Windows
Crystal Reports for Visual Studio
CyberLink Media Suite
CyberLink Media+ Player10
CyberLink MediaShow
CyberLink Power2Go
CyberLink PowerDirector
CyberLink YouCam
D3DX10
DealBulldog Toolbar
Destinations
DeviceDiscovery
Diner Dash 2 Restaurant Rescue
DiskAid 5.31
DivX Setup
Dotfuscator Software Services - Community Edition
Driver Detective
Easy Content Share
Easy Migration
EasyFileShare
Eco Mode
ETDWare PS/2-X64 8.0.7.2_WHQL
Farm Frenzy
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych
Fotogalerija Windows Live
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
Galería fotográfica de Windows Live
Geekbench 2.3
Google Chrome
Google Earth
Google Talk Plugin
Google Update Helper
GPBaseService2
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB945282)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946040)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946308)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946344)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947540)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947789)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB948127)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB951708)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB945282)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946040)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946308)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947540)
Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947789)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB945282)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB946040)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB946308)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB947540)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB947789)
Hotfix for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB948127)
Hotfix for Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (KB944899)
Hotfix for Microsoft Visual Studio 2010 Ultimate - ENU (KB2542054)
HP Customer Participation Program 14.0
HP Imaging Device Functions 14.0
HP Photo Creations
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPPhotoGadget
HPProductAssistant
HPSSupply
HyperCam 2
iCloud
Insaniquarium Deluxe
Intel PROSet Wireless
Intel(R) PROSet/Wireless WiFi Software
iPhone Folders
iPhoneBrowser
iTunes
Java Auto Updater
Java SE Development Kit 7 Update 4 (64-bit)
Java(TM) 6 Update 31
Java(TM) 7 Update 4 (64-bit)
JavaFX 2.1.0 (64-bit)
JavaFX 2.1.0 SDK (64-bit)
JCreator LE 4.50
JKJones Tetris
John Deere Drive Green
Kontrola Windows Live Mesh ActiveX za daljinske veze
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
Magic ISO Maker v5.5 (build 0281)
MainConcept MJPEG Codec Demo
MainConcept MJPG software codec (Remove Only)
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Games for Windows - LIVE Redistributable
Microsoft Help Viewer 1.0
Microsoft MSDN 2005 Express Edition - ENU
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Management Objects (x64)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server Compact 3.5 SP1 Design Tools English
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server System CLR Types
Microsoft SQL Server System CLR Types (x64)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 (x64)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x64)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual Basic 2005 Express Edition - ENU
Microsoft Visual Basic 2005 Express Edition - ENU Service Pack 1 (KB926747)
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
Microsoft Visual C# 2005 Express Edition - ENU
Microsoft Visual C# 2005 Express Edition - ENU Service Pack 1 (KB926749)
Microsoft Visual C# 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Express Edition - ENU
Microsoft Visual C++ 2005 Express Edition - ENU Service Pack 1 (KB926748)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
Microsoft Visual F# 2.0 Runtime
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2005 Express Edition - ENU
Microsoft Visual J# 2005 Express Edition - ENU Service Pack 1 (KB926750)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
Microsoft Visual Studio 2010 Office Developer Tools (x64)
Microsoft Visual Studio 2010 Performance Collection Tools - ENU
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2010 Ultimate - ENU
Microsoft Visual Studio Macro Tools
Microsoft Visual Web Developer 2005 Express Edition - ENU
Microsoft Visual Web Developer 2005 Express Edition - ENU Service Pack 1 (KB926751)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
Microsoft XNA Framework Redistributable 4.0
Microsoft XNA Game Studio 4.0
Microsoft XNA Game Studio 4.0 (ARP entry)
Microsoft XNA Game Studio 4.0 (Redists)
Microsoft XNA Game Studio 4.0 (Shared Components)
Microsoft XNA Game Studio 4.0 (Visual Studio)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
Microsoft XNA Game Studio 4.0 Documentation
Microsoft XNA Game Studio Platform Tools
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
Mozilla Firefox 18.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia POP
Network64
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
PDF Settings CS5
PDFBinder
Peggle
Penguins!
Photoshop Camera Raw
Pixel Bender Toolkit
Plants vs. Zombies
Podstawowe programy Windows Live
Polar Golfer
PowerISO
PS_AIO_06_C4700_SW_Min
Python 2.7.1
QuickTime
QuickTransfer
Raccolta foto di Windows Live
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
ReNamer
S?????? f?t???af??? t?? Windows Live
Samsung AnyWeb Print
Samsung Control Center
Samsung Printer Live Update
Samsung Recovery Solution 5
Samsung Support Center
Samsung Universal Print Driver
Samsung Universal Scan Driver
Samsung Update Plus
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Visual Basic 2005 Express Edition - ENU (KB2251481)
Security Update for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB2251487)
Security Update for Microsoft Visual C# 2005 Express Edition - ENU (KB2251481)
Security Update for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB2251487)
Security Update for Microsoft Visual C++ 2005 Express Edition - ENU (KB2251481)
Security Update for Microsoft Visual C++ 2005 Express Edition - ENU (KB2538218)
Security Update for Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (KB2251487)
Security Update for Microsoft Visual J# 2005 Express Edition - ENU (KB2251481)
Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2251489)
Security Update for Microsoft Visual Studio 2010 Ultimate - ENU (KB2644980)
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
Security Update for Microsoft Visual Web Developer 2005 Express Edition - ENU (KB2251481)
SharpKeys
Shop for HP Supplies
Sid Meier's Civilization 4
Skype Click to Call
Skype™ 6.1
SmartWebPrinting
SolutionCenter
Spelling Dictionaries Support For Adobe Reader 9
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??
Status
Suite Shared Configuration CS4
SweetIM Bundle by SweetPacks
SweetIM for Messenger 3.7
Switcher 2.0.0
Toolbar 4.7 by SweetPacks
Toolbox
TrayApp
Unity
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Visual Basic 2005 Express Edition - ENU (KB932232)
Update for Microsoft Visual C# 2005 Express Edition - ENU (KB932232)
Update for Microsoft Visual C++ 2005 Express Edition - ENU (KB932232)
Update for Microsoft Visual J# 2005 Express Edition - ENU (KB932232)
Update for Microsoft Visual Web Developer 2005 Express Edition - ENU (KB932232)
Update Manager for SweetPacks 1.1
User Guide
uTorrentControl2 Toolbar
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi
VC80CRTRedist - 8.0.50727.6195
VirtualCloneDrive
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 Prerequisites - English
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Web Deployment Tool
WebReg
WIDCOMM Bluetooth Software
WildTangent Games
WildTangent ORB Game Console
Windows 7 USB/DVD Download Tool
Windows Live
Windows Live ?? ???
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Foto-galerija
Windows Live fotoattelu galerija
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live Galerija fotografija
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Mesh ActiveX kontrola za daljinske veze
Windows Live Mesh ActiveX vadikla attalajiem savienojumiem
Windows Live Meshin etäyhteyksien ActiveX-komponentti
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Liven asennustyökalu
Windows Liven valokuvavalikoima
Windows Media Player Firefox Plugin
WinRAR 4.20 (64-bit)
WinSCP 4.3.5
Xfire (remove only)
Yahoo! Toolbar
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
14/07/2013 7:23:15 PM, Error: Service Control Manager [7023] - The WinDefend service terminated with the following error: Access is denied.
14/07/2013 7:20:40 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
14/07/2013 6:29:21 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
14/07/2013 6:29:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
14/07/2013 6:29:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
14/07/2013 6:29:17 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
14/07/2013 6:29:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
14/07/2013 6:28:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgfwfd Avgldx64 Avgmfx64 Avgtdia DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy Psched rdbss SABI SCDEmu spldr tdx vwififlt Wanarpv6 WfpLwf
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
14/07/2013 6:28:50 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/07/2013 4:14:56 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
.
==== End Of File ===========================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================

redtarget.gif
Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Create new restore point before proceeding with the next step....
How to:
- Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

Download Malwarebytes Anti-Rootkit (MBAR) from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
 
Alright, here we go.

Roguekiller log:
RogueKiller V8.6.2 _x64_ [Jul 2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : hxxp://www.adlice.com/forum/
Website : hxxp://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : JKJones [Admin rights]
Mode : Remove -- Date : 07/14/2013 23:03:38
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 6 ¤¤¤
[V1][SUSP PATH] CodecUpdaterTask{B0FE8B3B-F3C8-43AF-AA97-11B8FBEBEAB6}.job : C:\ProgramData\Codec\Codec.exe - /schedule /profilepath "C:\ProgramData\Codec\profile.ini" [x][-] -> DELETED
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv.job : C:\windows\TEMP\{D9BF7A04-F5F0-47EE-8873-6142E7D64C72}.exe - --uninstall=1 [x] -> DELETED
[V1][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv.job : C:\windows\TEMP\{62FCE632-3784-4D19-B9A7-10EAAAA65D85}.exe - --uninstall=1 [x] -> DELETED
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_HP_rmv : C:\windows\TEMP\{62FCE632-3784-4D19-B9A7-10EAAAA65D85}.exe - --uninstall=1 [x] -> DELETED
[V2][SUSP PATH] AVG-Secure-Search-Update_JUNE2013_TB_rmv : C:\windows\TEMP\{D9BF7A04-F5F0-47EE-8873-6142E7D64C72}.exe - --uninstall=1 [x] -> DELETED
[V2][SUSP PATH] {4CBB03CD-45D9-4548-B42F-A6D4578524CD} : "c:\users\jkjones\appdata\local\google\chrome\application\chrome.exe" - hxxp://ui.skype.com/ui/0/6.3.0.105/en/abandoninstall?page=tsProgressBar [x][x] -> DELETED

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][File] @ : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\@ [-] --> REMOVED AT REBOOT
[ZeroAccess][Folder] U : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U [-] --> DELETED
[ZeroAccess][Folder] L : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\L [-] --> DELETED
[ZeroAccess][File] Desktop.ini : C:\Windows\assembly\GAC_32\Desktop.ini [-] --> REMOVED AT REBOOT
[ZeroAccess][File] Desktop.ini : C:\Windows\assembly\GAC_64\Desktop.ini [-] --> REMOVED AT REBOOT
[ZeroAccess][Junction] en-US : C:\Program Files\Windows Defender\en-US >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MpCommu.dll : C:\Program Files\Windows Defender\MpCommu.dll >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][Junction] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> Junction DELETED
[ZeroAccess][File] 00000004.@ : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U\00000004.@ [-] --> DELETED
[ZeroAccess][File] 00000008.@ : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U\00000008.@ [-] --> DELETED
[ZeroAccess][File] 80000000.@ : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U\80000000.@ [-] --> DELETED
[ZeroAccess][File] 80000032.@ : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U\80000032.@ [-] --> DELETED
[ZeroAccess][File] 80000064.@ : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U\80000064.@ [-] --> DELETED
[ZeroAccess][File] 00000004.@ : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\L\00000004.@ [-] --> DELETED
[ZeroAccess][File] 201d3dde : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\L\201d3dde [-] --> DELETED
[ZeroAccess][File] 6715e287 : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\L\6715e287 [-] --> DELETED
[ZeroAccess][File] 76603ac3 : C:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\L\76603ac3 [-] --> DELETED

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤
-> D:\windows\system32\config\SYSTEM
C:\Windows\system32
C:\Users\Jemar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> D:\windows\system32\config\SOFTWARE
C:\Windows\system32
C:\Users\Jemar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> D:\windows\system32\config\SECURITY
C:\Windows\system32
C:\Users\Jemar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> D:\windows\system32\config\SAM
C:\Windows\system32
C:\Users\Jemar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> D:\windows\system32\config\DEFAULT
C:\Windows\system32
C:\Users\Jemar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> D:\Users\Default\NTUSER.DAT
C:\Windows\system32

-> D:\Users\Default User\NTUSER.DAT
C:\Windows\system32

-> D:\Users\Jemar\NTUSER.DAT
C:\Windows\system32
C:\Users\Jemar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
-> D:\Documents and Settings\Default\NTUSER.DAT
C:\Windows\system32

-> D:\Documents and Settings\Default User\NTUSER.DAT
C:\Windows\system32

-> D:\Documents and Settings\JKJones\NTUSER.DAT
C:\Windows\system32


¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 iphonesubmissions.apple.com
127.0.0.1 localhost
::1 localhost
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobe-dns.adobe.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547564A9E384 SATA Disk Device +++++
--- User ---
[MBR] 371e765195d5b35e5499f8dd032a932c
[BSP] ad8a67a13c68e695a9a021ea74bedcf0 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 236543 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 484648960 | Size: 352154 Mo
3 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1205860352 | Size: 21679 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_07142013_230338.txt >>
RKreport[0]_S_07142013_230244.txt

MBAR LOG 1 (This is the one where I had to manually shut down):
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.14.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
JKJones :: JKJ [administrator]

14/07/2013 11:12:05 PM
mbar-log-2013-07-14 (23-12-05).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 306544
Time elapsed: 2 hour(s), 35 minute(s), 12 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
c:\Users\JKJones\Local Settings\Application Data\14f405f2\U (Backdoor.0Access) -> Delete on reboot.

Files Detected: 6
c:\Windows\System32\services.exe (Rootkit.0Access) -> Replace on reboot.
c:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\@ (Backdoor.0Access) -> Delete on reboot.
c:\Windows\assembly\GAC_32\Desktop.ini (Rootkit.0access) -> Delete on reboot.
c:\Windows\assembly\GAC_64\Desktop.ini (Rootkit.0access) -> Delete on reboot.
c:\Users\JKJones\AppData\Local\14f405f2\U\80000000.@ (Backdoor.0Access) -> Delete on reboot.
c:\Users\JKJones\AppData\Local\14f405f2\U\800000cb.@ (Backdoor.0Access) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

MBAR LOG 2 (This one rebooted fine):
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.14.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
JKJones :: JKJ [administrator]

15/07/2013 11:52:24 AM
mbar-log-2013-07-15 (11-52-24).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 293549
Time elapsed: 2 hour(s), 3 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
c:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U (Backdoor.0Access) -> Delete on reboot.

Files Detected: 3
c:\Windows\System32\services.exe (Rootkit.0Access) -> Replace on reboot.
c:\Windows\assembly\GAC_32\Desktop.ini (Rootkit.0access) -> Delete on reboot.
c:\Windows\assembly\GAC_64\Desktop.ini (Rootkit.0access) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

MBAR LOG 3 (Wasn't sure if I was supposed to do a 3rd one but I did, and no malware was reported.):
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.14.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
JKJones :: JKJ [administrator]

15/07/2013 2:03:42 PM
mbar-log-2013-07-15 (14-03-42).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 293577
Time elapsed: 2 hour(s), 1 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 
System log:
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16635

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.597000 GHz
Memory total: 5884403712, free: 3285102592

Downloaded database version: v2013.07.14.08
Initializing...
------------ Kernel report ------------
07/14/2013 23:11:58
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amd_sata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amd_xata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\windows\system32\drivers\avgtpx64.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\avgfwd6a.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\??\C:\windows\system32\Drivers\SABI.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\clwvd.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\btwampfl.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\drivers\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\system32\DRIVERS\btwrchid.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\avgidsfiltera.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8006b29060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000070\
Lower Device Object: 0xfffffa80064ed2d0
Lower Device Driver Name: \Driver\amd_sata\
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8006b29060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8006b29b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8006b29060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80064f2040, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa80064ed2d0, DeviceName: \Device\00000070\, DriverName: \Driver\amd_sata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9DF67DAB

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 484440064

Partition 2 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 484648960 Numsec = 721211392

Partition 3 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 1205860352 Numsec = 44398592

Disk Size: 640135028736 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1250243728-1250263728)...
Done!
Backup file found for a file c:\Windows\System32\services.exe
Infected: c:\Windows\System32\services.exe --> [Rootkit.0Access]
Infected: c:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\@ --> [Backdoor.0Access]
Infected: c:\Windows\assembly\GAC_32\Desktop.ini --> [Rootkit.0access]
Infected: c:\Windows\assembly\GAC_64\Desktop.ini --> [Rootkit.0access]
Infected: c:\Users\JKJones\Local Settings\Application Data\14f405f2\U --> [Backdoor.0Access]
Infected: c:\Users\JKJones\AppData\Local\14f405f2\U\80000000.@ --> [Backdoor.0Access]
Infected: c:\Users\JKJones\AppData\Local\14f405f2\U\800000cb.@ --> [Backdoor.0Access]
Scan finished
Creating System Restore point...
Cleaning up...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Executing an action fixdamage.exe...
Success!
Queuing an action fixdamage.exe
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16635

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.597000 GHz
Memory total: 5884403712, free: 4148080640

Initializing...
------------ Kernel report ------------
07/15/2013 11:52:16
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amd_sata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amd_xata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\windows\system32\drivers\avgtpx64.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\avgfwd6a.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\??\C:\windows\system32\Drivers\SABI.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\clwvd.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\btwampfl.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\drivers\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\system32\DRIVERS\btwrchid.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\avgidsfiltera.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8006764060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000072\
Lower Device Object: 0xfffffa80064cb8f0
Lower Device Driver Name: \Driver\amd_sata\
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8006764060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8006764b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8006764060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80064cf040, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa80064cb8f0, DeviceName: \Device\00000072\, DriverName: \Driver\amd_sata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9DF67DAB

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 484440064

Partition 2 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 484648960 Numsec = 721211392

Partition 3 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 1205860352 Numsec = 44398592

Disk Size: 640135028736 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1250243728-1250263728)...
Done!
Backup file found for a file c:\Windows\System32\services.exe
Infected: c:\Windows\System32\services.exe --> [Rootkit.0Access]
Read File: File "c:\ProgramData\AVG2012\log\avgcore.log.1" is compressed (flags = 1)
Infected: c:\Windows\assembly\GAC_32\Desktop.ini --> [Rootkit.0access]
Infected: c:\Windows\assembly\GAC_64\Desktop.ini --> [Rootkit.0access]
Infected: c:\Windows\Installer\{f222b52a-65cb-34c3-6332-395370e72c81}\U --> [Backdoor.0Access]
Scan finished
Creating System Restore point...
Cleaning up...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Executing an action fixdamage.exe...
Success!
Queuing an action fixdamage.exe
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Non-administrative

Internet Explorer version: 10.0.9200.16635

Java version: 1.6.0_31

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.597000 GHz
Memory total: 5884403712, free: 3913154560

Initializing...
------------ Kernel report ------------
07/15/2013 14:03:35
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amd_sata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amd_xata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\windows\system32\drivers\avgtpx64.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\avgfwd6a.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\??\C:\windows\system32\Drivers\SABI.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\sdbus.sys
\SystemRoot\system32\DRIVERS\bcmwl664.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\clwvd.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\btwampfl.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\drivers\btwavdt.sys
\SystemRoot\system32\drivers\btwaudio.sys
\SystemRoot\system32\DRIVERS\btwl2cap.sys
\SystemRoot\system32\DRIVERS\btwrchid.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\avgidsfiltera.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8006830060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000072\
Lower Device Object: 0xfffffa80064ec060
Lower Device Driver Name: \Driver\amd_sata\
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8006830060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80065f7930, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8006830060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80064f1ac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa80064ec060, DeviceName: \Device\00000072\, DriverName: \Driver\amd_sata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9DF67DAB

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 484440064

Partition 2 type is Extended with LBA (0xf)
Partition is NOT ACTIVE.
Partition starts at LBA: 484648960 Numsec = 721211392

Partition 3 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 1205860352 Numsec = 44398592

Disk Size: 640135028736 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1250243728-1250263728)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_0_2048_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished
 
Current Computer Behavior:
I haven't noticed anything out of the ordinary since the last reboot (after the second MBAR scan). Google is no longer blocked, no more threat alerts from AVG (in the last 2 hours anyway).
 
Good job :)

redtarget.gif
Create new restore point before proceeding with the next step....
How to:
- Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

redtarget.gif
Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
ComboFix 13-07-15.01 - JKJones 15/07/2013 17:49:34.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.5612.3983 [GMT -4:00]
Running from: c:\users\JKJones\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\DealBulldog Toolbar
c:\program files (x86)\DealBulldog Toolbar\affid.dat
c:\program files (x86)\DealBulldog Toolbar\alert_plugin.dll
c:\program files (x86)\DealBulldog Toolbar\basis.xml
c:\program files (x86)\DealBulldog Toolbar\icons.bmp
c:\program files (x86)\DealBulldog Toolbar\info.txt
c:\program files (x86)\DealBulldog Toolbar\install.ico
c:\program files (x86)\DealBulldog Toolbar\MacroParserPlugin.dll
c:\program files (x86)\DealBulldog Toolbar\mbback.bmp
c:\program files (x86)\DealBulldog Toolbar\mbbigopen.bmp
c:\program files (x86)\DealBulldog Toolbar\mbclose.bmp
c:\program files (x86)\DealBulldog Toolbar\mbfwd.bmp
c:\program files (x86)\DealBulldog Toolbar\mbsep.bmp
c:\program files (x86)\DealBulldog Toolbar\nav1c.bmp
c:\program files (x86)\DealBulldog Toolbar\somoto.dll
c:\program files (x86)\DealBulldog Toolbar\TbCommonUtils.dll
c:\program files (x86)\DealBulldog Toolbar\tbcore3.dll
c:\program files (x86)\DealBulldog Toolbar\tbcore3.inf
c:\program files (x86)\DealBulldog Toolbar\tbhelper.dll
c:\program files (x86)\DealBulldog Toolbar\TbHelper2.exe
c:\program files (x86)\DealBulldog Toolbar\uninstall.exe
c:\program files (x86)\DealBulldog Toolbar\UninstallToolbar.exe
c:\program files (x86)\DealBulldog Toolbar\update.exe
c:\program files (x86)\DealBulldog Toolbar\version.txt
c:\programdata\Codecv
c:\programdata\Codecv\background.html
c:\programdata\Codecv\bhoclass.dll
c:\programdata\Codecv\content.js
c:\programdata\Codecv\hpnpnobanidcimkhihimiaecdgfehdln.crx
c:\programdata\Codecv\settings.ini
c:\programdata\Codecv\uninstall.exe
c:\users\JKJones\AppData\Local\assembly\tmp
c:\users\JKJones\AppData\Local\Microsoft\Windows\Temporary Internet Files\ApnStub.exe
c:\users\JKJones\AppData\Local\TempDIR
c:\users\JKJones\Documents\~WRL1399.tmp
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Created from 2013-06-15 to 2013-07-15 )))))))))))))))))))))))))))))))
.
.
2013-07-15 22:03 . 2013-07-15 22:03--------d-----w-c:\users\Default\AppData\Local\temp
2013-07-15 03:11 . 2013-07-15 20:06--------d-----w-c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-07-14 22:49 . 2013-07-14 22:49--------d-----w-c:\users\JKJones\AppData\Roaming\Malwarebytes
2013-07-14 22:45 . 2013-07-14 22:45--------d-----w-c:\programdata\Malwarebytes
2013-07-14 22:45 . 2013-07-14 22:45--------d-----w-c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-14 22:45 . 2013-04-04 18:5025928----a-w-c:\windows\system32\drivers\mbam.sys
2013-07-14 22:45 . 2013-07-14 22:45--------d-----w-c:\users\JKJones\AppData\Local\Programs
2013-07-14 21:49 . 2013-07-14 21:50--------d-----w-C:\Rustbfix
2013-07-14 21:16 . 2013-07-14 21:16--------d-----w-c:\windows\system32\MRT
2013-07-12 19:03 . 2013-07-12 19:03--------d-----w-c:\program files (x86)\ReNamer
2013-07-11 01:13 . 2013-05-27 05:501011712----a-w-c:\program files\Windows Defender\MpSvc.dll
2013-07-11 01:13 . 2013-05-27 05:50571904----a-w-c:\program files\Windows Defender\MpClient.dll
2013-07-11 01:13 . 2013-05-27 05:50314880----a-w-c:\program files\Windows Defender\MpCommu.dll
2013-07-11 01:13 . 2013-05-27 04:574608----a-w-c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 01:13 . 2013-05-27 04:5754784----a-w-c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 01:13 . 2013-05-27 04:57392704----a-w-c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 01:13 . 2013-05-27 03:159216----a-w-c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 01:13 . 2013-06-04 06:00624128----a-w-c:\windows\system32\qedit.dll
2013-07-11 01:13 . 2013-06-04 04:53509440----a-w-c:\windows\SysWow64\qedit.dll
2013-07-11 01:13 . 2013-05-06 06:031887744----a-w-c:\windows\system32\WMVDECOD.DLL
2013-07-11 01:13 . 2013-05-06 04:561620480----a-w-c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 01:13 . 2013-06-05 03:343153920----a-w-c:\windows\system32\win32k.sys
2013-07-11 01:13 . 2013-04-10 05:481732608----a-w-c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 01:12 . 2013-04-10 05:461402880----a-w-c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 01:12 . 2013-04-10 05:461393152----a-w-c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 01:12 . 2013-04-10 05:461367040----a-w-c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 01:12 . 2013-04-10 05:03936448----a-w-c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 01:12 . 2013-04-02 22:511643520----a-w-c:\windows\system32\DWrite.dll
2013-07-11 01:12 . 2013-04-09 23:341247744----a-w-c:\windows\SysWow64\DWrite.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-26 22:09 . 2012-11-09 01:1145856----a-w-c:\windows\system32\drivers\avgtpx64.sys
2013-06-24 04:57 . 2012-09-05 05:5478277128----a-w-c:\windows\system32\MRT.exe
2013-06-13 23:15 . 2012-12-11 01:04692104----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-13 23:15 . 2012-02-27 21:0771048----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-21 05:05 . 2013-05-21 05:05719360----a-w-c:\windows\SysWow64\mshtmlmedia.dll
2013-05-21 05:05 . 2013-05-21 05:05523264----a-w-c:\windows\SysWow64\vbscript.dll
2013-05-21 05:05 . 2013-05-21 05:05226304----a-w-c:\windows\system32\elshyph.dll
2013-05-21 05:05 . 2013-05-21 05:05185344----a-w-c:\windows\SysWow64\elshyph.dll
2013-05-21 05:05 . 2013-05-21 05:05158720----a-w-c:\windows\SysWow64\msls31.dll
2013-05-21 05:05 . 2013-05-21 05:05150528----a-w-c:\windows\SysWow64\iexpress.exe
2013-05-21 05:05 . 2013-05-21 05:05138752----a-w-c:\windows\SysWow64\wextract.exe
2013-05-21 05:05 . 2013-05-21 05:05137216----a-w-c:\windows\SysWow64\ieUnatt.exe
2013-05-21 05:05 . 2013-05-21 05:051054720----a-w-c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-21 05:05 . 2013-05-21 05:0573728----a-w-c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-21 05:05 . 2013-05-21 05:0561952----a-w-c:\windows\SysWow64\tdc.ocx
2013-05-21 05:05 . 2013-05-21 05:0548640----a-w-c:\windows\SysWow64\mshtmler.dll
2013-05-21 05:05 . 2013-05-21 05:0538400----a-w-c:\windows\SysWow64\imgutil.dll
2013-05-21 05:05 . 2013-05-21 05:05361984----a-w-c:\windows\SysWow64\html.iec
2013-05-21 05:05 . 2013-05-21 05:051441280----a-w-c:\windows\SysWow64\inetcpl.cpl
2013-05-21 05:05 . 2013-05-21 05:0512800----a-w-c:\windows\SysWow64\mshta.exe
2013-05-21 05:05 . 2013-05-21 05:05110592----a-w-c:\windows\SysWow64\IEAdvpack.dll
2013-05-21 05:05 . 2013-05-21 05:0581408----a-w-c:\windows\system32\icardie.dll
2013-05-21 05:05 . 2013-05-21 05:05762368----a-w-c:\windows\system32\ieapfltr.dll
2013-05-21 05:05 . 2013-05-21 05:05452096----a-w-c:\windows\system32\dxtmsft.dll
2013-05-21 05:05 . 2013-05-21 05:05441856----a-w-c:\windows\system32\html.iec
2013-05-21 05:05 . 2013-05-21 05:05281600----a-w-c:\windows\system32\dxtrans.dll
2013-05-21 05:05 . 2013-05-21 05:0523040----a-w-c:\windows\SysWow64\licmgr10.dll
2013-05-21 05:05 . 2013-05-21 05:05216064----a-w-c:\windows\system32\msls31.dll
2013-05-21 05:05 . 2013-05-21 05:05197120----a-w-c:\windows\system32\msrating.dll
2013-05-21 05:05 . 2013-05-21 05:051400416----a-w-c:\windows\system32\ieapfltr.dat
2013-05-21 05:05 . 2013-05-21 05:0597280----a-w-c:\windows\system32\mshtmled.dll
2013-05-21 05:05 . 2013-05-21 05:05905728----a-w-c:\windows\system32\mshtmlmedia.dll
2013-05-21 05:05 . 2013-05-21 05:0527648----a-w-c:\windows\system32\licmgr10.dll
2013-05-21 05:05 . 2013-05-21 05:05270848----a-w-c:\windows\system32\iedkcs32.dll
2013-05-21 05:05 . 2013-05-21 05:05247296----a-w-c:\windows\system32\webcheck.dll
2013-05-21 05:05 . 2013-05-21 05:05235008----a-w-c:\windows\system32\url.dll
2013-05-21 05:05 . 2013-05-21 05:05167424----a-w-c:\windows\system32\iexpress.exe
2013-05-21 05:05 . 2013-05-21 05:051509376----a-w-c:\windows\system32\inetcpl.cpl
2013-05-21 05:05 . 2013-05-21 05:05144896----a-w-c:\windows\system32\wextract.exe
2013-05-21 05:05 . 2013-05-21 05:05102912----a-w-c:\windows\system32\inseng.dll
2013-05-21 05:05 . 2013-05-21 05:0592160----a-w-c:\windows\system32\SetIEInstalledDate.exe
2013-05-21 05:05 . 2013-05-21 05:0577312----a-w-c:\windows\system32\tdc.ocx
2013-05-21 05:05 . 2013-05-21 05:0562976----a-w-c:\windows\system32\pngfilt.dll
2013-05-21 05:05 . 2013-05-21 05:05599552----a-w-c:\windows\system32\vbscript.dll
2013-05-21 05:05 . 2013-05-21 05:0552224----a-w-c:\windows\system32\msfeedsbs.dll
2013-05-21 05:05 . 2013-05-21 05:0551200----a-w-c:\windows\system32\imgutil.dll
2013-05-21 05:05 . 2013-05-21 05:0548640----a-w-c:\windows\system32\mshtmler.dll
2013-05-21 05:05 . 2013-05-21 05:05173568----a-w-c:\windows\system32\ieUnatt.exe
2013-05-21 05:05 . 2013-05-21 05:05149504----a-w-c:\windows\system32\occache.dll
2013-05-21 05:05 . 2013-05-21 05:0513824----a-w-c:\windows\system32\mshta.exe
2013-05-21 05:05 . 2013-05-21 05:05136192----a-w-c:\windows\system32\iepeers.dll
2013-05-21 05:05 . 2013-05-21 05:05135680----a-w-c:\windows\system32\IEAdvpack.dll
2013-05-21 05:05 . 2013-05-21 05:0512800----a-w-c:\windows\system32\msfeedssync.exe
2013-05-21 05:03 . 2013-05-21 05:039728---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:039728---ha-w-c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:035632---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:035632---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:035632---ha-w-c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:035632---ha-w-c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:03522752----a-w-c:\windows\system32\XpsGdiConverter.dll
2013-05-21 05:03 . 2013-05-21 05:03465920----a-w-c:\windows\system32\WMPhoto.dll
2013-05-21 05:03 . 2013-05-21 05:034096---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:034096---ha-w-c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:03364544----a-w-c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-21 05:03 . 2013-05-21 05:033584---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:033584---ha-w-c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:033072---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:033072---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:033072---ha-w-c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:033072---ha-w-c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:032560---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:032560---ha-w-c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:032284544----a-w-c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-21 05:03 . 2013-05-21 05:031682432----a-w-c:\windows\system32\XpsPrint.dll
2013-05-21 05:03 . 2013-05-21 05:031158144----a-w-c:\windows\SysWow64\XpsPrint.dll
2013-05-21 05:03 . 2013-05-21 05:0310752---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:0310752---ha-w-c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:03648192----a-w-c:\windows\system32\d3d10level9.dll
2013-05-21 05:03 . 2013-05-21 05:03604160----a-w-c:\windows\SysWow64\d3d10level9.dll
2013-05-21 05:03 . 2013-05-21 05:03417792----a-w-c:\windows\SysWow64\WMPhoto.dll
2013-05-21 05:03 . 2013-05-21 05:033928064----a-w-c:\windows\system32\d2d1.dll
2013-05-21 05:03 . 2013-05-21 05:03363008----a-w-c:\windows\system32\dxgi.dll
2013-05-21 05:03 . 2013-05-21 05:033419136----a-w-c:\windows\SysWow64\d2d1.dll
2013-05-21 05:03 . 2013-05-21 05:03333312----a-w-c:\windows\system32\d3d10_1core.dll
2013-05-21 05:03 . 2013-05-21 05:03296960----a-w-c:\windows\system32\d3d10core.dll
2013-05-21 05:03 . 2013-05-21 05:03293376----a-w-c:\windows\SysWow64\dxgi.dll
2013-05-21 05:03 . 2013-05-21 05:032776576----a-w-c:\windows\system32\msmpeg2vdec.dll
2013-05-21 05:03 . 2013-05-21 05:032565120----a-w-c:\windows\system32\d3d10warp.dll
2013-05-21 05:03 . 2013-05-21 05:03249856----a-w-c:\windows\SysWow64\d3d10_1core.dll
2013-05-21 05:03 . 2013-05-21 05:03245248----a-w-c:\windows\system32\WindowsCodecsExt.dll
2013-05-21 05:03 . 2013-05-21 05:03221184----a-w-c:\windows\system32\UIAnimation.dll
2013-05-21 05:03 . 2013-05-21 05:03220160----a-w-c:\windows\SysWow64\d3d10core.dll
2013-05-21 05:03 . 2013-05-21 05:03207872----a-w-c:\windows\SysWow64\WindowsCodecsExt.dll
2013-05-21 05:03 . 2013-05-21 05:031988096----a-w-c:\windows\SysWow64\d3d10warp.dll
2013-05-21 05:03 . 2013-05-21 05:03194560----a-w-c:\windows\system32\d3d10_1.dll
2013-05-21 05:03 . 2013-05-21 05:03187392----a-w-c:\windows\SysWow64\UIAnimation.dll
2013-05-21 05:03 . 2013-05-21 05:03161792----a-w-c:\windows\SysWow64\d3d10_1.dll
2013-05-21 05:03 . 2013-05-21 05:031238528----a-w-c:\windows\system32\d3d10.dll
2013-05-21 05:03 . 2013-05-21 05:031175552----a-w-c:\windows\system32\FntCache.dll
2013-05-21 05:03 . 2013-05-21 05:031080832----a-w-c:\windows\SysWow64\d3d10.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 08:49176936----a-w-c:\program files (x86)\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-06-26 22:093055280----a-w-c:\program files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll" [2013-06-26 3055280]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Switcher"="c:\program files (x86)\Switcher\Switcher.exe" [2007-10-28 425984]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Driver Detective"="c:\program files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe" [2012-08-28 3518944]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-11-28 59280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-06-26 2236080]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-11-29 151952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecuteREG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R1 iihlirzj;iihlirzj;c:\windows\system32\drivers\iihlirzj.sys;c:\windows\SYSNATIVE\drivers\iihlirzj.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 cpuz135;cpuz135;c:\users\JKJones\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\JKJones\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);c:\windows\system32\DRIVERS\HPMo4DE3.sys;c:\windows\SYSNATIVE\DRIVERS\HPMo4DE3.sys [x]
R3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);c:\windows\system32\Drivers\HPub4DE3.sys;c:\windows\SYSNATIVE\Drivers\HPub4DE3.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe;c:\program files (x86)\AVG\AVG2012\avgfws.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x]
S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsfiltera.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmtREG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-11 23:15]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 21:34]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 21:34]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2750293308-1424468115-2742304756-1000Core.job
- c:\users\JKJones\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-15 17:41]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2750293308-1424468115-2742304756-1000UA.job
- c:\users\JKJones\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-15 17:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-25 11895400]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"MRT"="c:\windows\system32\MRT.exe" [2013-06-24 78277128]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8EDA33F5-56A7-11E2-B7EF-B4749FFD668A}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 64.71.255.204 64.71.255.198
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
FF - ProfilePath - c:\users\JKJones\AppData\Roaming\Mozilla\Firefox\Profiles\avw53iy5.default\
FF - ExtSQL: !HIDDEN! 2011-10-17 01:07; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{DD547721-AFCD-878F-0951-9368D3ACAD4E} - c:\programdata\Codecv\bhoclass.dll
BHO-{EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
Toolbar-Locked - (no file)
Toolbar-{338B4DFE-2E2C-4338-9E41-E176D497299E} - c:\program files (x86)\DealBulldog Toolbar\tbcore3.dll
Toolbar-{EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
Wow6432Node-HKCU-Run-MurGee.com Auto Keyboard - c:\program files (x86)\Auto Keyboard\AutoKeyboard.exe
Wow6432Node-HKCU-Run-AutoTyperMurGee - c:\program files (x86)\Auto Typer by MurGee\AutoTyper.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-Codec - c:\programdata\Codec\Codec.exe
AddRemove-DealBulldog Toolbar - c:\program files (x86)\DealBulldog Toolbar\UninstallToolbar.exe
AddRemove-{2EF17083-57D4-4D64-AE4F-55F32A2C4571} - c:\programdata\Codecv\uninstall.exe
AddRemove-{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1 - c:\program files (x86)\Auto Keyboard\unins000.exe
AddRemove-{D04D8636-FB60-47FD-8F8C-18D475C52456}_is1 - c:\program files (x86)\Auto Typer by MurGee\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-07-15 18:14:00
ComboFix-quarantined-files.txt 2013-07-15 22:14
.
Pre-Run: 47,698,419,712 bytes free
Post-Run: 55,606,337,536 bytes free
.
- - End Of File - - 0F0ED3EE90202FC69BE8E98F6C77ADBA
A36C5E4F47E84449FF07ED3517B43A31
 
1. Please open Notepad (Start>All Programs>Accessories>Notepad).

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code: 
File::
c:\windows\system32\drivers\iihlirzj.sys

Folder::

Driver::
iihlirzj

Registry::

ClearJavaCache::


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
Everytime I reboot my computer I get a prompt from "Microsoft Windows Malicious Software Removal Tool". I can't remember if it's to update or to asking for permissions at the moment. I don't know if that's legitimate or not or what I should do about it. Anyway heres the log.

ComboFix 13-07-15.01 - JKJones 15/07/2013 18:35:53.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.5612.3530 [GMT -4:00]
Running from: c:\users\JKJones\Desktop\ComboFix.exe
Command switches used :: c:\users\JKJones\Desktop\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\iihlirzj.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_iihlirzj
.
.
((((((((((((((((((((((((( Files Created from 2013-06-15 to 2013-07-15 )))))))))))))))))))))))))))))))
.
.
2013-07-14 22:49 . 2013-07-14 22:49--------d-----w-c:\users\JKJones\AppData\Roaming\Malwarebytes
2013-07-14 22:45 . 2013-07-14 22:45--------d-----w-c:\programdata\Malwarebytes
2013-07-14 22:45 . 2013-07-14 22:45--------d-----w-c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-14 22:45 . 2013-04-04 18:5025928----a-w-c:\windows\system32\drivers\mbam.sys
2013-07-14 22:45 . 2013-07-14 22:45--------d-----w-c:\users\JKJones\AppData\Local\Programs
2013-07-14 21:49 . 2013-07-14 21:50--------d-----w-C:\Rustbfix
2013-07-14 21:16 . 2013-07-14 21:16--------d-----w-c:\windows\system32\MRT
2013-07-12 19:03 . 2013-07-12 19:03--------d-----w-c:\program files (x86)\ReNamer
2013-07-11 01:13 . 2013-05-27 05:501011712----a-w-c:\program files\Windows Defender\MpSvc.dll
2013-07-11 01:13 . 2013-05-27 05:50571904----a-w-c:\program files\Windows Defender\MpClient.dll
2013-07-11 01:13 . 2013-05-27 05:50314880----a-w-c:\program files\Windows Defender\MpCommu.dll
2013-07-11 01:13 . 2013-05-27 04:574608----a-w-c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 01:13 . 2013-05-27 04:5754784----a-w-c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 01:13 . 2013-05-27 04:57392704----a-w-c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 01:13 . 2013-05-27 03:159216----a-w-c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 01:13 . 2013-06-04 06:00624128----a-w-c:\windows\system32\qedit.dll
2013-07-11 01:13 . 2013-06-04 04:53509440----a-w-c:\windows\SysWow64\qedit.dll
2013-07-11 01:13 . 2013-05-06 06:031887744----a-w-c:\windows\system32\WMVDECOD.DLL
2013-07-11 01:13 . 2013-05-06 04:561620480----a-w-c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 01:13 . 2013-06-05 03:343153920----a-w-c:\windows\system32\win32k.sys
2013-07-11 01:13 . 2013-04-10 05:481732608----a-w-c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 01:12 . 2013-04-10 05:461402880----a-w-c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 01:12 . 2013-04-10 05:461393152----a-w-c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 01:12 . 2013-04-10 05:461367040----a-w-c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 01:12 . 2013-04-10 05:03936448----a-w-c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 01:12 . 2013-04-02 22:511643520----a-w-c:\windows\system32\DWrite.dll
2013-07-11 01:12 . 2013-04-09 23:341247744----a-w-c:\windows\SysWow64\DWrite.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-26 22:09 . 2012-11-09 01:1145856----a-w-c:\windows\system32\drivers\avgtpx64.sys
2013-06-24 04:57 . 2012-09-05 05:5478277128----a-w-c:\windows\system32\MRT.exe
2013-06-13 23:15 . 2012-12-11 01:04692104----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-13 23:15 . 2012-02-27 21:0771048----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-21 05:05 . 2013-05-21 05:05719360----a-w-c:\windows\SysWow64\mshtmlmedia.dll
2013-05-21 05:05 . 2013-05-21 05:05523264----a-w-c:\windows\SysWow64\vbscript.dll
2013-05-21 05:05 . 2013-05-21 05:05226304----a-w-c:\windows\system32\elshyph.dll
2013-05-21 05:05 . 2013-05-21 05:05185344----a-w-c:\windows\SysWow64\elshyph.dll
2013-05-21 05:05 . 2013-05-21 05:05158720----a-w-c:\windows\SysWow64\msls31.dll
2013-05-21 05:05 . 2013-05-21 05:05150528----a-w-c:\windows\SysWow64\iexpress.exe
2013-05-21 05:05 . 2013-05-21 05:05138752----a-w-c:\windows\SysWow64\wextract.exe
2013-05-21 05:05 . 2013-05-21 05:05137216----a-w-c:\windows\SysWow64\ieUnatt.exe
2013-05-21 05:05 . 2013-05-21 05:051054720----a-w-c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-21 05:05 . 2013-05-21 05:0573728----a-w-c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-21 05:05 . 2013-05-21 05:0561952----a-w-c:\windows\SysWow64\tdc.ocx
2013-05-21 05:05 . 2013-05-21 05:0548640----a-w-c:\windows\SysWow64\mshtmler.dll
2013-05-21 05:05 . 2013-05-21 05:0538400----a-w-c:\windows\SysWow64\imgutil.dll
2013-05-21 05:05 . 2013-05-21 05:05361984----a-w-c:\windows\SysWow64\html.iec
2013-05-21 05:05 . 2013-05-21 05:051441280----a-w-c:\windows\SysWow64\inetcpl.cpl
2013-05-21 05:05 . 2013-05-21 05:0512800----a-w-c:\windows\SysWow64\mshta.exe
2013-05-21 05:05 . 2013-05-21 05:05110592----a-w-c:\windows\SysWow64\IEAdvpack.dll
2013-05-21 05:05 . 2013-05-21 05:0581408----a-w-c:\windows\system32\icardie.dll
2013-05-21 05:05 . 2013-05-21 05:05762368----a-w-c:\windows\system32\ieapfltr.dll
2013-05-21 05:05 . 2013-05-21 05:05452096----a-w-c:\windows\system32\dxtmsft.dll
2013-05-21 05:05 . 2013-05-21 05:05441856----a-w-c:\windows\system32\html.iec
2013-05-21 05:05 . 2013-05-21 05:05281600----a-w-c:\windows\system32\dxtrans.dll
2013-05-21 05:05 . 2013-05-21 05:0523040----a-w-c:\windows\SysWow64\licmgr10.dll
2013-05-21 05:05 . 2013-05-21 05:05216064----a-w-c:\windows\system32\msls31.dll
2013-05-21 05:05 . 2013-05-21 05:05197120----a-w-c:\windows\system32\msrating.dll
2013-05-21 05:05 . 2013-05-21 05:051400416----a-w-c:\windows\system32\ieapfltr.dat
2013-05-21 05:05 . 2013-05-21 05:0597280----a-w-c:\windows\system32\mshtmled.dll
2013-05-21 05:05 . 2013-05-21 05:05905728----a-w-c:\windows\system32\mshtmlmedia.dll
2013-05-21 05:05 . 2013-05-21 05:0527648----a-w-c:\windows\system32\licmgr10.dll
2013-05-21 05:05 . 2013-05-21 05:05270848----a-w-c:\windows\system32\iedkcs32.dll
2013-05-21 05:05 . 2013-05-21 05:05247296----a-w-c:\windows\system32\webcheck.dll
2013-05-21 05:05 . 2013-05-21 05:05235008----a-w-c:\windows\system32\url.dll
2013-05-21 05:05 . 2013-05-21 05:05167424----a-w-c:\windows\system32\iexpress.exe
2013-05-21 05:05 . 2013-05-21 05:051509376----a-w-c:\windows\system32\inetcpl.cpl
2013-05-21 05:05 . 2013-05-21 05:05144896----a-w-c:\windows\system32\wextract.exe
2013-05-21 05:05 . 2013-05-21 05:05102912----a-w-c:\windows\system32\inseng.dll
2013-05-21 05:05 . 2013-05-21 05:0592160----a-w-c:\windows\system32\SetIEInstalledDate.exe
2013-05-21 05:05 . 2013-05-21 05:0577312----a-w-c:\windows\system32\tdc.ocx
2013-05-21 05:05 . 2013-05-21 05:0562976----a-w-c:\windows\system32\pngfilt.dll
2013-05-21 05:05 . 2013-05-21 05:05599552----a-w-c:\windows\system32\vbscript.dll
2013-05-21 05:05 . 2013-05-21 05:0552224----a-w-c:\windows\system32\msfeedsbs.dll
2013-05-21 05:05 . 2013-05-21 05:0551200----a-w-c:\windows\system32\imgutil.dll
2013-05-21 05:05 . 2013-05-21 05:0548640----a-w-c:\windows\system32\mshtmler.dll
2013-05-21 05:05 . 2013-05-21 05:05173568----a-w-c:\windows\system32\ieUnatt.exe
2013-05-21 05:05 . 2013-05-21 05:05149504----a-w-c:\windows\system32\occache.dll
2013-05-21 05:05 . 2013-05-21 05:0513824----a-w-c:\windows\system32\mshta.exe
2013-05-21 05:05 . 2013-05-21 05:05136192----a-w-c:\windows\system32\iepeers.dll
2013-05-21 05:05 . 2013-05-21 05:05135680----a-w-c:\windows\system32\IEAdvpack.dll
2013-05-21 05:05 . 2013-05-21 05:0512800----a-w-c:\windows\system32\msfeedssync.exe
2013-05-21 05:03 . 2013-05-21 05:039728---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:039728---ha-w-c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:035632---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:035632---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:035632---ha-w-c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:035632---ha-w-c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:03522752----a-w-c:\windows\system32\XpsGdiConverter.dll
2013-05-21 05:03 . 2013-05-21 05:03465920----a-w-c:\windows\system32\WMPhoto.dll
2013-05-21 05:03 . 2013-05-21 05:034096---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:034096---ha-w-c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:03364544----a-w-c:\windows\SysWow64\XpsGdiConverter.dll
2013-05-21 05:03 . 2013-05-21 05:033584---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:033584---ha-w-c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:033072---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:033072---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:033072---ha-w-c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:033072---ha-w-c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:032560---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:032560---ha-w-c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:032284544----a-w-c:\windows\SysWow64\msmpeg2vdec.dll
2013-05-21 05:03 . 2013-05-21 05:031682432----a-w-c:\windows\system32\XpsPrint.dll
2013-05-21 05:03 . 2013-05-21 05:031158144----a-w-c:\windows\SysWow64\XpsPrint.dll
2013-05-21 05:03 . 2013-05-21 05:0310752---ha-w-c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:0310752---ha-w-c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-21 05:03 . 2013-05-21 05:03648192----a-w-c:\windows\system32\d3d10level9.dll
2013-05-21 05:03 . 2013-05-21 05:03604160----a-w-c:\windows\SysWow64\d3d10level9.dll
2013-05-21 05:03 . 2013-05-21 05:03417792----a-w-c:\windows\SysWow64\WMPhoto.dll
2013-05-21 05:03 . 2013-05-21 05:033928064----a-w-c:\windows\system32\d2d1.dll
2013-05-21 05:03 . 2013-05-21 05:03363008----a-w-c:\windows\system32\dxgi.dll
2013-05-21 05:03 . 2013-05-21 05:033419136----a-w-c:\windows\SysWow64\d2d1.dll
2013-05-21 05:03 . 2013-05-21 05:03333312----a-w-c:\windows\system32\d3d10_1core.dll
2013-05-21 05:03 . 2013-05-21 05:03296960----a-w-c:\windows\system32\d3d10core.dll
2013-05-21 05:03 . 2013-05-21 05:03293376----a-w-c:\windows\SysWow64\dxgi.dll
2013-05-21 05:03 . 2013-05-21 05:032776576----a-w-c:\windows\system32\msmpeg2vdec.dll
2013-05-21 05:03 . 2013-05-21 05:032565120----a-w-c:\windows\system32\d3d10warp.dll
2013-05-21 05:03 . 2013-05-21 05:03249856----a-w-c:\windows\SysWow64\d3d10_1core.dll
2013-05-21 05:03 . 2013-05-21 05:03245248----a-w-c:\windows\system32\WindowsCodecsExt.dll
2013-05-21 05:03 . 2013-05-21 05:03221184----a-w-c:\windows\system32\UIAnimation.dll
2013-05-21 05:03 . 2013-05-21 05:03220160----a-w-c:\windows\SysWow64\d3d10core.dll
2013-05-21 05:03 . 2013-05-21 05:03207872----a-w-c:\windows\SysWow64\WindowsCodecsExt.dll
2013-05-21 05:03 . 2013-05-21 05:031988096----a-w-c:\windows\SysWow64\d3d10warp.dll
2013-05-21 05:03 . 2013-05-21 05:03194560----a-w-c:\windows\system32\d3d10_1.dll
2013-05-21 05:03 . 2013-05-21 05:03187392----a-w-c:\windows\SysWow64\UIAnimation.dll
2013-05-21 05:03 . 2013-05-21 05:03161792----a-w-c:\windows\SysWow64\d3d10_1.dll
2013-05-21 05:03 . 2013-05-21 05:031238528----a-w-c:\windows\system32\d3d10.dll
2013-05-21 05:03 . 2013-05-21 05:031175552----a-w-c:\windows\system32\FntCache.dll
2013-05-21 05:03 . 2013-05-21 05:031080832----a-w-c:\windows\SysWow64\d3d10.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 08:49176936----a-w-c:\program files (x86)\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-06-26 22:093055280----a-w-c:\program files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{DD547721-AFCD-878F-0951-9368D3ACAD4E}]
c:\programdata\Codecv\bhoclass.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll" [2013-06-26 3055280]
"{338B4DFE-2E2C-4338-9E41-E176D497299E}"= "c:\program files (x86)\DealBulldog Toolbar\tbcore3.dll" [BU]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [BU]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CLASSES_ROOT\clsid\{338b4dfe-2e2c-4338-9e41-e176d497299e}]
[HKEY_CLASSES_ROOT\SMTTB2009.SMTTB2009.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\SMTTB2009.SMTTB2009]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Switcher"="c:\program files (x86)\Switcher\Switcher.exe" [2007-10-28 425984]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Driver Detective"="c:\program files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe" [2012-08-28 3518944]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2012-11-28 59280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-06-26 2236080]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-11-29 151952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecuteREG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 cpuz135;cpuz135;c:\users\JKJones\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\JKJones\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);c:\windows\system32\DRIVERS\HPMo4DE3.sys;c:\windows\SYSNATIVE\DRIVERS\HPMo4DE3.sys [x]
R3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);c:\windows\system32\Drivers\HPub4DE3.sys;c:\windows\SYSNATIVE\Drivers\HPub4DE3.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe;c:\windows\SYSNATIVE\SUPDSvc.exe [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys;c:\program files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe;c:\program files (x86)\AVG\AVG2012\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [x]
S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsfiltera.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmtREG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-11 23:15]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 21:34]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 21:34]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2750293308-1424468115-2742304756-1000Core.job
- c:\users\JKJones\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-15 17:41]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2750293308-1424468115-2742304756-1000UA.job
- c:\users\JKJones\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-15 17:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-25 11895400]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-03-21 472992]
"MRT"="c:\windows\system32\MRT.exe" [2013-06-24 78277128]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8EDA33F5-56A7-11E2-B7EF-B4749FFD668A}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 64.71.255.204 64.71.255.198
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
FF - ProfilePath - c:\users\JKJones\AppData\Roaming\Mozilla\Firefox\Profiles\avw53iy5.default\
FF - ExtSQL: !HIDDEN! 2011-10-17 01:07; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-Codec - c:\programdata\Codec\Codec.exe
AddRemove-DealBulldog Toolbar - c:\program files (x86)\DealBulldog Toolbar\UninstallToolbar.exe
AddRemove-{2EF17083-57D4-4D64-AE4F-55F32A2C4571} - c:\programdata\Codecv\uninstall.exe
AddRemove-{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1 - c:\program files (x86)\Auto Keyboard\unins000.exe
AddRemove-{D04D8636-FB60-47FD-8F8C-18D475C52456}_is1 - c:\program files (x86)\Auto Typer by MurGee\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
c:\program files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
c:\program files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
c:\program files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
c:\program files (x86)\Samsung\Samsung Control Center\WifiManager.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Samsung\Eco Mode\SmartEco.exe
c:\program files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
c:\program files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
.
**************************************************************************
.
Completion time: 2013-07-15 18:57:41 - machine was rebooted
ComboFix-quarantined-files.txt 2013-07-15 22:57
ComboFix2.txt 2013-07-15 22:14
.
Pre-Run: 55,697,317,888 bytes free
Post-Run: 55,082,627,072 bytes free
.
- - End Of File - - 997D976E3A49DB0A93DDF7B6D298D72A
A36C5E4F47E84449FF07ED3517B43A31
 
Looks good.

You need to tell me what the exact message is.

redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

redtarget.gif
Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
Here's the prompt (Sorry, apparently screen captures can't be taken when these types of prompts are active.)
i1BHUnH.jpg


Also after running adwcleaner and opening chrome I got the prompt "Your preferences file is corrupt or invalid. Google chrome is unable to recover your settings." and chrome was as if I'd just downloaded it. I logged in and it seems all my settings have been synced back as they were, I hope that's the only thing accidentally messed with here. And now the logs.

AdwCleaner:
# AdwCleaner v2.305 - Logfile created 07/15/2013 at 19:50:17
# Updated 11/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : JKJones - JKJ
# Boot Mode : Normal
# Running from : C:\Users\JKJones\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\Program Files (x86)\sweetpacks bundle uninstaller
Folder Deleted : C:\Program Files (x86)\uTorrentControl2
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codecv
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Users\JKJones\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\JKJones\AppData\Local\Conduit
Folder Deleted : C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Deleted : C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\JKJones\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\JKJones\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\JKJones\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\JKJones\AppData\LocalLow\Codecv
Folder Deleted : C:\Users\JKJones\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\JKJones\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\JKJones\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Blabbers
Key Deleted : HKCU\Software\BrowserCompanion
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\SMTTB2009
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD547721-AFCD-878F-0951-9368D3ACAD4E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E1B1318-AAF2-48B9-9CE9-E40F2F4BD98E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7BDD9DF-EB42-47AF-889A-2F7D8E1D85F1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD547721-AFCD-878F-0951-9368D3ACAD4E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2EF17083-57D4-4D64-AE4F-55F32A2C4571}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96E2E493-C484-43E3-9B95-D62EE7D40D3A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealBulldog Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8EDA33F5-56A7-11E2-B7EF-B4749FFD668A} --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={D2BAB6EC-5C11-4D7B-AB11-0AFF08C5FAD1}&mid=f967eed429a147d1bd9f653dd9198f79-13e1b912f67e838f265c90b31edcf6bf487e874a&lang=en&ds=AVG&pr=pr&d=2011-10-15 19:58:09&v=9.0.0.22&sap=nt --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://www.plusnetwork.com/?sp=lintbie&q={searchTerms}&dp=MessengerPlus --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\JKJones\AppData\Roaming\Mozilla\Firefox\Profiles\avw53iy5.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v28.0.1500.72

File : C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.4287] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={8EDA33F5-[...]

*************************

AdwCleaner[S1].txt - [26376 octets] - [15/07/2013 19:50:17]

########## EOF - C:\AdwCleaner[S1].txt - [26437 octets] ##########
 
JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.0 (07.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by JKJones on 15/07/2013 at 20:03:53.45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\linkurysmartbar.bandobjectattribute
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_1_rasmancs



~~~ Files

Successfully deleted: [File] "C:\windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{003FCFDA-C1C8-4D80-9D32-19C4B924EEA6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{011F437B-B339-49A4-B57A-A1FFD04E73D8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{021FB47D-7054-4763-8B8B-C7AB0F6CED9D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{027DFBEF-24F2-447E-8013-1F4C478A75EC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{02869E42-44AB-46B0-BCA2-B4F4276DC0D3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{02E92F29-B5CF-4369-9FA7-62A290876942}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0381389D-FBF8-45D2-BEF8-40DA44020A58}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0389FD60-11C1-4481-AA8C-607425D9A825}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{049DE017-C10C-4146-96B9-ADFFCFF76288}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{05717E5E-AE73-437C-92CB-15B3D29DA198}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{05C07D46-0F51-4112-AEA6-F6D0272F798D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{061373D4-F3BB-453E-B139-105713D6B096}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{061C761E-FAF9-4F8A-9B74-9DC55DAF34F4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0637C8FB-ABBB-4C5F-94E9-5881E7CF62C9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0648040E-6E90-4D74-B537-4ACE13CDE68E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{069DBA1E-C322-4843-ABBF-C602C9D91429}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{06B3528E-3C38-41EF-81BE-1CE0A5CE3541}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{085262B8-28AF-4CA3-AC40-DE2B79C9DE98}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{091C5F5D-47E5-4D13-9720-48942351C6A7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0A0B7226-5F3F-40C2-A0E9-7A5B3FCB8155}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0A3BE0EA-5FD6-4684-A765-784B1DF756CB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0A889E52-2402-41B7-92BD-CC2C1C2C38BC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0ACAB1BF-CF12-4A31-BE78-801E40F70A4D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0AF9FFC0-5167-4018-84DC-DDD73160D355}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0B069FEA-C277-4FBB-8484-DF9D2390C152}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0B48E7C1-C4E8-4905-ACB8-11F92DFA69D8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0CAFB50E-6000-4269-8569-FF8832D18AD6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0D04B805-C744-4857-993D-8E04A252F98C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0D79FC1A-28C5-4283-98A9-513D2FDD9D30}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0DD3C1AA-1458-47DB-82CD-D0CB8A1DFB90}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0F246A3C-8D37-4E23-9076-854A050D2B97}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0F5C84E3-5381-458B-9C94-DF9B97B27FCE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0FA37860-AC05-48A2-B585-ED78510CDDD5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{0FAB80DC-9776-45E6-B044-F03BBC8B3B2D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{10498BF0-90E1-4B4C-AAF4-AA53B9BCAC4B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{10A9EC1D-78C5-4DFA-909E-BEEF3DB6DC72}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{10C59EF7-9E08-4845-925B-8470542B2490}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{11B59F90-0A96-4D26-959E-1030B81349E0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{12BC7A7A-76FF-4AA5-8C81-2ECDB7BDAA01}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{12C37782-B1BE-448A-8324-422461CC5C40}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{12FDBCFB-7634-4B35-BA7F-A7F5A8084DF4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{136DF7B8-4EA0-4BD4-B49C-1F77D854458A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{138E3FE7-BAD9-4A92-ADC8-B6DCF0BEEB15}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{13C2AC74-86AD-4683-9655-3B73ECE9B048}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{141CAAE1-BD7E-4318-A8EF-134C5965C958}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1477815F-1C7A-4E3A-9900-01CCD1738771}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1484AE3A-251B-4039-AB8C-4E2EAD51F903}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{149ABEB2-FE60-4DB5-933E-DD5C3A2AC751}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{154BDCF3-5510-4194-B1F3-CE72F941C7FE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{155DA5DA-0554-4841-8A30-8BE281FAAD7B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{15CCA25F-6635-430C-AAE3-64E271D73164}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{15D2D971-8B46-4116-AC38-0EDF5EDAB71D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{164BB862-5D50-46A3-AFAB-F32581B0D624}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{16B90CA7-3154-4C16-B28F-F1A93A9BB172}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1732FABF-65C2-4818-8E3E-8F17184C675D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1734864F-8F74-429D-9A1A-E40224F9ACE5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{17DF8AF4-6737-403A-BBA0-F75381260100}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{17EF7EFC-8344-44FD-BC41-ADBE77A622A0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1859AB29-8D33-4A8F-8F49-D59FA7C26A41}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{193BC849-3F39-4FA4-96ED-4F2773471668}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{19BB11EC-CE76-482F-8498-D1067DEE6038}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{19F28B9A-EE04-484C-9094-42F2E32D7DE2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1A23D80A-8EB0-491D-8F06-E8F0FD8BF62D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1AA4CD28-9900-4A3A-87CC-7F83B7D21F62}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1B009050-9DF6-46D0-B797-AE07A3869FF2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1BD12983-BF25-4841-8DDA-CDD1193886B8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1C340236-A51C-4A63-938B-6C2C4BDC6CB6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1CC5F8BE-8A14-4E34-ADA0-70AB71B455C1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1D06896B-272A-473F-9BB8-A16474F376F6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1D0A7165-D76B-40DA-A72F-22CBC9D5B927}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1DAB5BD9-C582-46BD-A922-58AAD533A1DA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1DB97999-B918-4E95-8D6E-2F7D62E65257}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1DBC2A7B-87D3-4095-A128-41F044BE733C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1E4B5FAC-DC1B-4001-92F6-8A715573658B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1E5754BD-D64A-44E0-875C-CBAA75C4C19C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1F12C716-E857-4699-9450-827AEBF01FC5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{1F409090-2656-4166-AAC3-1A624F3C34F0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{20190A06-61F3-4C37-8FAA-3AA7693C411E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2052E5A9-4E35-4AE2-98E7-07C6BA73A3BE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2123AB52-DEAC-40F2-97CE-6DA08D2B6B98}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{21246630-0DC0-4A9E-8334-C970FDE24BB6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{221A28FB-535D-4EC5-AEB3-0D35F12F8A66}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{22261113-A450-4174-8335-5DE21493B132}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2269CE94-940E-4ED2-B3A2-2A1EE4CD3446}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{22E76F5B-0737-4615-B039-18CCD4850E2D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2309F9ED-6ABB-4807-A2D4-ACF46CF2D7D4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2367B499-558A-465B-93CC-2B6B3C0BF440}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{23689A48-F62B-49D0-B5D0-9625416BE321}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{23814B0A-5546-4E94-A9ED-1279F8F2D4FA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{23FE1012-CEF6-4EED-A975-C9FA879FC30A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{24987B84-887F-4AEF-BA60-F4E38D67ED76}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{24A28974-10CF-411B-98DD-E25C5F4EC1A5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{24E94750-3B54-40F5-8A53-16882B34E435}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{253AD58A-7BFF-4C25-9286-7373B2EC972B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2557DB7C-7A27-4F0A-AA80-22B8F898EDE9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{262D4553-AB4F-4A47-B146-9CDFDB2E6386}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{26C5BB55-59A0-4EF4-8F1D-051C50427044}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2739E3CD-D201-4E3C-B6A0-A0C71B2EF5CB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{273CCAD5-A76A-4928-9012-D59E2656758D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{27A4A124-8BB4-4FBA-9747-7B7049703639}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{27A78F30-DAA2-46B1-8C7D-B3F0BA0C088B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{287478AD-ACEE-49A3-A97B-C67A9B27F68A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{28B1AFF0-34BE-4D12-BEB2-4B28AAFAE4FF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{28C4ED80-25D5-42DF-AAE2-0E2D2CEC6A7A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{28DC1E83-11B1-4296-9B15-070668680DD6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{290881A7-4CDB-4E96-A0FB-8352D4BA56EB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{29626887-4558-4B73-A551-50ECD5CC3503}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{29A529C3-BB02-4F23-8593-B6FA824C3706}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{29CADDDD-FE5F-44C9-AE4E-40DB2BAD7103}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2A9E8009-A837-4F10-A902-4BB69BE9C75E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2AC1D650-EC62-4FD7-9EBA-7C5BEF12BD88}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2B1BFAC7-FE1C-4E50-BC7C-0A61E79FF33A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2B5E55AE-B856-44D4-9A09-CB25059FC6CE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2B744836-AD37-4351-8C90-6AC9DF395197}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2B8989FE-A5B6-4CE5-847B-66AF49C8D503}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2C22982B-9A5E-41F1-B8E7-594BF6FAA478}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2C2F695B-6CE9-4235-981E-A24C826E8175}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2CCD6BD7-06C4-4CC9-9283-E6FB2A76C7F4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2D2B3E71-D0E0-42FE-81E3-C272050D68CE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2D333A22-CCDE-4DB9-A5A8-88CF4A570C49}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2D690400-2226-4B53-976A-0799C19A85F4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2E1690D4-CADB-4A80-A884-9900D2E67593}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2E6173A6-209E-4D4C-BB67-642EBDD2DAC8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2E6ACE14-8CCF-41DA-8324-286921293289}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2ECA511C-9BA1-4837-90EF-E8BE6FF4C945}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2F0AC824-E7FF-41CD-A5BE-16427D389105}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2F0E170F-6A8A-4BFE-AC05-9652BA111813}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2F1EFE5C-FA30-4BFA-9C87-9AED2DC97085}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2F2F4029-6926-465D-B69E-EA7392F672B4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2F659F0D-A0AE-42A5-AF0E-9B3ACD3A5653}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{2F72ADDF-91CF-4A9D-938D-43C38C5FD097}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{310C5853-7DE5-4CA3-B2DD-8372C49B4F54}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3161FC9C-7E72-44D9-8035-FD889B2CA3E3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{31AB06C3-9633-4A2F-913E-7B11F2B965E8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{32393380-3610-4220-9E75-ADBD12A2701A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{329652F5-A494-4807-A384-78554ADC0D67}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{32BD39A8-6FED-4910-81B6-0046114CBD7A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{32E357D1-293C-4E47-9930-C1640ECD66E7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{32E49BD3-1804-453C-8ADB-18D87B269D93}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{32EC6643-2D24-4B1C-BDF6-3025ABEA12DB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{332F08EF-52DA-4177-926A-BCCF35EC29A8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{335218EC-1340-4345-9541-3CA1D3F96B19}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{338BE4D9-9E11-489D-89D1-D3B77C119948}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{338CEBDE-F30A-4FB8-A448-BA861FA552B2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{33948530-71E6-4E72-A0B7-B8E8922DF558}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{33BDE14A-3E60-47BA-8065-DF7F881C91AB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3413C48D-B768-4C8C-8D76-C640E3D2B0CE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{341455A4-8EED-448B-9843-C625770D6218}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3415CD46-D805-496C-8B8B-E329DF5626F3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{349842F6-D29E-4D77-BFD3-461D60480A3C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{350A43B5-6650-4255-9E12-97B0438607F1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{359DE666-C19C-4010-8A32-AB3AFEA74630}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{36123D76-6E39-4A7F-A9D1-E5046597CCE1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3633D2F3-DFD9-4ACA-B1C4-53D7E8A6F6EE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{368817EE-01EA-402C-9DA7-91A261FEF59D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{36AF6443-0746-4787-BF10-A0257936D16D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{37123F88-5153-439A-BD25-6267F09C21E3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{375CB643-2CC9-4261-9017-07CB8E94AD22}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{37E71CE4-BB7D-4395-A185-3F51E1A30E0D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{380273A1-65AF-419B-829E-DAB786AE2B73}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3811EE4C-0695-43CC-A6E8-E7DB9A6AFBB9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{381C8A63-D236-4EC5-A366-0611126C4904}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{382F7DD2-E90D-437A-AAD9-C82C7B449FC5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3A1B4CEB-B606-44B5-832E-3BFA82997FD7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3B4BB469-8C50-4B3C-BAC7-9FEFFB134CD8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3BE6D1EE-40BB-4FF1-9C35-FA34179BF7F8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3BED1868-D119-44BC-9EBB-D20519258A6A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3C1275D2-F9CA-47C8-B4FF-65FE99B7D40F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3CA1CDFC-E6C9-479A-9EEC-021562098995}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3CB79A13-3E36-46E8-B235-9BC174403E91}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3CF6AADA-90D4-40B2-8686-BE7DCB19BA2D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3D4BC4A8-4F85-4EAD-924F-D6D7869B4676}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3D72EBDA-80C3-45E3-A900-82321D0C014A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3D8DBD32-F9CC-4C8F-AD34-BE8EFEE5019B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3DD1F43F-1287-4365-83AD-F49E638AF9F6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3DD8426E-2582-4A6E-9A94-63DBF0D63169}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{3F0CD86B-D5EB-4B98-A5CC-639DA8ABED3F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{40574210-13CB-4E87-B3C0-5D23C5B8418C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{414883D8-9E2C-4BB1-AF5F-5493B3443A9E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4167B7CA-6A9D-4E53-BB00-F401D7EB82D1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{420AB8FE-8DDC-430E-AD6D-5F8CFABF4E14}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{421243DF-69FD-4DAF-8E0D-14360F16F5A8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{422B61CF-9AA4-4933-89F7-8F9EB69744C8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{42C1FE9F-12A6-469A-90A4-063DB118D5D7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{42F01810-8365-4CAB-90BD-6E259D7B96DD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{43679192-183D-4E72-81A4-8FFB662EBB54}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{43DEBB12-5EAA-4201-B472-ED15A04613FE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{45DF19FC-A959-4024-8DE0-7E7EF48EC53A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{45F6EDE2-7990-4228-8A67-92888431DB63}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4665AEF1-11A7-4905-9653-9A8A141FB46B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{46C7BA8B-D0A1-414F-A530-8AF1F58FC84C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{470E69B5-12D4-405A-8582-F022E617637A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{47241E9F-74B6-4148-8440-ABCD0DE23631}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{48A6F649-050B-410D-919A-1D29970F9246}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{48E60A51-947E-4583-A3E7-1E72058B18C3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{49EB961C-D81B-469F-A74D-4A1C6FD075EE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4A9C2D0C-8511-4FD8-BE1D-179EA2BBA84D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4AAEDD7F-CC47-465C-961D-4197275AB061}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4AB3C617-801B-45CE-9690-54780BD71128}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4B01D920-91EA-4DB9-8674-C28B9BD4C48C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4B22A51F-6FEA-42F8-A0E4-DF0B52BFE6F1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4B408074-C2C4-494A-BDE6-52FBA7D9E49C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4B52BB21-4346-48D1-B0DC-09A9E50B8B17}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4B75B312-46DD-4A46-991C-0D11B828D55E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4BFB9513-F849-43E8-9CF3-75C25D152272}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4C7C8B2E-D8B7-42BB-AB65-DBEEDC80C157}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4C84517E-E975-4ECA-9AA0-434BD2421821}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4CA742C7-B1B0-43C6-8F24-BDDB4A9EA999}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4CB46D48-FF06-40FC-8827-20831AA29176}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4D1E5140-F0F3-476D-B01E-41EBF229D9B3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4D714CE5-79A2-4680-86E6-F6B9468872E9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4D793B77-FC31-42AF-826E-398E6E440770}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4DED5E1E-E0FE-47BF-B988-21E821BE5CB3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4E1F98E3-DA85-4DD8-9C6E-B110A7790E01}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4E47E0E4-F6AE-414A-97FC-50BCC1A1433F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4E66B589-4655-4485-BDBB-725456D0141B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4EB3E4DF-F54A-4C13-9607-1F4370E7FAD9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4EBC9BCB-C6CE-4B17-B72A-1EFCF35C2433}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4ECFE3C8-F63C-41F8-845F-C0E968FB95CE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4EE9754A-53C7-4CB3-96A8-017ADA172EB3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{4F3840E0-510C-4147-B59E-08F1F5F92259}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{50729D48-7983-4985-A7BF-2ED4E761CD8A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{51CA6503-AFA7-4000-BE0B-826307A74C8C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{536164D0-6388-40F7-9F72-E6360BEF95E8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{53B976D0-F57A-483F-9D2E-998A414110F0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{53C2528E-CC11-4D66-AABF-D72B7052477D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{53D5AFD9-25E4-490B-9A76-8A03BFC97990}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{540D0977-A266-45AF-A70F-3C27017CE1D9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5411FFC2-A29B-4C4B-BE7F-40BA13AEAE5C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{550546A4-B47C-4110-B63D-833D1448B5A5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{550AD418-B476-4F84-9657-C04767FA7B7D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{554A1487-BD3E-424E-A7CE-612B40F30DD3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{56746302-8857-4B6D-8F4B-ED581CCF60BC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{56827748-2479-4993-9068-7884CAE7F86D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{568BA41D-94EA-4387-A3DB-018B6DF64971}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{568D7DE6-C0F2-48D9-9B10-A151A40DEC46}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{56AB67CA-5B1E-4A77-88AF-9F578C4882CF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{56C5F23F-052D-4882-B9AD-A170883CCCDD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5765E52F-5EF4-4C5C-90F0-8A91124CA1F0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{57773CD0-293A-4311-AD0B-1F505EF61B5B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{57975676-189E-46BF-A4CD-52A2641DF907}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{57ABF9F7-92E5-4064-8CE6-6FB7260317C1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5879ED27-C57E-4909-9A61-21A62D7BD88F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{587EB9D9-AC94-4660-81A5-05CB1AD90F36}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5880F3B6-9048-48F4-A833-9CD4934BB800}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{58F37F13-90DA-4836-9256-9C007757CB29}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{58FB4C6B-338F-46FA-98BE-D38AC79D8A57}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{597C36AF-4B65-4D8A-B86A-06C58D1E956F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5A0C174F-01D9-43B5-9208-ECEEE557B544}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5A113046-8818-4BF0-82B2-ECF6ADDE0DC0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5A3605B7-BD7F-451C-96F6-384A4DAA0696}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5AB4EFE6-3B00-4CFC-8008-91D85A867111}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5B2D6258-DD64-4150-95CF-B1E9207031EC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5B9CEFCB-4175-4B97-918B-DD00CFE99546}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5C48E90F-0003-49C5-8FC3-1ED017157B77}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5C8CB12F-A8F8-4259-BB0B-30BF4E83B397}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5C9FE0FE-7492-49F3-A43A-700D5F489917}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5CEEAC09-101D-481C-9C9D-B0698E23B4C8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5D452B1E-F2C1-4909-A486-A6DAA69C3B30}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5E2BF12A-34CA-41E8-AA4A-8F8DB4006439}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5E489CD3-CAB1-4DC7-9994-811A44FA606F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5E9DB26C-50D0-447D-9C14-3290CC58A9EF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5EAC308E-0403-44E1-A384-AE600814028E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5F880AE1-BCCB-4035-B4CC-53B9B6848C64}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5F8DA8EA-16BC-42C9-BCE1-1C1EC32C579D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{5F93947A-814B-44ED-B1A4-3E1F51C2B12B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{606A9B83-8483-4DD1-9B24-013E99E99FDA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6086821E-9C24-4C6F-BE04-6E2F2B28CF78}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{60A3EDED-4AA0-49D9-8C38-6DFF23B95C85}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{611856FF-03C3-463E-828F-79175CDF6724}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{61B61904-A819-4A9D-A47A-9983E071EC6B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{62787A7D-0D78-4326-8E33-3343110959ED}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{63407A7B-F413-4B15-85D1-8B319EE2E9E9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6421BD4D-0DA2-49B4-BAEC-BC75842826EE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{643B4653-E117-4073-8768-5AC21E783BB9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{64412F3C-6910-4EAE-B289-42D4C5BD37A7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{64735F85-C367-4FDD-8E92-882340FF74CC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{64A2AB13-50C5-452E-8AA7-520676492218}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{64B89970-5BF1-4E5F-BEEB-000E584A243E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{653A0073-B5EA-435E-B32C-AC727A174E0D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{65543C3C-AAA4-4BEA-90A9-D9989F787A6B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{65EC50C8-2208-463E-A6C2-015B07A629BB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{663C876A-0FEA-4F6E-AB41-19DDB24639DE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{66BC6BC1-B907-448D-A0F0-DD95E35C907B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{66C3F33E-D359-4F78-962C-6943DD1F36FB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{671C981D-1C40-41E3-82F1-60F844EB8709}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{674FF721-417C-4B29-9CC7-EB395948ED8B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{68045086-A9C3-490F-8CCE-FB88C535F567}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{68163D85-53FE-4F41-9979-22A3755EF6BA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{68353769-BE3A-4918-82C0-424B63BCAFCF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{683F76E5-F486-49EA-9B40-4FAA20A219E6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6883C129-D134-4E1A-8FDE-AA36D3240309}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{68D66E4A-4B35-4368-9209-7E85D3FB3BBF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{68FC086B-3A86-487F-BB56-2A6D960C4496}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{69362556-4421-4AFC-9347-7679084481A7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{69719089-1FE2-4291-98B5-26D95CE9FC99}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6A5BF9F2-A929-48B9-B650-115F438B88C9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6B2668FF-40BE-46DF-8D31-2531F086391E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6BCCA41F-4706-490C-9CA9-8B0450553512}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6BD7FA61-1858-4648-9C6B-4D232A95C5A6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6D0DBCC6-94D8-4F96-83BD-F16C97E58D8B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6D7C0074-AA5A-481F-926A-F4C96C9E9428}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6D96F735-6FDC-4FFB-B1CE-4D9DC9EB6ADF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6D976261-C498-43F8-91E6-3BC03498063E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6DB9F234-2F47-479C-994A-E795E589CDFF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6DE29160-6F95-4042-9D3F-37529BABE8E7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6DFED117-567B-44D3-A127-6F20C9DFC8B1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6E2DCF2D-3DE8-4FB0-B3A6-4A874A5006B5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6E8123AB-3876-444C-8CF6-A05F3AD8732A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6E9693F5-2645-4957-8505-FD607DCFFA8F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6EC6CC50-2005-4B59-8F68-7D8E7B14323E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6ED5320F-11AF-4379-A7E8-07E41B007091}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6F076F69-64D3-4942-A26E-D19265D698D7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6F0B6131-0CB5-4A3E-9681-4603E7EC20C4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6F4E1748-9A2E-4B2F-8755-00879D65494F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6F4FBDC4-BF0C-4BEF-BB90-793033CD50D3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6F76FD58-C4A0-4832-9F97-5DFFDF815748}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6F9F21BA-673B-4465-B2B3-4D78F70C41DF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6FA54996-F9B1-4553-974B-220EC70F9B76}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{6FD31157-4866-4841-A1E4-F58FBD0EB109}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7067D11A-0EFA-49D4-8A44-5A6A45051A84}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{719C0890-1C93-470F-BCC4-CF14495A8336}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{721C4FDE-4E21-4784-A275-9CEE1ACD1348}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7285DB96-4C3C-4AE5-B2A9-E8C141B50FE3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{72B93EF3-C0A3-49DA-8B39-CFE62B27ABED}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{72C5CB9B-84B6-452A-AB33-7F8FDF5A0E19}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{72C91218-97F9-474A-AD4A-98D64845FC71}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{72F48E4F-1D2C-4032-AC1B-90D3E9393E43}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{731C015C-8D58-447E-AE54-2DBAFB0C8520}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7384A46C-8BA3-4702-AAF3-35E8641A16A3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{73BEFEFB-5EB9-46BB-8328-E5369690A4C9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{74033DD6-AD41-4F2F-B0CA-49BFC4880B9D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{74691A1A-4678-4315-9493-576AD98E4FC3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{747190D8-BFEC-457D-983C-71B10323FD18}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{757DF7CD-5CBC-42FB-8467-433CE9702A67}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{76338790-1E3D-4358-A034-F61626E0E87C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7636B459-CE5C-445B-8C29-4D5DF4E97B8E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{763EDB64-C827-4A34-AE7A-4A08D98A5726}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{76A2D494-7CF4-4C66-AFBE-753A6D535987}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{77048C2B-E695-4F1C-9557-5FF22F9AA46D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{77A687C8-E48D-4568-86CA-E9FFBDB72F4F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{77C8774A-FBB1-4B10-9DD2-2E17D1B8B497}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{77D99C2E-127C-4659-9268-C36B18DB4DC6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{77E7A39F-8B42-4BD5-A5B3-C2E175F629D8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7849B2FB-D783-45D7-84A0-9E57F3EA2AEF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{78A45E9F-429D-413A-A1B9-368BEAAA2A28}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{78ADC3F0-8F4D-4576-939A-D916D75F7284}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{78B0D5D1-C188-420F-8A19-A769C18C83F0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{78B1069F-AC47-4463-922B-EAAED7AD61F1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{78F20231-9CEA-4076-A701-545CFCD56D92}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7918240A-785E-4BBF-873F-51CD70F244F3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7948E42B-C50C-4D17-B154-DD72758AF5C4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7972AA1B-CBBA-43DA-BF24-961867F9F44E}
 
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7A4B4A3D-EE6E-40FD-B595-F00F7D4CDA26}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7A6A54A9-CE41-4A01-A21A-CB25C584374B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7ABE3020-674E-4971-B6C8-8EA9DC312DF1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7AED5979-4342-4561-9AAA-A0CAC1858633}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7BE35498-F278-41AF-84AE-BB9CA3D7F08D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7C21E1DF-688E-4266-B552-E65D6527D86F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7C607EFC-8B7D-4B67-B23A-E495FD975E2A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7CCFB38A-164A-484A-A87D-DD1000811DD9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7D7D2D93-3A72-42EA-8F1D-66ACB3073A08}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7DB44AF0-F204-4A0A-A0CE-3AFFE93FA5F9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7E0ABECA-296C-4788-A0BE-2423FE35A06B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7EA37783-6D29-4B3C-BA22-C04D10D8FB3B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7ED95BA9-30BE-44B0-8AFB-16542D91556D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7F3C2D7F-3CBA-4BEC-A66D-FA69888F824F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7F7CD3B2-F657-4293-8D39-17BB6ECEC187}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7FB569BF-4B67-4CB3-B163-6728F62FC650}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7FB90311-1E4C-498C-890A-F61673BA8439}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7FCA5348-4372-4972-83FA-82C49EFBE5C3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7FEBEDA3-E03E-468E-950F-644374E39212}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{7FFA1752-4FC3-436D-9228-2F61C3726D9D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8061D966-83E1-417E-9D44-71591A972DA1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{80C18E1D-94C2-4D90-A55E-9D3585B65918}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{80DF7D15-070E-4230-8A31-0D91F8ABC2FD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{80F0A655-74D6-4C84-ACEE-E758371F1CD7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{80F59631-F5F5-45FE-9492-77DC2C1112F9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8106BD7D-470C-46E8-A6DD-E775F9473230}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{817DBFEF-A8AE-4B8D-B219-C79E9F42A77E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{81BDF52F-5049-490F-ADD8-84A41ADD7CE2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{825D4AA6-8D02-426E-85EA-3CBA623FFE29}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8264539E-FBE7-4B32-9972-7FE2C1E8EEC7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8291293A-3FB9-4107-A1BE-6BECBE05AFE7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{82FBFC00-4355-4B2D-9D86-C3E0CB7A1785}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{83472B9B-6E59-43EC-BADF-84D6214E13DE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{83A23194-5BA9-4E08-A4C3-7AE60A5AE721}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{83E890EF-790D-4B45-992C-C1AC518740FE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{83FAF7E9-473D-4A59-923C-2A06CBCB5AFC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{852CC01E-B5B5-4E35-B1CD-A193407EBF8D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{85351132-E0DE-4F9E-B376-B0DE4D5D97A9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{859CC12D-A782-4DD0-B093-BDD87B56161D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{85F6F9B5-2C04-49BD-B36E-5339FF78C9A9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8625C4C1-E3B2-4D04-85C0-DB331852B1CC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{864293C5-CB7B-41C9-82E7-CF15378EB74B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{864AAD5F-55DF-4EE4-8ECD-557AFB1A26CE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{868271C9-5571-42DA-87A2-3EE149DEA142}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{86D3A8E6-5E9F-4EE4-95ED-44E5EC665F91}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{87D74D2B-8B5F-4494-B13E-C724B6432314}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{88422A71-F582-4F5D-8A9C-4B9AD741E373}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{88A8FA90-5D2A-4FA6-8315-AEE74CDDCCF1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{890369CE-E7EF-4ABF-9D84-EC7B91789DE0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{89AACFAD-56A6-4A66-BF55-E0F354C5322D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{89CDB148-07AC-4C5B-BCE8-11171F82FA23}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8A7BE334-88F4-478B-9849-36E9DF186127}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8BAA943B-E8AE-476D-B4D7-8D3AEFC85B03}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8BBBA2DE-9ED7-4E9F-96C3-E2322863C450}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8BF8A073-3042-4D59-AF7A-22A5C01AC9FC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8C782821-0F48-4F11-8DBD-9E619E19F4A5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8C83B740-A8F0-417F-BC15-199A6CE1289F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8D4D8D41-F9F8-41E8-8C21-C8C174ECAD18}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8D7DCB65-465B-403A-A655-25CD271FA007}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8D8F66FA-826D-417B-A2B1-C1C512ED9154}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8DA1F9A2-A326-4C78-8363-EB5F170FAA5E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8DA444C8-76B6-4D88-8B1C-55260C998B1B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8E273A63-5D03-4C4F-BBC4-07C049B96D4C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8EEC84ED-51DF-4690-9362-17975BE987B0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8EF0246F-F07A-431A-BBFB-31AD19E3A113}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8F6B07F5-814C-4DD3-84B1-2319D5BA3F04}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{8F9890A4-3278-4983-AA3E-FED46F71DD91}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{90293C11-5B84-4AAA-ABFF-BD5B7A4BD6E4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{903121AD-C813-420B-B840-A3A9D066B10A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{905CA209-3F19-478B-95BC-8822D2C7DD42}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{906DF4F0-1F5D-4B87-9899-517D85B695DA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{90B3A3CC-9C8D-44D9-81D6-C9469214A80E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9104AA25-DD92-450E-90E6-717E867054D7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9127F1EF-C3DF-41C1-9119-30F0BAAD6D22}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{925A9E86-4FA7-4899-8CAB-9F128B4F9C1B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{926F92AB-DDA9-4F12-ADC6-2F6B50E539B6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{92A0954D-F46F-44F3-BE2B-4F99548BF717}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{92F5374C-E4CC-4DD2-B51C-A60136F4007B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9318D056-64F5-4BE7-BC6C-73707155C933}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{937C8CE4-5A51-4E5F-8B17-0D76593B0716}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9380762B-DA04-4D89-984B-7D4F446BD62B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{93853A0F-B16B-45F8-A15D-77F5FA3CE6C8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{93FD20A8-11F4-49B5-9C79-6B4F3FAACE61}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{941BEE4F-88FF-45B8-8A86-011620C1C9D6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{94245689-6CBF-4585-AB78-8F957BCB635F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{958EA45F-02F5-4D82-9C89-0AB886DFAA41}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{95986003-1E2F-4DA7-B33E-ED10B97EDC4F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9606359C-C6F8-4326-89C2-31EB6A62D612}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{96904EDD-A9A0-4FF6-A01E-47562CFB09F4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{969DD099-A992-4AEA-AFBD-162BBE97D6E7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{96DDC514-794C-4707-82F6-2C729B886B2E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{972271F0-9538-4C44-965F-2057BF773131}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{975E89EA-2500-489B-95AB-B1B39363A6C2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{97D6EB37-01AA-41B0-9707-EABEBA4E2497}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{97FA1123-8E41-4842-A13B-6DEBC929ADF1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{98716243-7B28-42F6-B3E9-05B16BE8B731}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{98893433-5C97-42A4-B8AC-C229ACA279F3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{98CBECAE-A4DE-48A6-B5D5-B72380A88E99}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9950A3BF-F24D-4C16-A083-78B76C5241B1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{996AC68D-C340-478B-ACAD-D85E44170BB6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{99846CEC-2DA2-4141-BDD2-526537D2951A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{99A0178D-6F27-463A-A2DF-25DA6F006283}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{99A2B9A9-EBFA-43A6-815B-B4DAF3C23C7F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{99C474CD-7CCC-4B7F-8CB2-B9C742FCCEA8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{99DEC8EE-324D-413A-B00D-C267D8DD4775}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{99E61966-2EB7-42CD-A886-72CC556E4ECA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9A66BC9E-0BB7-42E9-84DB-6049F39C3F5A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9AB5B991-76DB-46C3-9C1A-C4F563BE884A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9AC7B988-BBAD-4640-BB90-C46AEB788745}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9B633EFF-DF02-489A-8F08-796A48581BE5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9B752D83-B68E-4CDC-9A7A-F719D372E856}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9B7A6196-1574-438A-A9DD-ECF0C20CE57B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9B8FB50C-B20B-4469-8873-B32A2E82C88A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9BA831A8-9714-4586-8A03-A1A098A88C78}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9BF5E3FD-F5A3-4908-90EA-A97EA24B9AE4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9C4A81FB-6A76-413B-9740-555E3A088090}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9CA9838A-DE50-4F8B-B0C2-BA02D048E678}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9CD8A3A2-A947-4020-B64E-1C98F884C790}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9D13B961-33F2-4399-B233-923C97122D25}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9D7A62C7-8154-481A-8B9B-142630BB74A5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9DC5B51F-B0D1-4762-9C72-5250E82F78A8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9E428CD6-A469-447A-83B8-03FB393A013C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9E6806AB-E816-422A-A1BB-E09651D73840}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9E89D6E8-7705-41FB-A5D0-DEEB5A56735A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9EAB7934-7DC6-4583-BF5B-D505D06CD1C2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9EE58D55-FD10-46BE-A8D8-0785AF4E8DE1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9F05C4DA-E9F5-4F9B-ABD5-3E87872AB4B8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{9F7A00AD-3EEF-4DA1-9A62-65C01CAF1731}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A05A5094-AB05-4DFE-AD1A-1048F7DE4FEA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A0C4649D-AA18-47AA-B7CD-D98EF1AA856A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A0C74C65-4FD4-499E-B9CB-F5BED6E117A6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A0DDA935-4D5E-4BC2-AE81-5482F984FFD8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A0EB1A02-C4A2-4C0C-84B4-235511ED6B14}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A0EE5866-3291-4283-8D08-0CACF9CB7E9A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A128A839-DB1A-4147-BA77-C6866A6C6171}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A18AEA93-9283-48F4-AEE4-F31DFF070124}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A1B21F6A-7B42-42A5-88C6-106B708A7974}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A1C56117-C595-4318-A04E-6ECD2C6CD4FB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A1ED2DD7-CE85-4764-B58B-9A7DCF627976}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A20E6C1A-B828-4EFB-B913-49853D43433A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A23653FA-E9F6-44DD-B0C4-82B79432ACB0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A28CB3E5-2454-479C-8EE4-78241E6CB914}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A3059203-CC56-4B1C-A8D4-6837A994332D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A31FBA03-3E81-49DC-812D-2A68ABF9A17A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A3364A12-2CB1-4615-AE11-B761DAECF09C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A3555BB8-8410-4D6E-821B-3D31F2BADCD8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A361D0AC-0B58-4BF7-AFE2-AF1237D26B26}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A417AAA6-B101-4BDB-91F6-1A45947D39B3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A444F460-59C5-4B70-91EE-0F7ECC575ED1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A45BD02E-4A2B-49B0-BB50-7B0B070F0B7C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A4EAA33C-E851-41A4-A079-32A667403EF6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A542F8C6-EF4E-41BE-8A1F-982B2C6AF6C7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A54FFBBA-3385-4DEF-8496-BB2F4FA85BFE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A555069C-E587-4B92-9525-B0F4F1932C32}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A5FFD0D5-0BDC-4D8A-9F44-2CC508FF196D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A61B2C4F-5016-410C-9D9D-2E5BADDF7391}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A68A6E90-DF69-4B8D-A028-B63D327C600F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A6B5E841-B590-48C7-948D-17D8E7B69436}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A6D9B9EC-507E-42FE-AFFA-2DAFE13C77B5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A8280D02-17D7-4551-ADD0-4EF70BB7813B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A9230529-16EC-4164-9BC8-BD4E28A3E2CE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A98CBFFE-4847-4C1E-9141-709C7D840555}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{A9B23BAF-8B1C-4DDA-87AF-5DBC6334D5E2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{AA27FB2F-75A5-4FCA-9C80-861A5A71E24E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{AA482ED8-A5A9-46D5-A8BC-3BA3AEC83284}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{AB84919E-2E92-4F6E-8B81-DC6FBE5DCCE1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{AB8F5AD9-C086-4403-9594-79DC8377C7E0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{AC2AAD30-1073-4446-AE61-3AA71F788D34}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{AE4CD03C-BEF7-43D8-BA18-ECEE46A15189}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{AF9A0728-2756-45ED-AC2B-DDF8BD3A7B4B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B0573A66-8B74-4636-BF04-F7B99F8789D0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B0703E02-A870-4341-9FAD-2EBA4C1E6A4F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B07A2C03-6976-4206-A80A-E1D19598773F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B0C09748-DC6F-45C3-ABFA-36F1B11AA803}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B17C029B-9283-48E5-9DB2-2B36A69952A1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B1822DDC-8790-437E-9A0E-0D4B129248BC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B20A45CF-31BA-4675-B189-A84E5E987AED}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B238A413-A0EF-48E5-B18E-B12E912193C3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B29EBCE1-DF42-45A5-A913-1A3B31DF34F0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B2ACC6BE-815E-4234-AEEF-E5A8004B2EF8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B2B8C705-8852-4FD4-89AB-5625E648E34C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B3413BF5-7B71-4B5B-B21E-A7FEE67B5B70}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B34CB56B-8BC5-4A19-A26E-D3BC20756281}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B3756D98-C7FD-4C6A-9163-DD901AAB4EAA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B3C027E3-A71F-4214-A48E-A9710803897A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B3C6FC5B-AEB5-4A4A-BD49-F75BFD761D31}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B446AFAC-4188-4C91-8408-5EBD2E0CEA90}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B5C0F1B1-BCEB-41FC-9B83-30CD9776B74A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B6C63922-B70A-43AD-A1DE-ABAA74E09B7A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B7ACBB17-9FD5-47DF-AEE9-2795967E5205}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B7C6E8F5-2214-4890-A436-F60577BBB204}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B7FA8CD4-C859-4CEB-8C9D-5FA7128E3C08}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B839BC53-6062-48FE-81EA-C5BEACA6CD48}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B87BB494-0427-4CEF-9E04-198E0FA625A4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B8A45744-A6B7-4147-92C1-CB45DEF15153}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B9285944-24B9-4743-8090-8E3997A8A982}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B92AE7DA-6D6F-4CE2-8A12-749EDB187859}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B998F47A-8E2C-47E9-AC9F-ADB2F189F7E4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{B9AAB141-34DF-4B9D-86B8-3003B81E03B1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BA03F191-A096-47AD-A3EF-BFBEE82C575C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BA5F60AD-C151-439A-8C67-4F45CE25191F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BA6293B0-4010-4C8D-B9A8-EA3EFEB00DEB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BA884E79-900B-4ADC-B8C6-3A4112FA32A6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BAA2655E-67BE-4B14-BAAD-E5F51A87706A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BC40B2BD-DB56-4A23-B8A6-212EAF9172D9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BC441C60-2368-4DA9-A01C-68C090BD9CD4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BD90A717-8334-4F19-9344-5C1780DE6638}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BE22FC04-0873-413A-8EEF-495A3EF5450E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BE6A1952-8620-4E77-BB89-5535BB124268}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BEC77C04-01A8-4DC7-B6EF-DAD1DAF9E315}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BEDE5B41-6CF8-47C5-B7F8-09E1966F6E2F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BF35A380-4D23-40AB-A55B-9C841F763064}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BF42832F-082E-41A3-BAF1-7074B2A7C6CD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{BF9312A8-EBCF-46D6-9F74-5DA209D1A3EB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C063263E-BDD3-4607-9601-C6AB3D29A78B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C06B2206-26C9-4283-80EE-9BA5CFB1F21A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C08E7FB1-5631-409A-AC22-627AD6DAE11C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C0C10572-7AE2-4203-AD95-C603A0716614}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C158CDCE-95D2-4640-99B3-BAAFEB4DC7F1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C22015DE-5FE2-4022-AAF4-F75B127B009C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C2C2C196-A9F6-4D4A-84EE-59D5BFC77825}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C2E4990F-0C45-4870-B58A-6337486F46F1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C314616B-5ADF-48F4-908C-38968B735196}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C3325229-FD2B-4B08-B6E4-7231823D8067}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C34CB0CE-9F95-4DDD-8F3D-9CF02A03CD4A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C36B443A-0DCD-4100-9ECD-01FEF78B6E85}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C3700C48-EC50-451E-8AF9-7F56A7DEF366}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C3D80005-DAD7-44B9-8835-D85412F3CFE4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C414776F-C3CF-41C6-A367-76CB8B98F4E3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C4D347A8-26CB-48A4-9281-75C6F4474C9E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C5FFC5AF-65B3-4081-A665-6878DAF90B8E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C722B1FE-AF34-488E-ABAF-7BAEA86A6547}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C806B8F5-0565-4033-ABA1-21D21B234F98}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C831C051-56C7-45D2-93F0-85E4B4A7B9E9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C84ED694-4BEC-4D72-AFCD-EE24EB80A29E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C88E137C-7BA6-40E9-952E-1C72214890C8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C8C4EB6D-6AA9-44AF-9CE4-A37E9DA09C45}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C8ED229C-0DC9-4F54-9466-BE173FD686BC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C9922F8D-3AD5-4778-B57F-2C5629CC5A63}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C99C667F-673D-48C5-A6D7-89111775FC07}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C99FBB20-2A9B-4945-A938-A51FAD08807D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{C9C04F6F-55AD-4D3E-BC61-3D9B2CBE2EB5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CA3B86F7-E1B4-429D-88B8-D5B0153E4B1E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CA78F352-605C-4B38-8520-335567872D15}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CA9866FE-5EFB-4D1C-BE1C-C073466E03B4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CACBA34D-D145-492B-9A67-EB2028CF2459}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CAD3D00B-D2F4-4177-BC34-9B2B34740A33}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CB173192-245E-46DA-805C-895FE444E5CD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CB34CA9B-CE74-4F62-A422-790D6E3F0561}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CB886858-B021-430F-AAD2-92244B6315D6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CBAA4551-A3F3-4E61-9EB6-6007F00A8B00}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CBAB61A9-982D-4CB6-B96C-2C391CAFC583}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CBAC42FD-EB64-4520-8063-3C35A860B5CD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CC172637-F2DC-41CE-AFB0-420439D5B73E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CC3B1B49-4AC0-4F60-82D3-26D717B390FB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CC58C963-0560-4BF0-BF19-BA25FC9F5654}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CC622AEE-F13F-434E-A44C-34121BED5D7A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CC80ECB9-D672-4D97-8EBD-9007CE893CC8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CC980824-4B1A-495A-A2C4-D2A4B9C33DBD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CCAD2EEF-0285-42D7-B46D-5260C207443F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CCC98D36-6952-40C3-85DF-37199711F8E2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CD1B635F-1EBF-4370-8CA2-CE423E298163}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CD5EA8CA-7CC5-4A4D-AFE6-486E92703564}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CDD0EB11-72C0-433E-8356-13F2B3AC1B6C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CE1F627D-A4C2-4EA1-B50B-4E1F7ACFF35C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CE35A279-73A4-4DA4-8F74-B85D6EA66450}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CE36733A-2E62-439B-AB03-8870BDF006DB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CE867472-7AE2-40C7-88F2-3E1FE82D70B1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CFD33E34-9441-4E60-B79C-9E3F76ED814C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{CFE799DB-668C-4032-B416-56EA38CAEEB2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D05017DB-CCDF-4FF7-A341-1FF13065D0FD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D0E9D64F-E365-42BA-925D-0B3ED8A91B45}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D13580DE-F9A1-4DB8-95A3-1F041E1F4F5A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D14F181B-0F21-4F68-A3AB-15165D50B179}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D158DEAE-AA19-4869-B493-7CF454E3E980}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D169F5C9-932D-4370-9DD1-26091D43EFD4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D1A59C2D-3611-40EE-B09C-5F5311125953}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D1C74BAE-D1D4-4A56-828D-F4F0D328999E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D28930E0-C739-4D94-8889-66E4511B8F9A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D38C300F-A855-4305-967D-098A5C303607}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D4406F68-F17C-4B2D-9AA1-DA484DF896C2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D440B78D-3293-47B4-8B38-757A88C5793A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D484F81E-FA35-46B1-A081-8CCE40C396C1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D4966C73-AE7A-4D8A-BC8B-35E9C2C33D1F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D4E8E702-4A75-4F31-9D68-4FBD8B054137}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D51A9AF7-D6C2-4237-A540-FE92F20BFAF1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D5A72FF7-5D9F-44CC-96D8-2F51AA5BF78D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D5BE7C1C-5A4A-45DC-995A-FB51EC7CC9DA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D5E3E53D-F031-4E32-A514-83C621F9CE02}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D6540D8A-932C-4DE1-9DAA-CCE9AF97734E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D7238C12-DA1B-491C-A6F0-1F1565F5427F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D739FA67-6BD4-437C-8F94-302CB7906E5D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D747E545-65C5-4ECD-94DB-55A4C8961D02}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D7DA95E3-0E7B-4614-8463-51776FB6D294}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D80CDED6-8907-4E68-9EEF-DC736C8DB2C3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D8394C87-BEB4-4CF9-BFB4-6E3829CE0B52}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D845DB69-BF05-4E75-BB03-170974B008A3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D8592EBA-F6E9-485F-B359-94E1A232E41F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D85BFA22-7FE1-46F2-A291-FD049302C2EE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D91122B3-E566-40F1-9A40-DD68BF249489}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D927C95B-BE8B-4470-AF67-768E2E1309E6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D9657330-8F99-4C44-8A33-0AF71C1471EA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D9BDC9BC-5F11-4554-B1CA-A7BA303B662F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D9ED1582-CD74-4326-91CA-6B234FDF0610}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{D9EEDC0B-D93B-4532-BC36-FF4E4E19C672}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DA00080D-3D15-4189-BF97-9453CB574EF7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DA607633-B07C-4A51-BF75-A3ECCA5E1D5E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DA9C03A5-8B15-468B-B8BF-07B5080BE9E8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DAEFB23E-6473-48B5-B701-296A4E065FDE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DAF6A7BE-5427-4B45-AB01-BB8EF642A478}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DB020ED8-80DE-46F1-9CF0-5CB4113C9198}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DB8B657B-A11F-4495-988B-D57E5D96854C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DBC73E0F-B4A5-499B-914E-975BA60F025D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DBCA94B2-B094-4D02-9EF3-761D734EA65F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DC480972-512B-46E5-AFAA-505A9AE74D77}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DC73D39D-A68C-406B-A39D-CFC76AFBFD9C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DC83FB6F-5BF7-491A-944E-8132B097E1FF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DD4D4B44-0992-4B75-8BC6-C812821150C8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DD871B03-C0EC-4F8B-9C5B-D1D39263B453}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DDAE8D70-8C7C-42DA-9824-19EFC9733702}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DE67CC38-D575-442B-9A9F-FE988A8FA97E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DE7B3D2B-5F4F-40E5-A109-590079FB07C5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DE8D998E-5212-49D4-9D9F-25A71E42CA6D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DECF6341-08F4-4D58-BE0A-2894746A76E8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DEE15DE8-4D09-456A-B314-E79C15769E0B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DF72C454-DB71-4654-9E7C-D4F741481F62}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DF8227FD-67F6-4A14-A2AA-8DA067D1E16A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DF9541B1-7DD8-45AD-91B7-4CAE0F6427C2}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DFB1BF65-6FB7-4C99-8B26-7DECA6134656}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{DFC47B4E-0B04-4D95-915B-D64A6E9FFF36}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E0257CBC-580C-4CBD-B3CD-099B4A4BDA48}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E07A1629-8846-4A11-AD7E-7C27035D9465}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E0B59795-990F-4AA8-9F54-6D8586118874}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E17EAA80-072A-4957-8D71-84B1E524725D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E1897F9D-30BC-452C-80AD-6C17A6F84FBB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E1A00577-7C9D-4582-B4DB-B92BD10092D0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E3261D71-C819-48E8-8AE4-7B58CADD7643}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E3D56292-C144-4A06-BD74-D2AEAAC7F8AB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E44BDA87-8A08-41C6-9734-0B0AC67A5C88}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E49BED39-3C54-49AB-AD6B-8D3BAF4E657D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E4F2ED41-065D-4D10-BFE2-BC0A2E9FA5D8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E55A6AA0-ABE7-4513-9D42-9E57900BA13A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E5B23165-C3AF-4461-97F2-B52A840B4A35}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E5BB5F7F-C940-49F3-89FE-69950284A5E5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E5BF434C-460C-41FC-81FF-818888DDC9BD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E5F47FCB-A116-4763-B06E-4F386A80894D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E68FE2AD-7A6E-49AB-AACA-D2F2F7586A34}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E6E9687A-9601-4ADE-A3F2-08DFAC8675D6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E73F8D55-798A-4ED7-8E95-ACD4BF8321F0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E84A12D7-D611-45F0-B7AE-C12376242891}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E87269BF-365A-484A-B105-22EBAD035DB0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E8A70AB9-4890-4C9D-AB3B-617A53A1A4C7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E8A783C7-5811-4FBF-BC30-41D9CE20BE77}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E8EBFC4E-35FE-4585-BE18-6DD7F3D521AB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E923B3D0-D7EF-444D-B5B5-15B56043FD40}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E93E03BA-46E9-4B8F-B4EC-71A25D01F141}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E9702D99-69F9-41F8-9632-91E0C172C6DE}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{E9F7FF3D-3868-4238-8990-2D29232372C9}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EA93A12E-AE15-4D15-9189-5C4EE0DF8035}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EB00B570-B7DD-4E43-B66D-213E96AEA6D4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EB1824BA-242E-44EC-8A4D-35333BAA6586}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EB710253-4DDB-44B9-8D22-9C3D85B0958C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EB855FA2-1FBC-4248-A237-488AD2A4C8FD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EC1C2CEA-641B-468A-B17E-2846F3658A56}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{ECB7FA6C-8B63-4F42-9FFE-45D00C64B5B7}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{ED50C7B9-8B4C-45D1-8897-01A9F118083E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{ED93DC54-E605-4B33-B5B4-934549F331E4}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EDCE1CEA-EAE6-467E-9C88-7B67A8E903D8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EDDAC628-6742-4D27-ACED-C6D430143A5E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EDF08128-5CFC-4E16-AD73-0B44F483B20E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EE0E4D30-F932-4EAD-9E0E-9247AED6A045}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EE75C9C6-D19D-4B51-AF75-8833E58720D3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EEB5B342-23A4-46F4-9F9F-2391DFC80FF0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EEB9859B-E3AF-4056-8382-5657DCD47329}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EF7854E8-37BA-497C-BC43-A415EA3C912A}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{EFC554F9-E426-496A-B674-8623BB0352A5}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F0BD6E5F-4460-4A74-8538-C8067E6E0A4F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F0D41B02-F80A-4DC0-9477-E39C11DF8EDF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F0D65584-B188-4DFE-9642-D89FD075FDDD}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F12AB133-A6B9-4ADC-9706-73EE54C1FA45}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F224EEA1-A7E3-4034-83BE-5AACDAB20C4E}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F2EC70BA-4B9C-4AB6-9C28-79C9C6941E48}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F3C79C93-5338-4B54-B430-E1B3A31500FC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F3DE35F5-6776-486C-BE6A-E72EC4042604}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F409D471-4149-463A-8EAD-3E324B52A7EC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F43F254A-404D-481B-B46A-9B6445927F8C}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F48BF181-AE51-4138-97BB-3760D4969401}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F49702A4-8FD8-44D1-A4B3-0CFE3CB113FB}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F4D9A16C-77FC-45C0-AE88-EFC73B97BB8D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F4DFE8A4-29A6-43C3-ACF1-E829F0084E7D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F512FFE5-3F92-44A7-96F4-CA4A549CBC4D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F539B045-B2E4-43EE-A551-FF231979E285}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F5C1D951-7DD3-4317-A69D-CFD21FDDE49D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F673FF0C-7141-4186-8893-70842F3C4A6F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F6948B95-388B-4DB9-85ED-F81909A9A6AF}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F6D3E5BB-78C3-4189-97F4-20629FECEC5B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F7954A5C-C4E9-4C15-AC1C-BEC4913590A0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F7F3B463-6C24-42CC-B38A-C835A33B1E40}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F834E56B-13FB-4B50-BAF7-29A5CD9E0E2F}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F8B1AB84-5115-4596-A337-DB2284585492}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F8F5658F-535D-4F16-8034-AA218BFC97C0}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F8FAF446-3D4D-4008-9A9F-7DA7A0F7DF9D}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{F965A022-0466-4EFF-A798-AA61BDBFB2E8}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FA231D6C-5550-4BC8-A62F-BC831773DBA1}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FABE54B0-C956-4E43-AE3F-C1A5F67771B6}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FB7DD06F-F5A0-4A4D-86B4-A841F6B28F38}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FC7B5CD1-CDF2-404A-AF6B-60B291EE3702}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FCC5E1F8-27B6-433E-9F16-A8185C1591AC}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FCD3DB29-6FCE-4D63-AFE4-3DF087AE5159}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FCDAE481-4D61-488D-93D6-8EBCA3D34BDA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FCF422BF-2456-481C-8D47-03B1126B4B35}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FD3AEC39-B72E-4116-BE3E-980C53F7B79B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FE4DC085-3229-4812-BFAA-EFED35CC78A3}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FEDB6290-6430-4B37-8611-9D49C65A5EBA}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FF301F31-D27E-4EFD-A7CC-F43CAB622E3B}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FF3194FD-72B0-4AF2-A6DC-49307F321A84}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FFA99EC5-441F-4D7C-9DE7-7CA67A61E551}
Successfully deleted: [Empty Folder] C:\Users\JKJones\appdata\local\{FFD66541-A895-4EC1-85DF-F2FAAEE13FEA}



~~~ FireFox

Emptied folder: C:\Users\JKJones\AppData\Roaming\mozilla\firefox\profiles\avw53iy5.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/07/2013 at 20:11:13.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
OTL:
OTL logfile created on: 7/15/2013 8:14:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JKJones\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

5.48 Gb Total Physical Memory | 4.01 Gb Available Physical Memory | 73.18% Memory free
10.96 Gb Paging File | 9.25 Gb Available in Paging File | 84.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 231.00 Gb Total Space | 51.40 Gb Free Space | 22.25% Space Free | Partition Type: NTFS
Drive D: | 343.90 Gb Total Space | 317.11 Gb Free Space | 92.21% Space Free | Partition Type: NTFS
Drive E: | 3.87 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JKJ | User Name: JKJones | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/15 20:13:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JKJones\Desktop\OTL.exe
PRC - [2013/06/26 18:09:29 | 001,598,128 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
PRC - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/28 17:37:22 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012/11/19 18:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/02/14 06:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/06/15 09:12:58 | 002,158,160 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
PRC - [2011/06/15 08:14:06 | 007,057,488 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
PRC - [2011/06/06 03:09:00 | 003,870,112 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
PRC - [2011/06/04 04:18:22 | 002,213,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
PRC - [2011/04/17 04:07:16 | 001,757,264 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2011/04/14 03:15:38 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/03/29 00:15:54 | 004,399,696 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2011/02/24 21:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/16 12:03:20 | 000,775,848 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
PRC - [2011/01/11 18:42:50 | 002,782,064 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
PRC - [2007/10/28 14:35:48 | 000,425,984 | ---- | M] (Bao_Nguyen) -- C:\Program Files (x86)\Switcher\Switcher.exe


========== Modules (No Company Name) ==========

MOD - [2013/05/16 01:33:37 | 002,052,096 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/05/16 01:33:36 | 000,425,984 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/04/23 18:57:26 | 004,554,752 | ---- | M] () -- C:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2012/12/12 01:32:26 | 005,025,792 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/10/05 06:53:24 | 003,198,976 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/10/05 06:53:24 | 000,630,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/02/16 12:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Control Center\WinCRT.dll
MOD - [2010/05/07 10:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2009/06/10 17:22:40 | 000,010,752 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2006/08/11 23:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Control Center\HookDllPS2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/05/26 16:09:58 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/03/25 20:19:08 | 000,956,192 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010/09/22 05:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/08/09 15:04:12 | 000,166,704 | ---- | M] (Samsung Electronics CO., LTD.) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc.exe -- (Samsung UPD Service)
SRV:64bit: - [2008/07/29 14:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2013/06/26 18:09:29 | 001,598,128 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe -- (vToolbarUpdater15.3.0)
SRV - [2013/06/13 19:15:13 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/01/19 00:07:22 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/05 04:44:54 | 002,321,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2012/11/02 04:51:18 | 005,174,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/21 15:49:29 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/02/14 06:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/03/01 08:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/24 21:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/26 18:09:30 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/04/11 03:18:40 | 000,384,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/12/10 04:28:34 | 000,127,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2012/11/08 04:49:24 | 000,307,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/24 03:56:56 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/19 06:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/31 06:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 15:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 15:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/08/02 17:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/07/06 02:16:24 | 000,289,704 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/05/26 17:58:22 | 009,263,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/05/26 15:28:50 | 000,300,544 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/05/23 04:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2011/05/17 02:55:28 | 000,533,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/14 03:16:08 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011/04/12 13:45:50 | 000,018,432 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPub4DE3.sys -- (HPub4DE3)
DRV:64bit: - [2011/03/25 22:21:10 | 000,349,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011/03/25 22:21:06 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/03/25 22:21:06 | 000,107,560 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/03/25 22:21:06 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/03/25 22:21:06 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/09 12:44:44 | 000,025,088 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPMo4DE3.sys -- (HPMo4DE3)
DRV:64bit: - [2011/03/05 06:46:20 | 000,078,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011/03/05 06:46:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011/01/15 12:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010/12/16 18:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/18 01:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/11/12 18:23:38 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/07/28 20:23:08 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/28 02:38:04 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV - [2011/08/06 09:10:55 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\JKJones\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\JKJones\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\JKJones\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2013/05/15 16:31:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/10/17 01:07:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/22 23:49:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/06/10 16:39:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/10/17 01:07:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/06/10 16:39:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/01/06 23:48:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JKJones\AppData\Roaming\Mozilla\Extensions
[2012/06/04 02:42:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\JKJones\AppData\Roaming\Mozilla\Firefox\extensions
[2012/06/04 02:42:20 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\JKJones\AppData\Roaming\Mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2013/01/19 00:07:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/01/19 00:07:23 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/29 04:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/29 04:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://samsung.msn.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\JKJones\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\JKJones\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\JKJones\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Users\JKJones\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\JKJones\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\JKJones\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
CHR - Extension: Angry Birds = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: QuickMark QR Code Extension = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhddglpocgogkbpkbkoieiplhgbjmiim\2.0.1_0\
CHR - Extension: Chromoji - Emoji for Google Chrome\u2122 = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki\1.2.8_0\
CHR - Extension: Search by Image (by Google) = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.4.3_0\
CHR - Extension: Dark Vibe = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj\1.1_0\
CHR - Extension: AdBlock = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: TweetDeck = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.1.3_0\
CHR - Extension: InstaTwit = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhalcamddihdpdgdjkjbgikgobnbbpif\1.4_0\
CHR - Extension: Notifier for Twitter = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikknnkomiokeodcdkknnhgjmncfiefmn\4.2.14_0\
CHR - Extension: Any.DO = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem\1.0.3.3_0\
CHR - Extension: Youtube Subscriptions as Default Page = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\klljlfcipmgohgfdgmliaobikgdoeaah\1.1.4_0\
CHR - Extension: Auto HD For YouTube = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\4.0.2_0\
CHR - Extension: Outlook.com Notifier = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkmomflkhdooajekmffpilpoenndjppk\0.2_0\
CHR - Extension: iFans Read More Expand = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdlaimojjkhdbmoidenipmdpmcbgdpd\0.1.2_0\
CHR - Extension: Angry Birds = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: QuickMark QR Code Extension = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhddglpocgogkbpkbkoieiplhgbjmiim\2.0.1_0\
CHR - Extension: Chromoji - Emoji for Google Chrome\u2122 = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki\1.2.8_0\
CHR - Extension: Search by Image (by Google) = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.4.3_0\
CHR - Extension: Dark Vibe = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj\1.1_0\
CHR - Extension: AdBlock = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: TinEye Reverse Image Search = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.2_0\
CHR - Extension: TweetDeck = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.1.3_0\
CHR - Extension: InstaTwit = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhalcamddihdpdgdjkjbgikgobnbbpif\1.4_0\
CHR - Extension: Notifier for Twitter = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikknnkomiokeodcdkknnhgjmncfiefmn\4.2.14_0\
CHR - Extension: Any.DO = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem\1.0.3.3_0\
CHR - Extension: Youtube Subscriptions as Default Page = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\klljlfcipmgohgfdgmliaobikgdoeaah\1.1.4_0\
CHR - Extension: Auto HD For YouTube = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak\4.0.2_0\
CHR - Extension: Outlook.com Notifier = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkmomflkhdooajekmffpilpoenndjppk\0.2_0\
CHR - Extension: iFans Read More Expand = C:\Users\JKJones\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdlaimojjkhdbmoidenipmdpmcbgdpd\0.1.2_0\

O1 HOSTS File: ([2013/07/15 18:50:46 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Samsung BHO Class) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000..\Run: [Driver Detective] C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe (PC Drivers Headquarters)
O4 - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000..\Run: [Switcher] C:\Program Files (x86)\Switcher\Switcher.exe (Bao_Nguyen)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2750293308-1424468115-2742304756-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab ()
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37C73B23-456E-4C64-84E7-6EFC2D35EFB3}: DhcpNameServer = 64.71.255.204 64.71.255.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C10B2787-67F7-4AC5-AD6C-87C0903AF9FC}: DhcpNameServer = 64.71.255.205 64.71.255.253
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
 
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/15 20:13:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\JKJones\Desktop\OTL.exe
[2013/07/15 20:03:46 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2013/07/15 20:02:22 | 000,559,379 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\JKJones\Desktop\JRT.exe
[2013/07/15 18:50:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/07/15 17:46:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2013/07/15 17:46:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2013/07/15 17:46:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2013/07/15 17:45:58 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/07/15 17:45:35 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2013/07/15 17:41:20 | 005,089,088 | R--- | C] (Swearware) -- C:\Users\JKJones\Desktop\ComboFix.exe
[2013/07/14 22:58:57 | 000,000,000 | ---D | C] -- C:\Users\JKJones\Desktop\RK_Quarantine
[2013/07/14 19:17:15 | 000,000,000 | ---D | C] -- C:\Users\JKJones\Desktop\Logs
[2013/07/14 18:49:23 | 000,000,000 | ---D | C] -- C:\Users\JKJones\AppData\Roaming\Malwarebytes
[2013/07/14 18:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/07/14 18:45:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/14 18:45:36 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/07/14 18:45:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/07/14 18:45:04 | 000,000,000 | ---D | C] -- C:\Users\JKJones\AppData\Local\Programs
[2013/07/14 17:49:22 | 000,000,000 | ---D | C] -- C:\Rustbfix
[2013/07/14 17:16:46 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013/07/12 15:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReNamer
[2013/07/12 15:03:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ReNamer
[2013/07/12 14:29:55 | 000,000,000 | ---D | C] -- C:\Users\JKJones\Documents\LBI
[2013/07/09 12:46:18 | 000,000,000 | ---D | C] -- C:\Users\JKJones\Documents\CyberLink
[2011/10/16 21:06:37 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Users\JKJones\taskmgr.exe

========== Files - Modified Within 30 Days ==========

[2013/07/15 20:15:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/07/15 20:13:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\JKJones\Desktop\OTL.exe
[2013/07/15 20:10:00 | 000,000,900 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/15 20:02:25 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 20:02:25 | 000,021,200 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 20:02:22 | 000,559,379 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\JKJones\Desktop\JRT.exe
[2013/07/15 19:55:25 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/15 19:54:43 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/07/15 19:54:35 | 1589,436,415 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/15 19:51:27 | 000,000,121 | ---- | M] () -- C:\windows\DeleteOnReboot.bat
[2013/07/15 19:49:44 | 000,662,345 | ---- | M] () -- C:\Users\JKJones\Desktop\adwcleaner.exe
[2013/07/15 19:41:42 | 127,051,474 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\incavi.avm
[2013/07/15 19:30:00 | 000,000,916 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2750293308-1424468115-2742304756-1000UA.job
[2013/07/15 18:50:46 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2013/07/15 17:41:20 | 005,089,088 | R--- | M] (Swearware) -- C:\Users\JKJones\Desktop\ComboFix.exe
[2013/07/15 15:30:01 | 000,000,864 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2750293308-1424468115-2742304756-1000Core.job
[2013/07/15 03:40:56 | 000,868,540 | ---- | M] () -- C:\windows\SysNative\drivers\AVG\iavichjg.avm
[2013/07/14 18:45:38 | 000,001,172 | ---- | M] () -- C:\Users\JKJones\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/07/14 18:45:38 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/14 17:15:23 | 000,830,554 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/07/14 17:15:23 | 000,698,856 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/07/14 17:15:23 | 000,138,722 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/07/14 17:15:14 | 000,830,554 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/07/13 19:18:39 | 000,000,600 | ---- | M] () -- C:\Users\JKJones\AppData\Roaming\winscp.rnd
[2013/07/12 20:37:54 | 000,002,381 | ---- | M] () -- C:\Users\JKJones\Desktop\Google Chrome.lnk
[2013/07/11 13:14:47 | 005,072,104 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/07/08 19:27:45 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2013/06/26 18:09:30 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\windows\SysNative\drivers\avgtpx64.sys
[2013/06/20 17:46:14 | 003,244,172 | ---- | M] () -- C:\Users\JKJones\Desktop\Truly Yours.png
[2013/06/20 17:46:14 | 000,000,132 | ---- | M] () -- C:\Users\JKJones\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/06/20 17:23:30 | 000,135,168 | ---- | M] () -- C:\Users\JKJones\Desktop\Truly Yours.jpg

========== Files Created - No Company Name ==========

[2013/07/15 19:50:36 | 000,000,121 | ---- | C] () -- C:\windows\DeleteOnReboot.bat
[2013/07/15 19:49:44 | 000,662,345 | ---- | C] () -- C:\Users\JKJones\Desktop\adwcleaner.exe
[2013/07/15 17:46:31 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/07/15 17:46:31 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/07/15 17:46:31 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/07/15 17:46:31 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/07/15 17:46:31 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/07/14 18:45:38 | 000,001,172 | ---- | C] () -- C:\Users\JKJones\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2013/07/14 18:45:38 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/08 19:27:45 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2013/06/20 17:46:06 | 003,244,172 | ---- | C] () -- C:\Users\JKJones\Desktop\Truly Yours.png
[2013/06/20 17:23:51 | 000,135,168 | ---- | C] () -- C:\Users\JKJones\Desktop\Truly Yours.jpg
[2013/05/20 02:11:21 | 000,000,132 | ---- | C] () -- C:\Users\JKJones\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/04/21 22:56:39 | 000,000,046 | ---- | C] () -- C:\Users\JKJones\jagex_cl_runescape_LIVE.dat
[2013/04/21 22:56:39 | 000,000,001 | ---- | C] () -- C:\Users\JKJones\random.dat
[2013/01/06 02:09:18 | 000,003,584 | ---- | C] () -- C:\Users\JKJones\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/24 19:21:06 | 000,012,292 | -H-- | C] () -- C:\Users\JKJones\.DS_Store
[2012/09/06 00:29:48 | 000,208,505 | ---- | C] () -- C:\windows\hpoins43.dat
[2012/09/06 00:29:48 | 000,000,601 | ---- | C] () -- C:\windows\hpomdl43.dat
[2012/09/05 01:41:59 | 000,208,559 | ---- | C] () -- C:\windows\hpoins43.dat.temp
[2012/08/03 23:29:58 | 000,692,224 | ---- | C] () -- C:\windows\SysWow64\bsrmgcv.dll
[2012/08/03 23:29:58 | 000,192,512 | ---- | C] () -- C:\windows\SysWow64\bsrmgps.dll
[2012/08/03 23:29:58 | 000,098,304 | ---- | C] () -- C:\windows\SysWow64\bsreffs.dll
[2012/08/03 23:29:58 | 000,090,112 | ---- | C] () -- C:\windows\SysWow64\bsrlback.dll
[2012/08/03 23:29:58 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\bsrgvas.dll
[2012/08/03 23:28:37 | 000,585,728 | ---- | C] () -- C:\windows\SysWow64\bsratswf.dll
[2012/08/03 23:28:37 | 000,147,456 | ---- | C] () -- C:\windows\SysWow64\bsratwmv.dll
[2012/06/09 16:10:01 | 000,000,036 | ---- | C] () -- C:\Users\JKJones\.org.eclipse.epp.usagedata.recording.userId
[2011/11/19 21:53:31 | 000,000,600 | ---- | C] () -- C:\Users\JKJones\AppData\Roaming\winscp.rnd
[2011/10/17 20:05:33 | 000,830,554 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/10/17 01:24:09 | 000,000,601 | ---- | C] () -- C:\windows\hpomdl43.dat.temp
[2011/10/15 14:02:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/10/15 13:20:43 | 000,007,602 | ---- | C] () -- C:\Users\JKJones\AppData\Local\Resmon.ResmonCfg
[2011/07/17 13:34:40 | 000,258,864 | ---- | C] () -- C:\windows\SUPDRun.exe
[2011/07/17 13:33:42 | 000,003,155 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011/07/16 22:57:58 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/07/16 22:47:22 | 000,000,918 | ---- | C] () -- C:\windows\HotFixList.ini
[2011/07/16 22:12:47 | 000,142,128 | ---- | C] () -- C:\windows\wiainst64.exe

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 01:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/01/30 11:40:04 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/01/30 11:40:04 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2011/12/27 00:30:08 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\Acoustica
[2011/10/15 22:58:24 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\AVG2012
[2011/10/16 01:24:58 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\Bao_Nguyen
[2011/12/05 00:08:30 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\Canneverbe Limited
[2012/03/20 16:06:17 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/04/30 16:09:08 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\JCreator
[2011/10/22 12:01:33 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\My Games
[2012/03/18 17:24:02 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\PACE Anti-Piracy
[2013/05/20 02:03:50 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\PDAppFlex
[2012/11/09 00:02:10 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\PowerISO
[2012/07/28 16:50:08 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\redsn0w
[2013/05/20 01:44:24 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011/12/27 00:30:20 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\SynthMaker
[2012/03/18 17:24:41 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\Unity
[2013/02/10 03:17:37 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\uTorrent
[2011/10/16 00:33:27 | 000,000,000 | ---D | M] -- C:\Users\JKJones\AppData\Roaming\wsInspector

========== Purity Check ==========



< End of report >
 
Extras:
OTL Extras logfile created on: 7/15/2013 8:14:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\JKJones\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

5.48 Gb Total Physical Memory | 4.01 Gb Available Physical Memory | 73.18% Memory free
10.96 Gb Paging File | 9.25 Gb Available in Paging File | 84.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 231.00 Gb Total Space | 51.40 Gb Free Space | 22.25% Space Free | Partition Type: NTFS
Drive D: | 343.90 Gb Total Space | 317.11 Gb Free Space | 92.21% Space Free | Partition Type: NTFS
Drive E: | 3.87 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JKJ | User Name: JKJones | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64)
"{08D401E5-E23D-4372-8F9E-764963B19483}" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{1111706F-666A-4037-7777-210648764D10}" = JavaFX 2.1.0 (64-bit)
"{129EE1A8-FA82-5E76-0DE5-50D51ED1AF7E}" = ATI Catalyst Install Manager
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{2222706F-666A-4037-7777-210648764D10}" = JavaFX 2.1.0 SDK (64-bit)
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{26A24AE4-039D-4CA4-87B4-2F86417004FF}" = Java(TM) 7 Update 4 (64-bit)
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}" = Microsoft SQL Server System CLR Types (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4C9845D5-9FAD-4C52-B389-CAEF0F216215}" = Windows Live Remote Client Resources
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{601D7B72-FEE9-FECD-7304-3FBE8465F440}" = ccc-utility64
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{64A3A4F4-B792-11D6-A78A-00B0D0170040}" = Java SE Development Kit 7 Update 4 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English
"{68550918-63B5-4762-85CB-3C160AA4B213}" = HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{811D5159-D798-491F-B9C6-9BDBF6B02D06}" = Windows Live Remote Service Resources
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64)
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64)
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89BDAE1A-7B8E-4A0E-A169-02F7F366451D}" = iCloud
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}" = Microsoft SQL Server Native Client
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B636C9B9-A3F2-4DCE-ADCC-72E095018385}" = Microsoft SQL Server VSS Writer
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D50E19B5-A29A-4A78-8381-0E562B40CDFD}" = AVG 2012
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA67488A-2689-4F10-B90F-D2F6977509D6}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{DFE4E6BB-70F0-4292-B7EB-7A3AD48EBB5C}" = AVG 2012
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F5079164-1DB9-3BDA-853B-F78AF67CE071}" = Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"AVG" = AVG 2012
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 8.0.7.2_WHQL
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0119B342-476F-4F5A-B712-144B5CFA781F}" = Windows Live Movie Maker
"{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy)
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{0658C55D-D095-6B0B-A662-36A8202F1408}" = AMD VISION Engine Control Center
"{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{07E15DDE-CAD9-434D-B24D-35708E3BEA09}" = Windows Live 필수 패키지
"{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A303DB2-DCB9-324F-1B05-30A819E66A3B}" = CCC Help German
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{1181AA5B-8EFD-4AC5-8CDE-A1F7307B3427}" = EasyFileShare
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{142D8CA7-2C6F-45A7-83E3-099AAFD99133}" = Samsung Update Plus
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Samsung Control Center
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{221125DC-6A40-4900-B844-591F5E1195B0}" = Microsoft Visual Web Developer 2005 Express Edition - ENU
"{23767F5D-A80C-4264-B8EA-ED4085FC332A}" = Adobe Illustrator CS5.1
"{23E5C72C-CC08-4EE0-9CC2-D925B232B331}" = Microsoft MSDN 2005 Express Edition - ENU
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{2DDC70C1-C77A-4D08-89D2-9AB648504533}" = Easy Content Share
"{2F68DD28-BF5B-52AC-B584-4B8E546F069A}" = CCC Help Japanese
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{318DBE01-1E6B-4243-84B0-210391FE789A}" = Samsung AnyWeb Print
"{32939827-D8E5-470A-B126-870DB3C69FDF}" = Python 2.7.1
"{331ECF61-69AF-4F57-AC35-AFED610231C3}" = Multimedia POP
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}" = Controle ActiveX do Windows Live Mesh para Conexões Remotas
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{44F4024E-5214-B183-AC1A-E92486AE3CDA}" = CCC Help French
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F35DF91-F834-41F7-A287-0E377D55C486}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{537DB9D6-1AB1-4CE9-8DE7-312256B49A98}" = PS_AIO_06_C4700_SW_Min
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{577AD794-8B34-40B4-9E7A-BE4CFFE396E6}" = Microsoft Visual Basic 2005 Express Edition - ENU
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}" = Driver Detective
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{61506B53-EE02-46CE-8464-3F806947978F}" = Windows Live Mesh
"{61920449-0393-4707-B7DD-E6C0013C8B2C}" = 원격 연결을 위한 Windows Live Mesh ActiveX 컨트롤
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{636E94DA-99C0-448F-A931-3DAD83B4975F}" = SharpKeys
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists)
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6D2A900D-EB39-3386-8D9F-3B8F069C57A5}" = Google Talk Plugin
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1" = Auto Keyboard v1.2
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry)
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{7780682A-47C9-480D-90BE-247539342595}" = Windows Live UX Platform Language Pack
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7A312E06-B7B6-5B75-18AA-1262EAB41971}" = CCC Help Portuguese
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7B56AC11-A09B-D148-EA51-AB4500A84F50}" = Catalyst Control Center InstallProxy
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7E7D7935-B0C8-4032-80BA-2CDC9E43C3B8}" = Microsoft Visual C# 2005 Express Edition - ENU
"{805A7890-3138-44E4-8DAA-480C55516989}" = MainConcept MJPEG Codec Demo
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{8BA03AC2-579F-41CD-A250-740137D86F7A}" = PDFBinder
"{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio)
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
 
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšIų valdiklis
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94160B78-D7C5-4706-8E03-9D8B3763C7DB}" = Microsoft Visual J# 2005 Express Edition - ENU
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95D5C923-A6C2-5629-7873-938099245C53}" = CCC Help Spanish
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A8E4762-3331-4EDB-8E1F-B11179DDBC00}" = Eco Mode
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D554E62-4CC6-F0D8-ECFC-817830E8496A}" = CCC Help Chinese Standard
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}" = ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย)
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A4418082-E601-3954-805B-D56A2B50EC8B}" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB6F4AB9-AC85-4002-9829-B6EEA55AE3A5}" = Microsoft Visual C++ 2005 Express Edition - ENU
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B1EDEBF1-B4DA-46A5-B346-D1B580548EAA}" = iPhone Folders
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B5978DF3-8A04-4F22-AF67-8CCE52E04B13}" = C4700
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE73A21F-D108-2652-3F12-65C2D264C895}" = Catalyst Control Center Localization All
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1FCDCA1-2759-4E5E-84EE-3A665BB2F513}" = iPhoneBrowser
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D04D8636-FB60-47FD-8F8C-18D475C52456}_is1" = Auto Typer by MurGee v1.2
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D57D43BF-699A-429F-AF8C-AF1867222800}" = Windows Live 사진 갤러리
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF771D90-BA9A-43D6-B53A-5928B5205416}" = Sid Meier's Civilization 4
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F08F7C0A-30E7-23D6-F0B3-BB1717ACA5D2}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F687E657-F636-44DF-8125-9FEEA2C362F5}" = Samsung Support Center
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7DB6677-661D-4835-AAD8-1B7F4C98D7CE}" = Switcher 2.0.0
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEB42E39-CD8A-28A5-981B-1D8302CD50D7}" = CCC Help Italian
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"BSRScreenRecorder5" = BSR Screen Recorder 6
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"ClipX" = ClipX
"Codec" = Codec Updater
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DiskAid_is1" = DiskAid 5.31
"DivX Setup" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Game Console - WildGames" = WildTangent ORB Game Console
"Geekbench 2.3" = Geekbench 2.3
"HP Photo Creations" = HP Photo Creations
"HyperCam 2" = HyperCam 2
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite
"InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{805A7890-3138-44E4-8DAA-480C55516989}" = MainConcept MJPEG Codec Demo
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"JCreator LE_is1" = JCreator LE 4.50
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"MCMJPG" = MainConcept MJPG software codec (Remove Only)
"Microsoft MSDN 2005 Express Edition - ENU" = Microsoft MSDN 2005 Express Edition - ENU
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Microsoft Visual Basic 2005 Express Edition - ENU" = Microsoft Visual Basic 2005 Express Edition - ENU
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"Microsoft Visual C# 2005 Express Edition - ENU" = Microsoft Visual C# 2005 Express Edition - ENU
"Microsoft Visual C# 2008 Express Edition with SP1 - ENU" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"Microsoft Visual C++ 2005 Express Edition - ENU" = Microsoft Visual C++ 2005 Express Edition - ENU
"Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Microsoft Visual J# 2005 Express Edition - ENU" = Microsoft Visual J# 2005 Express Edition - ENU
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Web Developer 2005 Express Edition - ENU" = Microsoft Visual Web Developer 2005 Express Edition - ENU
"Mozilla Firefox 18.0.1 (x86 en-US)" = Mozilla Firefox 18.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PowerISO" = PowerISO
"ProInst" = Intel PROSet Wireless
"ReNamer_is1" = ReNamer
"Samsung Printer Live Update" = Samsung Printer Live Update
"Samsung Universal Print Driver" = Samsung Universal Print Driver
"Samsung Universal Scan Driver" = Samsung Universal Scan Driver
"Unity" = Unity
"uTorrent" = µTorrent
"VirtualCloneDrive" = VirtualCloneDrive
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.3.5
"WT085559" = Diner Dash 2 Restaurant Rescue
"WT085567" = Chuzzle Deluxe
"WT085580" = John Deere Drive Green
"WT085581" = Penguins!
"WT085583" = Polar Golfer
"WT085587" = Agatha Christie - Death on the Nile
"WT085597" = Build-a-lot
"WT085618" = Farm Frenzy
"WT085622" = Insaniquarium Deluxe
"WT085663" = Peggle
"WT085669" = Plants vs. Zombies
"WT089285" = Zuma Deluxe
"WT089286" = Bejeweled 2 Deluxe
"Xfire" = Xfire (remove only)
"XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2750293308-1424468115-2742304756-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"13f5114f0a032357" = JKJones Tetris
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

< End of report >
 
redtarget.gif
That message is legit so you can click "Yes".

redtarget.gif
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
Code: 
:OTL
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.


:Services

:Reg

:Files
C:\FRST

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.
Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

redtarget.gif
Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Alright cool.

OTL:
All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ deleted successfully.
File {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
File\Folder C:\FRST not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: JKJones
->Temp folder emptied: 1738300 bytes
->Temporary Internet Files folder emptied: 19176932 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 8645796 bytes
->Google Chrome cache emptied: 389929607 bytes
->Flash cache emptied: 559134 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1294073 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42321310 bytes
RecycleBin emptied: 695398 bytes

Total Files Cleaned = 443.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: JKJones
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: JKJones
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07152013_211614

Files\Folders moved on Reboot...
C:\Users\JKJones\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\JKJones\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Checkup:
Results of screen317's Security Check version 0.99.69
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
AVG Internet Security 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java(TM) 6 Update 31
Java version out of Date!
Adobe Flash Player 11.7.700.224
Adobe Reader 9
Adobe Reader XI
Mozilla Firefox 18.0.1 Firefox out of Date!
Google Chrome 27.0.1453.116
Google Chrome 28.0.1500.72
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

FSS:
Farbar Service Scanner Version: 13-07-2013
Ran by JKJones (administrator) on 15-07-2013 at 21:38:22
Running from "C:\Users\JKJones\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

ESET:
C:\Qoobox\Quarantine\C\ProgramData\Codecv\background.html.virWin32/Adware.MultiPlug.H applicationcleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\ProgramData\Codecv\bhoclass.dll.virWin32/Adware.MultiPlug applicationcleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\ProgramData\Codecv\hpnpnobanidcimkhihimiaecdgfehdln.crx.virWin32/Adware.MultiPlug.H applicationdeleted - quarantined
C:\Users\JKJones\Downloads\Amia_Miley_aka_Amia_Moretti_-_Head_Evaluation_-_Innocent_High.exeWin32/Adware.1ClickDownload applicationcleaned by deleting - quarantined
C:\Users\JKJones\Downloads\setup (2).exea variant of Win32/Adware.AddLyrics.A applicationcleaned by deleting - quarantined
 
redtarget.gif
Update Firefox to the latest 22.0 version.

redtarget.gif
Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

redtarget.gif
1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

Note 3: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.
  • Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Do NOT post JavaRa log.

===========================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code: 
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure Windows Updates are current.

4. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. (Windows XP only) Run defrag at your convenience.

12. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

13. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

14. Please, let me know, how your computer is doing.
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
836
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back