ralphyde
-
Posts
72 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by ralphyde
-
-
Steps 1 and 2 Java Removal
JavaRa 1.16 Removal Log.Report follows after line.------------------------------------The JavaRa removal process was started on Tue Oct 15 23:54:24 2013Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_13Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_15Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_16Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_17Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_20Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_21Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_22Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_23Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_24Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_26Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_29Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.6.0_31Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.7.0_05Found and removed: C:\Users\Ralph\AppData\LocalLow\Sun\Java\jre1.7.0_09There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.Found and removed: JavaPlugin.FamilyVersionSupportFound and removed: Software\Classes\JavaPlugin.160_01Found and removed: SOFTWARE\Classes\JavaPluginFound and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.6.0.0Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B02Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B03Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B04Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B06Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B02Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B03Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B04Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B06Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkitFound and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper ObjectsFound and removed: SOFTWARE\JavaSoftFound and removed: SOFTWARE\JreMetricsFound and removed: SOFTWARE\MozillaPlugins -
Autoruns.zip attached here.
-
On Step 06, ESET hung up at the same place it did before, when I ran it for Marius on Sept 25th. At C:\Boot\bootstat.dat
See the post about the previous run here:
https://forums.malwarebytes.org/index.php?showtopic=133795&p=734659
Went on to Step 07, Farbar Recovery Scan
Here is First.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-10-2013Ran by Ralph (administrator) on RALPH-PC on 15-10-2013 12:54:59Running from C:\Users\Ralph\Desktop\DeskworkMicrosoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)Internet Explorer Version 9Boot Mode: Normal==================== Processes (Whitelisted) ===================(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe(Microsoft Corporation) C:\Windows\system32\SLsvc.exe(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe(Agere Systems) C:\Windows\system32\agrsmsvc.exe(Malwarebytes Secure Backup) C:\Program Files\Malwarebytes Secure Backup\SMessaging.exe(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe(Nitro PDF Software) C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe(Malwarebytes Secure Backup) C:\Program Files\Malwarebytes Secure Backup\SAgent.Service.exe(Secunia) C:\Program Files\Secunia\PSI\PSIA.exe(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Secunia) C:\Program Files\Secunia\PSI\sua.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe(Microsoft Corporation) C:\Windows\system32\wuauclt.exe(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-06-20] (Microsoft Corporation)HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)HKLM\...\Run: [sOSUAUI] - C:\Program Files\Malwarebytes Secure Backup\sosuploadagent.exe [55192 2013-08-15] (Malwarebytes Secure Backup)HKLM\...\Run: [sMessaging] - C:\Program Files\Malwarebytes Secure Backup\SMessaging.exe [64408 2013-08-15] (Malwarebytes Secure Backup)HKCU\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093464 2013-08-22] (Garmin Ltd or its subsidiaries)HKCU\...\Run: [skype] - C:\Program Files\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\Guest\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenterHKU\Guest\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-19] (Microsoft Corporation)HKU\Guest\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeHKU\Guest\...\Run: [skype] - C:\Program Files\Skype\Phone\Skype.exe [ 2013-06-21] (Skype Technologies S.A.)HKU\Guest\...\Run: [Picasa Media Detector] - C:\Program Files\Picasa2\PicasaMediaDetector.exeHKU\Guest\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\HOMERunner.exe [ 2008-05-06] (TomTom)HKU\Guest\...\Run: [sandboxieControl] - "C:\Program Files\Sandboxie\SbieCtrl.exe"HKU\Guest\...\Run: [MsnMsgr] - C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [ 2012-03-08] (Microsoft Corporation)HKU\Guest\...\Run: [Messenger (Yahoo!)] - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [ 2009-01-08] (Yahoo! Inc.)HKU\Guest\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-19] (Microsoft Corporation)AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL [ 2008-01-19] ()==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ieHKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=BB&Br=GTW&Loc=ENG_US&Sys=PTB&M=P-6301SearchScopes: HKLM - DefaultScope value is missing.SearchScopes: HKCU - {18CCE993-B9CC-4922-881F-F5EE68634486} URL = http://windowssecrets.com/search/?q={searchTerms}&advSAN=1SearchScopes: HKCU - {54B22D32-7CA4-4CC1-8B88-BBAFBA652252} URL = http://windowssecrets.com/search/?q={searchTerms}&advWS=1SearchScopes: HKCU - {E81BEE72-CE53-4C96-BD0A-A95BD4404BFC} URL = http://windowssecrets.com/sitesearch/?cx=017937947691920082874%3A_ilcm6kdy_y&cof=FORID%3A11&q={searchTerms}BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No FileBHO: No Name - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No FileBHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No FileDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cabDPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cabDPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 64.91.3.46Chrome:=======CHR Extension: (Google Docs) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1CHR Extension: (Google Drive) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1CHR Extension: (Screenshot) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdfnieppndfdhcgbmhfdlgdjegclkomk\0.2.4_0CHR Extension: (YouTube) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1CHR Extension: (Webpage Screenshot Bar) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki\13.6_0CHR Extension: (Google Search) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1CHR Extension: (Search by Image (by Google)) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.5.0_0CHR Extension: (Photo Zoom for Facebook) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0CHR Extension: (PDFescape Free PDF Editor) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdefoklganepljiopdnglodohlgfikkl\0.21_0CHR Extension: (TinEye Reverse Image Search) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.3_0CHR Extension: (RevEye Reverse Image Search) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\keaaclcjhehbbapnphnmpiklalfhelgf\1.4.2_0CHR Extension: (Skype Click to Call) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.12.0.13601_1CHR Extension: (Explain and Send Screenshots) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdddabjhelpilpnpgondfmehhcplpiin\6.7.6_0CHR Extension: (Chrome In-App Payments service) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_1CHR Extension: (Hover Zoom) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.21_0CHR Extension: (Gmail) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx========================== Services (Whitelisted) =================S2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [220504 2013-08-22] (Garmin Ltd or its subsidiaries)S2 gupdate1c90e025ce8c3d3; C:\Program Files\Google\Update\GoogleUpdate.exe [116648 2013-02-05] (Google Inc.)S3 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation)R2 NitroReaderDriverReadSpool; C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService.exe [196912 2011-01-28] (Nitro PDF Software)R2 sagentservice; C:\Program Files\Malwarebytes Secure Backup\SAgent.Service.exe [39832 2013-08-15] (Malwarebytes Secure Backup)R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia)R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia)R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)S2 AdobeARMservice; "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [x]==================== Drivers (Whitelisted) ====================S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [108032 2006-11-02] (Intel Corporation)R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [31576 2013-01-22] (AVG Technologies)R1 Cdr4_xp; C:\Windows\System32\Drivers\Cdr4_xp.sys [2432 2006-10-04] (Sonic Solutions)R1 Cdralw2k; C:\Windows\System32\Drivers\Cdralw2k.sys [2560 2006-10-04] (Sonic Solutions)R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-10] (Microsoft Corporation)S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.)S3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1302492 2006-11-02] (Intel Corporation)R3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25624 2008-12-16] ()S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-16] (Logitech Inc.)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)R3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [350720 2010-03-31] (Realtek Semiconductor Corporation )U3 TrueSight; C:\Windows\system32\TrueSight.sys [26624 2013-10-13] ()S3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp.sys [23296 2004-05-05] (Magic Control Technology Corp.)S3 USA19H; C:\Windows\System32\DRIVERS\USA19H2k.sys [704000 2007-10-30] (Keyspan)S3 USA19H2KP; C:\Windows\System32\DRIVERS\USA19H2kp.SYS [24192 2007-05-29] (Keyspan)S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2012-08-27] (Scott)U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]S3 catchme; \??\C:\Users\Ralph\AppData\Local\Temp\catchme.sys [x]S3 IpInIp; system32\DRIVERS\ipinip.sys [x]S1 MpKslbfa56867; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F98F3FE3-F826-4ADA-B044-C0F0486CA9C4}\MpKslbfa56867.sys [x]S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2013-10-15 12:54 - 2013-10-15 12:54 - 00000000 ____D C:\FRST2013-10-15 12:48 - 2013-10-15 12:48 - 01087213 _____ (Farbar) C:\Users\Ralph\Downloads\FRST.exe2013-10-14 15:57 - 2013-10-14 15:57 - 00000000 __SHD C:\found.0112013-10-14 11:04 - 2013-10-14 11:23 - 00000000 ____D C:\AdwCleaner2013-10-14 11:00 - 2013-10-14 11:01 - 01048960 _____ C:\Users\Ralph\Downloads\AdwCleaner.exe2013-10-13 22:00 - 2013-10-13 22:00 - 00000000 ____D C:\Windows\ERUNT2013-10-13 21:50 - 2013-10-13 21:50 - 01032220 _____ (Thisisu) C:\Users\Ralph\Downloads\JRT.exe2013-10-13 20:03 - 2013-10-13 20:52 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-10-13 20:01 - 2013-10-13 20:01 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2013-10-13 19:58 - 2013-10-13 20:52 - 00000000 ____D C:\Users\Ralph\Desktop\mbar2013-10-13 19:49 - 2013-10-13 19:50 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Ralph\Downloads\mbar-1.07.0.1007.exe2013-10-13 17:00 - 2013-10-13 17:00 - 00000000 ____D C:\32a037ba1f0a3e5ea168f22013-10-13 16:14 - 2013-10-13 16:14 - 00015529 _____ C:\ComboFix.txt2013-10-13 15:54 - 2011-06-25 23:45 - 00256000 _____ C:\Windows\PEV.exe2013-10-13 15:54 - 2010-11-07 10:20 - 00208896 _____ C:\Windows\MBR.exe2013-10-13 15:54 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe2013-10-13 15:54 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe2013-10-13 15:54 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe2013-10-13 15:54 - 2000-08-30 17:00 - 00098816 _____ C:\Windows\sed.exe2013-10-13 15:54 - 2000-08-30 17:00 - 00080412 _____ C:\Windows\grep.exe2013-10-13 15:54 - 2000-08-30 17:00 - 00068096 _____ C:\Windows\zip.exe2013-10-13 15:46 - 2013-10-13 16:14 - 00000000 ____D C:\Qoobox2013-10-13 15:30 - 2013-10-13 15:27 - 05132614 ____R (Swearware) C:\Users\Ralph\Desktop\ComboFix.exe2013-10-13 15:26 - 2013-10-13 15:27 - 05132614 _____ (Swearware) C:\Users\Ralph\Downloads\ComboFix.exe2013-10-13 11:37 - 2013-10-13 11:37 - 00026624 _____ C:\Windows\system32\TrueSight.sys2013-10-13 11:32 - 2013-10-13 16:13 - 00000000 ____D C:\Windows\ERDNT2013-10-13 11:29 - 2013-10-13 11:29 - 00000693 _____ C:\Users\Ralph\Desktop\NTREGOPT.lnk2013-10-13 11:29 - 2013-10-13 11:29 - 00000000 ____D C:\Program Files\ERUNT2013-10-13 11:19 - 2013-10-13 11:18 - 00951296 _____ C:\Users\Ralph\Desktop\RogueKiller.exe2013-10-13 11:18 - 2013-10-13 11:18 - 00951296 _____ C:\Users\Ralph\Downloads\RogueKiller.exe2013-10-13 11:16 - 2013-10-13 11:15 - 00791393 _____ (Lars Hederer ) C:\Users\Ralph\Desktop\erunt-setup.exe2013-10-13 11:14 - 2013-10-13 11:15 - 00791393 _____ (Lars Hederer ) C:\Users\Ralph\Downloads\erunt-setup.exe2013-10-13 11:09 - 2013-10-14 16:15 - 00000041 _____ C:\Windows\Filzip.ini2013-10-13 11:08 - 2013-10-13 11:08 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\Ralph\Downloads\rkill.exe2013-10-12 22:39 - 2013-10-12 22:39 - 00143360 _____ C:\Windows\Minidump\Mini101213-01.dmp2013-10-12 10:04 - 2013-10-12 10:05 - 00000000 ____D C:\d37cb711f4669170007b7c062013-10-11 13:24 - 2013-10-11 13:24 - 00143360 _____ C:\Windows\Minidump\Mini101113-03.dmp2013-10-11 13:17 - 2013-10-11 13:18 - 00000000 ____D C:\c0064fe9fba931b6ef2013-10-11 12:17 - 2013-10-11 12:17 - 00143360 _____ C:\Windows\Minidump\Mini101113-02.dmp2013-10-11 11:33 - 2013-10-11 11:33 - 00000000 ____D C:\cae8e13b0f4073a46ca4702013-10-11 11:01 - 2013-10-11 11:01 - 00000000 ____D C:\2f4fe8f68cccaeb0c81653a9928657992013-10-11 10:50 - 2013-09-22 03:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-10-11 10:50 - 2013-09-22 03:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-10-11 10:50 - 2013-09-22 03:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-10-11 10:50 - 2013-09-22 03:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-10-11 10:50 - 2013-09-22 03:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-10-11 10:50 - 2013-09-22 03:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-10-11 10:50 - 2013-09-22 03:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-10-11 10:50 - 2013-09-22 03:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-10-11 10:50 - 2013-09-22 03:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-10-11 10:50 - 2013-09-22 03:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-10-11 10:50 - 2013-09-22 03:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-10-11 10:50 - 2013-09-22 03:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-10-11 10:50 - 2013-09-22 03:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-10-11 10:50 - 2013-09-22 03:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-10-11 10:50 - 2013-09-22 03:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-10-11 10:50 - 2013-09-22 02:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-10-11 10:27 - 2013-10-11 10:27 - 00143360 _____ C:\Windows\Minidump\Mini101113-01.dmp2013-10-10 13:14 - 2013-10-10 13:14 - 00000022 _____ C:\Users\Ralph\DumpFiles.ZIP2013-10-10 12:51 - 2013-10-10 13:00 - 00000000 ____D C:\Program Files\Filzip2013-10-10 12:51 - 2013-10-10 12:51 - 00001546 _____ C:\Users\Public\Desktop\Filzip.lnk2013-10-10 12:51 - 2013-10-10 12:51 - 00001546 _____ C:\Users\Guest\Desktop\Filzip.lnk2013-10-10 12:47 - 2013-10-10 12:47 - 01325557 _____ (Philipp Engel ) C:\Users\Ralph\Downloads\fz306.exe2013-10-10 10:11 - 2013-10-10 10:11 - 00000000 ____D C:\7072a0582fb67f1ce42013-10-09 21:38 - 2013-08-29 00:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-10-09 21:38 - 2013-08-26 19:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll2013-10-09 21:38 - 2013-08-26 19:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll2013-10-09 21:38 - 2013-08-26 19:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll2013-10-09 21:38 - 2013-08-26 19:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll2013-10-09 21:38 - 2013-08-26 18:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2013-10-09 21:38 - 2013-08-26 18:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll2013-10-09 21:38 - 2013-08-26 18:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll2013-10-09 21:38 - 2013-08-26 18:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll2013-10-09 21:38 - 2013-08-26 18:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll2013-10-09 21:38 - 2013-07-31 20:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys2013-10-09 21:38 - 2013-07-31 19:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll2013-10-09 21:38 - 2013-07-20 03:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll2013-10-09 21:37 - 2013-07-12 02:04 - 00073344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys2013-10-09 21:37 - 2013-06-28 19:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys2013-10-09 21:37 - 2013-06-28 19:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys2013-10-09 21:37 - 2013-06-28 19:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys2013-10-09 21:37 - 2013-06-28 19:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys2013-10-09 21:37 - 2013-06-26 16:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys2013-10-09 21:37 - 2011-05-05 06:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys2013-10-09 21:37 - 2011-05-05 06:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys2013-10-09 21:33 - 2013-06-03 21:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2013-10-09 21:33 - 2013-06-03 18:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2013-10-09 21:32 - 2013-07-03 21:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll2013-10-09 21:32 - 2013-07-02 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys2013-10-09 21:32 - 2013-07-02 19:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys2013-10-09 15:58 - 2013-10-09 15:58 - 00289780 _____ C:\Users\Ralph\Downloads\1261771686-19849-207.118.64.47 (16).kml2013-10-09 11:36 - 2013-10-09 11:36 - 00760937 _____ (Farbar) C:\Users\Ralph\Downloads\MiniToolBox.exe2013-10-08 16:52 - 2013-10-08 16:52 - 00000000 ____D C:\found.0102013-10-08 02:51 - 2013-10-08 02:51 - 00000000 ____D C:\found.0092013-10-06 09:58 - 2013-10-06 09:58 - 00143360 _____ C:\Windows\Minidump\Mini100613-01.dmp2013-10-03 11:44 - 2013-10-03 11:45 - 00143360 _____ C:\Windows\Minidump\Mini100313-01.dmp2013-10-02 16:23 - 2013-10-02 16:26 - 36773799 _____ C:\Users\Ralph\Downloads\charmedsamp.wmv2013-10-02 16:13 - 2013-10-02 16:13 - 01425123 _____ C:\Users\Ralph\Downloads\18022011 caddie_bruyant1.wmv2013-10-02 12:40 - 2013-10-02 12:40 - 00118149 _____ C:\Users\Ralph\Downloads\wmpChrome (1).crx2013-09-29 14:25 - 2013-09-29 14:25 - 00000075 _____ C:\Users\Ralph\Desktop\#9842 Alena 24, 170cm, 55kg.url2013-09-27 21:43 - 2013-09-27 21:43 - 00143360 _____ C:\Windows\Minidump\Mini092713-01.dmp2013-09-26 12:43 - 2013-09-26 12:43 - 00143360 _____ C:\Windows\Minidump\Mini092613-01.dmp2013-09-25 14:08 - 2013-09-25 14:08 - 00000000 ____D C:\Program Files\ESET2013-09-25 14:04 - 2013-09-25 14:04 - 02347384 _____ (ESET) C:\Users\Ralph\Downloads\esetsmartinstaller_enu.exe2013-09-24 15:26 - 2013-09-24 15:26 - 00018160 _____ C:\Users\Ralph\Downloads\attach.txt2013-09-24 13:58 - 2013-09-24 13:58 - 00001084 _____ C:\Users\Ralph\Documents\ark.txt2013-09-24 12:09 - 2013-09-24 12:09 - 00377856 _____ C:\Users\Ralph\Downloads\6d4nnzwk.exe2013-09-24 10:59 - 2013-10-15 12:52 - 00000000 ____D C:\Users\Ralph\Desktop\Deskwork2013-09-24 10:47 - 2013-09-24 10:47 - 00688992 _____ (Swearware) C:\Users\Ralph\Downloads\dds (1).com2013-09-24 10:26 - 2013-09-24 10:26 - 00143360 _____ C:\Windows\Minidump\Mini092413-01.dmp2013-09-23 11:13 - 2013-09-23 11:13 - 00000000 ____D C:\found.0082013-09-23 01:13 - 2013-09-23 01:13 - 00000000 ____D C:\found.0072013-09-21 10:05 - 2013-09-21 10:05 - 00143360 _____ C:\Windows\Minidump\Mini092113-01.dmp2013-09-20 21:53 - 2013-09-20 21:53 - 00143360 _____ C:\Windows\Minidump\Mini092013-03.dmp2013-09-20 13:27 - 2013-09-20 13:27 - 00143360 _____ C:\Windows\Minidump\Mini092013-02.dmp2013-09-20 10:27 - 2013-09-20 10:27 - 00143360 _____ C:\Windows\Minidump\Mini092013-01.dmp2013-09-19 16:56 - 2013-09-19 16:56 - 00143360 _____ C:\Windows\Minidump\Mini091913-01.dmp2013-09-17 18:37 - 2013-09-17 18:37 - 00143360 _____ C:\Windows\Minidump\Mini091713-01.dmp2013-09-16 09:58 - 2013-09-16 10:00 - 15380128 _____ (Malwarebytes Corporation ) C:\Users\Ralph\Downloads\mbsb-setup-1.2.0.0010.exe==================== One Month Modified Files and Folders =======2013-10-15 12:54 - 2013-10-15 12:54 - 00000000 ____D C:\FRST2013-10-15 12:53 - 2013-02-05 15:20 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-10-15 12:52 - 2013-09-24 10:59 - 00000000 ____D C:\Users\Ralph\Desktop\Deskwork2013-10-15 12:48 - 2013-10-15 12:48 - 01087213 _____ (Farbar) C:\Users\Ralph\Downloads\FRST.exe2013-10-15 12:48 - 2013-08-01 09:10 - 00000466 _____ C:\Windows\Tasks\Online Backup Update Notifier.job2013-10-15 12:45 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET2013-10-15 12:42 - 2008-05-09 12:19 - 01371181 _____ C:\Windows\WindowsUpdate.log2013-10-15 12:39 - 2010-11-20 19:02 - 00000438 _____ C:\Windows\system32\Drivers\etc\hosts.ics2013-10-15 12:37 - 2013-02-05 15:20 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-10-15 12:37 - 2013-01-30 11:44 - 00174002 _____ C:\Windows\PFRO.log2013-10-15 12:37 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-10-15 12:37 - 2006-11-02 05:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A02013-10-15 12:37 - 2006-11-02 05:47 - 00003296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A02013-10-15 12:26 - 2009-10-02 13:14 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3181102313-2446731150-1557776212-1000UA.job2013-10-15 12:15 - 2013-02-14 02:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2013-10-15 10:15 - 2009-03-25 20:05 - 00000868 _____ C:\Windows\Tasks\Google Software Updater.job2013-10-14 23:57 - 2006-11-02 06:01 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT2013-10-14 20:23 - 2013-02-27 23:56 - 00000000 ____D C:\ProgramData\HP2013-10-14 20:23 - 2006-11-02 05:37 - 00000000 ____D C:\Windows\twain_322013-10-14 20:17 - 2013-01-28 12:26 - 00000000 ____D C:\Users\Ralph\AppData\Local\LogMeIn Rescue Applet2013-10-14 16:15 - 2013-10-13 11:09 - 00000041 _____ C:\Windows\Filzip.ini2013-10-14 15:57 - 2013-10-14 15:57 - 00000000 __SHD C:\found.0112013-10-14 11:23 - 2013-10-14 11:04 - 00000000 ____D C:\AdwCleaner2013-10-14 11:01 - 2013-10-14 11:00 - 01048960 _____ C:\Users\Ralph\Downloads\AdwCleaner.exe2013-10-13 22:00 - 2013-10-13 22:00 - 00000000 ____D C:\Windows\ERUNT2013-10-13 21:50 - 2013-10-13 21:50 - 01032220 _____ (Thisisu) C:\Users\Ralph\Downloads\JRT.exe2013-10-13 20:52 - 2013-10-13 20:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-10-13 20:52 - 2013-10-13 19:58 - 00000000 ____D C:\Users\Ralph\Desktop\mbar2013-10-13 20:01 - 2013-10-13 20:01 - 00075992 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2013-10-13 19:50 - 2013-10-13 19:49 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Ralph\Downloads\mbar-1.07.0.1007.exe2013-10-13 18:36 - 2008-05-09 12:34 - 00000000 ____D C:\ProgramData\Microsoft Help2013-10-13 17:52 - 2008-08-25 13:50 - 00073408 _____ C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT2013-10-13 17:51 - 2009-05-22 16:45 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Skype2013-10-13 17:49 - 2008-08-25 13:49 - 00000909 _____ C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-10-13 17:11 - 2006-11-02 03:33 - 00719076 _____ C:\Windows\system32\PerfStringBackup.INI2013-10-13 17:00 - 2013-10-13 17:00 - 00000000 ____D C:\32a037ba1f0a3e5ea168f22013-10-13 16:14 - 2013-10-13 16:14 - 00015529 _____ C:\ComboFix.txt2013-10-13 16:14 - 2013-10-13 15:46 - 00000000 ____D C:\Qoobox2013-10-13 16:14 - 2006-11-02 04:18 - 00000000 ___RD C:\Users\Public2013-10-13 16:13 - 2013-10-13 11:32 - 00000000 ____D C:\Windows\ERDNT2013-10-13 16:11 - 2006-11-02 03:23 - 00000215 _____ C:\Windows\system.ini2013-10-13 15:27 - 2013-10-13 15:30 - 05132614 ____R (Swearware) C:\Users\Ralph\Desktop\ComboFix.exe2013-10-13 15:27 - 2013-10-13 15:26 - 05132614 _____ (Swearware) C:\Users\Ralph\Downloads\ComboFix.exe2013-10-13 11:37 - 2013-10-13 11:37 - 00026624 _____ C:\Windows\system32\TrueSight.sys2013-10-13 11:29 - 2013-10-13 11:29 - 00000693 _____ C:\Users\Ralph\Desktop\NTREGOPT.lnk2013-10-13 11:29 - 2013-10-13 11:29 - 00000000 ____D C:\Program Files\ERUNT2013-10-13 11:18 - 2013-10-13 11:19 - 00951296 _____ C:\Users\Ralph\Desktop\RogueKiller.exe2013-10-13 11:18 - 2013-10-13 11:18 - 00951296 _____ C:\Users\Ralph\Downloads\RogueKiller.exe2013-10-13 11:15 - 2013-10-13 11:16 - 00791393 _____ (Lars Hederer ) C:\Users\Ralph\Desktop\erunt-setup.exe2013-10-13 11:15 - 2013-10-13 11:14 - 00791393 _____ (Lars Hederer ) C:\Users\Ralph\Downloads\erunt-setup.exe2013-10-13 11:08 - 2013-10-13 11:08 - 01898112 _____ (Bleeping Computer, LLC) C:\Users\Ralph\Downloads\rkill.exe2013-10-12 22:39 - 2013-10-12 22:39 - 00143360 _____ C:\Windows\Minidump\Mini101213-01.dmp2013-10-12 22:39 - 2013-01-31 01:02 - 194652536 _____ C:\Windows\MEMORY.DMP2013-10-12 22:39 - 2011-11-24 09:32 - 00000000 ____D C:\Windows\Minidump2013-10-12 10:06 - 2013-07-14 12:21 - 00000000 ____D C:\Windows\system32\MRT2013-10-12 10:05 - 2013-10-12 10:04 - 00000000 ____D C:\d37cb711f4669170007b7c062013-10-12 10:05 - 2006-11-02 03:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe2013-10-11 13:24 - 2013-10-11 13:24 - 00143360 _____ C:\Windows\Minidump\Mini101113-03.dmp2013-10-11 13:18 - 2013-10-11 13:17 - 00000000 ____D C:\c0064fe9fba931b6ef2013-10-11 13:06 - 2006-11-02 05:47 - 00301032 _____ C:\Windows\system32\FNTCACHE.DAT2013-10-11 12:17 - 2013-10-11 12:17 - 00143360 _____ C:\Windows\Minidump\Mini101113-02.dmp2013-10-11 11:33 - 2013-10-11 11:33 - 00000000 ____D C:\cae8e13b0f4073a46ca4702013-10-11 11:19 - 2008-09-11 13:49 - 00027412 _____ C:\Windows\system32\lvcoinst.log2013-10-11 11:18 - 2008-09-11 13:28 - 00000000 ____D C:\Program Files\Common Files\LogiShrd2013-10-11 11:14 - 2009-06-12 10:32 - 00000000 ____D C:\Program Files\Microsoft Silverlight2013-10-11 11:01 - 2013-10-11 11:01 - 00000000 ____D C:\2f4fe8f68cccaeb0c81653a9928657992013-10-11 10:27 - 2013-10-11 10:27 - 00143360 _____ C:\Windows\Minidump\Mini101113-01.dmp2013-10-10 13:14 - 2013-10-10 13:14 - 00000022 _____ C:\Users\Ralph\DumpFiles.ZIP2013-10-10 13:14 - 2008-07-31 14:52 - 00000000 ____D C:\Users\Ralph2013-10-10 13:00 - 2013-10-10 12:51 - 00000000 ____D C:\Program Files\Filzip2013-10-10 12:51 - 2013-10-10 12:51 - 00001546 _____ C:\Users\Public\Desktop\Filzip.lnk2013-10-10 12:51 - 2013-10-10 12:51 - 00001546 _____ C:\Users\Guest\Desktop\Filzip.lnk2013-10-10 12:47 - 2013-10-10 12:47 - 01325557 _____ (Philipp Engel ) C:\Users\Ralph\Downloads\fz306.exe2013-10-10 10:11 - 2013-10-10 10:11 - 00000000 ____D C:\7072a0582fb67f1ce42013-10-09 15:58 - 2013-10-09 15:58 - 00289780 _____ C:\Users\Ralph\Downloads\1261771686-19849-207.118.64.47 (16).kml2013-10-09 14:26 - 2009-10-02 13:14 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3181102313-2446731150-1557776212-1000Core.job2013-10-09 12:46 - 2013-01-31 11:15 - 00000000 ____D C:\Program Files\WhoCrashed2013-10-09 12:17 - 2012-09-20 08:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe2013-10-09 12:17 - 2011-07-05 12:43 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl2013-10-09 11:36 - 2013-10-09 11:36 - 00760937 _____ (Farbar) C:\Users\Ralph\Downloads\MiniToolBox.exe2013-10-08 16:52 - 2013-10-08 16:52 - 00000000 ____D C:\found.0102013-10-08 13:04 - 2006-11-02 04:18 - 00000000 ____D C:\Program Files\Common Files\System2013-10-08 10:42 - 2008-09-03 10:51 - 00006648 _____ C:\Users\Ralph\AppData\Local\d3d9caps.dat2013-10-08 02:51 - 2013-10-08 02:51 - 00000000 ____D C:\found.0092013-10-07 11:57 - 2011-03-17 15:16 - 00000000 ____D C:\Users\Ralph\AppData\Roaming\Nitro PDF2013-10-06 09:58 - 2013-10-06 09:58 - 00143360 _____ C:\Windows\Minidump\Mini100613-01.dmp2013-10-05 11:10 - 2013-02-05 15:23 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk2013-10-03 15:36 - 2008-08-07 12:00 - 00000000 ____D C:\Users\Ralph\AppData\Roaming\Skype2013-10-03 11:45 - 2013-10-03 11:44 - 00143360 _____ C:\Windows\Minidump\Mini100313-01.dmp2013-10-02 16:26 - 2013-10-02 16:23 - 36773799 _____ C:\Users\Ralph\Downloads\charmedsamp.wmv2013-10-02 16:13 - 2013-10-02 16:13 - 01425123 _____ C:\Users\Ralph\Downloads\18022011 caddie_bruyant1.wmv2013-10-02 12:40 - 2013-10-02 12:40 - 00118149 _____ C:\Users\Ralph\Downloads\wmpChrome (1).crx2013-10-01 22:06 - 2013-08-01 09:46 - 00000506 _____ C:\Windows\Tasks\Malwarebytes Secure Backup - ralphyde@centurytel.net.job2013-10-01 19:45 - 2013-08-01 09:08 - 00001880 _____ C:\Users\Public\Desktop\Malwarebytes Secure Backup.lnk2013-09-29 19:12 - 2010-10-26 13:01 - 00000000 ____D C:\Users\Ralph\Documents\My Kindle Content2013-09-29 14:25 - 2013-09-29 14:25 - 00000075 _____ C:\Users\Ralph\Desktop\#9842 Alena 24, 170cm, 55kg.url2013-09-27 21:43 - 2013-09-27 21:43 - 00143360 _____ C:\Windows\Minidump\Mini092713-01.dmp2013-09-27 12:04 - 2009-02-01 21:28 - 00000020 ____H C:\ProgramData\PKP_DLdu.DAT2013-09-27 10:18 - 2009-10-01 13:15 - 00000000 ___RD C:\Program Files\Skype2013-09-26 17:25 - 2012-06-04 22:27 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR2013-09-26 12:43 - 2013-09-26 12:43 - 00143360 _____ C:\Windows\Minidump\Mini092613-01.dmp2013-09-25 14:08 - 2013-09-25 14:08 - 00000000 ____D C:\Program Files\ESET2013-09-25 14:04 - 2013-09-25 14:04 - 02347384 _____ (ESET) C:\Users\Ralph\Downloads\esetsmartinstaller_enu.exe2013-09-24 15:26 - 2013-09-24 15:26 - 00018160 _____ C:\Users\Ralph\Downloads\attach.txt2013-09-24 13:58 - 2013-09-24 13:58 - 00001084 _____ C:\Users\Ralph\Documents\ark.txt2013-09-24 12:09 - 2013-09-24 12:09 - 00377856 _____ C:\Users\Ralph\Downloads\6d4nnzwk.exe2013-09-24 10:47 - 2013-09-24 10:47 - 00688992 _____ (Swearware) C:\Users\Ralph\Downloads\dds (1).com2013-09-24 10:26 - 2013-09-24 10:26 - 00143360 _____ C:\Windows\Minidump\Mini092413-01.dmp2013-09-23 11:13 - 2013-09-23 11:13 - 00000000 ____D C:\found.0082013-09-23 01:13 - 2013-09-23 01:13 - 00000000 ____D C:\found.0072013-09-22 03:29 - 2013-10-11 10:50 - 12336128 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-09-22 03:22 - 2013-10-11 10:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-09-22 03:22 - 2013-10-11 10:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-09-22 03:14 - 2013-10-11 10:50 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2013-09-22 03:13 - 2013-10-11 10:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-09-22 03:13 - 2013-10-11 10:50 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-09-22 03:12 - 2013-10-11 10:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll2013-09-22 03:09 - 2013-10-11 10:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-09-22 03:08 - 2013-10-11 10:50 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2013-09-22 03:07 - 2013-10-11 10:50 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-09-22 03:06 - 2013-10-11 10:50 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2013-09-22 03:05 - 2013-10-11 10:50 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-09-22 03:03 - 2013-10-11 10:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-09-22 03:03 - 2013-10-11 10:50 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-09-22 03:03 - 2013-10-11 10:50 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2013-09-22 02:59 - 2013-10-11 10:50 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-09-21 10:05 - 2013-09-21 10:05 - 00143360 _____ C:\Windows\Minidump\Mini092113-01.dmp2013-09-20 21:53 - 2013-09-20 21:53 - 00143360 _____ C:\Windows\Minidump\Mini092013-03.dmp2013-09-20 13:27 - 2013-09-20 13:27 - 00143360 _____ C:\Windows\Minidump\Mini092013-02.dmp2013-09-20 10:27 - 2013-09-20 10:27 - 00143360 _____ C:\Windows\Minidump\Mini092013-01.dmp2013-09-19 16:56 - 2013-09-19 16:56 - 00143360 _____ C:\Windows\Minidump\Mini091913-01.dmp2013-09-18 15:50 - 2008-08-01 17:00 - 00000000 ____D C:\AmiPro2013-09-17 20:24 - 2013-08-01 09:08 - 00000000 ____D C:\Program Files\Malwarebytes Secure Backup2013-09-17 18:37 - 2013-09-17 18:37 - 00143360 _____ C:\Windows\Minidump\Mini091713-01.dmp2013-09-16 10:04 - 2009-10-07 18:45 - 00000000 ____D C:\Windows\Downloaded Installations2013-09-16 10:00 - 2013-09-16 09:58 - 15380128 _____ (Malwarebytes Corporation ) C:\Users\Ralph\Downloads\mbsb-setup-1.2.0.0010.exeFiles to move or delete:====================C:\ProgramData\PKP_DLdu.DATC:\Windows\Tasks\{B9528C56-634A-4606-A03B-F93C07CBEBA2}.jobSome content of TEMP:====================C:\Users\Ralph\AppData\Local\temp\Quarantine.exeC:\Users\Ralph\AppData\Local\temp\yx6c2qfn.dll==================== Bamital & volsnap Check =================C:\Windows\explorer.exe => MD5 is legitC:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitLastRegBack: 2013-10-15 12:45==================== End Of Log ============================And here is Addition.txt:Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-10-2013Ran by Ralph at 2013-10-15 12:58:25Running from C:\Users\Ralph\Desktop\DeskworkBoot Mode: Normal============================================================================== Security Center ========================AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}==================== Installed Programs ======================Update for Microsoft Office 2007 (KB2508958)Activation Assistant for the 2007 Microsoft Office suitesActivation Assistant for the 2007 Microsoft Office suites (Version: 1.0)Adobe AIR (Version: 3.8.0.1430)Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)Adobe Flash Player 11 Plugin (Version: 11.9.900.117)Adobe Reader X (10.1.8) (Version: 10.1.8)Adobe Shockwave Player 11.6 (Version: 11.6.1.629)Advertising Center (Version: 0.0.0.1)AFPL Ghostscript 7.03AFPL Ghostscript FontsAgere Systems HDA ModemAmazon KindleAmazon MP3 Downloader 1.0.15 (Version: 1.0.15)Amazon MP3 Uploader (Version: 1.0.8)Apple Application Support (Version: 2.3)Apple Software Update (Version: 2.1.3.127)ArcSoft Panorama Maker 4ArcSoft PhotoStudio 5.5CAM UnZip 4.42Canon CanoScan LiDE 100 User RegistrationCanon G.726 WMP-Decoder (Version: 1.1.0.4)Canon Inkjet Printer Driver Add-On ModuleCanon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)Canon MP Navigator EX 2.0Canon PIXMA iP3000Canon RAW Image Task for ZoomBrowser EX (Version: 3.3.0.5)Canon Utilities CameraWindow (Version: 7.1.0.2)Canon Utilities CameraWindow DC (Version: 7.1.0.7)Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)Canon Utilities Easy-PhotoPrintCanon Utilities MyCamera (Version: 6.4.0.5)Canon Utilities MyCamera DC (Version: 7.0.1.8)Canon Utilities RemoteCapture DC (Version: 3.0.1.8)Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)Canon Utilities Solution MenuCanon Utilities ZoomBrowser EX (Version: 6.1.1.21)Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)CanoScan LiDE 100 Scanner DriverCCleaner (Version: 4.04)CDBurnerXP (Version: 4.3.7.2423)D3DX10 (Version: 15.4.2368.0902)Defraggler (Version: 2.15)DolbyFiles (Version: 0.1)EasyCleaner (Version: 2.0.6.380)Elevated Installer (Version: 2.2.21)ERUNT 1.1jESET Online Scanner v3Family Tree MakerFile Uploader (Version: 1.2.0)Filzip 3.06 (Version: 3.0.6)Garmin Communicator Plugin (Version: 4.0.3)Garmin Express (Version: 2.2.21)Garmin Express Tray (Version: 2.2.21)Garmin Update Service (Version: 2.2.21)Garmin USB Drivers (Version: 2.3.0.0)Gateway Connect (Version: 1.1.0)Gateway Recovery Center Installer (Version: 1.01.031)Google Chrome (Version: 30.0.1599.69)Google Earth (Version: 6.2.2.6613)GSview 4.1HP FWUpdateEDO2 (Version: 1.2.0.0)HP Photosmart 6520 series Help (Version: 28.0.0)HP Photosmart 6520 series Product Improvement Study (Version: 28.0.1315.0)HPDiagnosticAlert (Version: 1.00.0000)IDT Audio (Version: 5.10.5303.0)ImagXpress (Version: 7.0.74.0)IMM4 VCM Codec 1.0.0.10Inkjet Printer/Scanner Extended Survey ProgramIntel® Graphics Media Accelerator DriverIntel® Matrix Storage ManagerIrfanView (remove only) (Version: 4.36)Java 7 Update 25 (Version: 7.0.250)JavaFX 2.1.1 (Version: 2.1.1)Junk Mail filter update (Version: 15.4.3502.0922)Keyspan USB Serial Adapter (Version: 3.7s)LabelPrint (Version: 2.0.1826)Logitech Legacy USB Camera Driver PackageLogitech QuickCam (Version: 11.90.1263)Logitech QuickCam Driver PackageMagnifier (Version: 2.4)Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)Malwarebytes Secure Backup (Version: 5.9.1.4720)Menu Templates - Starter Kit (Version: 9.4.2.0)Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft Application Error Reporting (Version: 12.0.6012.5000)Microsoft Fix it Center (Version: 1.0.0100)Microsoft Money Essentials (Version: 16)Microsoft Money Shared Libraries (Version: 16.0.0.705)Microsoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)Microsoft Security Client (Version: 4.3.0215.0)Microsoft Security Essentials (Version: 4.3.215.0)Microsoft Silverlight (Version: 5.1.20913.0)Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Works (Version: 08.05.0818)Microsoft WSE 2.0 SP3 Runtime (Version: 2.0.5050.0)Move Media PlayerMovie Templates - Starter Kit (Version: 9.4.2.0)MSVCRT (Version: 15.4.2862.0708)MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)Nero 9 EssentialsNero BurnRights (Version: 3.4.11.100)Nero BurnRights Help (Version: 3.4.4.100)Nero ControlCenter (Version: 9.0.0.1)Nero CoverDesigner (Version: 4.4.9.100)Nero CoverDesigner Help (Version: 4.4.9.100)Nero DiscSpeed (Version: 5.4.11.100)Nero DiscSpeed Help (Version: 5.4.4.100)Nero DriveSpeed (Version: 4.4.11.100)Nero DriveSpeed Help (Version: 4.4.4.100)Nero Express Help (Version: 9.6.2.101)Nero InfoTool (Version: 6.4.11.100)Nero InfoTool Help (Version: 6.4.4.100)Nero Installer (Version: 4.4.9.0)Nero Online Upgrade (Version: 1.3.0.0)Nero ShowTime (Version: 5.4.0.100)Nero ShowTime (Version: 5.4.13.100)Nero StartSmart (Version: 9.4.12.100)Nero StartSmart Help (Version: 9.4.12.100)Nero Vision (Version: 6.4.12.100)Nero Vision Help (Version: 6.4.8.100)NeroExpress (Version: 9.4.17.100)neroxml (Version: 1.0.0)Nikon Message Center (Version: 0.92.000)Nikon Transfer (Version: 1.4.0)Nitro PDF Reader (Version: 1.4.0.11)Notepad++ (Version: 5.7)OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)Omron Health Management Software (Version: 1.21.0001)PA095 / PA075 USB2.0 DOCKPart 2 of 2PDF reDirect (remove only) (Version: v2.2.8)Picasa 3 (Version: 3.9)Picasa Uploader (Version: 0.6)Power2Go 5.0Quicken Deluxe 98Quicken WillMaker Plus 2013 (Version: 1.0.0.0)QuickTime (Version: 7.74.80.86)Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)Realtek USB 2.0 Card Reader (Version: )REALTEK USB Wireless LAN Driver (Version: 1.00.0000)Secunia PSI (2.0.0.3001)Segoe UI (Version: 15.4.2271.0615)Singlesnet (Version: 0.9.2901.0)Skype Click to Call (Version: 6.12.13601)Skype™ 6.6 (Version: 6.6.106)Spare Backup (Version: 3.2)swMSM (Version: 12.0.0.1)Synaptics Pointing Device Driver (Version: 9.1.17.0)TaxACT 2010TaxACT 2011 - 1040 EditionTaxACT 2011 OregonTaxACT 2012 - 1040 EditionTaxACT 2012 OregonTomTom HOME (Version: 2.9.6)TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)TreeSizeUniblue DriverScanner 2009 (Version: 2.0.0.1)Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)WebCopierWhoCrashed 4.01Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)Windows Live Communications Platform (Version: 15.4.3502.0922)Windows Live Essentials (Version: 15.4.3502.0922)Windows Live Essentials (Version: 15.4.3555.0308)Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)Windows Live Installer (Version: 15.4.3502.0922)Windows Live Mail (Version: 15.4.3502.0922)Windows Live Messenger (Version: 15.4.3538.0513)Windows Live MIME IFilter (Version: 15.4.3502.0922)Windows Live Movie Maker (Version: 15.4.3502.0922)Windows Live Photo Common (Version: 15.4.3502.0922)Windows Live Photo Gallery (Version: 15.4.3502.0922)Windows Live PIMT Platform (Version: 15.4.3508.1109)Windows Live SOXE (Version: 15.4.3502.0922)Windows Live SOXE Definitions (Version: 15.4.3502.0922)Windows Live Sync (Version: 14.0.8089.726)Windows Live UX Platform (Version: 15.4.3502.0922)Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)Windows Live Writer (Version: 15.4.3502.0922)Windows Live Writer Resources (Version: 15.4.3502.0922)Windows Media Player Firefox Plugin (Version: 1.0.0.8)Yahoo! Messenger==================== Restore Points ============================================= Hosts content: ==========================2006-11-02 03:23 - 2013-10-13 16:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts127.0.0.1 localhost==================== Scheduled Tasks (whitelisted) =============Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMMTask: {1F2D1D54-32EB-42A4-8B5F-A3914EABE69A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {2FA3FE75-88E8-47DF-98C1-E645EC950EFB} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files\AVG Secure Search\PostInstall\ROC.exeTask: {32B77094-D224-4F3E-A9F8-728D40CB4126} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-05] (Google Inc.)Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPagesTask: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)Task: {486B0270-4E58-4485-92A6-47D89531603C} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09] (Google)Task: {4AAC8F7F-9C8F-4FAC-9964-D08B19B87FB9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3181102313-2446731150-1557776212-1000Core => C:\Users\Ralph\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-30] (Google Inc.)Task: {7FDC9C7F-9363-48C7-9752-037CDE5E2496} - System32\Tasks\Malwarebytes Secure Backup - ralphyde@centurytel.net => C:\Program Files\Malwarebytes Secure Backup\sosuploadagent.exe [2013-08-15] (Malwarebytes Secure Backup)Task: {81503994-5FEE-4A4B-9C05-3570613B7B80} - System32\Tasks\Online Backup Update Notifier => C:\Program Files\Malwarebytes Secure Backup\SUpdateNotifier.exe [2013-08-15] (Malwarebytes Secure Backup)Task: {9731D136-1A55-4F17-868D-6EC853C83902} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)Task: {B57F7104-ED4A-4F13-923C-70788EDC08DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-05] (Google Inc.)Task: {BE97025E-02DA-4C65-8871-BF0BB8B77502} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)Task: {C662C99A-7146-4713-80EB-A1758CEFE53C} - System32\Tasks\HPCustParticipation HP Photosmart 6520 series => C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)Task: {DB490431-69F5-4E1F-9D03-C57377D9FBFA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3181102313-2446731150-1557776212-1000UA => C:\Users\Ralph\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-30] (Google Inc.)Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()Task: {F9DA845F-DFE8-4849-98FB-AD2F6317DF5C} - System32\Tasks\{2AF0F2B9-1A00-46C8-8428-30E7C4215F9A} => C:\Program Files\Skype\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)Task: {F9F8FA80-A9CB-46F2-B7C9-ECC579CF5798} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UITask: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3181102313-2446731150-1557776212-1000Core.job => C:\Users\Ralph\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3181102313-2446731150-1557776212-1000UA.job => C:\Users\Ralph\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\Malwarebytes Secure Backup - ralphyde@centurytel.net.job => C:\Program Files\Malwarebytes Secure Backup\sosuploadagent.exeTask: C:\Windows\Tasks\Online Backup Update Notifier.job => C:\Program Files\Malwarebytes Secure Backup\SUpdateNotifier.exeTask: C:\Windows\Tasks\{B9528C56-634A-4606-A03B-F93C07CBEBA2}.job => c:\users\ralph\appdata\local\google\chrome\application\chrome.exe==================== Loaded Modules (whitelisted) =============2007-05-18 21:59 - 2007-05-18 21:59 - 00356928 _____ () C:\Program Files\Spare Backup\sqlite3.dll2009-11-03 17:14 - 2009-11-03 17:14 - 00054272 _____ () C:\Program Files\Notepad++\NppShell_01.dll2013-10-10 12:51 - 2004-09-08 13:45 - 00368128 _____ () C:\Program Files\Filzip\fzshext.dll2013-08-15 16:40 - 2013-08-15 16:40 - 00023448 _____ () C:\Program Files\Malwarebytes Secure Backup\SOS.SharedEverywhere.dll2013-08-15 16:40 - 2013-08-15 16:40 - 00030104 _____ () C:\Program Files\Malwarebytes Secure Backup\SOS.Contracts.CentralManagement.dll2013-10-05 11:10 - 2013-10-02 23:03 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.69\pdf.dll2013-10-05 11:10 - 2013-10-02 23:03 - 00415184 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll2013-10-05 11:09 - 2013-10-02 23:02 - 01604560 _____ () C:\Program Files\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll==================== Alternate Data Streams (whitelisted) ============================= Safe Mode (whitelisted) ======================================= Faulty Device Manager Devices =============Name: USB Device(VID_1f3a_PID_efe8)Description: USB Device(VID_1f3a_PID_efe8)Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: USB DevicesService: usbUDiscProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.==================== Event log errors: =========================Application errors:==================Error: (10/14/2013 08:20:50 PM) (Source: Windows Search Service) (User: )Description: The application cannot be initialized.Context: Windows ApplicationDetails:The content index metadata cannot be read. (0xc0041801)Error: (10/14/2013 08:20:50 PM) (Source: Windows Search Service) (User: )Description: The gatherer object cannot be initialized.Context: Windows Application, SystemIndex CatalogDetails:The content index metadata cannot be read. (0xc0041801)Error: (10/14/2013 08:20:50 PM) (Source: Windows Search Service) (User: )Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.Context: Windows Application, SystemIndex CatalogDetails:Element not found. (0x80070490)Error: (10/14/2013 08:20:47 PM) (Source: Windows Search Service) (User: )Description: The plug-in in <Search.JetPropStore> cannot be initialized.Context: Windows Application, SystemIndex CatalogDetails:The content index metadata cannot be read. (0xc0041801)Error: (10/14/2013 08:20:47 PM) (Source: Windows Search Service) (User: )Description: The Windows Search Service cannot load the property store information.Context: Windows Application, SystemIndex CatalogDetails:0x%08x (0xc0041800 - The content index cannot be read. )Error: (10/14/2013 08:20:47 PM) (Source: Windows Search Service) (User: )Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.Details:The content index metadata cannot be read. (0xc0041801)Error: (10/14/2013 08:20:47 PM) (Source: Windows Search Service) (User: )Description: The Windows Search Service cannot open the Jet property store.Details:The content index cannot be read. (0xc0041800)Error: (10/14/2013 08:20:47 PM) (Source: ESENT) (User: )Description: Windows (3396) Windows: Database recovery/restore failed with unexpected error -543.Error: (10/14/2013 08:20:34 PM) (Source: ESENT) (User: )Description: Windows (3396) Windows: Database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb requires logfiles 14820-14823 in order to recover successfully. Recovery could only locate logfiles up to 14819.Error: (10/14/2013 06:42:49 PM) (Source: EventSystem) (User: )Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043cSystem errors:=============Error: (10/15/2013 00:39:36 PM) (Source: ipnathlp) (User: )Description: The DHCP allocator has disabled itself on IP address 169.254.204.34, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.Error: (10/15/2013 00:37:36 PM) (Source: EventLog) (User: )Description: The previous system shutdown at 12:34:54 PM on 10/15/2013 was unexpected.Error: (10/15/2013 00:16:48 PM) (Source: ipnathlp) (User: )Description: The ICS_IPV6 failed to configure IPv6 stack.Error: (10/15/2013 00:14:41 PM) (Source: ipnathlp) (User: )Description: The DHCP allocator has disabled itself on IP address 169.254.204.34, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.Error: (10/15/2013 00:09:33 PM) (Source: EventLog) (User: )Description: The previous system shutdown at 11:59:33 AM on 10/15/2013 was unexpected.Error: (10/15/2013 00:09:01 PM) (Source: volsnap) (User: )Description: The shadow copies of volume C: were aborted during detection because a critical control file could not be opened.Error: (10/15/2013 00:08:57 PM) (Source: volsnap) (User: )Description: The shadow copies of volume C: were aborted during detection because a critical control file could not be opened.Error: (10/15/2013 00:08:54 PM) (Source: volsnap) (User: )Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.Error: (10/15/2013 00:07:24 PM) (Source: iaStor) (User: )Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.Error: (10/15/2013 11:54:06 AM) (Source: ipnathlp) (User: )Description: The ICS_IPV6 failed to configure IPv6 stack.Microsoft Office Sessions:=========================CodeIntegrity Errors:===================================Date: 2013-10-15 12:57:31.845Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-15 12:57:31.104Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-15 12:57:30.356Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-15 12:57:29.565Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-15 12:57:28.820Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-15 12:57:28.044Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-15 12:57:27.279Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-15 12:57:26.488Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-13 20:18:55.202Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-13 20:18:54.553Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.==================== Memory info ===========================Percentage of memory in use: 66%Total physical RAM: 2037.69 MBAvailable physical RAM: 691.52 MBTotal Pagefile: 4978.93 MBAvailable Pagefile: 3396.64 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1901.34 MB==================== Drives ================================Drive c: () (Fixed) (Total:139.02 GB) (Free:71.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]Drive d: (RECOVERY) (Fixed) (Total:10.03 GB) (Free:4.46 GB) NTFS ==>[system with boot components (obtained from reading drive)]==================== MBR & Partition Table ==========================================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 02FF13A2)Partition 1: (Not Active) - (Size=10 GB) - (Type=07 NTFS)Partition 2: (Active) - (Size=139 GB) - (Type=07 NTFS)==================== End Of Log ============================Next to create the AutoRuns log. -
I was wrong in previous message. After about two hours, thinking it was running normally, the system
froze up again, and after awhile, I did a forced shutdown.
I was in Twitter, and clicked on a recent trend. After some 'waiting for cache' at the bottom, the trey at the bottom and the start button disappeared, showing no signs of recovery.
Now, back to Step 06.
-
Made some good progress yesterday, and today I seem to be able to run with normal startup, and without signs of freezing up so far (knock wood). I can't recall much of the frustrating day, with several crashes.
But the breakthrough came when I got a message related to my HP printer.
"HP Update: The application failed due to missing software library. You may need to reinstall the application again."
I spent hours looking for the CD for my HP Photosmart 6520 all-in-one printer, to make sure I could reinstall it once uninstalled, finally called HP Support, and talked to a very savvy tech (in the Philipines), who assisted me remotely, downloaded updated install software, but we couldn't uninstall in Safe Mode, but I was reassured that I'd be able to reinstall after uninstalling.
So, after that, I was able to come up in normal mode, and quickly (before freezing up) was able to uninstall the HP Printer and HP Update. After another crash or two, and a startup repair (successful), I was able to come up in normal mode, and run for hours. Shut down normally last night, and came up normally today (though with an abnormally long "welcome" phase). But I am up clean, and running normally so far.
So I will proceed with Step 06 and Step 07, and then create the Autoruns log, as instructed in your last post.
-
Task 05 - continued:
Here's the report from AdwCleaner:
# AdwCleaner v3.007 - Report created 14/10/2013 at 11:23:15# Updated 09/10/2013 by Xplode# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)# Username : Ralph - RALPH-PC# Running from : C:\Users\Ralph\Desktop\Deskwork\AdwCleaner.exe# Option : Clean***** [ Services ] ********** [ Files / Folders ] *****Folder Deleted : C:\ProgramData\AVG Security ToolbarFolder Deleted : C:\Users\Ralph\AppData\Local\PackageAwareFolder Deleted : C:\Users\Ralph\AppData\LocalLow\AVG Security Toolbar***** [ Shortcuts ] ********** [ Registry ] *****Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Key Deleted : HKCU\Software\Uniblue\DriverScannerKey Deleted : HKCU\Software\AppDataLow\Software\AVG Security ToolbarKey Deleted : HKLM\Software\TENCENTKey Deleted : HKLM\Software\Uniblue\DriverScannerKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536***** [ Browsers ] *****-\\ Internet Explorer v9.0.8112.16514-\\ Google Chrome v30.0.1599.69[ File : C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\preferences ]Deleted : urls_to_restore_on_startup*************************AdwCleaner[R0].txt - [3126 octets] - [14/10/2013 11:05:14]AdwCleaner[s0].txt - [3105 octets] - [14/10/2013 11:23:15]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3165 octets] ##########==============================================================================Moving on to Task 06.But first:I'm still not able to run with a normal startup. The desktop comes up, looking okay. But attemptingany job soon causes a freeze up of the desktop, and a continuous revolving circle. Finally I haveto force a shutdown. Letting it run for awhile last time finally came up with a message:"wmpnscfg.exe has stopped working"When I googled 'wmpnscfg.exe' in safe mode, I get referred to the "wmpnscfg.exe virus"as described here:This relates in my mind to the fact that every time recently where my system has done a CHKDSK run,after a crash or attempted startup, the two files that are always screwed up, and the indexes that haveto be deleted then restored as orphans, are wmplayer.exe and taskmgr.exe (among occasional others).Does this ring any bells with you? And do you think I may have this virus?Thanks, -
Step 05: AdwCleaner. Log to follow:
# AdwCleaner v3.007 - Report created 14/10/2013 at 11:05:14# Updated 09/10/2013 by Xplode# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)# Username : Ralph - RALPH-PC# Running from : C:\Users\Ralph\Desktop\Deskwork\AdwCleaner.exe# Option : Scan***** [ Services ] ********** [ Files / Folders ] *****Folder Found C:\ProgramData\AVG Security ToolbarFolder Found C:\Users\Ralph\AppData\Local\PackageAwareFolder Found C:\Users\Ralph\AppData\LocalLow\AVG Security Toolbar***** [ Shortcuts ] ********** [ Registry ] *****Key Found : HKCU\Software\AppDataLow\Software\AVG Security ToolbarKey Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKCU\Software\Uniblue\DriverScannerKey Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}Key Found : HKLM\Software\TENCENTKey Found : HKLM\Software\Uniblue\DriverScanner***** [ Browsers ] *****-\\ Internet Explorer v9.0.8112.16514-\\ Google Chrome v30.0.1599.69[ File : C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\preferences ]Found : urls_to_restore_on_startup*************************AdwCleaner[R0].txt - [2986 octets] - [14/10/2013 11:05:14]########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3046 octets] ##########======================================================================================I didn't see anything I wanted to keep. So I will press Clean now, as directed. -
Step 04:
JRT.txt: follows:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.4 (10.06.2013:1)OS: Windows Vista Home Premium x86Ran by Ralph on Sun 10/13/2013 at 22:00:43.60~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilividSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbarSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossriderSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbarSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminentSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypcSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220222182204}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E26990}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660266186604}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660266186604}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}~~~ FilesSuccessfully deleted: [File] "C:\Users\Ralph\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk"~~~ FoldersSuccessfully deleted: [Folder] "C:\Users\Ralph\appdata\local\coupon companion plugin"Successfully deleted: [Folder] "C:\Users\Ralph\appdata\local\cre"Successfully deleted: [Folder] "C:\Users\Ralph\appdata\local\ilivid player"Successfully deleted: [Folder] "C:\Users\Ralph\appdata\locallow\conduitengine"Successfully deleted: [Folder] "C:\Users\Ralph\appdata\locallow\pricegong"Successfully deleted: [Folder] "C:\Program Files\bigfix"Successfully deleted: [Folder] "C:\Program Files\conduitengine"Successfully deleted: [Folder] "C:\Program Files\ilivid"Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{000BADEC-75AC-458A-9A76-6F53F499B770}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{000F4981-936C-4983-B7DD-076A78B1EBB3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0042B3B4-EF0D-47D7-A332-57D55F74470C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{004E22C6-F701-467A-8224-D99E46EEC60D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0086379A-A6E7-42A8-A0C5-485DC83C4FC6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{00F2B95B-3966-4A43-AD59-2519A7C1323B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{01203416-27EB-47DF-9AE5-36AD0CB853F7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0135FBB8-620D-4F17-AB21-F4432658AD52}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{015C8A29-E6C1-447E-9A18-E794DD9A1745}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{016E31EE-62F1-48B9-8299-1519E35FC0ED}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{01AFC379-1E8E-45F7-9B02-32720B21EA25}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{01EB83F6-A5A5-41F5-963B-8ED2A5112502}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{01F195AE-9E45-4B80-BBBD-137C9A360980}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0209FC72-0BB1-4D64-B504-079BC45AF213}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0241F594-E76A-4118-97F9-C48D8878B549}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0251788F-B46F-4269-9B45-C657D711ECCB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{02567D12-77BB-4C9C-AD6B-DA622452B623}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{02622A08-B220-4E4F-BE8E-28EE35B4BA0F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{026265EA-49AB-48F3-95F3-BC0ABF0DF820}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{026319B7-705B-4B67-96E3-8D56D67659EA}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{02900D97-11B4-407F-9A75-E1B20F498DFF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{03305CCA-85A3-4498-A492-1746920CAB62}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{033482DF-CA61-4B22-8427-8E079DF0F8D9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{034B1673-228B-4743-B98C-B7B0846F8B29}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{038A5C9E-BF70-4BBE-A147-9E4F05498D66}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{03D1927A-1354-4566-88F9-9E240EFAE36F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{03D2087C-A2C9-4EF5-9B0E-72B8FA62829A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{04011D84-ABD5-4FF4-834E-0DF49FF2A8E7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{040EFF47-E19B-4C17-B795-A5205D2B7539}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{04227968-6B0F-46D0-817C-DD95FF54A88D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{045D8EB5-1DB5-49A6-B2DE-BC5DD3912612}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{04795228-4DE2-44B3-A579-DCD4692CECAE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{04AAF814-D0B2-426E-8F74-5B5811D0C41B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{04C98AB5-9F87-46EE-9FE4-A808B9D96D9B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{04DC8C53-4ADB-4121-8B59-65D9D25DA807}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{05260B08-29D1-4CA1-BBA4-BCF2D2F34568}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{053109F0-3ED1-4940-9D66-C3808F2FD564}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{054EA874-71B7-4F16-B834-0130B58CB0C4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0556ED01-EAD8-4F7D-8987-99B3120D3AF3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{056AE894-278E-4C5F-9CF6-AF949AFEE58E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{056F9565-42DD-4A88-A075-993F42312D16}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{05BE99B3-A422-4546-96CD-7A3C7D0633AD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{05CC85A4-9A16-4D6C-A56A-861A774FA38C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{06139BDB-9FA0-4453-A3FE-2A5620EB8445}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{06272BBA-2324-405B-A15A-12D3A4ADA0BB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{06A0EFA0-0561-4663-905D-AFE6CDCF04B0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{06B8AA41-6063-4DFD-B350-3E4D7610FFE3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{06BA5275-F8F2-41A3-988F-F55156FB8997}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{06CD5C25-1A4A-4455-968F-934D9BB9725D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{06E5E69F-33D3-4015-86F9-0EA857631E00}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{06EF7354-E08D-4E15-92A0-A4F23458809E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{071921E3-B7B2-4D9B-95B4-C1E6DC219C99}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{071FE06E-D162-4876-8521-DDDDE80833FD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0728F8B3-7640-4DA2-8936-9D13B312A557}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{076EF28B-235A-4E54-AA48-3541D6A068BD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{07828743-F7BF-44EC-B561-590BAD6521CF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0797C5EB-987A-4E52-B299-421CBD2BD859}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{07A5188F-1928-4D85-B23C-10485AC97946}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{07A85F93-219E-443E-B340-2B0E1FE39ABC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{07CBD821-3B92-4A64-B408-67E6BFEE32B9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{07FF6787-C25E-44E6-A301-1E481ACB80A0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{08280450-7B5E-49F9-A62A-7819C75DFBB5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{083604D4-3295-47EC-86B4-28D94C361075}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0873B6EE-C5D0-4D12-AFAF-4EF3AAD3EC97}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{089DC126-5876-4B19-90C6-ADA2383FDA3F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{08B8E41B-D4BA-41CB-BE3F-0B083D528255}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{08BB4EAF-50DE-4887-83AA-C5DF90B39C3B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{08BF369F-D5F6-4EEB-A004-DE145895D225}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{08ED1B8A-982A-4259-8842-3F50D05A5648}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{08FCE1BC-CB7C-4541-9C5E-63AF5B30C969}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{091707A3-42D6-4BCF-A9B6-A68308F35991}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{09569382-E3E4-4996-9656-912BEDD57A92}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{09625F15-A693-4987-84B9-54FC5C0B0033}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{096A6FF2-5875-4B48-BDB3-F07571A4214A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{09B8E3D9-840D-4D1A-A712-518C52844FF2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{09DDD1D7-B124-4411-9686-8D83DB14FB0D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0A0C777C-5982-46A7-ADB4-3F09070D020E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0A280958-457C-4B55-ADF7-AAFDA159DDD3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0A570D27-92DC-47E8-82BD-0E606EBDC83C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0A6116C8-A69E-453D-A007-B88AC0D0A67B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0A6C05FC-53DD-4D39-A3B7-4082A717B86B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0A8BF13A-ACCD-4F40-A921-F6D7F2CB797D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0AFFEC50-89DF-4EB8-A270-C315ABB79FD8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0B0AD008-1BF2-4E73-990F-B4A9ACDA95DB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0B1DFD6B-917C-4AB6-A115-C3C7FF3AACEB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0B23EF61-5488-4286-9ACE-5E870768270A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0B35383C-B596-458E-8927-C1408C3D3E3D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0B36900F-BEC6-4A90-BC1C-D47E168BB7BB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0B3CA00C-DCC1-442D-8AC7-55B52307FA8F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0B3E1B93-8422-46B0-9530-5D8158AA8DDC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0B3F74A2-F456-4F23-9C0F-27E32465735E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0B45E66E-FE82-40B0-BA40-500578D0D060}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0BC159FB-7122-4B25-8CE2-BE772A38F21E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0BF496B7-DA05-47D2-AC10-9BE837427564}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0C3F8821-B87A-4566-81EB-CC8E10652827}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0C60EB50-C9F8-4E70-968D-F32EA7D08CD8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0C649A23-CAB4-4D59-8FBA-CC90F6ED9557}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0C9F15C8-B2B4-44A2-ABD8-73D7C1382D3E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0CACDB31-FCF7-4999-AF9F-5BFA67849FA5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0CB35D00-5C4E-4A69-83DF-8D93208347DC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0CC3F2B4-918F-4FC3-A76F-BFF8A2B6DADD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0CD641B0-99B7-4707-B91F-257280A72F1B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0CD88BAD-1F7E-4F67-962D-12D5A4CD6139}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0CE3BF1F-5655-47E2-8BD9-67C553B1FA7F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0CE518B1-9F7A-4200-930B-D7ADEB168A6F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0CE68CE4-7741-484C-A085-5E44DD8AB5C1}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0D3C2E9E-CE81-421C-88CC-12D17323986D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0D421388-7299-48BE-B935-AA0920D38CC6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0D989F0A-0D6F-462A-963F-CF346A34890F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0DACF086-038F-4B86-BD6F-9661E270AF70}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0DC5A51E-3A59-4AA4-98FF-6C6AC3CD5BB4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0DE96377-9BCE-4A23-96A7-B76C4EB1A908}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0E0C6F7E-C8CC-41EF-BAB8-1CCAB886742F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0E0DEB8B-BB3F-491A-B0E3-BA487E88BB84}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0E226BDA-6692-4178-853C-4539EF91D513}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0E23F3B6-0F24-4B92-90F7-09D88AB7BE9C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0E3EC03B-D607-4636-B909-7F5AF687BB95}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0E645063-ABA6-478A-AB39-8069B8701A19}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0E696F2B-0934-4625-A2C9-84074EFCCCBD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0EBEE9E6-6F67-4034-8387-279F6D6238A2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0ED67020-8586-4C16-950D-C506DA5EC68A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0EDC0A8D-6F95-4382-893F-82F61C2CE74C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0EDD3ED0-B4B8-4749-8DE0-EA96565136CE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0EFE1179-5BFB-4AA4-82DB-060BF94840BF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0F1DBB13-8CD4-4289-80BF-E650FD64CA5E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0F46CEFC-CA0D-4186-83B8-0E46EBC96694}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0F78CED6-6BE1-4C15-8C55-75E6E0F42BA3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0F9754B6-19A5-4E07-BF09-743562A9AEB5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0FA814B5-E35C-469D-A6B2-BBD05CBC907C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0FCC1F95-AD13-42D5-90CE-02817255F404}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{0FFF6427-8B90-4BBC-BE5F-CC1784D10CE5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{109C5C16-B203-4246-BC56-52499E6E3203}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{10BD5712-CEAD-404E-8C01-B9B4F0FC0BBB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{10D1C47B-0E77-46FA-A589-74836BE7B698}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{10DE97A7-71D0-4CE7-9C86-BD4CAA1BDA55}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{10E6A547-27AD-431E-AFED-B5E0E9DF993A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{10FDB7F2-F7E4-40CD-9000-BE899BDB80D6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{11B4BDDF-E6A4-42C1-AD55-BF570A150AEB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{11DFA8B8-BF9D-44A5-A224-F9F21B195C0B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{12095486-E1D1-42C9-8445-8C9340582BB9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{12135930-5620-4A08-9E87-595C04A79BD1}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{124A4CC4-59C5-4AC9-BE0E-D1021881D19B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1268EB70-C93A-4348-B34D-515760FF1921}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1299CCB6-76B3-44A2-9390-A6E00A14272C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{12D07A0F-62A6-453E-A96D-9FC3A6B9FC7E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{12DACE56-C7BC-40B9-9824-A5420F2231B6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{12E43C7E-7521-4C23-B90A-B5435741FF28}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{12F7222A-0C67-4EAA-99DB-C1918A3C58C2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{13314857-7223-45BD-ACF9-FE83BD2E5A98}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{13542DC6-5E02-4B46-A9A6-5FDE57E68498}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{135B56B1-2152-420D-95C2-4985695CFFF0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{135D2453-24FD-47AC-9A57-73A247DD69B2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1366B15E-9CA5-45A5-A76F-90AB3F6B4A17}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1372C5A0-E773-4764-B63C-A6F07910BB2F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{138E1DE1-6A3A-41AA-9E5D-FD0E79972E15}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{139A09B7-B973-4BA9-A8DF-12A3320DC60B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{13B7D7AD-C063-45EB-9E2F-E5585D8EF72B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{13C972AC-690E-4DEA-ABB8-C0B4F810FC50}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{13E55620-00DC-41B7-BC20-AA8EB7BD3FE3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{142A8CF2-B903-4096-8F64-A67468989F9B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{142DE690-C46C-42BD-998D-9D1ACCE20914}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{14434AA2-FB9E-454A-BDBF-D8F973FCACA7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{147BBD88-7554-4E6F-9E48-5F2DDF9CB4E0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1490552D-E91A-4098-B2CE-7CF457C83005}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{14986B35-17FD-4F9D-B9AB-B71699C615FD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{14AE3110-DF5D-4E15-8F7C-364E809769A8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{14B6A3CB-7956-4D49-A4D0-CC364B446F77}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{14CA523E-A7FA-46D0-B5AF-CA5A7F973082}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{152AADF8-9137-41FD-A393-AB988B878306}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{155FAF8E-02CA-4A1B-A427-EF8F5D1E8C88}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{156D5CA9-EA86-461E-9851-7980E1267242}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{15D33B49-A4BB-4276-A20E-68C693D8071D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{15ECFAE4-D6D8-483C-96EF-406D013E7F13}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1609ABAE-897C-428F-9D3F-7B7AE3D1A163}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1617B89D-5F16-4C4B-B744-E13AA7811815}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{167B6709-74DC-4C27-AA5D-78A3AA4909E4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{168DF6FA-FF7C-4501-9DC2-494C035C4E8D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{16D21CE1-E72E-4C91-ACBF-2255820614B6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{16F03A6E-87FF-44F7-B15B-535F99911A44}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{17164EB6-97B4-42B3-A080-8C7DFBAB7ECE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{171FF5E6-E82A-4E13-889B-ECF49D26AD92}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{17800FBD-C921-49FD-9532-5ABCEB0BB74B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1786F644-4248-4402-B07C-48564B6B123F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1805BB68-E6AE-450C-B148-FDC5D2267ABD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{183EB406-F1A1-4051-B475-00F610A6E5BB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{184869F7-AE10-4356-BF28-43891356D0EB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{18609B90-61D0-448A-B55A-F5DFB11B0244}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1865D891-5496-4317-BA0A-5F0F827AD8D0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{187C3EA2-3FCA-455B-845E-824DE390C639}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{18F4157C-01A7-4762-B446-FCF917A96E58}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{19071472-C2C3-4408-9BCC-598158AFC764}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{19143486-830D-45F2-9F8C-F07938BEB607}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1924DB5F-5AB2-40C6-8FB0-D2278E111671}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{192ACAA4-0AD1-4783-B442-42C5CC9F7638}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{194F13FD-8B64-4066-8DC7-3F602F72329F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{196D9F3C-CBDD-4AA9-AED1-4697F7BDB605}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{197DB010-036F-4A2D-8BB7-0D38B098D7C6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{19889A07-C9F2-413A-88EB-664DA583F69A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{19ABDF9E-5FBF-4E0C-8878-CC87F9950DE8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{19B4E4EB-789D-48FD-B703-CA0DEC26918A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{19EB5C05-0ECF-40C5-9053-49CBA184A8DA}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1A0CE59D-691B-49FC-83F8-9623EF9FBD11}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1A2BC02B-2C2D-432F-B3C9-CE2AC384D8FD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1A46E9F2-947F-4975-AC78-0C490FB14C2E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1A51C01D-D22F-495C-9A25-6255D3CF2EDE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1A6968C5-7167-4510-BE97-6AB5BE814727}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1A82333A-E723-47A4-BC0F-3D851823608F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1A82901A-A915-46E9-BE9A-F83C6216A6B5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1A8613C8-4FEA-48EB-BB62-F50D879E2FA9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1A885E43-596E-4BDB-928B-52C9C3A6F508}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1A9390CB-2209-43EB-8464-8C678476E433}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1AA173D1-70D9-4E07-8142-C198434F8BC4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1AEB256A-AC70-4CB3-AEA6-24E92FF24485}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1AEEB93A-5379-4E19-98AC-38AC37C636D8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1B093828-B1CB-417D-A0D0-202BBA99A7D3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1B197D76-0D07-4E37-A220-DF8EB3ED9D91}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1B55D253-167C-42F9-8248-322200DF11EB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1B63E6FE-360A-4878-B5CA-664F8CCB01BC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1B8E5F3D-E61F-4D24-A6E6-3C86C9EA037A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1B9357E5-E024-449F-8583-5CABC7163826}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1BA10726-9B32-4B2E-8381-268290608658}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1BC43A40-52EB-43F0-AA44-9BE7AA19EFB4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1BC488DD-3BB5-4DB9-B288-B99D0CF2B591}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1BD4F183-326C-470F-8134-9A89CA4876AA}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1BDD4680-1146-47F0-A703-0A5EFB260292}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1BECB2A3-B70C-4BAA-A6BC-4E1EC7518861}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1BFFD611-769F-412E-B69C-DECD7BAA6AC5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1C040B10-F1FD-457E-B877-31D852CABD21}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1C6A02DE-81A5-4CEC-A465-F9F1622F960E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1CBE29D9-5313-425C-B4A3-958BD96E24AE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1CE3BF4D-480F-4FD7-9AF5-46F65C58D61C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1D02A29D-1394-439F-AC86-D8AE4C2D14EF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1D2EB858-4F7B-4FB3-BF9A-B48F9B8AEA1B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1D809C0A-AEE5-4842-9558-EDADB4FF9526}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1E2AD14A-F9CF-46DF-A593-E57976316EA7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1E2FE144-4C9C-46E3-8ED4-80F91009D2FB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1E4D554D-8386-4B5C-AF81-C963B86E5C32}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1E78FF11-81C2-417B-84AB-94D6A2C5950D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1EB2EEFD-ED00-4FC9-B3FF-3C2982693EBF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1EC28A5D-C16B-49EA-A0D5-2528DA7721D5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1EDBDAD5-5DAA-42D6-A6F5-6DC170EE0EC3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1EDE3181-5868-46A5-B0FA-C4929966B1B6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1EE494A1-8F95-4549-B739-AEA032D99CA2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1EF5894F-7E5A-45B5-8543-CDAD886C2BEE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1F320F66-1502-41CF-A296-7439E7941677}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1F321520-E196-4992-A083-DF564F17F40D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1F662AAD-9C08-4F1E-9D28-2B96FA2C592F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1F88941F-091F-4DB2-B80A-D1C59E0FE131}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1FA0B149-F870-4E2D-B0D7-06B37A509D02}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1FBC15FD-F6BE-4422-87F9-BA84044E888F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1FE6D7B0-9D52-4A72-BA4C-44881D4185FA}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1FF03C39-BAB3-4E5B-ABA2-FF4153D1D1DB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1FF34C57-6B9C-41D1-B60F-ECA91BD1AAC6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1FF635E2-4C53-4906-AB72-F1A3850F335B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{1FFB03AC-18A3-4634-B749-38023F9C5C56}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2045B7F2-E32E-43DC-9F1D-4B3872EF0A5D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{207D1E11-DF6D-478F-A60B-5E23C4887D8F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{20AFB3FC-865E-4BCF-B5BD-CCFC60A0333B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{20B9B18E-72FA-4027-BE50-760C59B8BC45}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{20BE8589-5C22-4421-8D0F-8AFCE0026A8A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{20FECF02-C006-4C34-8D58-849D29ABA8AF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2111D7F6-047B-438C-BD0F-4EE663A88A28}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2114D8E6-B6B0-43AB-90B3-25956E8FBE8C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2134CDCB-D22E-44FA-9500-A287246A0A0D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{213E45AA-6915-46C0-8D2F-4579F144943B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{21410D3A-7716-4F1A-A415-00AE4A222B62}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2178F598-23A8-4D13-8209-F35A59E8EE82}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{21A57869-D0ED-457A-94C8-3BD85FA11228}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{21CF4C27-78CC-4728-9C6B-7773E53F9077}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{21F3696C-54BC-4ADE-8A37-8170ECA5329F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{225863B4-D7D7-4A4C-AE45-EB0B9CCE79F0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{226609D4-5537-4BC1-9AB2-B4FF0E3A6D69}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{22B03A69-50A1-4839-AC68-70C074ED8CE8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2313C2D3-C9A3-4D05-8C4E-2B4D1B90AAE9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{231BA611-D38B-4EF8-8DF5-DF563455267E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{23630FB9-E886-45D3-803D-F1DC299E7CD3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2371E01B-8FE5-4C1E-87E9-6728CEA30047}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{23AF48EC-E90F-40DE-B497-03F4FF3E9E2B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{243F64F3-8453-4549-907B-CB574A6FF48E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{24749AC8-82EC-42A5-998D-70C769BA437D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2488D250-7802-4681-A97C-445D65ED81C5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{24BB58DC-9997-458E-ADFD-402AC9421FB6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{24E6EA4C-7ADE-4C7F-824F-102F6E1928AF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2529904E-E48B-41F1-BD54-836328BF3062}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{25716371-C11F-4EC5-A63D-2CEA513600C0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{257325E4-1068-4C19-9EA1-D4E3198E7741}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{25E5AE99-7F23-40BD-ADE5-9DA1FBE35D09}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{25FADC01-43AC-4BC9-A36B-DB06A4E67E80}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{262671D7-C5BE-4D91-ABFC-AFAC27BC602E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{26269F9F-B49E-425D-B00F-B01906DFD1BA}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{26379B61-97A1-4D5F-AC71-AD65BD3E4696}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{26629FBE-D5BF-4DF5-A2B1-89208B9A4B0A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{26DC0254-0F4E-4D39-B4CE-1FFF355DEC26}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{26E0053A-3255-4186-B11E-AF332F359814}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{27174CB7-C0AA-4006-93BF-C321C8CAFB34}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2734BC31-F183-4FBB-A62C-8DFD415534AC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2758093E-8023-4AF6-87BF-5B1E79115B09}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{27668292-16DA-4DF1-84BF-1629CECC64DD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{276BE138-0637-4F3C-8FDE-5B8114E2BE30}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{27762216-B8E5-47A6-96AF-D74A3A5C596A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{27C53FC9-2FE5-41DE-887F-9E21083F9867}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{27E8829E-0F9E-42FF-B3FC-5378AB23D804}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{27FAE621-6EA9-4F12-A6C3-A16E3B3C8609}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{280121B1-D618-4694-BF4C-742B8181B36F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{280FA37E-7501-432F-8EF9-117C96E5AC86}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2825DF06-2732-4297-B6B9-97B78B9C9959}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2828E1E3-4912-4313-BD45-E9FEE7CE1730}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{28C1981E-64B5-4DAF-B035-433F34117393}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{28E4E3C2-0D2D-4848-B565-963A4849EC69}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{28EE2268-8A32-4C66-9C74-D09AFCB0231E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{28FB98CC-F5AC-4FB7-AA05-2884EBFD4B30}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2908C9D2-36FB-410F-96F1-6CF90FD1CDC7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{296B4E84-8378-448A-994D-5A211B4375CE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2970232E-B443-400F-BA7C-44CA772A993A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2983D5C4-AD63-402B-88E2-50D762A8D358}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{29BA1455-5E3F-4751-A005-C29B477E9438}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{29D2DF93-13BE-46BA-A267-9A222600E0A8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{29DBBEC1-1DE5-42E2-8DE0-7C67B4CC89FD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{29F96F24-7ACD-4268-84AA-F037B609B54E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{29FDA514-6501-4163-A4B3-C5A77A3A2B4D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2A22EAB4-5BA8-4F0A-AAA9-40C9EC99BB57}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2A36B7A6-D993-4E5A-B2EC-8ECFC97E27BD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2A60A8BB-C12C-4DFF-A535-BC6D0D504393}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2A668558-4EBF-4D92-94CC-40DBB0F0D11E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2A8E4AFF-EC96-4F12-9704-642ED66F6607}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2A98DA84-9001-4B6A-8611-82A51D4507FC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2AAB37E0-1581-45A0-9672-A8C981B039BB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2AB008D9-D7EB-4FF1-82D2-D58A28622945}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2ACB0604-F0B8-429A-BA1E-4C3118A2E0D9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2B69D9F1-8F22-473D-8CDF-8DDCDA4672C4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2BFD1B9A-7E3F-4F87-9613-2C864E689E65}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2C04F314-D0D7-48AF-9423-4613CE2B27CD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2C2BC9AA-C01C-46AC-A4A3-8733907E7654}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2C7AFEF7-96D5-4334-A16B-78C277298771}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2C833DDB-4ED6-4787-9E3B-A0CD4113629C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2C98E1E7-0D0E-4128-BBA8-F15179C056A4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2CB1984B-7603-4CF0-BF66-5458BABC8D71}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2CBF4CFC-C0D4-42EE-ACDF-D3EE766C9E3C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2CC5228C-FBBD-4C40-9AD3-88D3E627DF1A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2CD48385-F677-432A-9C0C-3903CE91B1D4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2D2FE800-7C20-47C1-AD36-753E806BD330}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2D38ADA5-6635-4750-B969-8C7FDE0F0F5D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2D50C0F9-1D4F-4E34-86D3-F6DDF5D9D141}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2D6FE8BB-4858-4104-AE5C-C4443268C7D9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2DD5939B-421D-4877-BC59-0CFCA23CA8C7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2DDF0198-C1AE-4282-B6D7-A3D90775DC5A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2DF9786A-F844-46C4-BC39-951AB092BEA9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2EB6707E-E986-4DD4-8457-3C84C719FDAE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2ED46B59-02F3-4380-BD6A-4FBFA993E3F5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2F575C07-39A5-42C8-8666-1CD5079AE678}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2FC73D67-7C39-4929-B96E-E24E896C401D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2FC8FD00-0D77-462A-8D90-1EAE3CF772E3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2FD39A78-D705-43CA-B357-77308C55EEC5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2FD7FA11-993B-44AB-8DB1-7250DFD9FEB0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{2FE3DAFE-0480-4C1A-A309-F798F80ECD21}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3031075A-D744-4ED1-BF7E-E36EE6763F4A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3033C992-2A40-4E23-95D2-74379637420E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{30354F25-E18E-496B-8FF3-5AE84C7BE71A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{305C0447-C3BE-4B05-A5CD-B89C19B3E8B9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3063A2D6-D68B-4B25-8D28-53CF5840B38D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{309602F5-F99B-4901-BF2A-18AADE1BE36D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{30C57CAC-04B5-4C6B-BD23-C2B6F5EA46DB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{30D9A350-9D2B-4F69-A1F1-DB11DC569656}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{310303BA-57A8-46EC-90DB-FD8D71A34BB0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3137915B-6FCF-438E-AF69-EE2485A9C10E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3144073F-F07E-4242-BA96-1FC26F846815}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{316909FF-E71A-4092-A716-657C62054F1A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3178B9BE-A0AB-40B4-B44A-6B23F968AA79}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3181BA33-60AD-468F-8795-8405AC30168D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{31C9F00A-974B-43A4-9851-688C5334A8B8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{31FBF3DB-D4E7-44D5-AD94-ADD470F10A94}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{31FD2D04-4F71-4751-945D-2BEA34CEA05F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{323AA455-DC14-46A3-86A0-B81D4034C124}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{32567948-4A2E-4735-97AC-9AE3614685A9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{328C14C7-47A9-438F-8810-4947C4E81E8E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{32ABD846-AEF0-4A35-9F3D-5E3F3E94B718}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{32C7AA54-1498-4B90-AAED-110DD2636AFF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{32CFDCDE-E034-41C1-8BF2-31A3445EFFE5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{32D17F11-CA9C-471B-B5EA-1CF1C704E600}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{33429456-92F1-4CB1-B305-6AC276D7D1C9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3394410D-B766-4815-A5D4-1189D4FD94FC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{33B66977-B652-469D-8CBA-6F3E646F6013}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{33B981DC-4FC2-4489-A16D-E4A5B4879F13}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{33FE298B-4963-44C2-83E3-9197CA2470E9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3401C832-5D28-4A18-8364-9433A79C4D98}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{34477AE4-6473-4AA8-A3D3-870BC7FF00CC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{348A3365-128A-4065-9038-53DC2225CB6B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{34A26573-D1CF-4EE3-B89D-21084BE6009C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{34A3F92E-B8F9-403C-8111-7C06456CBACA}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{34C1553F-CD8A-4C1F-8E54-82439A7F072D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{34DA5C0E-79C7-464B-A75A-860291327799}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{34F24E9D-0ECB-400D-BCA4-526844D67C34}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{34F4B943-4CA5-4BCA-85FC-9BDED0D94175}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{34FB05EE-138B-4C53-974C-B07C432D183F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{350F5742-1241-4D82-A2B5-CD699BD1B85C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{35237317-69FE-40E0-882A-C4E9EB18D05F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3523E6CC-BAA0-49DD-A85F-E8816C5735EF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3541CCA8-F930-4411-BE4B-E8B5CDC55A7F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{354A7199-6CDA-4DD4-ACE6-824FAC96BC7A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{35AEDF39-0DE6-478E-A004-D7CE26E16914}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{35D26255-112B-4EEE-A1C1-3A616827D91F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{35D7106F-0CFD-4ABD-8140-4AC747442CCE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{35E791E4-9C90-48AB-AD1A-FA3621EBDFBF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{35FBE5AB-4038-45BA-AC4B-E737894E1291}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{35FCC2E1-5748-47B9-B4D3-61448BB91B10}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3618ABAE-59BA-463A-BAAD-D5D82C59D5D4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{36ADC46E-3EB8-4C25-8BB3-0968819150CE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{36BA9C0A-0A6B-45BC-9D01-9F56EC12B9FF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{36D11327-72BA-4F07-B879-D8094A9D827D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{36D6669D-D4E7-4C75-B13B-638F60AC7928}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{36D963CE-07D7-4BF5-AAD2-2EB93167B616}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{36D9D4D0-78CB-4480-B9BD-56B0CF5B01D9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{370148C0-AAFC-4055-8969-4F3408BFCCAB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{375341B4-F4AA-4FD0-B6AD-2B5D13FA947A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{375AD97C-FB11-4293-B5FD-D7EAB1A60F54}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3763D4CD-CA98-443C-A532-AC084828018F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{378077F4-49B6-4598-B1EB-62A526C289BD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{379E6E1E-DED4-4681-AE58-5DE958D0B83C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{37C35912-D2E4-43FE-BB84-A6DDEB75130F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{37D90E7D-769D-45C4-8062-7BC6856BE03D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{38148310-A3D0-40DC-886E-BE5B48D0737A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{38166EB8-92F5-4DCF-B5EA-F3CB9BAC0622}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{385BB3A4-6045-4457-8EFE-FD634996A889}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{38741964-1F34-405E-B5B8-030FAE67E8B9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{388ECC0F-E1B8-4B50-9774-65BA217BF042}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{38912AC4-F0C3-43D8-BE6A-4DF3301BB073}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{38C358FD-9A5B-417E-86CB-300568A1FF71}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{38C6DD7A-EEDC-4B81-86E6-16C8D4D8E596}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{38D57AAD-3A4A-4AFC-8994-AED33A69179D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3906AA8F-C63F-45EF-9BE7-98962959B0F2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{39117D06-62E6-4418-9DC2-D5A9B90C3438}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3977AC60-7AC5-4A7A-8F55-5ABBCCCF9283}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{39937A82-8B04-435A-9772-8FF084ACE449}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{39D1677C-6A50-4CAC-BADD-3C2628C0EDCD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{39E9A099-8499-4B5D-A724-22BE54239EC5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3A0376ED-FF3B-4524-ADF3-A813B547DA4C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3A331C7C-5B3F-4AE1-BDE2-7C9F7812A527}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3A39F112-8716-4AD9-A4F3-975B6E376DA5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3A46182D-B2E7-44A3-B312-3F6672362575}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3A490B3F-8104-45B7-AEBC-D11E722136DF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3A83785B-0432-4F3A-A791-3BA8690BA1DF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3A9FA937-441B-4CA1-808A-79F2C5246D8D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3AD1E70D-989C-49C6-9E53-BB72C275E218}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3AE0A07F-F335-4CB7-919B-F8174D88E3A2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3AEF0877-8854-47BA-925A-0EDF6E0A6A44}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3B01E634-9F6C-4E7E-981E-0EC1FAE98944}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3B11DD22-9F7E-4F23-8E1B-963CA57E927A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3B2ACDBB-529C-4344-98AF-91B2D6DC31AF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3B32E886-5F62-4D6B-A371-BAD053213E63}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3B3F820B-A492-47DA-8055-1A250FCFD905}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3B41062D-6179-4337-8468-5A494EED401A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3B41ECEF-EBEC-49F5-9DA3-8F4285714231}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3B6BDB20-6A4B-4076-B904-732570F4DA8E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3BC325A6-6B84-45DD-9076-4B85658F1C0F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3C429118-AD9F-483A-BFBE-6B37DC5F54E8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3C4ED07D-FEA6-485B-B0F8-4F143513237E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3C883C36-0B5A-456E-B731-B980A8E77B34}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3CA0B08E-F545-48F6-96AE-C8DFAA348A55}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3CAACF9B-0C7E-49AB-A233-73DAB331745D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3CBA78C9-9923-456A-A27D-AF3362FB223F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3CEBA959-12CE-4D6B-A56B-88A79CAD4FC7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3D156339-64C4-4A18-A918-B44C81416770}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3D3BA083-BBF7-40BF-9A02-C8C02B72FBFF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3D45A544-74CC-4471-94F4-B508E0754ED3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3D78564C-5DAF-4AF5-B854-A0FD0D55EE76}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3D9E7EE6-C42F-4C8E-87E3-35AB6BF11CBF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3DA5A9F6-D0BE-48C0-A8A0-E1B16F63FA41}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3DCA0EB8-2D29-4933-A2CE-892E848B2911}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3DCB5914-E29D-49BF-BBD3-63748EEE2F2C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3DF42941-F163-4B71-A8A0-E030A888DCFC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E1BDA47-3FC4-41F6-BE27-84367760E718}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E26FBF4-F746-4C86-A99B-7F61242BBDA5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E41189C-1A41-45EE-AE56-37CA92FDF059}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E413D7A-545E-4F95-9444-3B266BD992BB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E4B4308-C6BC-46D4-A585-1BC4D897E89C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E6A24A6-21B9-459A-B2A2-6FC43520CD8D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E6C17E3-ED81-4CB0-8FFC-AD31864FF181}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E715F6A-C127-404E-B957-F5E441F86C77}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E77F323-1603-45D3-9023-545878904821}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E8AF0D2-D644-43AA-BE48-E6DC0CE69760}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3E95FE0E-1661-4895-BCAE-7D3FBFD0CA3A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3EDC12A5-939C-4066-92C8-7D605C297F60}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3EEA0163-63F4-41FA-92F1-FCAF78AB0448}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3EFBDA82-86E0-451C-BD9E-1F0F9C1A3576}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3F0C85FB-B217-46B9-85A1-0176780EB4F8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3F102CE0-7FC1-4E65-B831-E72EF332BDF7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3F46ABB4-3E08-4E4C-89C3-27FB2EC49FDF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3F65196E-B41F-4A3A-A820-4335E678491E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3F6BE117-B982-4023-8F9E-53A37A2DD74A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3F6D7339-DE52-4AF7-A184-8006A79640B9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3FC622B2-703A-4D3F-86CF-48D924CA08C3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3FCEF69B-E25B-42BE-9B33-27D0A1BBD928}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3FD859C5-D6A9-47E5-8ACF-19BEE11D6ED7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3FE1CF72-739D-4AF6-8102-9B5BF7844135}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{3FE34226-4BA1-4CAC-8912-550CF4CD9657}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{400DAAF6-2D1A-4FCA-8A7D-C835F47A87C8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{40332FD0-20C6-402C-93CA-63595590B109}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{4069C31B-95BA-46B8-92C1-801313609FF8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{4098E93A-8EEB-4C01-8849-F3761706AE70}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{40BCFA11-3F13-4238-B1B4-3FF35972A50D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{40DCE6A9-AC62-4D93-9D9E-C8BA0328F467}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{40F9F60D-96D4-4093-AA75-0C3BCF5D7543}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{4105CAD3-4DC5-4CCF-B7EE-106BF01354C7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{4107230F-1DB0-4A2B-B54B-970C403E91AB}========================Got a message when posting that JRT.txt was too long to post, so I cut out a bunch ofthese empty folders that were removed.============================Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E3B2C0AA-E6D3-4399-9731-7287D3E32F04}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E3B35287-E6F7-4480-B2F8-9E10EEC76268}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E3EDA558-3E1B-480F-91F1-42C054498ABB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E3F6EE22-A21A-4BC1-942C-933D7CDD9BDB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E3FCAC95-CF04-4C39-9906-1DDC6163D840}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E46D73B8-92F0-4A9A-9D68-0ACCD139847E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E491A665-5CFB-4FBD-8FC1-1B903E04189F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E49FB7DE-4130-4880-BCF0-AA24C7544330}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E4F04A2C-9688-4028-9768-7BF2568F5C9C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E5167E89-4D06-4A40-BB33-45F153776C4E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E52C8404-9195-42F7-B314-79805E64B9BD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E53AF56A-8E59-4CA1-8FE8-821E9AE66F77}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E57660AF-CFCA-4753-9C9D-D2F1DE7F395B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E57CEF12-8560-4D14-BF78-D2DF41A024D4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E5ABCF0D-3DC6-4111-A90A-DC2369663D9F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E5C9B687-7289-4564-BFD0-01DB8C42824E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E5CF94CA-8897-4EE2-875C-9C16B3FC3E2A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E609721F-2CF5-46C7-AB54-D91B1C19FFF2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E61BF64A-29E5-4E12-869D-7593E6A56365}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E6244ADF-A1A1-483E-B4B5-7CF710CED651}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E6306CEE-5D81-4062-A259-E4C2C0F6970F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E635AF21-B20B-4103-82A4-DAA8ADD80FC5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E677D083-F060-4E21-9EDE-2AE41076C399}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E6800B62-54D1-454F-B0FD-AB0F776A3DD1}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E680A4C2-D836-4DB6-874A-4E8431184D0C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E6AD611B-9EFD-4630-8E8E-A6CFDF1DD4AF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E6D1DC9A-2F8F-47D4-93E2-78C24F0FEC4F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E6EA1AC9-8E1A-4DBC-86D3-4511C2CF036F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E7087CB2-B3F5-4825-A5F7-89FE6097A9C5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E77B9BC6-5011-44A4-9A02-BBFD9DD94926}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E786E97C-4DAE-4B80-9F0B-D6471B1519EA}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E7CD77CB-3B9C-4804-8875-1EBC5BC01526}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E7CECF88-381C-4783-B883-2312B87A1850}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E7ECA1D6-B53D-46AE-98D6-16C4FCEE43AB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E7FFFD2C-78F4-452C-A528-31389B4ECFEA}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E81CCDF5-2A99-4E85-BC14-422BEA41C847}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E8633DBE-C9DF-47F0-9E37-E23C07C63C7D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E8B070C7-BEE3-4D67-BE0C-016152152015}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E9286822-B8A6-4CF4-95F3-B824C6F759D1}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E9667950-B472-46C7-8BDA-7FC619B83212}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E96D77D4-0FD9-45FB-952C-75B754D1B296}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E98CFBC0-D6A0-4BD5-A06D-74B7D5E3220E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E99D45FB-F3DB-4EA6-AC31-5E6EB9B90676}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{E9BA98DA-EFAA-4421-A240-B756DCA27280}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EA07E9EB-967F-458D-BC1E-DF5F9C7FC2C7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EA08647B-E488-488A-AE8E-42B043F96C38}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EA6E2A8A-3987-4FDA-8CD3-BEE9ED7276C3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EA965DD6-EBF2-4E34-9D3B-28A94D1D7295}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EB019CCC-454A-4E8D-A318-C4B9D9B0AF15}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EB1181EF-BE2D-4FF7-80AF-4E7E5CA70E05}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EB3F1F4A-7E0E-451D-B0C0-5C68592AC393}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EB4D64DE-839A-490C-B1FE-472AA754453E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EB57C2E5-F975-4FF6-AD41-D8CA9608EAC3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EB6751A6-4D51-4B6F-BD1B-BE129E91429F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EB825FA5-2B60-4DC6-810A-C20BBFF85367}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EB9AA31F-701F-48AA-988F-2245000E82CF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EBB03111-A381-4605-B1AF-1E6CEE419613}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EBB143B7-9761-4DBC-B713-457393C5F833}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EBC247D9-9ABB-4CB0-90B1-D9726A407D9E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EBC3A22C-87A0-48C0-8D8F-2CBFF53FD108}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EC2E7F0F-B29E-4D93-AD13-8846EBF97CC2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EC4C8C3C-17E5-408C-8F98-DFC16DE902FF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EC7DAE42-2672-4143-94E0-C7CBE99F7AF7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{ECBE873C-4706-4221-AD30-38D911518AAC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{ECEC1205-17D5-432C-BA5D-713CA934C989}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{ECF35C2A-E16E-4EE2-9EA6-F7679B35D2E9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{ECF97FE3-0D09-4505-AB5A-D87949DA8C10}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{ED06C2DA-9899-4EF5-A7D6-6F67383CD2FF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{ED2D48C2-F5A1-4B38-99C2-19CE2D02C49B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{ED492913-4882-4231-89B7-B909AC14CB13}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{ED6CE4DE-33ED-419F-A2E5-C9A00AB285C0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{ED71BFE1-AF59-420E-820A-08E17B776D14}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EDB9C6A8-F9C3-4F80-AE35-515D61AD4093}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EDE30927-A8F2-4E67-91DC-C7D990CA3260}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EE1CDBE5-8F4D-4117-8612-E4ACEF1C3888}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EE2A58F7-8FB3-4E48-A21F-2277DA0214C2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EE535ACE-E4B3-4AC5-83AC-430896316046}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EE5FC916-F0DD-4A11-BD71-068A463D8587}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EE6AE5D8-1EE2-4BDA-8BAB-F7339C40D35B}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EE6B192A-56C2-4C98-9DEE-24BA0F79DB36}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EE6C48EB-95BF-4B4C-AC4E-2EC832C1DD17}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EE6EDB2E-36AF-4F40-BDF2-ABD3E0AE0716}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EEB07ACD-D789-4CD2-96CD-9F661870AD4D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EEC1DFA5-73B4-4B8C-A9C0-87DB9A4BBBE2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EEE3C70B-7D98-4F3F-8FA8-DFD7C8B76EAB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EF155FF6-2E80-452C-A64C-A4D73971B321}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EF2133F1-B9F0-4CA3-A1F6-6A06BA2EE7BC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EFB7436D-8C85-4DE9-B60E-D19D3D4C7C2C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EFBAE74B-BE90-4B0B-8E13-64949444A7AC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EFD60696-5740-437E-B7BB-EC936A1AE125}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{EFD7309A-8A62-4B5D-82C3-5A1C28DF9EFC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F03E201B-6001-443E-AC54-00443B7BB1CF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F08AE743-6F01-4B08-9C1D-C421570FA79F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F0A43646-27B5-4152-B53C-185C7DE6BC01}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F0B9E3FD-FDEE-4E94-BA81-AFF4963D5E4C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F0ECCECB-07BE-4D69-B116-2BD6283F38B8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F10A2DC1-130C-4E41-88A6-A02FD0351FDB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F1359E76-00D6-4172-8DB9-DF040B290261}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F1A3E850-9FB7-434E-BC37-195DB3A79C05}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F1C81F0B-30BA-4A1A-8F0A-8931381E5FF5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F1E5D7C9-4290-4320-AA6A-E93343AEB801}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F2377504-1F7B-4D3C-A535-F2BDC525A0EF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F242A784-D681-4DD8-93E8-B2DAFF7CD60C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F25E5BE5-E5EE-4BA9-8C3E-1365C61ADBD0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F27B2439-37DB-457E-9161-7158DDBF17B6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F2982402-EDA7-420A-BBC4-9B0C5E591E6C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F29D5B99-3DCA-4BB7-BFE5-E9EB403BCC15}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F2A13B29-0E24-4F44-9135-CD9395D39670}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F2F1B5DE-F997-40E3-9DB5-E38E0EF8D344}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F304C073-E792-41CF-8F35-B170FE81B134}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F31466BC-74A6-49C8-830A-3A740758F457}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F325B552-2645-4644-BCE4-60DCD8552A13}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F34D7C06-1811-49F5-8387-545946305A66}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F36986BC-DC0B-4606-BB24-A84C8B84955D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F3B95495-4CB6-4918-8E59-D72A2E7A56A7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F3E709A2-19CB-4725-8371-5030AD382B41}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F3EA13B9-AE3D-4AF3-A3F4-A5F1D853E687}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F3EF1E72-ABAE-4AE2-B02C-AF85C91D07C5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F408D640-15CB-446C-9B40-BC34FF3E0706}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F4402119-A15A-4256-B728-571FF69A4486}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F454655E-36E6-4B65-95F7-0F56EA192819}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F4861AC1-0B0B-421D-BC75-1AEA3A9A2743}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F50DFC82-A562-457D-958A-C88458C559B2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F51C59E9-C10B-4668-BA79-753D5BB8AE89}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F52035BA-E5DF-4334-9023-ED08D66CBD8C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F525B3A9-A1A7-4848-A3E7-1D603C4629BD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F53F9242-CD94-4E79-950D-435854E6DE66}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F543A2BB-0349-4DFE-9345-8BC9B34384AB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F5544486-CAAF-4173-85BF-664339112C2F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F55DC4A1-064B-409C-9BF8-88BAC7C1F389}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F5752FC5-502B-48B5-A517-E9661D5853ED}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F596AD45-16EE-4D62-8E15-9B50FD7A1A49}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F5C87DDD-6418-4B62-A95F-1D361E627F21}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F5F543BC-DEB0-4F3A-ACA1-777A3A93B4DD}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F5F78231-52BB-4D58-9054-0487E1C94BC3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F61C089F-494F-4F86-8B38-355B580CD096}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F67A18CC-80CB-4369-9712-6961D42FC62D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F6C4ADDD-CBA0-45F7-8380-E5C78BB623BB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F6D25A8E-5773-45A9-90A0-3C480C581FD3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F6E42F0F-BC46-4FD3-839A-808BD6353BA9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F7031388-9A98-4BAE-BC1E-E83D648C45CF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F71ACFDB-A24A-4324-AEDA-25554C3B65A8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F71DDDE2-23E7-4D13-8D11-FFEE448B68E7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F734CBD1-93BE-41BE-8701-0D694F1DCFBF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F756A741-E67B-45A8-9F44-75B162B35380}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F76894D1-F811-4947-87F8-1FBA8DB6BABC}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F796175E-1D9E-4D40-B116-ACBDA088C745}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F7A2C9B6-1389-41CA-9E1D-BE2F85DFAC12}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F7CD3C66-47EA-4980-AAB0-0533488A2F80}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F7E013D1-6177-4A09-901A-F2580AA3662C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F8230A19-E1B1-439F-A8E2-7465F946D904}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F86704EB-BC18-490C-81FE-D3317588C5AF}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F872103C-B994-4C08-A33E-2337F7AE0341}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F8736609-0C2D-4896-87EC-1840F449BA56}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F8B5E0B5-6348-4888-8C25-BCB9F8DDEF62}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F8B70C7A-91FE-40F7-8AB4-ACEFAF23F75D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F8C79A13-09F1-450B-B30B-AB1A328D61E4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F8D90B50-A33D-492F-93C1-DF094FAB4B4F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F91849E1-2476-4752-AFD9-D4498727A67D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F94952EE-598F-48D6-A521-EE1BA1C3A213}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F98FDAED-043B-4300-8BC3-B71F5CCE9720}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F99C063F-85F3-4B3F-BCE5-0FA773751E72}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F9D6C6A4-F1A5-4B84-8E08-A23686E4BCE8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F9E110E7-AFAB-4736-A351-4D5EFA10103E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F9FDEA0C-A9A9-4FEB-B5C8-E6448D049BC4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{F9FEC437-EA99-4F67-B3D5-A49370BB6E86}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FA14324B-F390-428A-BBCF-82AEE0C27106}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FA89378D-2171-4F30-917D-ECB4EB1B0686}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FA976EF6-B3CA-4FAF-85BE-AEBB5E20D93E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FA97AA41-5F2A-4A62-85BE-CEB3B6887A87}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FAAB35CB-68CA-4FD0-9D2A-5187C0B3DED0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FAE7995D-5CAC-496F-BE97-2111632ADD83}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FAFBABE3-7B6F-4177-928E-D7BB112EABA4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FB2E945C-D7CD-4CCD-988F-1D03EEFEC673}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FB550A0B-433C-4364-A656-A61FCAC39303}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FBACE47D-37F3-4AFB-946A-E0749B8A6227}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FBEB660A-A6B7-4541-B797-50553175EB83}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FC4B84CA-174A-4B62-9031-DF1A12A47034}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FC5FCBBF-BC52-4924-9C13-F6FB7078ED1F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FC605468-DC0B-4212-A8B0-4366634EDD93}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FC77E65A-C1DA-436A-8A51-7220512681A6}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FC8DD600-E399-4099-AE9A-613CF58427E4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FC8FBC5B-D411-493B-8B1C-7DCAAAA52FF4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FCE997AF-BF6A-4A2E-ACDA-D90E44D08FC9}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FCECB274-585C-42D6-903C-0943EB2A59A5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FD097EC0-D5C6-4626-B8C1-4AAE59814B19}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FD11324C-2463-4332-9F62-CF218A79BEA1}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FD128EB0-0986-4A3B-9456-10E7C93055C5}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FD2A58F2-166A-4222-89BF-DD208BB33363}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FD41A95F-F011-4C9B-9E4E-B7C3E59504B4}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FD86B3F6-5387-4ED1-92B7-6CA1038EEB72}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FDC9FDB0-4CEA-408B-8B18-6EC23D068C55}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FDCE719C-3123-4E2B-8E2B-5A3143345778}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FDD15F9E-F018-40DE-933D-394C75E58991}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FE25683B-69C8-4614-BB7B-523C3DAA5A4C}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FE26F9E4-BCAC-415E-9BA2-02A4FAFCA6EA}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FE4CDB70-4E4B-4686-9220-68C309DBE2BE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FE765AF2-B1E4-4163-9100-93F9EE05FA6D}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FE836FF9-045D-408E-AF21-47F5A86A13BE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FE9B0D29-412A-488E-BF4A-80DE13DAF5E7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FEA11C22-D836-4B8A-9E55-51FD6BEDECEE}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FEC09005-D57C-4BAF-BD2C-20A44E51DC97}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FEC34C14-150F-41D3-ACB4-424F013595CB}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FEEB63BF-C3AA-4447-A61D-C4910C6C3076}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FF2C8040-1986-4241-908B-28EF54EAAEA8}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FF440300-D2FF-4F18-B3B3-62B76DBCC88E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FF64B25A-113A-4A69-AB71-0632DAB660E2}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FF99B48C-98A9-4658-BC31-173BE19E28B0}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FFC38673-3A1D-42E0-82EB-C960048B23F3}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FFD70DC3-7EF9-4314-BCC6-2C53A4CC02E7}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FFD9F4BF-E3B3-4A07-886C-FB3C73A87D4F}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FFE513F3-73D2-4E83-A7A7-12D8EA5C186A}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FFE63140-4E11-4BB7-B5B4-7065F4E8429E}Successfully deleted: [Empty Folder] C:\Users\Ralph\appdata\local\{FFEBFE23-FA12-400B-AD36-87B3925C8519}~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Sun 10/13/2013 at 22:04:34.78End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~=============================================================================================When I tried to post JRT.txt, I got an error message that it was too long,so I cut out a bunch of these empty folders.Step 05 will be next. -
On Step 03:
The Malwarebytes Anti-rootkit scan finished.
The messages at the end said:
"Scan finished. No Malware found."And Cleanup:
"Congratulations, no cleanup is required."
So here's the log:
---------------------------------------Malwarebytes Anti-Rootkit BETA 1.07.0.1007© Malwarebytes Corporation 2011-2012OS version: 6.0.6002 Windows Vista Service Pack 2 x86System is currently in a safe modeAccount is AdministrativeInternet Explorer version: 9.0.8112.16421File system is: NTFSDisk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXEDCPU speed: 1.463000 GHzMemory total: 2136670208, free: 1358426112Downloaded database version: v2013.10.14.01Downloaded database version: v2013.10.11.02Initializing...======================------------ Kernel report ------------10/13/2013 20:03:45------------ Loaded modules -----------\SystemRoot\system32\ntkrnlpa.exe\SystemRoot\system32\hal.dll\SystemRoot\system32\kdcom.dll\SystemRoot\system32\mcupdate_GenuineIntel.dll\SystemRoot\system32\PSHED.dll\SystemRoot\system32\BOOTVID.dll\SystemRoot\system32\CLFS.SYS\SystemRoot\system32\CI.dll\SystemRoot\system32\drivers\Wdf01000.sys\SystemRoot\system32\drivers\WDFLDR.SYS\SystemRoot\system32\drivers\acpi.sys\SystemRoot\system32\drivers\WMILIB.SYS\SystemRoot\system32\drivers\msisadrv.sys\SystemRoot\system32\drivers\pci.sys\SystemRoot\System32\drivers\partmgr.sys\SystemRoot\system32\DRIVERS\compbatt.sys\SystemRoot\system32\DRIVERS\BATTC.SYS\SystemRoot\system32\drivers\volmgr.sys\SystemRoot\System32\drivers\volmgrx.sys\SystemRoot\system32\drivers\intelide.sys\SystemRoot\system32\drivers\PCIIDEX.SYS\SystemRoot\System32\drivers\mountmgr.sys\SystemRoot\system32\DRIVERS\iaStor.sys\SystemRoot\system32\drivers\atapi.sys\SystemRoot\system32\drivers\ataport.SYS\SystemRoot\system32\drivers\msahci.sys\SystemRoot\system32\drivers\fltmgr.sys\SystemRoot\system32\drivers\fileinfo.sys\SystemRoot\System32\Drivers\PxHelp20.sys\SystemRoot\System32\Drivers\ksecdd.sys\SystemRoot\system32\drivers\ndis.sys\SystemRoot\system32\drivers\msrpc.sys\SystemRoot\system32\drivers\NETIO.SYS\SystemRoot\System32\drivers\tcpip.sys\SystemRoot\System32\drivers\fwpkclnt.sys\SystemRoot\System32\Drivers\Ntfs.sys\SystemRoot\system32\drivers\volsnap.sys\SystemRoot\System32\Drivers\mup.sys\SystemRoot\System32\drivers\ecache.sys\SystemRoot\system32\drivers\disk.sys\SystemRoot\system32\drivers\CLASSPNP.SYS\SystemRoot\system32\drivers\crcdisk.sys\SystemRoot\system32\DRIVERS\tunnel.sys\SystemRoot\system32\DRIVERS\tunmp.sys\SystemRoot\system32\DRIVERS\wmiacpi.sys\SystemRoot\system32\DRIVERS\usbuhci.sys\SystemRoot\system32\DRIVERS\USBPORT.SYS\SystemRoot\system32\DRIVERS\usbehci.sys\SystemRoot\system32\DRIVERS\HDAudBus.sys\SystemRoot\system32\DRIVERS\Rtlh86.sys\SystemRoot\system32\DRIVERS\i8042prt.sys\SystemRoot\system32\DRIVERS\kbdclass.sys\SystemRoot\system32\DRIVERS\SynTP.sys\SystemRoot\system32\DRIVERS\USBD.SYS\SystemRoot\system32\DRIVERS\mouclass.sys\SystemRoot\system32\DRIVERS\cdrom.sys\SystemRoot\system32\DRIVERS\msiscsi.sys\SystemRoot\system32\DRIVERS\storport.sys\SystemRoot\system32\DRIVERS\TDI.SYS\SystemRoot\system32\DRIVERS\rasl2tp.sys\SystemRoot\system32\DRIVERS\ndistapi.sys\SystemRoot\system32\DRIVERS\ndiswan.sys\SystemRoot\system32\DRIVERS\raspppoe.sys\SystemRoot\system32\DRIVERS\raspptp.sys\SystemRoot\system32\DRIVERS\rassstp.sys\SystemRoot\system32\DRIVERS\termdd.sys\SystemRoot\system32\DRIVERS\swenum.sys\SystemRoot\system32\DRIVERS\ks.sys\SystemRoot\system32\DRIVERS\mssmbios.sys\SystemRoot\system32\DRIVERS\umbus.sys\SystemRoot\system32\DRIVERS\usbhub.sys\SystemRoot\System32\Drivers\NDProxy.SYS\SystemRoot\System32\Drivers\Cdr4_xp.SYS\SystemRoot\System32\Drivers\Cdralw2k.SYS\SystemRoot\System32\Drivers\Fs_Rec.SYS\SystemRoot\System32\Drivers\Null.SYS\SystemRoot\System32\Drivers\Beep.SYS\??\C:\Windows\system32\drivers\avgtpx86.sys\SystemRoot\System32\drivers\vga.sys\SystemRoot\System32\drivers\VIDEOPRT.SYS\SystemRoot\System32\drivers\watchdog.sys\SystemRoot\system32\drivers\rdpencdd.sys\SystemRoot\System32\Drivers\Msfs.SYS\SystemRoot\System32\Drivers\Npfs.SYS\SystemRoot\System32\DRIVERS\rasacd.sys\SystemRoot\system32\DRIVERS\tdx.sys\SystemRoot\System32\DRIVERS\netbt.sys\SystemRoot\system32\DRIVERS\smb.sys\SystemRoot\system32\drivers\afd.sys\SystemRoot\system32\drivers\ws2ifsl.sys\SystemRoot\system32\DRIVERS\pacer.sys\SystemRoot\system32\DRIVERS\netbios.sys\SystemRoot\system32\DRIVERS\rdbss.sys\SystemRoot\system32\drivers\nsiproxy.sys\SystemRoot\System32\Drivers\dfsc.sys\SystemRoot\system32\DRIVERS\RTL8187B.sys\SystemRoot\System32\Drivers\crashdmp.sys\SystemRoot\System32\Drivers\dump_iaStor.sys\SystemRoot\system32\drivers\RTSTOR.SYS\SystemRoot\System32\win32k.sys\SystemRoot\System32\drivers\Dxapi.sys\SystemRoot\System32\drivers\dxg.sys\SystemRoot\System32\TSDDD.dll\SystemRoot\System32\framebuf.dll\SystemRoot\system32\drivers\WudfPf.sys\SystemRoot\system32\DRIVERS\nwifi.sys\SystemRoot\system32\DRIVERS\ndisuio.sys\SystemRoot\system32\DRIVERS\bowser.sys\SystemRoot\System32\drivers\mpsdrv.sys\SystemRoot\system32\DRIVERS\mrxsmb.sys\SystemRoot\system32\DRIVERS\mrxsmb10.sys\SystemRoot\system32\DRIVERS\mrxsmb20.sys\SystemRoot\system32\DRIVERS\cdfs.sys\??\C:\Windows\system32\drivers\mbamchameleon.sys\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys\Windows\System32\ntdll.dll----------- End -----------Done!<<<1>>>Upper Device Name: \Device\Harddisk0\DR0Upper Device Object: 0xffffffff864316f0Upper Device Driver Name: \Driver\disk\Lower Device Name: \Device\Ide\IAAStorageDevice-0\Lower Device Object: 0xffffffff85a23030Lower Device Driver Name: \Driver\iaStor\<<<2>>>Physical Sector Size: 512Drive: 0, DevicePointer: 0xffffffff864316f0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\--------- Disk Stack ------DevicePointer: 0xffffffff86431310, DeviceName: Unknown, DriverName: \Driver\partmgr\DevicePointer: 0xffffffff864316f0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\DevicePointer: 0xffffffff85a1f758, DeviceName: Unknown, DriverName: \Driver\ACPI\DevicePointer: 0xffffffff85a23030, DeviceName: \Device\Ide\IAAStorageDevice-0\, DriverName: \Driver\iaStor\------------ End ----------Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\Upper DeviceData: 0x0, 0x0, 0x0Lower DeviceData: 0x0, 0x0, 0x0<<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesScanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...<<<2>>><<<3>>>Volume: C:File system type: NTFSSectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytesDone!Drive 0Scanning MBR on drive 0...Inspecting partition table:MBR Signature: 55AADisk Signature: 2FF13A2Partition information:Partition 0 type is Primary (0x7)Partition is NOT ACTIVE.Partition starts at LBA: 63 Numsec = 21029022Partition 1 type is Primary (0x7)Partition is ACTIVE.Partition starts at LBA: 21029085 Numsec = 291547620Partition is not bootablePartition 2 type is Empty (0x0)Partition is NOT ACTIVE.Partition starts at LBA: 0 Numsec = 0Partition 3 type is Empty (0x0)Partition is NOT ACTIVE.Partition starts at LBA: 0 Numsec = 0Disk Size: 160041885696 bytesSector size: 512 bytesScanning physical sectors of unpartitioned space on drive 0 (1-62-312561808-312581808)...Done!Scan finishedNow I'll get busy on the other steps. Thanks -
Heres the file from Combofix:
Once it started it said it didn't have Administrator privileges. I didn't know how to do anything at that point
so I let it continue.
It had also said MSE was running, but I had unchecked the box. Also Windows showed it as disabled because
I was running in Safe Mode with Networking, because my normal startup would freeze after a minute or two.
I hope the output is satisfactory. Thanks
=========================================================================
ComboFix 13-10-13.02 - Ralph 10/13/2013 15:57:18.1.2 - x86 NETWORKMicrosoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2038.1443 [GMT -7:00]Running from: c:\users\Ralph\Desktop\ComboFix.exeAV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}* Created a new restore point..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\programdata\1361814573.bdinstall.binc:\programdata\1373662743.bdinstall.binc:\users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Preferencesc:\users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnkc:\windows\system32\~GLU0000.TMPc:\windows\system32\~GLU0001.TMPD:\Autorun.inf..((((((((((((((((((((((((( Files Created from 2013-09-13 to 2013-10-13 )))))))))))))))))))))))))))))))..2013-10-13 23:11 . 2013-10-13 23:11 -------- d-----w- c:\users\Ralph\AppData\Local\temp2013-10-13 18:37 . 2013-10-13 18:37 26624 ----a-w- c:\windows\system32\TrueSight.sys2013-10-13 18:29 . 2013-10-13 18:29 -------- d-----w- c:\program files\ERUNT2013-10-13 17:44 . 2013-10-13 17:44 40392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A9291C32-F371-4B14-A002-BF391FFDAB79}\MpKsl58a0a3eb.sys2013-10-13 04:04 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A9291C32-F371-4B14-A002-BF391FFDAB79}\mpengine.dll2013-10-12 17:04 . 2013-10-12 17:05 -------- d-----w- C:\d37cb711f4669170007b7c062013-10-12 00:29 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-10-11 20:17 . 2013-10-11 20:18 -------- d-----w- C:\c0064fe9fba931b6ef2013-10-11 18:33 . 2013-10-11 18:33 -------- d-----w- C:\cae8e13b0f4073a46ca4702013-10-11 18:01 . 2013-10-11 18:01 -------- d-----w- C:\2f4fe8f68cccaeb0c81653a9928657992013-10-10 19:51 . 2013-10-10 20:00 -------- d-----w- c:\program files\Filzip2013-10-10 17:11 . 2013-10-10 17:11 -------- d-----w- C:\7072a0582fb67f1ce42013-10-10 04:37 . 2013-06-29 02:07 197632 ----a-w- c:\windows\system32\drivers\usbhub.sys2013-10-10 04:37 . 2013-06-29 02:07 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys2013-10-10 04:37 . 2013-06-29 02:07 226304 ----a-w- c:\windows\system32\drivers\usbport.sys2013-10-10 04:37 . 2013-06-29 02:06 6016 ----a-w- c:\windows\system32\drivers\usbd.sys2013-10-10 04:37 . 2011-05-05 13:54 39936 ----a-w- c:\windows\system32\drivers\usbehci.sys2013-10-10 04:37 . 2011-05-05 13:54 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys2013-10-10 04:37 . 2013-07-12 09:04 73344 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys2013-10-10 04:37 . 2013-06-26 23:01 527064 ----a-w- c:\windows\system32\drivers\Wdf01000.sys2013-10-10 04:33 . 2013-06-04 04:16 34304 ----a-w- c:\windows\system32\atmlib.dll2013-10-10 04:33 . 2013-06-04 01:49 293376 ----a-w- c:\windows\system32\atmfd.dll2013-10-10 04:32 . 2013-07-04 04:21 532480 ----a-w- c:\windows\system32\comctl32.dll2013-10-10 04:32 . 2013-07-03 02:33 35328 ----a-w- c:\windows\system32\drivers\usbscan.sys2013-10-10 04:32 . 2013-07-03 02:10 25472 ----a-w- c:\windows\system32\drivers\hidparse.sys2013-10-08 23:52 . 2013-10-08 23:52 -------- d-----w- C:\found.0102013-10-08 09:51 . 2013-10-08 09:51 -------- d-----w- C:\found.0092013-09-25 21:08 . 2013-09-25 21:08 -------- d-----w- c:\program files\ESET2013-09-23 18:13 . 2013-09-23 18:13 -------- d-----w- C:\found.0082013-09-23 08:13 . 2013-09-23 08:13 -------- d-----w- C:\found.007...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-10-09 19:17 . 2012-09-20 15:41 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-10-09 19:17 . 2011-07-05 19:43 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-09-06 03:50 . 2013-09-06 03:52 718712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1A862CD4-4029-4F66-973D-CE99A48BCE04}\gapaengine.dll2013-08-23 03:35 . 2013-03-12 23:42 697992 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll2013-08-15 21:50 . 2013-08-15 21:57 31744 ----a-w- c:\windows\system32\cscapi.dll2013-08-05 04:49 . 2013-08-05 04:48 481336 ----a-w- c:\windows\system32\cc_20130804_214808.reg2013-08-02 04:09 . 2013-08-28 17:29 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL2013-07-17 19:41 . 2013-08-14 16:37 2048 ----a-w- c:\windows\system32\tzres.dll2013-07-16 04:35 . 2013-09-12 03:23 615936 ----a-w- c:\windows\system32\themeui.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]2013-07-23 09:46 1451680 ----a-w- c:\program files\Microsoft\BingBar\7.2.241.0\BingExt.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"HP Photosmart 6520 series (NET)"="c:\program files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe" [2012-10-17 1837672]"GarminExpressTrayApp"="c:\program files\Garmin\Express Tray\ExpressTray.exe" [2013-08-22 1093464]"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-21 995176]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]"SOSUAUI"="c:\program files\Malwarebytes Secure Backup\sosuploadagent.exe" [2013-08-15 55192]"SMessaging"="c:\program files\Malwarebytes Secure Backup\SMessaging.exe" [2013-08-15 64408].c:\users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 6520 series (Network).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Photosmart 6520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2AI3526V05XP;CONNECTION=NW;MONITOR=1; [2006-11-2 44544].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-1-10 291896].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]"AppInit_DLLs"=c:\progra~1\GOOGLE\GOOGLE~1\GOEC62~1.DLL.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]@="Service".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]@="Service".[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnkbackup=c:\windows\pss\Secunia PSI Tray.lnk.CommonStartupbackupExtension=.CommonStartup.[HKLM\~\startupfolder\C:^Users^Ralph^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]path=c:\users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnkbackup=c:\windows\pss\Logitech . Product Registration.lnk.StartupbackupExtension=.Startup.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]2012-10-12 05:56 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]2008-03-11 01:20 689488 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]2008-01-19 07:33 125952 ----a-w- c:\windows\ehome\ehtray.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]2009-06-30 17:40 133104 ----atw- c:\users\Ralph\AppData\Local\Google\Update\GoogleUpdate.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]2008-02-12 04:13 166424 ----a-w- c:\windows\System32\hkcmd.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]2007-02-12 20:37 174872 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]2008-02-12 04:13 141848 ----a-w- c:\windows\System32\igfxtray.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]2008-12-20 14:50 2656528 ----a-w- c:\program files\Logitech\QuickCam\Quickcam.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]2012-03-09 01:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Transfer Monitor]2008-12-16 23:44 479232 ----a-w- c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]2008-02-12 04:13 133656 ----a-w- c:\windows\System32\igfxpers.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]2013-05-01 10:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]2007-07-27 16:48 405504 ----a-w- c:\windows\sttray.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Singlesnet]2009-12-10 17:32 2797096 ----a-w- c:\program files\Singlesnet\Singlesnet\Singlesnet.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spare Backup]2007-07-13 23:19 5252936 ----a-w- c:\program files\Spare Backup\SpareBackup.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]2007-02-16 04:50 857648 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]2013-07-02 18:19 248208 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]"DisableMonitoring"=dword:00000001.--- Other Services/Drivers In Memory ---.*NewlyCreated* - ECACHE.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache.[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-10-05 18:08 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-10-13 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 19:17].2013-10-12 c:\windows\Tasks\Google Software Updater.job- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-03-27 22:46].2013-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-05 22:19].2013-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-05 22:19].2013-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3181102313-2446731150-1557776212-1000Core.job- c:\users\Ralph\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-02 17:40].2013-10-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3181102313-2446731150-1557776212-1000UA.job- c:\users\Ralph\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-02 17:40].2013-10-02 c:\windows\Tasks\Malwarebytes Secure Backup - ralphyde@centurytel.net.job- c:\program files\Malwarebytes Secure Backup\sosuploadagent.exe [2013-08-15 23:40].2013-10-13 c:\windows\Tasks\Online Backup Update Notifier.job- c:\program files\Malwarebytes Secure Backup\SUpdateNotifier.exe [2013-08-15 23:40].2013-01-28 c:\windows\Tasks\{B9528C56-634A-4606-A03B-F93C07CBEBA2}.job- c:\users\ralph\appdata\local\google\chrome\application\chrome.exe [2009-10-02 08:07]..------- Supplementary Scan -------.IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000Trusted Zone: google.com\picasawebTCP: DhcpNameServer = 192.168.0.1 64.91.3.46.- - - - ORPHANS REMOVED - - - -.Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)SafeBoot-WudfPfSafeBoot-WudfRdMSConfigStartUp-BigFix - c:\program files\Bigfix\bigfix.exeMSConfigStartUp-Garmin Lifetime Updater - c:\program files\Garmin\Lifetime Updater\GarminLifetime.exeMSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exeMSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exeMSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeMSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exeAddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Ralph\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2013-10-13 16:11Windows 6.0.6002 Service Pack 2 NTFS.scanning hidden processes ....scanning hidden autostart entries ....scanning hidden files ....scan completed successfullyhidden files: 0.**************************************************************************.--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.Completion time: 2013-10-13 16:14:40ComboFix-quarantined-files.txt 2013-10-13 23:14.Pre-Run: 76,102,336,512 bytes freePost-Run: 76,413,284,352 bytes free.- - End Of File - - 936146186D01DF43E7D578AF243BBEFA5C616939100B85E558DA92B899A0FC36 -
Had to run this in Safe Mode with Networking, as normal startup
would only run for a few minutes without freezing up, requiring forced shutdown.
Here's the Rkill run: This was previously run a few weeks ago, but I downloaded a fresh copy.
Rkill 2.6.1 by Lawrence Abrams (Grinler)Copyright 2008-2013 BleepingComputer.comMore Information about Rkill can be found at this link:Program started at: 10/13/2013 11:22:22 AM in x86 mode. (Safe Mode)Windows Version: Windows Vista Home Premium Service Pack 2Checking for Windows services to stop:* No malware services found to stop.Checking for processes to terminate:* No malware processes found to kill.Checking Registry for malware related settings:* No issues found in the Registry.Resetting .EXE, .COM, & .BAT associations in the Windows Registry.Performing miscellaneous checks:* No issues found.Checking Windows Service Integrity:* COM+ Event System (EventSystem) is not Running.Startup Type set to: Automatic* Security Center (wscsvc) is not Running.Startup Type set to: Automatic (Delayed Start)* Windows Update (wuauserv) is not Running.Startup Type set to: Automatic (Delayed Start)Searching for Missing Digital Signatures:* No issues found.Checking HOSTS File:* HOSTS file entries found:127.0.0.1 localhost::1 localhostProgram finished at: 10/13/2013 11:29:26 AMExecution time: 0 hours(s), 7 minute(s), and 3 seconds(s)================================================================================And here's the Rogue Killer report:RogueKiller V8.7.2 [Oct 3 2013] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://www.adlice.com/forum/Blog : http://tigzyrk.blogspot.com/Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits versionStarted in : Safe mode with network supportUser : Ralph [Admin rights]Mode : Scan -- Date : 10/13/2013 11:40:16| ARK || FAK || MBR |¤¤¤ Bad processes : 1 ¤¤¤[sUSP PATH] rkill.exe -- C:\Users\Ralph\Desktop\Deskwork\rkill.exe [7] -> KILLED [TermProc]¤¤¤ Registry Entries : 3 ¤¤¤[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Scheduled tasks : 0 ¤¤¤¤¤¤ Startup Entries : 0 ¤¤¤¤¤¤ Web browsers : 0 ¤¤¤¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤¤¤¤ External Hives: ¤¤¤-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]-> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts127.0.0.1 localhost::1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - FUJITSU MHW2160BH PL +++++--- User ---[MBR] 9e2fd599296073dbf6da1665ac9a2b36[bSP] fc0efc322d8cf965cac6c810b687e040 : Windows Vista MBR CodePartition table:0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 10268 Mo1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21029085 | Size: 142357 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[0]_S_10132013_114016.txt >>============================================================================Thanks for your help. -
Ron Lewis,
based on your request I have opened a new topic on the Malware removal forum.
The link to that post is:
https://forums.malwarebytes.org/index.php?showtopic=134792
Thanks,
-
This topic was transferred from the PC General Help forum at
https://forums.malwarebytes.org/index.php?showtopic=133977
by request of Ron Lewis.
That topic was transferred from this forum to PC General Help where it was originally:
https://forums.malwarebytes.org/index.php?showtopic=133795
Ron said; "Please go back into the Malware removal forum and start a new topic and link to this one and ask for me and we'll do some deeper scans for malware and I'll automate getting one or more of the dump files for you."
The specific problem we got hung up on is that I have been unable to Zip the Minidump dmp files for further debugging, because permission to read has been disabled, possibly due to malware changes.
Malwarebytes Pro finds no malware, now, but in the past I had several trojans removed, including Exploit, Open-Candy, and another I can't recall the name of now. There was also a program called "Smart PC Fix" which I never executed, but which appeared on my desktop for awhile.
Thanks for your help,
-
Having more bluescreen dumps today, partially aggrivated by more than 50 updates from Windows Update just today.
Also, still unable to zip the Minidumps, due to lack of read permission. Anybody know how to restore proper settings?
I believe settings were changed by malware at sometime within the last few months, to avoid detection.And still wondering about these Vista Driver downloads. Are they legit? Are they worthwhile?
What are my other options?
Please help with these issues. Thanks,
-
1. I'm stuck on trying to create Zip files of minidumps. See previous post. Permission to read has been changed, possibly by malware. How do I restore permission to read these files?
2. I'm considering this Vista Driver download, but don't know whether to trust it. Anybody got opinions about it?
I've been getting lots of targeted ads for it.
Thanks for any help. I'm still pretty stuck. Have had to force shutdowns today.
-
Still having problems creating Zip Files:
When I try the Windows standard way, and select a DMP file to Zip, I get the error message:
'File not found or no read permission' I am an administrator on this computer..
I'm suspecting that a virus or malware has modified permissions.
When I try to create a Zip archive using either Cam or FilZip, I get the error message:
'no items match your search'
With CAM Create, which has better instructions, and I choose the whole folder to Zip: It runs through the whole folder, a dump file at a time, and prints the message for each file: 'could not open for reading' C:\Windows\Minidump\Mini013113-01.dmp ...-02.dmp etc.
Finally figured out how to set up FilZip, ran a batch of 10 .dmp files, but got the same message for each of the 10 files I selected: 'could not open for reading'
So I seem to be unable to read these files. How could I change the permission to read, if that is the problem?
Like I said, I think malware may have modified permissions and other settings.
Thanks for any help with this.
-
Also, today, after running the BIOS screen all night, with no changes, I exited that utility, and to my surprise, Windows came up normally.
I kept it up most of the day, and it worked normally, but when I left it for awhile to watch the news, I came back to find the screen frozen, cursor able to move, but not doing anything, and Start button not available. Had to do a forced shutdown.
When I started up again, I was given the Safe mode choice, but chose to start normally. This time it came up normally again.
Thanks.
-
Please tell me how to get the zip files of the dumps. What program to use. I tried CamUnzip, but was unsuccessful.
thanks,
-
Sorry, David, I misread or misremembered your name as Donald.
Anyway, Do you still want the zip file of the minidumps? Please instruct me as to how to make one.
-
Donald, In lieu of the minidump zip file you requested, and which I was unable to provide, I have included this output from the program, Who Crashed, which I found on my computer, and which may be helpful in determining my problems. Hope it helps:
Welcome to WhoCrashed (HOME EDITION) v 4.01
This program checks for drivers which have been crashing your computer. If your computer has displayed a blue screen of death, suddenly rebooted or shut down then this program will help you find the root cause and possibly a solution.
Whenever a computer suddenly reboots without displaying any notice or blue screen of death, the first thing that is often thought about is a hardware failure. In reality, on Windows most crashes are caused by malfunctioning device drivers and kernel modules. In case of a kernel error, many computers do not show a blue screen unless they are configured for this. Instead these systems suddenly reboot without any notice.
This program will analyze your crash dumps with the single click of a button. It will tell you what drivers are likely to be responsible for crashing your computer. It will report a conclusion which offers suggestions on how to proceed in any situation while the analysis report will display internet links which will help you further troubleshoot any detected problems.
To obtain technical support visit www.resplendence.com/support
Click here to check if you have the latest version or if an update is available.
Just click the Analyze button for a comprehensible report ...
Home Edition Notice
This version of WhoCrashed is free for use at home only. If you would like to use this software at work or in a commercial environment you should get the professional edition of WhoCrashed which also allows analysis of crashdumps on remote drives and computers on the network and offers a range of additional features.
Click here for more information on the professional edition.
Click here to buy the the professional edition of WhoCrashed.
System Information (local)
computer name: RALPH-PC
windows version: Windows Vista Service Pack 2, 6.0, build: 6002
windows dir: C:\Windows
CPU: GenuineIntel Intel® Pentium® Dual CPU T2310 @ 1.46GHz Intel586, level: 6
2 logical processors, active mask: 3
RAM: 2136670208 total
VM: 2147352576, free: 1984438272
Crash Dump Analysis
Crash dump directory: C:\Windows\Minidump
Crash dumps are enabled on your computer.
On Sun 10/6/2013 4:53:28 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini100613-01.dmp
This was probably caused by the following module: iastor.sys (iaStor+0x9859)
Bugcheck code: 0x8086 (0x0, 0x0, 0x0, 0x0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\drivers\iastor.sys
product: Intel Matrix Storage Manager driver
company: Intel Corporation
description: Intel Matrix Storage Manager driver
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastor.sys (Intel Matrix Storage Manager driver, Intel Corporation).
Google query: Intel Corporation CUSTOM_ERROR
On Sun 10/6/2013 4:53:28 PM GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: iastor.sys (iaStor+0x9859)
Bugcheck code: 0x8086 (0x0, 0x0, 0x0, 0x0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\drivers\iastor.sys
product: Intel Matrix Storage Manager driver
company: Intel Corporation
description: Intel Matrix Storage Manager driver
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastor.sys (Intel Matrix Storage Manager driver, Intel Corporation).
Google query: Intel Corporation CUSTOM_ERROR
On Thu 10/3/2013 8:37:10 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini100313-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xCD9BD)
Bugcheck code: 0x9F (0x3, 0xFFFFFFFF873F2030, 0xFFFFFFFF876A1030, 0xFFFFFFFF869AB008)
Error: DRIVER_POWER_STATE_FAILURE
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the driver is in an inconsistent or invalid power state.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Sat 9/28/2013 3:41:53 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini092713-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xCD9BD)
Bugcheck code: 0x1A (0x30, 0xFFFFFFFF884E93E0, 0xFFFFFFFFBBD04000, 0xFFFFFFFF97CC10B8)
Error: MEMORY_MANAGEMENT
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a severe memory management error occurred.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Thu 9/26/2013 7:36:40 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini092613-01.dmp
This was probably caused by the following module: iastor.sys (iaStor+0x9859)
Bugcheck code: 0x8086 (0x0, 0x0, 0x0, 0x0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\drivers\iastor.sys
product: Intel Matrix Storage Manager driver
company: Intel Corporation
description: Intel Matrix Storage Manager driver
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastor.sys (Intel Matrix Storage Manager driver, Intel Corporation).
Google query: Intel Corporation CUSTOM_ERROR
On Tue 9/24/2013 5:56:13 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini092413-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xCD9BD)
Bugcheck code: 0xF4 (0x3, 0xFFFFFFFF872889E0, 0xFFFFFFFF87288B2C, 0xFFFFFFFF82C74C30)
Error: CRITICAL_OBJECT_TERMINATION
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a process or thread crucial to system operation has unexpectedly exited or been terminated.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem. This problem might be caused by a thermal issue.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Sat 9/21/2013 10:35:00 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini092113-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xCD9BD)
Bugcheck code: 0x9F (0x3, 0xFFFFFFFF859EF658, 0xFFFFFFFF8749E030, 0xFFFFFFFFCA860E28)
Error: DRIVER_POWER_STATE_FAILURE
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the driver is in an inconsistent or invalid power state.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Sat 9/21/2013 4:40:31 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini092013-03.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xCD9BD)
Bugcheck code: 0x1A (0x30, 0xFFFFFFFF87BF3D08, 0xFFFFFFFFAF4CB000, 0xFFFFFFFF824D6004)
Error: MEMORY_MANAGEMENT
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a severe memory management error occurred.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Fri 9/20/2013 8:02:06 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini092013-02.dmp
This was probably caused by the following module: iastor.sys (iaStor+0x9859)
Bugcheck code: 0x8086 (0x0, 0x0, 0x0, 0x0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\drivers\iastor.sys
product: Intel Matrix Storage Manager driver
company: Intel Corporation
description: Intel Matrix Storage Manager driver
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastor.sys (Intel Matrix Storage Manager driver, Intel Corporation).
Google query: Intel Corporation CUSTOM_ERROR
On Fri 9/20/2013 5:24:44 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini092013-01.dmp
This was probably caused by the following module: iastor.sys (iaStor+0x9859)
Bugcheck code: 0x8086 (0x0, 0x0, 0x0, 0x0)
Error: CUSTOM_ERROR
file path: C:\Windows\system32\drivers\iastor.sys
product: Intel Matrix Storage Manager driver
company: Intel Corporation
description: Intel Matrix Storage Manager driver
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: iastor.sys (Intel Matrix Storage Manager driver, Intel Corporation).
Google query: Intel Corporation CUSTOM_ERROR
On Thu 9/19/2013 10:36:59 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini091913-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xCD9BD)
Bugcheck code: 0x1A (0x30, 0xFFFFFFFF88553828, 0xFFFFFFFFBF902000, 0xFFFFFFFFA6AF2530)
Error: MEMORY_MANAGEMENT
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a severe memory management error occurred.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Wed 9/18/2013 1:17:31 AM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini091713-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xCD9BD)
Bugcheck code: 0x1A (0x30, 0xFFFFFFFF87C592D0, 0xFFFFFFFFBA79F000, 0xFFFFFFFFB8BE1038)
Error: MEMORY_MANAGEMENT
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a severe memory management error occurred.
This might be a case of memory corruption. More often memory corruption happens because of software errors in buggy drivers, not because of faulty RAM modules.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Sat 9/14/2013 9:35:27 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini091413-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xCD9BD)
Bugcheck code: 0x77 (0x1, 0x0, 0x0, 0xFFFFFFFF8974BC70)
Error: KERNEL_STACK_INPAGE_ERROR
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Thu 9/5/2013 10:45:47 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini090513-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xEE010)
Bugcheck code: 0x1000008E (0xFFFFFFFFC0000005, 0xFFFFFFFF82B35010, 0xFFFFFFFFA9893B24, 0x0)
Error: KERNEL_MODE_EXCEPTION_NOT_HANDLED_M
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This indicates that a kernel-mode program generated an exception which the error handler did not catch.
This appears to be a typical software driver bug and is not likely to be caused by a hardware problem.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
On Sat 8/31/2013 4:51:38 PM GMT your computer crashed
crash dump file: C:\Windows\Minidump\Mini083113-01.dmp
This was probably caused by the following module: ntkrnlpa.exe (nt+0xCD9BD)
Bugcheck code: 0x77 (0x1, 0x0, 0x0, 0xFFFFFFFFB89C4C38)
Error: KERNEL_STACK_INPAGE_ERROR
file path: C:\Windows\system32\ntkrnlpa.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.
Conclusion
33 crash dumps have been found and analyzed. Only 15 are included in this report. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:
iastor.sys (Intel Matrix Storage Manager driver, Intel Corporation)
If no updates for these drivers are available, try searching with Google on the names of these drivers in combination the errors that have been reported for these drivers and include the brand and model name of your computer as well in the query. This often yields interesting results from discussions from users who have been experiencing similar problems.
Read the topic general suggestions for troubleshooting system crashes for more information.
Note that it's not always possible to state with certainty whether a reported driver is actually responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
-
Catching up.
1. Last night I ran the BIOS screen test recommended above. After 15 hours, the screen was just as I left it, with the clock ticking through the seconds.
But, to my surprise, when I exited that utility (without saving changes, I think), after a few seconds, the computer continued the interrupted startup routine, and proceeded to start up normally, for the first time in days (previously I'd only been able to get it up in Safe Mode. I'm still running from this startup today, want to proceed here while I can.
2. Now I will download and run Minitoolbox, as requested by Ron, above.
Note; I use Chrome, rarely use IE.
3. I keep getting ads for Vista Driver updates, referring to this website: http://www.driverupdate.net/articles/download_theme/windows-vista-driver-downloads.php?aps=winVISTAtextsplit_download Is this legit? or recommended?
4. I will grab the minidumps, and attach them in a ZIP file for Donald, above.
Sorry, Donald, I've been having trouble creating a ZIP file. Please give further instructions. Windows asks me to specify program to use to create file.
----------------------------------------------------------------------------------------------------------------------------
2. Result.txt from Minitoolbox:
MiniToolBox by Farbar Version: 13-07-2013Ran by Ralph (administrator) on 09-10-2013 at 11:46:05Running from "C:\Users\Ralph\Desktop\Deskwork"Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)Boot Mode: Normal***************************************************************************========================= Flush DNS: ===================================Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.========================= IE Proxy Settings: ==============================Proxy is not enabled.No Proxy Server is set."Reset IE Proxy Settings": IE Proxy Settings were reset.========================= Hosts content: =================================::1 localhost127.0.0.1 localhost========================= IP Configuration: ================================Realtek PCIe GBE Family Controller = Local Area Connection (Connected)Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter = Wireless Network Connection (Connected)The following helper DLL cannot be loaded: WLANCFG.DLL.The following helper DLL cannot be loaded: WCNNETSH.DLL.# ----------------------------------# IPv4 Configuration# ----------------------------------pushd interface ipv4resetset global icmpredirects=enabledadd address name="Local Area Connection" address=192.168.0.1popd# End of IPv4 configurationWindows IP ConfigurationHost Name . . . . . . . . . . . . : Ralph-PCPrimary Dns Suffix . . . . . . . :Node Type . . . . . . . . . . . . : BroadcastIP Routing Enabled. . . . . . . . : NoWINS Proxy Enabled. . . . . . . . : NoDNS Suffix Search List. . . . . . : PK5001ZWireless LAN adapter Wireless Network Connection:Connection-specific DNS Suffix . : PK5001ZDescription . . . . . . . . . . . : Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network AdapterPhysical Address. . . . . . . . . : 00-C0-A8-FB-77-F4DHCP Enabled. . . . . . . . . . . : YesAutoconfiguration Enabled . . . . : YesLink-local IPv6 Address . . . . . : fe80::31f5:5074:ea88:613%9(Preferred)IPv4 Address. . . . . . . . . . . : 192.168.0.141(Preferred)Subnet Mask . . . . . . . . . . . : 255.255.255.0Lease Obtained. . . . . . . . . . : Wednesday, October 09, 2013 10:24:00 AMLease Expires . . . . . . . . . . : Thursday, October 10, 2013 10:24:00 AMDefault Gateway . . . . . . . . . : fe80::b077:bc11:2fb0:cc22%9192.168.0.1DHCP Server . . . . . . . . . . . : 192.168.0.1DHCPv6 IAID . . . . . . . . . . . : 218153128DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-B6-5C-14-00-E0-B8-DB-4A-21DNS Servers . . . . . . . . . . . : 192.168.0.164.91.3.46NetBIOS over Tcpip. . . . . . . . : EnabledEthernet adapter Local Area Connection:Connection-specific DNS Suffix . :Description . . . . . . . . . . . : Realtek PCIe GBE Family ControllerPhysical Address. . . . . . . . . : 00-E0-B8-DB-4A-21DHCP Enabled. . . . . . . . . . . : NoAutoconfiguration Enabled . . . . : YesLink-local IPv6 Address . . . . . : fe80::b077:bc11:2fb0:cc22%8(Preferred)Autoconfiguration IPv4 Address. . : 169.254.204.34(Preferred)Subnet Mask . . . . . . . . . . . : 255.255.0.0IPv4 Address. . . . . . . . . . . : 192.168.0.1(Duplicate)Subnet Mask . . . . . . . . . . . : 255.255.255.0Default Gateway . . . . . . . . . :DHCPv6 IAID . . . . . . . . . . . : 201384120DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0F-B6-5C-14-00-E0-B8-DB-4A-21DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%2fec0:0:0:ffff::2%2fec0:0:0:ffff::3%2NetBIOS over Tcpip. . . . . . . . : EnabledTunnel adapter Local Area Connection* 6:Media State . . . . . . . . . . . : Media disconnectedConnection-specific DNS Suffix . :Description . . . . . . . . . . . : 6TO4 AdapterPhysical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0DHCP Enabled. . . . . . . . . . . : NoAutoconfiguration Enabled . . . . : YesTunnel adapter Local Area Connection* 9:Media State . . . . . . . . . . . : Media disconnectedConnection-specific DNS Suffix . :Description . . . . . . . . . . . : Teredo Tunneling Pseudo-InterfacePhysical Address. . . . . . . . . : 02-00-54-55-4E-01DHCP Enabled. . . . . . . . . . . : NoAutoconfiguration Enabled . . . . : YesTunnel adapter Local Area Connection* 12:Media State . . . . . . . . . . . : Media disconnectedConnection-specific DNS Suffix . :Description . . . . . . . . . . . : isatap.{E2CD68E9-F64B-46CA-AF60-CF8CB6FA1F9C}Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0DHCP Enabled. . . . . . . . . . . : NoAutoconfiguration Enabled . . . . : YesTunnel adapter Local Area Connection* 13:Connection-specific DNS Suffix . : PK5001ZDescription . . . . . . . . . . . : isatap.PK5001ZPhysical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0DHCP Enabled. . . . . . . . . . . : NoAutoconfiguration Enabled . . . . : YesLink-local IPv6 Address . . . . . : fe80::5efe:192.168.0.141%15(Preferred)Default Gateway . . . . . . . . . :DNS Servers . . . . . . . . . . . : 192.168.0.164.91.3.46NetBIOS over Tcpip. . . . . . . . : DisabledServer: PK5001Z.PK5001ZAddress: 192.168.0.1Name: google.comAddresses: 2607:f8b0:400a:802::1002173.194.33.66173.194.33.67173.194.33.68173.194.33.69173.194.33.70173.194.33.71173.194.33.72173.194.33.73173.194.33.78173.194.33.64173.194.33.65Pinging google.com [173.194.33.67] with 32 bytes of data:Reply from 173.194.33.67: bytes=32 time=23ms TTL=58Reply from 173.194.33.67: bytes=32 time=23ms TTL=58Ping statistics for 173.194.33.67:Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:Minimum = 23ms, Maximum = 23ms, Average = 23msServer: PK5001Z.PK5001ZAddress: 192.168.0.1Name: yahoo.comAddresses: 98.139.183.24206.190.36.4598.138.253.109Pinging yahoo.com [206.190.36.45] with 32 bytes of data:Reply from 206.190.36.45: bytes=32 time=30ms TTL=55Reply from 206.190.36.45: bytes=32 time=109ms TTL=55Ping statistics for 206.190.36.45:Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:Minimum = 30ms, Maximum = 109ms, Average = 69msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time=17ms TTL=128Reply from 127.0.0.1: bytes=32 time=5ms TTL=128Ping statistics for 127.0.0.1:Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:Minimum = 5ms, Maximum = 17ms, Average = 11ms===========================================================================Interface List9 ...00 c0 a8 fb 77 f4 ...... Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter8 ...00 e0 b8 db 4a 21 ...... Realtek PCIe GBE Family Controller1 ........................... Software Loopback Interface 116 ...00 00 00 00 00 00 00 e0 6TO4 Adapter11 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface14 ...00 00 00 00 00 00 00 e0 isatap.{E2CD68E9-F64B-46CA-AF60-CF8CB6FA1F9C}15 ...00 00 00 00 00 00 00 e0 isatap.PK5001Z===========================================================================IPv4 Route Table===========================================================================Active Routes:Network Destination Netmask Gateway Interface Metric0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.141 25127.0.0.0 255.0.0.0 On-link 127.0.0.1 306127.0.0.1 255.255.255.255 On-link 127.0.0.1 306127.255.255.255 255.255.255.255 On-link 127.0.0.1 306169.254.0.0 255.255.0.0 On-link 169.254.204.34 276169.254.204.34 255.255.255.255 On-link 169.254.204.34 276169.254.255.255 255.255.255.255 On-link 169.254.204.34 276192.168.0.0 255.255.255.0 On-link 192.168.0.141 281192.168.0.141 255.255.255.255 On-link 192.168.0.141 281192.168.0.255 255.255.255.255 On-link 192.168.0.141 281224.0.0.0 240.0.0.0 On-link 127.0.0.1 306224.0.0.0 240.0.0.0 On-link 169.254.204.34 276224.0.0.0 240.0.0.0 On-link 192.168.0.141 281255.255.255.255 255.255.255.255 On-link 127.0.0.1 306255.255.255.255 255.255.255.255 On-link 169.254.204.34 276255.255.255.255 255.255.255.255 On-link 192.168.0.141 281===========================================================================Persistent Routes:NoneIPv6 Route Table===========================================================================Active Routes:If Metric Network Destination Gateway9 281 ::/0 fe80::b077:bc11:2fb0:cc221 306 ::1/128 On-link8 276 fe80::/64 On-link9 281 fe80::/64 On-link15 286 fe80::5efe:192.168.0.141/128On-link9 281 fe80::31f5:5074:ea88:613/128On-link8 276 fe80::b077:bc11:2fb0:cc22/128On-link1 306 ff00::/8 On-link8 276 ff00::/8 On-link9 281 ff00::/8 On-link===========================================================================Persistent Routes:None========================= Winsock entries =====================================Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)========================= Event log errors: ===============================Application errors:==================Error: (10/09/2013 11:39:21 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.Please use sxstrace.exe for detailed diagnosis.Error: (10/08/2013 06:13:34 PM) (Source: EventSystem) (User: )Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043cError: (10/08/2013 03:57:03 PM) (Source: EventSystem) (User: )Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043cError: (10/08/2013 01:22:13 PM) (Source: EventSystem) (User: )Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043cError: (10/08/2013 11:51:38 AM) (Source: EventSystem) (User: )Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043cError: (10/08/2013 11:17:49 AM) (Source: Microsoft-Windows-CAPI2) (User: )Description:Details:Could not query the status of the EventSystem service.System Error:A system shutdown is in progress.Error: (10/08/2013 09:57:21 AM) (Source: EventSystem) (User: )Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043cError: (10/06/2013 09:37:29 PM) (Source: Windows Search Service) (User: )Description: The entry <C:\USERS\RALPH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\SYNC EXTENSION SETTINGS\DAJEDKNCPODKGGKLBEGCCJPMNGLMNFLM> in the hash map cannot be updated.Context: Application, SystemIndex CatalogDetails:A device attached to the system is not functioning. (0x8007001f)Error: (10/06/2013 09:37:29 PM) (Source: Windows Search Service) (User: )Description: The entry <C:\USERS\RALPH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\SYNC EXTENSION SETTINGS\DAJEDKNCPODKGGKLBEGCCJPMNGLMNFLM> in the hash map cannot be updated.Context: Application, SystemIndex CatalogDetails:A device attached to the system is not functioning. (0x8007001f)Error: (10/06/2013 09:36:53 PM) (Source: Windows Search Service) (User: )Description: The entry <C:\USERS\RALPH\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\SYNC EXTENSION SETTINGS\DAJEDKNCPODKGGKLBEGCCJPMNGLMNFLM> in the hash map cannot be updated.Context: Application, SystemIndex CatalogDetails:A device attached to the system is not functioning. (0x8007001f)System errors:=============Error: (10/09/2013 10:35:33 AM) (Source: ipnathlp) (User: )Description: The ICS_IPV6 failed to configure IPv6 stack.Error: (10/09/2013 10:31:49 AM) (Source: ipnathlp) (User: )Description: The DHCP allocator has disabled itself on IP address 169.254.204.34, since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses are being allocated to DHCP clients. To enable the DHCP allocator on this IP address, change the scope to include the IP address, or change the IP address to fall within the scope.Error: (10/09/2013 10:29:27 AM) (Source: Microsoft Antimalware) (User: )Description: %%860 Real-Time Protection feature has encountered an error and failed.Feature: %%886Error Code: 0x8007041dError description: The service did not respond to the start or control request in a timely fashion.Reason: %%892Error: (10/08/2013 06:13:49 PM) (Source: DCOM) (User: )Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}Error: (10/08/2013 06:13:48 PM) (Source: DCOM) (User: )Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}Error: (10/08/2013 06:13:38 PM) (Source: DCOM) (User: )Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}Error: (10/08/2013 06:13:34 PM) (Source: DCOM) (User: )Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}Error: (10/08/2013 06:13:24 PM) (Source: DCOM) (User: )Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}Error: (10/08/2013 06:12:56 PM) (Source: EventLog) (User: )Description: The previous system shutdown at 4:34:41 PM on 10/8/2013 was unexpected.Error: (10/08/2013 03:57:22 PM) (Source: DCOM) (User: )Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}Microsoft Office Sessions:=========================CodeIntegrity Errors:===================================Date: 2013-10-06 10:00:48.381Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-06 10:00:47.616Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-06 10:00:46.867Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-06 10:00:45.963Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-03 11:47:44.675Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-03 11:47:43.832Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-03 11:47:42.834Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.Date: 2013-10-03 11:47:41.945Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.Date: 2013-09-27 21:55:20.648Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.Date: 2013-09-27 21:55:19.696Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.=========================== Installed Programs ============================Update for Microsoft Office 2007 (KB2508958)Activation Assistant for the 2007 Microsoft Office suitesActivation Assistant for the 2007 Microsoft Office suites (Version: 1.0)Adobe AIR (Version: 3.8.0.1430)Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)Adobe Flash Player 11 Plugin (Version: 11.8.800.168)Adobe Reader X (10.1.8) (Version: 10.1.8)Adobe Shockwave Player 11.6 (Version: 11.6.1.629)Advertising Center (Version: 0.0.0.1)AFPL Ghostscript 7.03AFPL Ghostscript FontsAgere Systems HDA ModemAmazon KindleAmazon MP3 Downloader 1.0.15 (Version: 1.0.15)Amazon MP3 Uploader (Version: 1.0.8)Apple Application Support (Version: 2.3)Apple Software Update (Version: 2.1.3.127)ArcSoft Panorama Maker 4ArcSoft PhotoStudio 5.5Bing Bar (Version: 7.2.241.0)CAM UnZip 4.42Canon CanoScan LiDE 100 User RegistrationCanon G.726 WMP-Decoder (Version: 1.1.0.4)Canon Inkjet Printer Driver Add-On ModuleCanon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)Canon MP Navigator EX 2.0Canon PIXMA iP3000Canon RAW Image Task for ZoomBrowser EX (Version: 3.3.0.5)Canon Utilities CameraWindow (Version: 7.1.0.2)Canon Utilities CameraWindow DC (Version: 7.1.0.7)Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)Canon Utilities Easy-PhotoPrintCanon Utilities MyCamera (Version: 6.4.0.5)Canon Utilities MyCamera DC (Version: 7.0.1.8)Canon Utilities RemoteCapture DC (Version: 3.0.1.8)Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)Canon Utilities Solution MenuCanon Utilities ZoomBrowser EX (Version: 6.1.1.21)Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)CanoScan LiDE 100 Scanner DriverCCleaner (Version: 4.04)CDBurnerXP (Version: 4.3.7.2423)D3DX10 (Version: 15.4.2368.0902)Defraggler (Version: 2.15)DolbyFiles (Version: 0.1)EasyCleaner (Version: 2.0.6.380)Elevated Installer (Version: 2.2.21)ESET Online Scanner v3Family Tree MakerFile Uploader (Version: 1.2.0)Garmin Communicator Plugin (Version: 4.0.3)Garmin Express (Version: 2.2.21)Garmin Express Tray (Version: 2.2.21)Garmin Update Service (Version: 2.2.21)Garmin USB Drivers (Version: 2.3.0.0)Gateway Connect (Version: 1.1.0)Gateway Recovery Center Installer (Version: 1.01.031)Google Chrome (Version: 30.0.1599.69)Google Earth (Version: 6.2.2.6613)Google Update Helper (Version: 1.3.21.153)GSview 4.1HP FWUpdateEDO2 (Version: 1.2.0.0)HP Photo Creations (Version: 1.0.0.7702)HP Photosmart 6520 series Basic Device Software (Version: 28.0.1315.0)HP Photosmart 6520 series Help (Version: 28.0.0)HP Photosmart 6520 series Product Improvement Study (Version: 28.0.1315.0)HP Update (Version: 5.005.000.002)HPDiagnosticAlert (Version: 1.00.0000)IDT Audio (Version: 5.10.5303.0)ImagXpress (Version: 7.0.74.0)IMM4 VCM Codec 1.0.0.10Inkjet Printer/Scanner Extended Survey ProgramIntel® Graphics Media Accelerator DriverIntel® Matrix Storage ManagerIrfanView (remove only) (Version: 4.36)Java 7 Update 25 (Version: 7.0.250)JavaFX 2.1.1 (Version: 2.1.1)Junk Mail filter update (Version: 15.4.3502.0922)Keyspan USB Serial Adapter (Version: 3.7s)LabelPrint (Version: 2.0.1826)Logitech Legacy USB Camera Driver PackageLogitech QuickCam (Version: 11.90.1263)Logitech QuickCam Driver PackageMagnifier (Version: 2.4)Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)Malwarebytes Secure Backup (Version: 5.9.1.4720)Menu Templates - Starter Kit (Version: 9.4.2.0)Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft Application Error Reporting (Version: 12.0.6012.5000)Microsoft Fix it Center (Version: 1.0.0100)Microsoft Money Essentials (Version: 16)Microsoft Money Shared Libraries (Version: 16.0.0.705)Microsoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)Microsoft Security Client (Version: 4.3.0215.0)Microsoft Security Essentials (Version: 4.3.215.0)Microsoft Silverlight (Version: 5.1.20513.0)Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)Microsoft Works (Version: 08.05.0818)Microsoft WSE 2.0 SP3 Runtime (Version: 2.0.5050.0)Move Media PlayerMovie Templates - Starter Kit (Version: 9.4.2.0)MSVCRT (Version: 15.4.2862.0708)MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)Nero 9 EssentialsNero BurnRights (Version: 3.4.11.100)Nero BurnRights Help (Version: 3.4.4.100)Nero ControlCenter (Version: 9.0.0.1)Nero CoverDesigner (Version: 4.4.9.100)Nero CoverDesigner Help (Version: 4.4.9.100)Nero DiscSpeed (Version: 5.4.11.100)Nero DiscSpeed Help (Version: 5.4.4.100)Nero DriveSpeed (Version: 4.4.11.100)Nero DriveSpeed Help (Version: 4.4.4.100)Nero Express Help (Version: 9.6.2.101)Nero InfoTool (Version: 6.4.11.100)Nero InfoTool Help (Version: 6.4.4.100)Nero Installer (Version: 4.4.9.0)Nero Online Upgrade (Version: 1.3.0.0)Nero ShowTime (Version: 5.4.0.100)Nero ShowTime (Version: 5.4.13.100)Nero StartSmart (Version: 9.4.12.100)Nero StartSmart Help (Version: 9.4.12.100)Nero Vision (Version: 6.4.12.100)Nero Vision Help (Version: 6.4.8.100)NeroExpress (Version: 9.4.17.100)neroxml (Version: 1.0.0)Nikon Message Center (Version: 0.92.000)Nikon Transfer (Version: 1.4.0)Nitro PDF Reader (Version: 1.4.0.11)Notepad++ (Version: 5.7)Octoshape add-in for Adobe Flash PlayerOGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)Omron Health Management Software (Version: 1.21.0001)PA095 / PA075 USB2.0 DOCKPart 2 of 2PDF reDirect (remove only) (Version: v2.2.8)Picasa 3 (Version: 3.9)Picasa Uploader (Version: 0.6)Power2Go 5.0Quicken Deluxe 98Quicken WillMaker Plus 2013 (Version: 1.0.0.0)QuickTime (Version: 7.74.80.86)Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)Realtek USB 2.0 Card Reader (Version: )REALTEK USB Wireless LAN Driver (Version: 1.00.0000)Secunia PSI (2.0.0.3001)Segoe UI (Version: 15.4.2271.0615)Singlesnet (Version: 0.9.2901.0)Skype Click to Call (Version: 6.12.13601)Skype™ 6.6 (Version: 6.6.106)Spare Backup (Version: 3.2)swMSM (Version: 12.0.0.1)Synaptics Pointing Device Driver (Version: 9.1.17.0)TaxACT 2010TaxACT 2011 - 1040 EditionTaxACT 2011 OregonTaxACT 2012 - 1040 EditionTaxACT 2012 OregonTomTom HOME (Version: 2.9.6)TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)TreeSizeUniblue DriverScanner 2009 (Version: 2.0.0.1)Update for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596660) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596848) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)WebCopierWhoCrashed 4.01Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)Windows Live Communications Platform (Version: 15.4.3502.0922)Windows Live Essentials (Version: 15.4.3502.0922)Windows Live Essentials (Version: 15.4.3555.0308)Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)Windows Live Installer (Version: 15.4.3502.0922)Windows Live Mail (Version: 15.4.3502.0922)Windows Live Messenger (Version: 15.4.3538.0513)Windows Live MIME IFilter (Version: 15.4.3502.0922)Windows Live Movie Maker (Version: 15.4.3502.0922)Windows Live Photo Common (Version: 15.4.3502.0922)Windows Live Photo Gallery (Version: 15.4.3502.0922)Windows Live PIMT Platform (Version: 15.4.3508.1109)Windows Live SOXE (Version: 15.4.3502.0922)Windows Live SOXE Definitions (Version: 15.4.3502.0922)Windows Live Sync (Version: 14.0.8089.726)Windows Live UX Platform (Version: 15.4.3502.0922)Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)Windows Live Writer (Version: 15.4.3502.0922)Windows Live Writer Resources (Version: 15.4.3502.0922)Windows Media Player Firefox Plugin (Version: 1.0.0.8)Yahoo! Messenger========================= Devices: ================================Name: 6TO4 AdapterDescription: Microsoft 6to4 AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelName: isatap.{E2CD68E9-F64B-46CA-AF60-CF8CB6FA1F9C}Description: Microsoft ISATAP AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelName: isatap.PK5001ZDescription: Microsoft ISATAP AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelName: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Tun Miniport AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunmpName: ACPI x86-based PCDescription: ACPI x86-based PCClass Guid: {4d36e966-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard computers)Service: \Driver\ACPI_HALName: Microsoft ACPI-Compliant SystemDescription: Microsoft ACPI-Compliant SystemClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: ACPIName: Intel® Pentium® Dual CPU T2310 @ 1.46GHzDescription: Intel ProcessorClass Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}Manufacturer: IntelService: intelppmName: Intel® Pentium® Dual CPU T2310 @ 1.46GHzDescription: Intel ProcessorClass Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}Manufacturer: IntelService: intelppmName: Microsoft Windows Management Interface for ACPIDescription: Microsoft Windows Management Interface for ACPIClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: WmiAcpiName: ACPI LidDescription: ACPI LidClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: ACPI Sleep ButtonDescription: ACPI Sleep ButtonClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: PCI busDescription: PCI busClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: pciName: Mobile Intel® PM965/GM965/GL960 Express Processor to DRAM Controller - 2A00Description: Mobile Intel® PM965/GM965/GL960 Express Processor to DRAM Controller - 2A00Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService:Name: Mobile Intel® 965 Express Chipset FamilyDescription: Mobile Intel® 965 Express Chipset FamilyClass Guid: {4d36e968-e325-11ce-bfc1-08002be10318}Manufacturer: Intel CorporationService: igfxName: Generic PnP MonitorDescription: Generic PnP MonitorClass Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard monitor types)Service: monitorName: Mobile Intel® 965 Express Chipset FamilyDescription: Mobile Intel® 965 Express Chipset FamilyClass Guid: {4d36e968-e325-11ce-bfc1-08002be10318}Manufacturer: Intel CorporationService: igfxName: Intel® ICH8 Family USB Universal Host Controller - 2834Description: Intel® ICH8 Family USB Universal Host Controller - 2834Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: IntelService: usbuhciName: USB Root HubDescription: USB Root HubClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Intel® ICH8 Family USB Universal Host Controller - 2835Description: Intel® ICH8 Family USB Universal Host Controller - 2835Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: IntelService: usbuhciName: USB Root HubDescription: USB Root HubClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Intel® ICH8 Family USB2 Enhanced Host Controller - 283ADescription: Intel® ICH8 Family USB2 Enhanced Host Controller - 283AClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: IntelService: usbehciName: USB Root HubDescription: USB Root HubClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network AdapterDescription: Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: Realtek Semiconductor Corp.Service: RTL8187BName: High Definition Audio ControllerDescription: High Definition Audio ControllerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: HDAudBusName: Agere Systems HDA ModemDescription: Agere Systems HDA ModemClass Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}Manufacturer: AgereService: ModemName: SigmaTel High Definition Audio CODECDescription: SigmaTel High Definition Audio CODECClass Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}Manufacturer: SigmaTelService: STHDAName: Intel® ICH8 Family PCI Express Root Port 1 - 283FDescription: Intel® ICH8 Family PCI Express Root Port 1 - 283FClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService: pciName: Intel® ICH8 Family PCI Express Root Port 2 - 2841Description: Intel® ICH8 Family PCI Express Root Port 2 - 2841Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService: pciName: Intel® ICH8 Family PCI Express Root Port 3 - 2843Description: Intel® ICH8 Family PCI Express Root Port 3 - 2843Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService: pciName: Realtek PCIe GBE Family ControllerDescription: Realtek PCIe GBE Family ControllerClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: RealtekService: RTL8169Name: Intel® ICH8 Family PCI Express Root Port 4 - 2845Description: Intel® ICH8 Family PCI Express Root Port 4 - 2845Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService: pciName: Intel® ICH8 Family PCI Express Root Port 5 - 2847Description: Intel® ICH8 Family PCI Express Root Port 5 - 2847Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService: pciName: Intel® ICH8 Family USB Universal Host Controller - 2830Description: Intel® ICH8 Family USB Universal Host Controller - 2830Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: IntelService: usbuhciName: USB Root HubDescription: USB Root HubClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Intel® ICH8 Family USB Universal Host Controller - 2831Description: Intel® ICH8 Family USB Universal Host Controller - 2831Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: IntelService: usbuhciName: USB Root HubDescription: USB Root HubClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Intel® ICH8 Family USB Universal Host Controller - 2832Description: Intel® ICH8 Family USB Universal Host Controller - 2832Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: IntelService: usbuhciName: USB Root HubDescription: USB Root HubClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Intel® ICH8 Family USB2 Enhanced Host Controller - 2836Description: Intel® ICH8 Family USB2 Enhanced Host Controller - 2836Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: IntelService: usbehciName: USB Root HubDescription: USB Root HubClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: usbhubName: Realtek USB 2.0 Card ReaderDescription: Realtek USB 2.0 Card ReaderClass Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: Realtek Semiconductor Corp.Service: RTSTORName: Intel® 82801 PCI Bridge - 2448Description: Intel® 82801 PCI Bridge - 2448Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService: pciName: Intel® ICH8M LPC Interface Controller - 2815Description: Intel® ICH8M LPC Interface Controller - 2815Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService: msisadrvName: Microsoft ACPI-Compliant Embedded ControllerDescription: Microsoft ACPI-Compliant Embedded ControllerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: Direct Application Launch ButtonDescription: Direct Application Launch ButtonClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: Direct Application Launch ButtonDescription: Direct Application Launch ButtonClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: Direct Application Launch ButtonDescription: Direct Application Launch ButtonClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: Microsoft ACPI-Compliant Control Method BatteryDescription: Microsoft ACPI-Compliant Control Method BatteryClass Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}Manufacturer: MicrosoftService: CmBattName: Microsoft AC AdapterDescription: Microsoft AC AdapterClass Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}Manufacturer: MicrosoftService: CmBattName: Standard PS/2 KeyboardDescription: Standard PS/2 KeyboardClass Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard keyboards)Service: i8042prtName: Synaptics PS/2 Port TouchPadDescription: Synaptics PS/2 Port TouchPadClass Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}Manufacturer: SynapticsService: i8042prtName: Direct memory access controllerDescription: Direct memory access controllerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: Intel® 82802 Firmware Hub DeviceDescription: Intel® 82802 Firmware Hub DeviceClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService:Name: High precision event timerDescription: High precision event timerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: Programmable interrupt controllerDescription: Programmable interrupt controllerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: Numeric data processorDescription: Numeric data processorClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: Motherboard resourcesDescription: Motherboard resourcesClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: System CMOS/real time clockDescription: System CMOS/real time clockClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: System timerDescription: System timerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: Intel® ICH8M Ultra ATA Storage Controllers - 2850Description: Intel® ICH8M Ultra ATA Storage Controllers - 2850Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService: intelideName: IDE ChannelDescription: IDE ChannelClass Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard IDE ATA/ATAPI controllers)Service: atapiName: Optiarc DVD RW AD-7563A ATA DeviceDescription: CD-ROM DriveClass Guid: {4d36e965-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard CD-ROM drives)Service: cdromName: IDE ChannelDescription: IDE ChannelClass Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard IDE ATA/ATAPI controllers)Service: atapiName: Intel® 82801HEM/HBM SATA AHCI ControllerDescription: Intel® 82801HEM/HBM SATA AHCI ControllerClass Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService: iaStorName: FUJITSU MHW2160BH PLDescription: Disk driveClass Guid: {4d36e967-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard disk drives)Service: diskName: Intel® ICH8 Family SMBus Controller - 283EDescription: Intel® ICH8 Family SMBus Controller - 283EClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: IntelService:Name: Motherboard resourcesDescription: Motherboard resourcesClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: ACPI Thermal ZoneDescription: ACPI Thermal ZoneClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: ACPI Thermal ZoneDescription: ACPI Thermal ZoneClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: ACPI Fixed Feature ButtonDescription: ACPI Fixed Feature ButtonClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service:Name: Microsoft Composite BatteryDescription: Microsoft Composite BatteryClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: CompbattName: Microsoft iSCSI InitiatorDescription: Microsoft iSCSI InitiatorClass Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: iScsiPrtName: Ancilliary Function Driver for WinsockDescription: Ancilliary Function Driver for WinsockClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: AFDName: avgtpDescription: avgtpClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: avgtpName: BeepDescription: BeepClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: BeepName: Common Log (CLFS)Description: Common Log (CLFS)Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: CLFSName: Crcdisk Filter DriverDescription: Crcdisk Filter DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: crcdiskName: LDDM Graphics SubsystemDescription: LDDM Graphics SubsystemClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: DXGKrnlName: ReadyBoost Caching DriverDescription: ReadyBoost Caching DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: EcacheName: HTTPDescription: HTTPClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: HTTPName: IP Traffic Filter DriverDescription: IP Traffic Filter DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IpFilterDriverName: IP Network Address TranslatorDescription: IP Network Address TranslatorClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: IPNATName: KSecDDDescription: KSecDDClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: KSecDDName: Link-Layer Topology Discovery Mapper I/O DriverDescription: Link-Layer Topology Discovery Mapper I/O DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: lltdioName: Logitech LVPr2Mon DriverDescription: Logitech LVPr2Mon DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: LVPr2MonName: Mount Point ManagerDescription: Mount Point ManagerClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: MountMgrName: Windows Firewall Authorization DriverDescription: Windows Firewall Authorization DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: mpsdrvName: msahciDescription: msahciClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: msahciName: ISA/EISA Class DriverDescription: ISA/EISA Class DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: msisadrvName: NativeWiFi FilterDescription: NativeWiFi FilterClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NativeWifiPName: NDIS System DriverDescription: NDIS System DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NDISName: NDIS Usermode I/O ProtocolDescription: NDIS Usermode I/O ProtocolClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NdisuioName: NDProxyDescription: NDProxyClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NDProxyName: NETBTDescription: NETBTClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: netbtName: Microsoft Network Inspection SystemDescription: Microsoft Network Inspection SystemClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NisDrvName: NSI proxy serviceDescription: NSI proxy serviceClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: nsiproxyName: NullDescription: NullClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: NullName: PEAUTHDescription: PEAUTHClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: PEAUTHName: QoS Packet SchedulerDescription: QoS Packet SchedulerClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: PSchedName: Remote Access Auto Connection DriverDescription: Remote Access Auto Connection DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: RasAcdName: RDPCDDDescription: RDPCDDClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: RDPCDDName: RDP Encoder Mirror DriverDescription: RDP Encoder Mirror DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: RDPENCDDName: RMCAST (Pgm) Protocol DriverDescription: RMCAST (Pgm) Protocol DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: RMCASTName: Link-Layer Topology Discovery ResponderDescription: Link-Layer Topology Discovery ResponderClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: rspndrName: Security DriverDescription: Security DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: secdrvName: Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)Description: Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: SmbName: Security Processor Loader DriverDescription: Security Processor Loader DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: spldrName: TCP/IP Protocol DriverDescription: TCP/IP Protocol DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: TcpipName: TCP/IP Registry CompatibilityDescription: TCP/IP Registry CompatibilityClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: tcpipregName: NetIO Legacy TDI Support DriverDescription: NetIO Legacy TDI Support DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: tdxName: VgaSaveDescription: VgaSaveClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: VgaSaveName: Dynamic Volume ManagerDescription: Dynamic Volume ManagerClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: volmgrxName: Storage volumesDescription: Storage volumesClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: volsnapName: Remote Access IPv6 ARP DriverDescription: Remote Access IPv6 ARP DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: Wanarpv6Name: Kernel Mode Driver Frameworks serviceDescription: Kernel Mode Driver Frameworks serviceClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: Wdf01000Name: User Mode Driver Frameworks Platform DriverDescription: User Mode Driver Frameworks Platform DriverClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: WudfPfName: WAN Miniport (L2TP)Description: WAN Miniport (L2TP)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: Rasl2tpName: WAN Miniport (Network Monitor)Description: WAN Miniport (Network Monitor)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: NdisWanName: WAN Miniport (IP)Description: WAN Miniport (IP)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: NdisWanName: WAN Miniport (IPv6)Description: WAN Miniport (IPv6)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: NdisWanName: WAN Miniport (PPPOE)Description: WAN Miniport (PPPOE)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: RasPppoeName: WAN Miniport (PPTP)Description: WAN Miniport (PPTP)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: PptpMiniportName: WAN Miniport (SSTP)Description: WAN Miniport (SSTP)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: RasSstpName: HP Photosmart 6520 seriesDescription: HP Photosmart 6520 seriesClass Guid: {4d36e979-e325-11ce-bfc1-08002be10318}Manufacturer: HPService:Name: Terminal Server Keyboard DriverDescription: Terminal Server Keyboard DriverClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: TermDDName: Terminal Server Mouse DriverDescription: Terminal Server Mouse DriverClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: TermDDName: HP Photosmart 6520 series (NET)Description: HP Photosmart 6520 series (NET)Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Manufacturer: Hewlett-PackardService: StillCamName: Plug and Play Software Device EnumeratorDescription: Plug and Play Software Device EnumeratorClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: swenumName: Microsoft System Management BIOS DriverDescription: Microsoft System Management BIOS DriverClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: mssmbiosName: UMBus Root Bus EnumeratorDescription: UMBus Root Bus EnumeratorClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: umbusName: UMBus EnumeratorDescription: UMBus EnumeratorClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: umbusName: USB Device(VID_1f3a_PID_efe8)Description: USB Device(VID_1f3a_PID_efe8)Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: USB DevicesService: usbUDiscProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.Name: Volume ManagerDescription: Volume ManagerClass Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}Manufacturer: (Standard system devices)Service: volmgrName: Generic volumeDescription: Generic volumeClass Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}Manufacturer: MicrosoftService: volsnapName: Generic volumeDescription: Generic volumeClass Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}Manufacturer: MicrosoftService: volsnapName: MBAMSwissArmyDescription: MBAMSwissArmyClass Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}Manufacturer:Service: MBAMSwissArmy========================= Memory info: ===================================Percentage of memory in use: 58%Total physical RAM: 2037.69 MBAvailable physical RAM: 839.12 MBTotal Pagefile: 4974.93 MBAvailable Pagefile: 2996.34 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1947.43 MB========================= Partitions: =====================================1 Drive c: () (Fixed) (Total:139.02 GB) (Free:71.7 GB) NTFS2 Drive d: (RECOVERY) (Fixed) (Total:10.03 GB) (Free:4.46 GB) NTFS========================= Users: ========================================User accounts for \\RALPH-PCAdministrator Guest Ralph========================= Minidump Files ==================================C:\Windows\Minidump\Mini013113-01.dmpC:\Windows\Minidump\Mini013113-02.dmpC:\Windows\Minidump\Mini020413-01.dmpC:\Windows\Minidump\Mini020513-01.dmpC:\Windows\Minidump\Mini020813-01.dmpC:\Windows\Minidump\Mini021213-01.dmpC:\Windows\Minidump\Mini022213-01.dmpC:\Windows\Minidump\Mini041213-01.dmpC:\Windows\Minidump\Mini071113-01.dmpC:\Windows\Minidump\Mini071213-01.dmpC:\Windows\Minidump\Mini071413-01.dmpC:\Windows\Minidump\Mini071713-01.dmpC:\Windows\Minidump\Mini072913-01.dmpC:\Windows\Minidump\Mini080113-01.dmpC:\Windows\Minidump\Mini080413-01.dmpC:\Windows\Minidump\Mini080613-01.dmpC:\Windows\Minidump\Mini081813-01.dmpC:\Windows\Minidump\Mini082913-01.dmpC:\Windows\Minidump\Mini083113-01.dmpC:\Windows\Minidump\Mini090513-01.dmpC:\Windows\Minidump\Mini091413-01.dmpC:\Windows\Minidump\Mini091713-01.dmpC:\Windows\Minidump\Mini091913-01.dmpC:\Windows\Minidump\Mini092013-01.dmpC:\Windows\Minidump\Mini092013-02.dmpC:\Windows\Minidump\Mini092013-03.dmpC:\Windows\Minidump\Mini092113-01.dmpC:\Windows\Minidump\Mini092413-01.dmpC:\Windows\Minidump\Mini092613-01.dmpC:\Windows\Minidump\Mini092713-01.dmpC:\Windows\Minidump\Mini100313-01.dmpC:\Windows\Minidump\Mini100613-01.dmp**** End of log ****--------------------------------------------------------------------------------------------------------------------------------------4. -
No. I'm pretty sure I copied the entire Blue Screen, starting at the top.
But various CHKDSK runs have shown NTFS file system.
I'm not sure what the point of this question is?
-
And what's the proper procedure for testing additional drivers to find the culprit?
Also, I've been getting advertisements in various places for Vista drivers download. I haven't trusted the source, so haven't downloaded. Where can I get safe Vista drivers?
Thanks again,
-
Thanks, Okay, here is the blue screen dump I'm getting now after shutting down. It appears when
I press the start button.
A problem has been detected and Windows has been shut down to prevent damage
to your computer
If this is the first time you've seen this stop error screen
restart your computer. If the screen appears again, follow
these steps:
Disable or uninstall any anti-virus, disk defragmentation
or backup utilities. Check your hard drive configuration,
and check for any updated drivers. Run CHKDSK /F to check
for hard drive corruption, and then restart your computer.
Technical information:
*** STOP: 0x00000024 (0x00190444, 0x871C3008, 0xC0000102, 0x00000000)
Any clues? How do I disable these utilities? Does that include Malwarebytes Pro and Secure Backup?
Thanks. Now I will do the BIOS test tonight.
Multiple Crashes, Freezes, Unable to read Minidumps (settings changed by malware?)
in Resolved Malware Removal Logs
Posted
Completed Steps 2 and 3. Old Javas removed and Temp files cleaned up.
Regarding Step 4, I've had many Chkdsk runs recently, the most recent on Oct 14, and as I said,
they all involve the indexes for wmplayer.exe and Taskmgr.exe, which get repaired each time along
with various others.
So, question? Do you want me to run a new Chkdsk? or just show the several recent ones?
I see that the event log information is more complete than what I was able to see as they were
happening.
I've got to leave in a few minutes, so won't have time right now.
My computer is seeming more stable today than in recent days. But we'll see, as I had to do a
startup repair (successful) on starting up today, after a clean shutdown last night.
Thanks for sticking with me.