Jump to content

help needed to remove conduit


Recommended Posts

Hi, 
My browsers have been hijacked by conduit/whitesmoke. Help removing it would be greatly appreciated.
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16490  BrowserJavaVersion: 10.25.2
Run by Midna-194 at 2:40:29 on 2013-07-04
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.2.1033.18.8184.5772 [GMT -3:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyServer = 127.0.0.1:8118
uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
uURLSearchHooks: ToolbarURLSearchHook Class: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\DealBulldog Toolbar\tbhelper.dll
uURLSearchHooks: WhiteSmoke New V2 Toolbar: {d0d872fa-5875-418c-8f78-684486dc9a43} - C:\Program Files (x86)\WhiteSmoke_New_V2\prxtbWhit.dll
mURLSearchHooks: WhiteSmoke New V2 Toolbar: {d0d872fa-5875-418c-8f78-684486dc9a43} - C:\Program Files (x86)\WhiteSmoke_New_V2\prxtbWhit.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.30.0\bh\BabylonToolbar.dll
BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll
BHO: Incredibar.com Helper Object: {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: DealPly: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - 
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: FACECONS Class: {B2A44031-7EAD-434C-AC9E-7F1DA176BA8C} - C:\Program Files (x86)\Facecons\Facecons.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: ADDICT-THING Class: {C44BEE81-3F8A-F8CA-0E1C-BAE46F150DEC} - 
BHO: WhiteSmoke New V2 Toolbar: {d0d872fa-5875-418c-8f78-684486dc9a43} - C:\Program Files (x86)\WhiteSmoke_New_V2\prxtbWhit.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
BHO: Softonic Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: WinToFlash Suggestor: {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
BHO: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Softonic Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Softonic Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.30.0\BabylonToolbarTlbr.dll
TB: Incredibar Toolbar: {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
TB: DealBulldog Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar\tbcore3.dll
TB: WhiteSmoke New V2 Toolbar: {d0d872fa-5875-418c-8f78-684486dc9a43} - C:\Program Files (x86)\WhiteSmoke_New_V2\prxtbWhit.dll
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>
uRun: [Google Update] "C:\Users\Midna-194\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
uRun: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [browserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: C:\Users\MIDNA-~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Xfire.lnk - C:\Program Files (x86)\Xfire\xfire.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERHI~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERQU~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{60814483-CE62-4E86-BD59-3488D94C7B46} : DHCPNameServer = 192.168.2.1 142.166.145.137
TCP: Interfaces\{60814483-CE62-4E86-BD59-3488D94C7B46}\359656D656E637D2744424 : DHCPNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{60814483-CE62-4E86-BD59-3488D94C7B46}\359656D656E637D2764626 : DHCPNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{79AECEF7-3301-450F-A796-1FE5B953E982} : DHCPNameServer = 192.168.2.1 142.166.145.137
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Midna-194\AppData\Roaming\Mozilla\Firefox\Profiles\c1sozl0e.default\
FF - prefs.js: browser.search.selectedEngine - WhiteSmoke New V2 Customized Web Search
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files (x86)\WorldWinner.com, Inc\WorldWinner Games\npwwload.dll
FF - plugin: C:\Users\Midna-194\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Users\Midna-194\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\System32\npdeployJava1.dll
FF - plugin: C:\Windows\System32\npmproxy.dll
FF - plugin: C:\Windows\System32\npOGPPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: C:\Windows\SysWOW64\npOGPPlugin.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.id - 920069fa00000000000006268255d5d8
FF - user.js: extensions.incredibar_i.instlDay - 15530
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1422:03:02
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef - 
FF - user.js: extensions.incredibar_i.dfltLng - 
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id - 
FF - user.js: extensions.incredibar_i.upn2 - 6R8ypWHLr7
FF - user.js: extensions.incredibar_i.upn2n - 92824672769219061
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10650
FF - user.js: extensions.incredibar_i.ppd - 20%5F5
.
============= SERVICES / DRIVERS ===============
.
R0 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2009-5-18 231224]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1207020.003\symds64.sys [2012-6-11 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1207020.003\symefa64.sys [2012-6-11 912504]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [2013-7-2 1393240]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130703.001\IDSviA64.sys [2013-7-3 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1207020.003\ironx64.sys [2012-6-11 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1207020.003\symnets.sys [2012-6-11 386168]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 AVerRemote;AVerRemote;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2011-12-28 348160]
R2 AVerScheduleService;AVerScheduleService;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-12-28 403456]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-6-28 2470736]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe [2012-6-11 130008]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-1-11 1119768]
R2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2013-2-26 188760]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-8-31 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-3-17 138912]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-12-29 412776]
R3 TRIDCap;AVerMedia service;C:\Windows\System32\drivers\AVerTM62_x64.sys [2011-12-28 2261120]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-1-11 38456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-24 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-3 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-3 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-13 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
.
=============== Created Last 30 ================
.
2013-07-04 05:28:27 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2013-07-04 05:11:54 -------- d-----w- C:\Users\Midna-194\AppData\Roaming\Malwarebytes
2013-07-04 05:11:46 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-04 05:11:45 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-04 05:11:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-04 05:11:30 -------- d-----w- C:\Users\Midna-194\AppData\Local\Programs
2013-07-04 04:08:15 -------- d-----w- C:\Users\Midna-194\AppData\Local\CRE
2013-07-04 04:08:14 -------- d-----w- C:\Users\Midna-194\AppData\Local\Conduit
2013-07-04 04:08:14 -------- d-----w- C:\Program Files (x86)\WhiteSmoke_New_V2
2013-07-04 04:07:47 -------- d-----w- C:\Users\Midna-194\AppData\Roaming\OpenCandy
2013-07-04 04:07:42 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
2013-07-04 04:07:35 -------- d-----w- C:\Program Files (x86)\Red Kawa
2013-07-04 02:51:04 -------- d-----w- C:\Users\Midna-194\AppData\Local\{6A97B143-F66C-4331-BE5E-4318A70EC224}
2013-07-04 02:50:11 -------- d-----w- C:\Users\Midna-194\AppData\Local\TSVNCache
2013-07-03 01:37:28 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-26 00:42:46 -------- d-----w- C:\Users\Midna-194\AppData\Local\4A Games
2013-06-25 19:56:32 -------- d-----w- C:\Users\Midna-194\AppData\Roaming\TortoiseSVN
2013-06-25 19:41:51 -------- d-----w- C:\Users\Midna-194\AppData\Roaming\Subversion
2013-06-25 19:40:34 -------- d-----w- C:\Program Files (x86)\Common Files\TortoiseOverlays
2013-06-25 19:40:31 -------- d-----w- C:\Program Files\TortoiseSVN
2013-06-25 19:40:31 -------- d-----w- C:\Program Files\Common Files\TortoiseOverlays
2013-06-24 02:30:04 -------- d-----w- C:\Users\Midna-194\OilRush
2013-06-22 02:10:08 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-22 02:10:08 -------- d-----w- C:\Program Files\iTunes
2013-06-22 02:10:08 -------- d-----w- C:\Program Files\iPod
2013-06-22 02:10:08 -------- d-----w- C:\Program Files (x86)\iTunes
2013-06-22 02:06:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2013-06-22 02:06:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2013-06-22 02:06:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2013-06-22 02:06:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2013-06-22 02:06:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2013-06-19 18:23:19 -------- d-----w- C:\Users\Midna-194\AppData\Local\{19D85EA9-9349-4ADA-9254-0E7023F15B77}
2013-06-13 16:43:23 -------- d-----w- C:\Users\Midna-194\AppData\Local\{5EF4722B-ECD8-4157-8A2E-083E253D023A}
2013-06-13 16:27:06 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-06-13 16:27:06 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-06-13 16:27:02 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-13 16:27:00 751104 ----a-w- C:\Windows\System32\win32spl.dll
2013-06-13 16:27:00 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll
2013-06-13 16:26:44 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-06-13 16:26:44 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-06-13 16:26:44 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-06-13 16:26:44 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-06-13 16:26:44 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-06-13 16:26:44 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-06-13 16:26:44 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-06-13 16:26:44 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-06-13 16:26:44 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-06-13 16:26:44 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
.
==================== Find3M  ====================
.
2013-07-03 01:37:20 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-07-03 01:37:20 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-06-24 02:23:29 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-06-24 02:23:28 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-06-24 02:23:28 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-06-24 02:23:28 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2013-06-12 08:26:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 08:26:13 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-04 22:40:25 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-04 22:40:24 971680 ----a-w- C:\Windows\System32\deployJava1.dll
2013-05-04 22:40:24 1092512 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-05-01 06:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2013-05-01 06:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-04-07 08:54:58 1455408 ----a-w- C:\Windows\System32\dmwu.exe
2013-04-07 08:53:48 33792 ----a-w- C:\Windows\System32\ImHttpComm.dll
.
============= FINISH:  2:40:39.33 ===============
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 11/03/2011 5:22:32 PM
System Uptime: 04/07/2013 2:27:10 AM (0 hours ago)
.
Motherboard: FOXCONN |  | 2A92 
Processor: AMD Phenom II X4 955 Processor | CPU 1 | 3200/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 918 GiB total, 108.875 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.664 GiB free.
E: is FIXED (NTFS) - 230 GiB total, 75.834 GiB free.
F: is Removable
G: is Removable
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 4500 G510n-z
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 4500 G510n-z
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service: 
.
==== System Restore Points ===================
.
RP233: 01/07/2013 1:23:37 PM - Windows Update
RP234: 02/07/2013 10:36:30 PM - Installed Java 7 Update 25
.
==== Installed Programs ======================
.
/BFlix
4500_G510nz_Help
4500G510nz
4500G510nz_Software_Min
64 Bit HP CIO Components Installer
AC3Filter 1.63b
ADDICT-THING
Adobe AIR
Adobe Digital Editions 2.0
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Agatha Christie - Peril at End House
Alien Swarm
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Drag and Drop Transcoding
AMD Fuel
AMD Media Foundation Decoders
AMD VISION Engine Control Center
Amnesia: The Dark Descent
Apple Application Support
Apple Mobile Device Support
Apple Software Update
applicationupdater
Atheros Client Installation Program
 
Audacity 2.0.2
AVer MediaCenter 3D
AVerMedia C027 PCIe HD TV Tuner 1.12.64.43
AviSynth 2.5
Awesomenauts
Babylon toolbar on IE
Back to the Future: Ep 1 - It's About Time
Back to the Future: Ep 2 - Get Tannen!
Back to the Future: Ep 3 - Citizen Brown
Back to the Future: Ep 4 - Double Visions
Back to the Future: Ep 5 - OUTATIME
Bastion
Bejeweled 2 Deluxe
Bing Bar
Bing Rewards Client Installer
Blackhawk Striker 2
Blasterball 3
Blio
Bonjour
Borderlands
Bounce Symphony
Braid
BufferChm
Cake Mania
Call of Duty: World at War
Capsized
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Cave Story+
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chivalry: Medieval Warfare
Chuzzle Deluxe
Closure
CometBird 11.0 (x86 en-US)
Complément Messenger
Conduit Engine
Contrôle ActiveX Windows Live Mesh pour connexions à distance
Counter-Strike: Source
Counter-Strike: Source Beta
CyberLink DVD Suite Deluxe
D3DX10
Dead Rising 2
DealBulldog Toolbar
DealPly
Dear Esther
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DigiCel FlipBook 6.82
Dora's World Adventure
Dota 2
DVD Menu Pack for HP MediaSmart Video
Dxtory version 2.0.114
Empires
English Country Tune
Facecons
Fallout Collection
Farm Frenzy
FATE
Final Drive Nitro
Fraps (remove only)
Galerie de photos Windows Live
gamelauncher-ps2-live
GameSpy Arcade
Garry's Mod
Garry's Mod 13
Google Chrome
GSC 2.00
Halo 2 for Windows Vista
Hector: Ep 1
Hector: Ep 2
Hector: Ep 3
Hewlett-Packard ACLM.NET v1.2.1.1
HP Auto
HP Client Services
HP Customer Experience Enhancements
HP Games
HP MediaSmart DVD
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart SmartMenu
HP MediaSmart Video
HP Odometer
HP Officejet 4500 G510n-z
HP Setup
HP Setup Manager
HP Support Assistant
HP Support Information
HP Update
HP Vision Hardware Diagnostics
HydraVision
HyperCam 2
HyperCam 3
IB Updater Service
Incredibar Toolbar  on IE
Indie Game: The Movie
Intrusion 2
iTunes
Java 7 Update 21 (64-bit)
Java 7 Update 25
Java Auto Updater
Junk Mail filter update
Killing Floor
Killing Floor Mod: Defence Alliance 2
Kobo
La Tale
LabelPrint
League of Legends
LightScribe System Software
LIMBO
Little Inferno
LogMeIn Hamachi
Lone Survivor
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Messenger Companion
Metro 2033
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Compatibility Toolkit 5.6
Microsoft Application Error Reporting
Microsoft Flight
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Halo
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Movie Theme Pack for HP MediaSmart Video
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Mystery P.I. - The London Caper
Need For Speed™ World
Network64
Norton Internet Security
Norton Online Backup
Norton Utilities
NVIDIA PhysX
Offspring Fling!
OGPlanet Game Launcher
Oil Rush
ooVoo
OpenAL
OptimizerPro Updater
Pale Moon 20.1 (x86 en-US)
Pando Media Booster
PDF Complete Special Edition
Penguins!
PhotoNow!
PictureMover
PlanetSide 2
Plants vs. Zombies
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Poker Night at the Inventory
Poker Superstars III
PokerStars
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
PressReader
Privoxy (remove only)
Project64 1.6
Psychonauts
PunkBuster Services
Puzzle Agent
Puzzle Agent 2
QuickTime
Realm of the Mad God
Realtek High Definition Audio Driver
Recovery Manager
Red Faction
Red Faction II
Red Faction: Armageddon
Red Faction: Guerrilla 
Sam & Max 301: The Penal Zone
Sam & Max 302: The Tomb of Sammun-Mak
Sam & Max 303: They Stole Max's Brain!
Sam & Max 304: Beyond the Alley of the Dolls
Sam & Max 305: The City that Dares not Sleep
Sanctum
Sanctum Beta
Scan
ScreenSnapr version 4.0.0.2
Search-Results Toolbar
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Shank 2
Sid Meier's Civilization V
Sid Meier's Railroads!
Sid Meier's Railroads! Holiday Scenario
Skype Click to Call
Skype™ 6.5
Snapshot
Source Filmmaker
Steam
Stronghold Kingdoms
Super Meat Boy
Super Meat Boy Editor
Super Monday Night Combat
Superbrothers: Sword & Sworcery EP
Synfig Studio
Team Fortress 2
TeamSpeak 3 Client
Terraria
The Basement Collection
The Binding of Isaac
The Sims 2 Open For Business
The Sims™ 2 Apartment Life
The Sims™ 2 Bon Voyage
The Sims™ 2 Double Deluxe
The Sims™ 2 Seasons
The Sims™ 2 University Life Collection
Thomas Was Alone
Tinker
Tiny and Big: Grandpa's Leftovers
Toki Tori
Toolbox
TortoiseSVN 1.8.0.24401 (64 bit)
Train Simulator 2012
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Vegas Pro 10.0 (64-bit)
Ventrilo Client for Windows x64
Virtual Villagers 4 - The Tree of Life
Wallace & Gromit Ep 1: Fright of the Bumblebees
Wallace & Gromit Ep 2: The Last Resort
Wallace & Gromit Ep 3: Muzzled!
Wallace & Gromit Ep 4: The Bogey Man
Web Assistant 2.0.0.572
WebReg
WhiteSmoke New V2 Toolbar
WildTangent Games App
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.01 (64-bit)
WinToFlash Suggestor
World Cup Cricket 20-20
WorldWinner Games
Xfire (remove only)
XSplit
Yahoo! Messenger
Yahoo! Toolbar
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
04/07/2013 2:28:35 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.
04/07/2013 2:28:35 AM, Error: Service Control Manager [7000]  - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
04/07/2013 2:28:33 AM, Error: Service Control Manager [7030]  - The LogMeIn Hamachi Tunneling Engine service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
04/07/2013 2:28:10 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  cdrom
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Hello Spb111! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please uninstall the following applications:

Babylon toolbar on IE

DealBulldog Toolbar

DealPly

IB Updater Service

Incredibar Toolbar on IE

OptimizerPro Updater

Search-Results Toolbar

WhiteSmoke New V2 Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 5

  • Download on the desktop RogueKiller
  • Quit all programs
  • Start RogueKiller.exe
  • Wait until Prescan has finished ...
  • Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.
In your next reply, post the following log files:
  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
  • RogueKiller log
  • a new fresh DDS log
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.4 (05.06.2013:1)

OS: Windows 7 Home Premium x64

Ran by Midna-194 on 04/07/2013 at 11:48:12.83

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

Successfully stopped: [service] web assistant updater 

Successfully deleted: [service] web assistant updater 

 

 

 

~~~ Registry Values

 

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D}

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2929451337-3149322565-4265649252-1001\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} 

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] "HKEY_CURRENT_USER\Software\Microsoft\internet explorer\internetregistry\registry\user\S-1-5-21-2929451337-3149322565-4265649252-1001\software\web assistant"

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitengine

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitengine

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegong

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\smbarbroker.exe

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bhoclass.bho.bhoclass.bho

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bhoclass.bho.bhoclass.bho.1.0

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\smbarbroker.smbardealer

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\smbarbroker.smbardealer.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\conduitinstaller_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibar_install_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibar_install_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibartoolbar_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\incredibartoolbar_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT2786678

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3300195

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C9E4568B-942C-4958-A9EC-DFEFD9BD3DFD}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B2A44031-7EAD-434C-AC9E-7F1DA176BA8C}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} 

 

 

 

~~~ Files

 

Successfully deleted: [File] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ebay.lnk"

Successfully deleted: [File] "C:\end"

Successfully deleted: [File] C:\eula.1028.txt

Successfully deleted: [File] C:\eula.1031.txt

Successfully deleted: [File] C:\eula.1033.txt

Successfully deleted: [File] C:\eula.1036.txt

Successfully deleted: [File] C:\eula.1040.txt

Successfully deleted: [File] C:\eula.1041.txt

Successfully deleted: [File] C:\eula.1042.txt

Successfully deleted: [File] C:\eula.2052.txt

Successfully deleted: [File] C:\install.res.1028.dll

Successfully deleted: [File] C:\install.res.1031.dll

Successfully deleted: [File] C:\install.res.1033.dll

Successfully deleted: [File] C:\install.res.1036.dll

Successfully deleted: [File] C:\install.res.1040.dll

Successfully deleted: [File] C:\install.res.1041.dll

Successfully deleted: [File] C:\install.res.1042.dll

Successfully deleted: [File] C:\install.res.2052.dll

Successfully deleted: [File] C:\install.res.3082.dll

Successfully deleted: [File] "C:\Users\MIDNA-~1\AppData\Local\Temp\iwantthis.exe"

Successfully deleted: [File] C:\Windows\prefetch\BABYLONTOOLBARSRV.EXE-99E86A90.pf

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\addict-thing"

Successfully deleted: [Folder] "C:\ProgramData\babylon"

Successfully deleted: [Folder] "C:\ProgramData\babylonupdater"

Successfully deleted: [Folder] "C:\ProgramData\installmate"

Successfully deleted: [Folder] "C:\ProgramData\optimizerpro"

Successfully deleted: [Folder] "C:\ProgramData\premium"

Successfully deleted: [Folder] "C:\Users\Midna-194\AppData\Roaming\babylon"

Successfully deleted: [Folder] "C:\Users\Midna-194\AppData\Roaming\opencandy"

Successfully deleted: [Folder] "C:\Users\Midna-194\AppData\Roaming\systweak"

Successfully deleted: [Folder] "C:\Users\Midna-194\appdata\local\babylon"

Successfully deleted: [Folder] "C:\Users\Midna-194\appdata\local\conduit"

Successfully deleted: [Folder] "C:\Users\Midna-194\appdata\local\wondershare"

Successfully deleted: [Folder] "C:\Users\Midna-194\appdata\locallow\addict-thing"

Successfully deleted: [Folder] "C:\Users\Midna-194\appdata\locallow\babylontoolbar"

Successfully deleted: [Folder] "C:\Users\Midna-194\appdata\locallow\conduit"

Successfully deleted: [Folder] "C:\Users\Midna-194\appdata\locallow\conduitengine"

Successfully deleted: [Folder] "C:\Users\Midna-194\appdata\locallow\incredibar.com"

Successfully deleted: [Folder] "C:\Users\Midna-194\appdata\locallow\pricegong"

Successfully deleted: [Folder] "C:\Users\Midna-194\appdata\locallow\toolbar4"

Successfully deleted: [Folder] "C:\Program Files (x86)\conduitengine"

Successfully deleted: [Folder] "C:\Program Files (x86)\facecons"

Successfully deleted: [Folder] "C:\Program Files (x86)\red kawa"

Successfully deleted: [Folder] "C:\Program Files (x86)\winzip registry optimizer"

Successfully deleted: [Folder] "C:\Program Files (x86)\wondershare"

Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\thebflix"

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0216968B-E039-4426-81EA-F5FFF2C712C4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{02B20F03-91EB-4B19-ADF3-FA63F87CCE4A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{02D07EB4-C280-4659-954A-CD301CE3F7CF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{036FA5F6-56F1-431C-B2E0-5AB06D387E17}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{03737926-2717-403A-A90A-8F80C689EB71}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{03BCC3C7-FB92-4429-8229-9221D6CEB545}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{03F36B7F-C82E-40A3-BCF4-F496862C0995}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{03F8ABCB-63B1-4E0A-9564-1C322B1EF1E8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{03F9AE39-BE97-4081-BCE8-A7FC3D092265}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{040653F4-F57A-4192-85B9-1561D7595AA2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{05106A0E-F1DB-42FC-8CA7-7FFF4E090D16}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0560FA8A-681C-4F0B-A7D3-F00A9A5AD036}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{05ED07CA-869F-42AF-B049-6E487B61770F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{06158887-A18F-4F6C-B0ED-E5AA8FB44125}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{064A555C-4D4E-4129-88EC-89ADDFA3E143}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{06F92903-0F60-4FC6-9B69-AEB3E9C6B811}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{07D0D11A-DFB0-48D1-B313-A965D4B03047}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{08110362-52E9-4312-BF3A-CE76671B65D0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{08E5E75A-CA25-47B7-8EB9-64447D28FB58}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{09212873-E566-4335-A08D-4F1DAA997390}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{094BAC6D-BF3E-4EAB-8AD7-EA0CB9F60AD6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{099D6439-432B-467D-9B08-1E534FEA1676}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0A0B7A78-1183-47D9-A05C-A9FF6BAFAB9C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0A2C6911-EDB2-4074-8085-9D7B44C809FF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0A76EF4E-FDA4-4852-B404-909E7092CB25}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0AC62B29-BCC5-4714-8AE3-B9862C1519FF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0B16C8BD-D412-4938-8150-915627AE0E63}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0B92E104-CB1F-45EB-BB76-747C72446766}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0BB4CB4E-3CE9-442A-BB26-4A38F7AD5C7E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0C6CA2FD-9958-4F7B-A70D-33C2467C8541}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0CCFED33-218C-4744-A206-A71940D5BF26}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0CE94364-1393-4B36-802A-FD2DB1DAE457}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0D5AAA1F-9284-4F1D-A2AF-31A751C40BD2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0D6E5CAD-EF4F-4EDC-8EE9-45D57885615A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0DF72612-6ED9-4DB1-BD33-419DB2DA5D2D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0E3ACDA8-1564-4F5D-91B8-35629953914B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0F4469A9-C5C6-4FC8-8D42-1600621B5AE0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0FB95CA0-A4DC-4BF0-B938-B7018C9EEB4E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0FC24CAC-8734-4AFC-B516-AE6CE229144C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0FDD1455-C63F-4027-AC60-976C6720B03B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{0FFB9E8B-89D7-4497-932C-D6439D72C353}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{11905A81-EBDE-467E-95BE-99883ED2E0DD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{11BB0C92-38CD-432B-9A31-7E64A82A2E18}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{11C081C7-5401-4880-B2C6-038E8017D2FC}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{11C1E399-966A-4234-9B99-6DA556411BF8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{11C3D4F0-7B00-4896-A899-01FB92B48B5A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{12710C9B-CDEF-439E-8C26-4005448A5E19}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{12E73864-B9AD-423F-B7EA-5B0AD026D7B9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{12EBF236-9A59-462E-9C30-3042D791170C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{13C1F421-8E50-46AC-82B3-9EEB29B55811}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{13F44D72-B257-4A9C-BC8A-F516B139D42B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1464ABF4-6485-4A8B-A0E2-AC0CB1CC8147}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1468381C-4634-420D-81A4-EB6CC3E1663D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{14E6DC29-69BD-4DCE-9098-CA96FD7B5EE3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{15064319-A430-41FD-B925-455F98E614C1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{15096A3E-A764-49B4-B94B-9C823AF3C6BE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{150E11DE-551F-492E-BA46-73748ACA5F06}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{152919C2-F791-4C87-B839-9716EC85EFDC}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1550A493-478E-4FF9-B1DE-87D969AAFE77}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{172D3C1E-26D8-49EE-9841-820FC7607D0B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{178D5F33-7C0D-4C78-B5CE-23C857EE5844}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{18C042EE-34C7-4939-8D68-F7ABE5779CD4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{191B0369-494B-4036-8D62-CED28331B900}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{19582EAF-A4FB-45D6-BEAA-A1E6F202BF9A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1993208C-F245-47E8-9994-5A94C2D86576}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{19B8E02C-2ACF-4D9C-8A62-E3D89D96A70C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{19D85EA9-9349-4ADA-9254-0E7023F15B77}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1A2FB2E2-214F-4997-9B86-C024D7B03975}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1AB1F522-1154-4F39-A0E7-0C3BFE5C0451}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1AD27F9A-C4FF-40C8-BCDC-5BD29EDBD80A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1D001954-9E55-40CA-81B9-24ABE105CD8C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1D20A898-A3B6-4AA6-B355-C0B6E0AB9A93}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1D3807CC-44C6-4DCD-A1E7-5B1B55FED314}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1D89FC38-6CF4-479C-AAB7-2B27F2CACC28}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1E2ECA96-8310-4E30-82CD-1E7064D0F79B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1E3CB975-DCA0-4516-AC0C-F2681D4B18C2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1E42244E-D130-459D-ADF6-39D574CA6965}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1E52606C-60D2-4D62-9E46-5F5DA48D6294}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1E8DE2CA-1718-4C14-AF51-B6C13250B7D6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1EBCECAA-CDFD-4D9B-9CBF-FA70A61BC5FB}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1F52BC1E-1702-4CAD-BE38-E849BC9D3420}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1FF24CD3-3697-4F97-BED4-512D22B3AF5C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{1FF86A29-6762-4146-A3B2-AE899BE46FA9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{20184BFF-1982-4D1D-AF9D-400245EB8191}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{20852BF1-11D7-45C8-A729-9CFA4E17AA14}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{20C06226-CAF3-4606-8E1F-E35C3D4ECA4B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{21A48C11-13CE-47D9-9261-17BFEAD1BF4A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{21FAA59C-6CDE-4880-ABA7-751D693BA897}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{22877C1B-5E8B-45A7-90AD-3B50591B680E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{23585E74-5394-43CE-A9EA-1A6A0C85D5B0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{240D3F36-DDF9-450B-8BDF-881884582FDF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{242C4F01-109C-407D-AFC3-E629732B621F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2448CA57-419D-45E8-853E-FB30DAD87E58}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{24CCE7F1-4247-46E0-96DC-E8252E62B796}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{25892735-66BE-4935-B393-F445A02C7767}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{260405FB-58FE-4D9A-8736-DAB81D7BEB93}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{264CB87B-40C7-45FB-869F-E88EB30AD7DC}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{27088895-2B6F-4077-8904-85A8F8CBB455}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{27DF3A7D-A2A4-44D0-B2B1-18F94F322B1E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2804253E-E61D-4F43-AF8C-AA62E3F89AB1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{283FFB6A-5380-4F89-B0B4-023DD0A1C2D9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{28B300DE-BA9A-4DE9-9F61-E0190CA76E63}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{28DC639C-E4A1-4111-81AA-493A8C149312}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{28F7E80B-8B9B-48B1-B86E-EF6E743AB6B2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2964EB78-2065-4098-A114-1EB1845D2C1D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2AA2AA53-574A-451D-9D68-4C423EE26C3A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2AC5086F-98A0-4E5F-A565-58F2BD372EC9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2AD776A1-2AC9-4EEC-A2A3-4C78077CDE3B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2BF46D76-C457-485C-8E52-E3FA7D03352A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2C2D090D-DDE7-4667-A9ED-181BD05B3B76}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2C804A08-B3C4-4C0C-9837-8231F8306225}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2CA6202C-43E9-41CF-A12F-2D08F6989DAD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2CD89375-D5E8-4A6B-B670-B84CCC4D3C16}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2CE056E4-F386-431D-ADEB-75FCFDBEF3B8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2CFDFC15-176A-44BB-8C4A-FD03E6291505}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2D187AEF-ACA8-457C-88B2-F0A1C00A080C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2D30AAEE-56F0-4485-A4C0-DBD62D021F93}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2D4795B8-64FF-406C-94A1-05A20D6C88FF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2DF179CD-51CD-41B3-A02D-24E03C154273}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2E723B4B-C667-4EC2-BC28-F92F960B7E58}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2E7E65F0-96F5-47F6-B7BE-9A6C20E31338}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2EAA28BB-B17F-4C79-A405-3D105E843603}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2EB7030E-33FA-40FF-A387-D61268572F76}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2EBE3E6A-48CD-48A2-A880-AEBB600F49BF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2ED75894-BECA-455C-BF5F-7BD572752369}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2F5F1E84-11AA-46C4-8110-2B8D9297B328}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{2F604D97-2586-4977-BA7A-8A3BB55A0009}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3003978D-3FE9-412C-9EEF-4E00C0E4B8F4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{32A5B89A-7058-4072-B33C-912291930266}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{32BB0050-9235-42C9-87D8-0712E558A0EA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{34761DDC-1658-4835-AF94-698E18205A21}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{348EAD2C-8DF3-4E66-9E15-92D6553064A7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{34C7277D-841C-439F-88FC-87893A1DAC79}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{34C7EA30-6447-4B79-B0A1-1080C0EAC019}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{35102823-F271-4237-8899-F3D87E1CA3F8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{360587E3-B876-4BF2-A07C-4FC28F0A93CE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{36099BDC-922E-4F9E-9766-214BF736BF9C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{360DE745-C6F0-4B8D-B4E6-7C1C04DC04C3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{361922EF-DF36-4493-97D0-4D2A6EDFB0B6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{361D5E2E-A1B5-4E99-9882-A84D7EDA9550}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{363913A2-3127-4E61-83E8-17871724FE9E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3648F320-C4F0-433B-ACEB-34EFFC122DC5}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{37311BFB-E523-425A-B11D-290B5A2BAD5D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{37D9B86C-4F50-49B6-A245-AF1A675C2444}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{37E5761E-A66A-4FBA-A665-35076DE7DD9A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{381FD6EB-9E05-4856-BA98-AD2A9FDF0F24}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{38310FED-BFB3-499A-B528-A167776F9B31}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{387044BB-730F-4563-B4A9-A1B7309B9FD1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3891C04C-FD0F-4551-83D3-FA09CF0790DA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{39236E48-01AA-411C-B05B-B31F7E37D1C8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3B129DAC-73F5-459C-89D3-C96D706F42B8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3B1B508B-B1E3-4EC0-96B2-3D5A9AD2A1C1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3B395B48-CBF2-4D32-B27C-9F2ECFE858F9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3B4675C2-9006-4AB8-9EE4-1B5DA93F758F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3B686B34-6792-49D5-84F1-8449F65D2ADA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3B6BFC77-F8DD-49C4-9DE9-0036E749743E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3B71B700-3ACD-4B0A-869E-7FA3081E1759}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3BC8DF2F-C1B2-44A4-B315-7F156485183B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3C145C5E-827B-4C84-BAAE-F050DD393F1E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3C19C8F9-3BF1-4308-B272-C5C52E2F6852}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3C58E5F1-5880-4063-AEA9-677FADA17AD5}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3C864481-7A77-4091-8A97-7E2EB13390AC}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3CF67259-6DE6-415E-9B02-ABC8B6E64AB0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3D4EA559-D51B-4FD8-B1FB-29240AA1DF44}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3E31842F-9D1A-481A-8231-D58F8E596102}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3E9A938C-BFA3-4FFE-80C2-791124FC8FAF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3F1957D8-9101-4101-8483-B0EA4C843BC1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3F202658-B0A6-4CFA-8765-4B916DB3E6DE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3F57D638-0D16-4DE8-B55D-BC2AA4F21215}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3F893BAF-E810-4D9D-B09B-A534D9D38A8F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3F9D7EF9-FB46-4312-B2EC-01868991E512}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3FDA452C-2656-4C31-BAB8-B1D91C105DC1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{3FF29366-65BB-48D9-91AF-9866A8E1E71B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{40A53E6B-E5AC-4BBA-BC3A-2C78B24227F0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{40E7CB09-1245-410A-83FB-3346F8AB9425}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{41056BAF-8AF7-4642-8DB4-89FB5672197B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4129AA4C-BA31-4995-95E9-2199E55FC675}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{41B913DB-FBC3-4EE0-9F7C-21BC68147AE9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{41E8B5D7-29F3-4182-B67F-CC9112D7F9C0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4207148C-C93C-4A94-BAB1-FA3937F0AC47}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4235F4D6-5BDD-4A61-87E7-1E2F804D2271}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{426243BE-98B7-4E96-A638-067C5837361E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4283C094-B1AE-46D0-93D9-715C150BFBAA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{429B083A-13D5-4997-AC63-E89D01E765AF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{42A47119-AED1-4C5A-AE5A-FFB1604B764B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{43469754-8C95-4A29-8BFF-75B278171A8C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{439D7CEC-43F3-46FD-AE7E-86AEC3263343}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{43CB29BB-6B8E-42D1-85FE-FD1235FE574C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{43F05256-C10A-4547-A762-2B8931BBE54A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{440840E4-2CBC-4952-891D-F85B89F89DC3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{440B3233-7867-4039-BDEE-FC0B35CBDFDA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{45DBC07C-E128-4334-85F1-D516B9C2617F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{47239D1A-F7EA-4A50-BC51-6455E8B0F7C4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{472AA00E-EB96-48A5-B3EA-82E15366036A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{473D7D74-236E-418D-A5EA-E7694EDEC5F3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{474F8D12-A955-4252-A4C9-A58AD06091C2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{47ADFD77-B485-458D-9D62-FC550CB26257}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{47D75ECC-6159-4FAD-AF91-DD8A71624595}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4857D8D5-B056-4021-80A3-4820BCE1EBFD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{48A49396-FD87-4AEF-942B-93D00A6E0F4F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{48ABC73B-B2F0-47BB-9634-AD89F8A102D4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{48E7F817-1F75-424E-B1FA-4B6CB7009FEA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{49077D07-7374-4079-98F0-08ADB9F6B018}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4909E7AA-F11B-4A56-AF18-1AD52405539B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{491F5828-AAFF-4935-96F9-0F12CEC2F768}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{495E9D27-92C6-4AE8-8391-3651E750624A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4A3E12C7-5EF9-4B5F-9BF8-066BADE8278A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4AFA3CFE-C31C-433A-9CEF-DB5F4E689430}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4BAF1D5D-F55C-46C4-B531-BD0180352514}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4C26CFA3-2EB2-4EFD-BB32-2272B861DB2A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4C52C6CB-3448-4333-B233-5DDD97C501EA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4C5DCE5C-0B36-4E67-88F9-C595CFAB68ED}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4CDFA1D5-2E8A-4970-A1FF-7757B5F7903F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4D54731B-3FCC-4548-8EF1-FB58B8330084}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4F0C494A-B038-4E60-BEBC-CED11A6B8075}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4F499500-95C4-4795-8A29-F6174B79B8E4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4F4A0A48-2EFB-4229-A140-6FF4C53F0025}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4FD57CAF-4774-4793-9D84-05B65F16DD07}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{4FE1C3C0-81FE-48F9-8FED-7391764CF922}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{502DD20F-3D1E-48B1-8E05-95BBA752ECB4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{50C51DA0-3568-4F6D-BD3B-1577B89934FD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{51B2EF9A-CD48-453B-AAB5-D76A28573643}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{52090C6E-601E-40C4-97E3-AE6082E0AA67}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5271C13A-45F9-4080-A95B-FC7A47B8EFB7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{53AB2299-6F61-4AD6-A363-36A5BED99533}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{53F1EC62-0DFA-4509-80F0-D6D4AB6C1AC8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{54274BD2-7E2F-4C9B-9516-9FA5F7F9D82D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5608F8FF-C68C-4D07-AF27-66A93CC12BA4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{572E9DDB-D9F9-478E-A813-4BA2CE6CCBA3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5829AD2A-643D-4325-B734-7595291DF3CD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{595C7B16-E622-49AB-9025-22BC9A7B6354}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5965E6C9-6D00-488C-A051-545A36C9FF04}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{599E8EA4-24C2-44CD-9C32-DC1CDCF1EDE2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5A0249A9-E7DA-46A9-A82B-500AF378FEB9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5B725854-235A-4FCF-B10A-D92AFD4DE2AA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5B895351-CF70-4738-BDBD-51B7DC575FF2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5C2BBD4C-FDF6-4C05-8D2D-E1CA2AFED07B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5CA2F732-4106-4483-A0B7-1EF13E7D2FA9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5CE30725-50D9-44D1-A208-44CBCF845239}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5D07AC1E-92CA-477A-9A34-E8B433DA5138}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5E797E45-7F3F-4EA8-82E8-360B435A20B8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5EF4722B-ECD8-4157-8A2E-083E253D023A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5F197564-A40F-4E56-B37E-CBE2E2DAC2B9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5F2257C0-C79A-4E07-A21E-F6FA7E7C27E3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{5F48B57C-2EDE-4FF2-8A8F-043008F53FD2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6023D9D2-6F4C-480A-B9F6-F7651F590CF2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{60632CCD-7E3B-4B63-BB20-C70894E9BBF2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{60DC0B7A-F8C2-4E87-8F69-723C0788FCA0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{60E37CFE-229D-45F7-84C5-FF408E054C88}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{61BA8342-1667-42EF-A2BC-51F55639B750}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{61CBA723-C8BC-43CB-AAEE-63C4DA8E6F01}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{63E4F3A5-1755-406D-B505-4FB665D82821}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{64B7DA12-852E-446B-BFB8-6AC7CE8C0B11}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6529EA0B-79FB-4056-ABEF-AB03D2ED138C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{656AC75F-8F39-4903-ACB3-773DEDD17F5A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{65F51E06-57B3-4F4C-8ADE-0D7AD5ED327A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6700DC46-1CA1-4A04-8775-9D45F11B4651}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{67174215-F43F-49BD-847C-C3010B263E8D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{68188D56-A9AE-431F-99B8-F67BDB0D1EB1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6820B285-AB0A-4510-A358-03CC8ED2C8F1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{68EAD12F-0E00-4DD5-B816-CA1C76F726E4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{690F8D3F-A99B-405F-B0A7-7A7A6FCB93E6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{693F5054-2BD3-422A-BD44-A44A1981416E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{694660B7-790A-4B48-BAF1-48BB460E1A3E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6989B857-95A9-484E-AF63-2C7CFAA648D1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{69E9CDA2-A1D3-446F-BFC6-FD92B415B0BD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6A97B143-F66C-4331-BE5E-4318A70EC224}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6AAA74A2-690B-49BB-84B5-7551F12B7C04}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6AB74E3C-C48E-49E7-A81C-A3F6D4E48C6E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6B18623F-E516-4BA3-8F54-F9F93D3EDB7D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6B3D21DB-320B-458E-9A00-FC5321840BAF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6B94F7B5-CB86-439A-B5A9-562E509809A8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6C00A37A-32C7-46FA-AFAF-41EC0B4753B4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6C13D13A-21AD-4403-9306-723177AEE9E8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6CE29B22-9DC7-4693-BF36-CD2072FFDF33}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6D80BDB8-3D10-4E07-8E49-E5CBBDB80B6A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6DAB5E0F-0954-4E42-A24F-8001186DC858}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6DE694AB-62B7-43C9-A70D-3E313DA8FBCA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6DEE19E5-F43C-46C9-89CE-9CBF95637B44}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6DF2B3B6-366E-4001-978D-7D549F850F80}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6E0B45B1-D390-4853-88E7-38A1B72C8428}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6F66287B-B7B9-4C83-8C9E-4DCE4B3133B9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{6F939793-8758-4B4F-9BC7-74B06CA7B6CB}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{700A68C3-4409-4A87-B51B-3EDF7A35004E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{71055CC8-A88B-4626-818F-7531F48C5C0A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{713ABC8D-57DE-4FD8-8F69-B6CAEF9F20E2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{71C24961-3C45-486D-9E6C-493AC7011F6B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{726651BC-AC49-4DC0-A1AB-40E62F62A92E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{72BB9D50-BC82-4C6B-9280-7E1901BF8652}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{745FF159-9BC9-401A-B81F-AD5C134ACA48}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7493BD3C-A6F8-4C14-8E0E-A558B1D37445}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7508998B-9701-4F32-A397-37BE25E9B4E2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{75178585-85FD-4A42-B4A2-40CDFEBD6411}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{75760BA6-FF69-49FF-8AD1-2E46CE42B9BC}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7583FE5F-DBD8-4B81-8205-1DE88C55F3F2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{759A1DF3-3459-478B-9A89-9526A8258E25}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7600CD6F-2702-464C-9BB7-98CD20320F7D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{76EB9858-6CB8-4BDA-BE12-4E5F34789A42}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{770F62C3-0F9E-4985-843D-BA1C27B817E2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7760DCD7-0D56-43DD-8C12-679E359E3498}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{777EAFC0-01E0-4ECF-9D41-27868D966A3B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{77F128B0-1356-4EBF-9A74-FC09B51819D6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7848BF89-09E1-4F2D-81D8-D84038CA5E3D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{784D528F-BA35-4E86-9571-20D3581FC037}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{792FEF88-6E5A-402B-B256-4ECF52BD1DD4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{79F3C2A5-3267-4C45-A486-4711739A1E0B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7B5D0BD8-B2BC-4AF1-81D7-58A0A0B27E30}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7BD0DDE8-929E-45D7-9166-AABDBB0C2E29}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7C5C81BD-FCCA-4F76-9823-F2825EAB9C04}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7CFC5028-B9D8-4679-93EE-E2D1912D135B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7DD40809-0222-4911-AA19-351BF8C36B0F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7E906B27-9CE8-46B2-982F-A3AA644D3037}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7EB9668A-F28B-4C11-80C0-B6040673C356}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7F137B2B-71B3-42E6-9283-E035FDFAD0A7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7F34A476-1260-478B-9CF5-CC8978E57134}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{7F42AAE4-3D27-43E0-92C7-4ABC95A6E28B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{80595309-2225-4B13-A6E4-82B0B35C9319}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{805EB383-4B8E-4190-A17B-C1AD4BDA091B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8175EB26-832E-4764-AD99-ADF3B4029886}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{819D50EA-2CBC-47AD-A817-C45D02A42DDA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{81B47779-5859-4D7E-A735-C42550C772FD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{81F1D56C-666A-468A-942A-7F4B8409E834}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{822E74C9-CD41-42F4-AFA1-12EBBCFE6FC1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{82B43252-1204-431A-B32A-37F3772F697D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{83216B8E-3104-4E21-8FE2-FF39F40385E7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{834C78C6-090D-4F69-AD21-3411BD392893}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{835668D3-F1DF-4574-A2CA-2060A3827C84}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{83DF0389-BA09-4CCF-8DA2-05E6F8866A15}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{855410BA-4033-4051-BCC0-B8FAB17813B6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{856AB638-ADBC-406A-AE2F-ED8B093A75A9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{85AFC143-1F53-4B89-92C6-0C462F333E52}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{867950FE-F96D-46B0-B209-93A9463FD1CD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{868F38EB-D368-420E-9D77-480828C44E8E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{869BC935-63A0-495C-9310-4E200F3824B2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{86F0D26E-966E-4589-B1EA-100C9AAC5F69}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8770A356-2019-4C8E-80A3-762DB3C8E6F2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{877D4E22-B729-4742-9ED2-E09D64D872EF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{88084210-58E5-474E-9CA3-4A55B9AC5701}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8819E79E-2E70-49D9-A3D8-A817A35256B1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{888F6EAD-3500-4F25-9080-1A90B65EF4D6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{88C8A651-E431-4028-AF17-6545BEC28E17}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{88EFE29D-95E2-4406-BCD2-BFB5B4E498AF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{893B6FD5-2B94-447F-98C0-B517981925FF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8953085E-F9A2-4CE2-AD97-720127A0A8F4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8A16D451-8A3A-49E9-BA0F-D09C524AE025}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8A27E8C4-4183-4E1B-8564-4C3999D47DE1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8A56BDE5-E675-48AE-8AA8-8C0FC191AC6E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8A59E3EB-6E06-412E-B95A-9463AD58D363}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8B4F064B-D6EB-4E3C-99B5-B18D27E8580B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8B82B868-3B1C-426B-968E-5CB93DC4A480}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8C0B9CC3-2D80-4673-9B4D-8D85CD2B131E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8C7D689D-AD63-469F-86F7-E374521E094D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8D7D675F-8D1F-46EA-8C99-9AC02630875D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8DE132C2-44D8-4825-86DD-B2D2D42A0BB8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8DED3C4C-E6FE-4AD7-9725-15E14B2F954D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8E672DC2-1D25-4BE7-A58D-61567947FB59}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8F72F4AC-C35C-41EC-86BD-83C2AD5ACEF1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{8FF6C8E2-FC78-4EB2-8D24-4E54FB3701C7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{90DC273D-F1F3-4245-AC03-66E10032CD8A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{911BC007-B4BF-41ED-A40D-1C444A618A67}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{91397FDE-7517-4586-9BED-90C37F0D3F02}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{919EC7EE-DD1A-4E06-AFF6-80748621856B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{91FB920B-D794-4A4C-B7E6-0366248497E2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{922D9F36-98C7-4746-A08E-6E9DD71E68AC}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{935F8740-EA3D-48E2-AA8D-4DB4943B8640}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{93ACAFE9-4D23-44D7-84A3-D39361E22D36}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{93B703A1-9D81-47BD-A66E-5F32CC9F7A85}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{94427A19-8C0C-47B0-917E-CADA00F48E6C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{944CA426-F788-48DC-98BA-A5054EF3C6D6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9544F599-FD1A-4EF6-A073-57D3F334E97E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{95D1AC27-B815-49F7-B3D2-C5514DEDCB01}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{95DABB57-191C-42EF-A3F4-350712DF0008}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{965D90DD-BFA3-47C1-A5E4-FD6CA249613D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9741501D-25B1-4EE6-8F5A-FE6F0081A1FB}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{974FE5F4-B805-4BC8-8173-32625E7E213A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{977BC50A-705D-4BAF-8534-3596C9324163}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{98F1B013-C19A-4DA7-887A-AA2F34366DA6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9901462C-EDB3-443D-8415-1CB30C942C17}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9965E6D6-ED65-47CC-833A-29CCFDFBDAEE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9999D5A3-BFB6-4972-95AE-7EE9C6269EE1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9A3C72C0-A6CA-40C0-9758-A451607A0E8B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9A5BAF76-5A3A-4845-94E7-DD4F49979D8C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9B5A7D4C-8B00-4AC0-96DD-6C8E2A1D590E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9BD8448F-81B9-4175-8D03-D3B80228E04E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9BE17C34-DE53-4211-B585-586030BF1669}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9C142371-F85D-45C3-9C39-DA900F2A6037}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9C700242-C4E4-43D6-877D-30A8D95AFF1B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9D9056C8-A1E1-422F-B365-94A5D007931A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9D96F64D-E21B-4860-A784-9B76C2E4FBD4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9DA5335C-FB8B-4D40-95BF-D3F03CE0C302}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9DE24465-7A2D-4125-9C99-5F6BCD3A2E3B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9E212A12-3752-4AFC-B0E2-2641618642F6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9E440C3A-9CD6-4C10-AE62-26CB5BF258F9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9E65B9A7-D35D-48C3-A72E-7E0DFE047B82}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9E81EF21-36C7-4372-AB09-496B72C7E851}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9ECA327A-A482-4B03-AD3D-F3CEA3AB8E2D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9FD61B7D-83CB-4A79-A118-87B0430DF013}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{9FE9E260-389F-466D-8DDC-BE2E1CEAC7EE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A0216C00-3381-4A13-8168-611B646D2E84}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A043E854-783D-4926-B3D7-1037A0235E56}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A0640EB1-E1F6-41E4-9C91-830ACFCC9117}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A081EE0A-DC87-489F-905F-49727114BC1A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A1407335-BBD6-4512-926F-8E69D1691191}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A14073EA-2505-40F0-99B0-508A4BDC086D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A22FB2D4-74A6-4632-A90A-DDAAEAC726D7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A2EE3C0B-B4F7-4373-9A72-6B3D1C2252CD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A3063F7E-D892-4C7A-9B98-C6EA8F78BFA7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A3FF2C44-3F25-4BB0-90F7-A0FF39FC1F4C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A40F7E36-DB15-47D2-A3CD-5F2DB73914B1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A4EC99F5-E22A-43FA-A214-7DFF1BAFF75E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A59165C1-4E8E-4AEB-AF88-001279FED21C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A5B44567-1D59-4E37-9AD2-D2AA3A8F1824}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A637C4B5-0248-4B7E-A00D-15D7AF8E5220}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A7AEBE85-8372-4DCE-9880-7E46CA82467B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A848A13D-2C91-4493-847B-5FC8B990A65A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A8AFE4AB-1B82-4302-ABF3-3CE4C4AE9DA6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A8DEA917-A552-42F4-AB01-4B246698E7B1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{A95DE5C3-E2BA-4C5B-82F1-5092EBB527CA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AA06F733-E2F7-4319-8BE1-E3BF9C86807C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AA337BB2-0B45-4BB5-B063-9B62C1A004C4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AA87324D-E4EC-4365-B4F0-E0089FE1F678}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AAC55360-3FAC-49FA-BB34-B3C2E701D69C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AAF9ABDD-C3B8-4808-AC91-1811B0D12548}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AB09A38E-1BF3-4B68-8397-5AF17B9107D6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AB7990DB-E3AF-4465-B042-DA5CAC6D90A5}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AC09122A-DCD5-436A-83A4-4D90A17C16E1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{ACB4B199-86BF-4412-8DD9-DBA2993A3996}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{ACBDC95C-AD39-4CF4-B884-ECB9ED3A21F9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{ACD8B62A-AC05-4F0A-AF90-744E08D433AF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AE33FED4-90EE-4370-8192-9C68B4E43E59}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AF5268BD-93DB-4073-8EF9-226DFC177359}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AF7FAA8D-9DBD-4C7B-8543-87E559069C30}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{AF8F0D01-53FC-4881-9883-674991294725}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B01554CA-1D4A-4E5F-B4C1-323117F0FBB9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B0566E7E-CF1C-4B0A-8003-230C49C6C71B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B0BFB825-0F2B-4C3A-9888-17CB3E5628FE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B10A1ADF-DE2B-4734-8612-C82036DF52D3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B16104DA-6290-4467-B6CB-75747B356C55}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B1BCDB8E-F8CC-46D6-8BE2-763193621049}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B2ADBFD1-8BF3-429A-9FE3-0BA878ABB2D5}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B2D2E3F0-1BA9-4527-A33D-B15406AF553F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B2F738FE-656A-4399-8BD5-298054318059}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B36F2ED8-4D7C-40D1-A8EA-2C7C27EE956D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B3BCE287-FE5B-468F-B9B1-63E30467B30F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B3F39CC3-55B3-4D49-B9BB-0A37494FA3B0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B46C873C-9D09-4D55-BBF2-E332FC50D2B7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B4A5F54B-B852-4E66-8726-68D27006B50F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B4B59488-AD1D-4D5B-9DD3-4A506AD5B747}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B4B8C7EE-EAB6-4AD0-93D6-7B218824445F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B4D4C53C-8A81-43C1-B6F3-B45B6380CED1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B50EBC41-306C-4F2B-BD72-AD2221160304}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B5919060-4BC4-4F1A-988C-E464DC0D4304}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B5A0DD6C-B55F-41CE-86C6-CC6FEA5C6C4B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B5FEB8F8-402C-4BA0-A22A-D074C583C753}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B704647C-5DA0-4B1E-BD6A-D65714C187A4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B7124593-FB8A-42DE-9826-ADA908F49C02}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B72997BA-C307-4DE2-90E4-DC3AC3B25E0C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{B7EEF262-84DF-4987-BEA6-D025A98CEFD3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{BA1A5457-8213-4E28-BA6C-D06764EA5CF2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{BA423E68-71DB-4759-A78D-A34C297AFB14}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{BADEB2D5-99F3-480D-A5D2-234E20C64B36}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{BBA3DD5C-1413-4BA4-ADBA-49415034F149}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{BBDAB74E-9053-47E0-BBAE-DCA5C650EB31}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{BCA8F676-69A5-4537-B5E1-85FAB091C63E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{BD6A062A-8E5E-4E59-A059-04B384224405}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{BE8AE7BD-C40E-47A1-8AB9-232932166AD3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{BF32D7B9-69A1-453D-B1D3-50AFAEA7DF35}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C00BF85F-F6FD-44DF-AEE7-37C867B171DD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C0379C05-1554-451D-978A-C144A7FC8BBF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C05EE97B-891F-4464-AB0A-300DD3CD6490}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C1318768-FC51-40C0-B529-372A650462B7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C13AFB36-4B8D-4231-B556-BD15D32B85C9}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C17C069C-AAC4-4DD0-8BA8-39C602321359}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C1B16ABA-D884-442D-8329-CECCB12D5F00}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C1D1B046-996E-467F-B32F-0D1AC8FC2101}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C1F28D59-FE5F-4CB9-8705-F5B0ECF391C8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C2699658-DC63-4292-B53E-ABD3EBF31D0D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C28B8C54-B656-4703-B75A-39F97CB05779}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C28CE0BD-5994-45B6-A205-0CB98B79E476}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C2AAD02F-BE22-44A7-B644-07D7B3706C3C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C2E24C77-C002-4F79-A663-98B38B67D9D8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C36B8DDA-42CC-41D8-A97D-F931EB21A05A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C51465A5-38CF-4F22-B0FE-8CB3EF131653}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C5456612-856C-4436-A91F-B3B2A87F631B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C563E133-B555-4A0A-86D4-FAF1A83F2369}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C593766E-0AB5-4773-9473-9440E026E506}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C59D96E1-13DD-41D1-AC4E-7E8E6614E0B1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C5E1C5DE-BC79-4412-A1FC-5AA06E58F37E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C5FE3AFD-CD2F-4D8C-B900-45BC828A7C50}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C6711597-2401-41FC-BD25-859982796085}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C67A9D68-C85A-42CB-9654-BF64EB393E34}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C6E1F514-0843-4F28-94A1-DF55A22A3336}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C75C170D-3331-4D9D-9F41-CDE72117779B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C7A08134-48BD-46C2-A514-107DF6EA38B1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C7D1F1F5-778A-4500-B310-1256D6960867}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C7FACF0D-FF68-4A07-9598-002372E8A88E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C885D93A-57E3-4521-8031-F0148DD872D7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C8ECD03A-1897-4446-A02F-60D4223DAD88}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C8F70248-DB85-404D-9DAA-624C139DD3CE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C9BA76E4-45D0-4622-B4B1-2FDE0A340632}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C9BB3ACC-C70E-4257-A86F-4275BC9922E2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{C9BCBA9B-0B06-4ECA-A46E-6A38F1196092}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CAE1F54F-9F93-424C-B9CE-086A9F2DC942}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CB2C6523-5BD7-42F7-A0A8-81D7C444DD99}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CB7CE8B3-45EF-4C98-A51B-79323AA0ECF5}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CBDF5C25-D588-490E-AA43-D75D3CD93CCA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CBE10E71-4942-4C2D-8AA5-E364CA80AEE0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CBF506F9-3B1D-4FB6-9FCA-EB17D9D15758}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CBFC30A6-75EE-462E-8461-C42DAFA80239}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CC76065F-FD27-42F8-AB0C-D89437B92B5D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CD2A3012-62E0-4E68-A57D-7CCBB61E3A62}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CEFBCAEF-0DBA-4380-BC9C-1C66D86DDA07}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{CFA5BBF2-9FC7-4B22-949E-9F35B05EFD2F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D15FBCA9-63A5-4AC0-92E4-0C35E99B80DA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D1790497-7861-4BF5-9B6D-E44B6EE1A794}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D23CCBA7-7268-4F16-BC95-6A86EFDCFAFE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D25B3FF5-2BB0-47AD-A3B1-44D1901EB075}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D2AAC2EC-E41B-4573-94C2-975E847CD888}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D330C430-E0B2-4640-A375-CC087B3C0241}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D3F56FB0-75FD-4C21-B6E6-509E65051ACF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D474611A-FDD9-4B45-B1B2-B3930967441F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D560D1CB-B124-4111-A040-EFC28E57169B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D60AA646-D12B-4465-8510-2B43F682D004}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D6C4B503-4183-45AE-8518-39A0B06CB341}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D70B15F0-C67F-489D-A56F-E5C6B1BA74FA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D8821030-19E9-4A62-A355-A4EEBA149432}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D8A218E1-4AD4-4490-B932-E47D10C7AC08}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D994C015-4D6F-49BC-AE2F-DEA8F2201BAA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D997758F-6FBD-4C01-8843-8956F171CF41}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{D9E19516-9DD5-41D9-BF8F-9D7B24BC1E3F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DAB8A4B3-9BD5-455E-9783-73E6A18AE333}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DAF9B547-A951-4948-B5D2-07CEC533CC4A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DB04DF72-0FDE-4810-898F-A0A6815A32FA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DB45B1D3-AA2D-4C23-8800-951975E557E0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DB537EF2-E959-4BB8-95A3-05A944C582E1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DCDE2358-CDC4-4BAA-AC7F-32F4D725D9EA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DD2164F5-0333-4D56-A5C1-5E80FEC70772}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DD9BCF1F-400C-4885-B762-1F16F844D75B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DE062A7B-F45C-456F-B2CF-1C44A3D8A101}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DE74EFB7-9FFE-457C-9F14-AED0926142F8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DEA36C63-8BAC-4CEF-B80F-2C982CC756CD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DEFC0E96-196D-40A7-AE5A-8CA55B3721D3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{DFAB05F5-65DF-48DC-BE90-114DB20A02B5}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E00FCDE1-6975-4028-BC0A-5274DBD642D5}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E0308BF5-4929-46A5-8B6B-72D021CEA5E6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E0799B02-C418-4184-9088-20E0A2DFCBCE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E07F6BE4-EA07-4448-A336-43A2CD7448C6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E1081A5F-EBD7-4265-98FE-BE3CB177A57E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E118C75F-F362-48B2-939D-47DAD0DC5184}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E2E18DD4-E5D6-4CB2-8855-23FC8E073694}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E2E69DBF-0B46-4252-91BF-72119ACE7EF7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E3897EB7-E27D-45B3-8F7C-11C1E237EAF8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E3C12D35-E5DA-4693-A281-CCF2AA5571A5}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E3F9CD55-FFFB-4275-924A-D268426B991F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E416B274-7560-46FE-BD00-ABA62CB6F880}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E466EBF5-6F82-4F3E-916A-80C4F6521860}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E4A43D23-9E67-4EE5-A372-03E3DD298A6A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E4AAAF6C-6E72-418C-8ADB-BEA33A4B303A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E5649829-9719-45E8-B432-2A5A56BAB06A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E59062E6-5B17-4BCA-8055-7404E6C48002}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E615CDFD-ACAB-4B85-9E30-8F8D2CC7962C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E6648FE6-3B30-4F21-BFE6-BF0912CD7AE5}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E670392C-500A-42E1-979A-FDB16CB78F2F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E67502EB-256B-4F00-90F8-8BA73A449F9B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E6B2CF46-481B-459A-82FD-D1308B83A7A0}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E6D6F9BE-2DC6-4D5D-A7D4-663E05C4EA39}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E7AF1419-BE32-4BAC-ADDC-72A6C34188B7}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E7B45E20-8A9D-409F-90BB-6A44279EEDA4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E8124CBB-67F0-454B-9F96-E8A68A110544}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{E8DC37FE-A234-4AAC-9ACF-D55EE94C0F2D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EA13F885-634E-4BE9-BA18-A475AAF3D13D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EA5D1575-7D4D-49FA-A705-0A32BB9CA16C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EA6ACD64-009B-4890-88AC-72022AB2CF0E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EB4227EF-EC93-41CE-B749-98C627B0412F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EB5944DB-C94E-40E0-9058-FCAC4EDC7371}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EC407D76-6094-4074-B412-52CF93301EED}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EC8B48C8-85FB-4636-88E1-1B0751D4307E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{ECA0D316-96EC-4FD2-9CFC-D46F45CEC58C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{ECDC1DE6-0518-4658-B593-9D68DA3A6526}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{ED4882BC-FF71-4C06-ACB8-37DA84F37E10}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EDDE3367-E720-4C85-8632-9191724C0DAD}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EE2FFB55-C2CF-4DA1-8BF2-F89CA114D5C3}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EEAB512E-922D-445E-BD56-00A04CCA4F8C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{EFDEB156-26DA-401D-9595-5B1E0F61C4BE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F04F28F4-7FCB-421D-B596-B518744B22F8}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F07A45C5-AA7C-4EA1-9A93-7F148CBF7FEE}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F15C8C3A-AE6C-46FC-9CAF-734C8599F2D1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F1DB6142-9E63-45BE-A24C-4C343678C719}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F1FE9650-430E-4802-8104-BD278252F03B}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F2EA5620-A3A1-4621-90BB-108EE2B07C11}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F310F953-DA65-47CD-8715-B3BF71EA7849}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F35EA8E9-E011-4039-8B22-3DA61C42240A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F3972971-1D38-4C4F-812B-0F8FA33089DF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F3B5011A-FA29-4128-BAE7-591F6F3802D6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F3FFED34-6BD6-4176-8E42-593C936A55CF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F46E9A35-889B-444B-B94B-81694E1D5AA2}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F55BE8DA-F7AB-4CA0-9E90-448294DCA038}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F5953E74-A2F6-4C37-BAE8-671AB35086B1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F6B28BB1-93C3-48E6-B55D-9ACA21CA4652}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F6FCDFC7-DE0A-4E36-840F-6561DBDC55EC}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F8E249E9-6D0B-4DE8-9E0D-0F887432CB4E}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F8E74EF9-BD86-4164-B730-4CB19494D6E6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F8FC5400-9E34-40D6-A4FC-303D2066CE36}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F922835D-2000-497F-A38C-5B62A186F6A6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F92A5C05-22F3-4374-A79E-63C490E23186}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F98F3D86-25FE-442E-8683-AC94C7AB019C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F9AC379A-0B1A-448C-B448-9336F18FBD0A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{F9ACF902-F3A6-4702-8E51-625490F7A4D6}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FABA4F05-7DB0-416B-8DFD-4F7C873B1B1A}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FAFA1C2C-ECFB-4806-ACAF-62CE83515425}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FB35FEAD-3B65-4E77-ADEF-49651341EF6D}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FB9D2576-EF34-41AF-8554-4C77631309D1}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FBF006E6-42BF-460D-950E-C9E3F2136419}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FC6737EF-CEFD-4D84-8FF8-EE7185992DB4}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FE23D738-4F79-4E41-B391-7330CA319380}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FE8BAA84-16D1-4CD0-AF9A-C41D2DCD6ECF}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FEABE202-ACDB-4508-94E6-81A38FC05F69}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FF3FECB2-EA36-499D-B6B5-64CD98F17C7C}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FF996365-3A20-452E-9546-73012ACBBB8F}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FF9ADF63-21CA-4C55-BF33-2883C32E4C48}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FFA2743C-06E1-4C96-8910-E9472043E3FA}

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{FFDB4086-7E3A-4524-BDE3-A29C69CAFE39}
Link to post
Share on other sites

~~~ FireFox

 

Successfully deleted: [File] C:\user.js

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"

Successfully deleted: [File] C:\Users\Midna-194\AppData\Roaming\mozilla\firefox\profiles\c1sozl0e.default\user.js

Successfully deleted: [File] C:\Users\Midna-194\AppData\Roaming\mozilla\firefox\profiles\c1sozl0e.default\searchplugins\mystart search.xml

Successfully deleted: [File] C:\Users\Midna-194\AppData\Roaming\mozilla\firefox\profiles\c1sozl0e.default\searchplugins\search.xml

Successfully deleted: [Folder] C:\Users\Midna-194\AppData\Roaming\mozilla\firefox\profiles\c1sozl0e.default\conduitcommon

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{336D0C35-8A85-403A-B9D2-65C292C39087}

Successfully deleted the following from C:\Users\Midna-194\AppData\Roaming\mozilla\firefox\profiles\c1sozl0e.default\prefs.js

 

user_pref("CT2786678..clientLogIsEnabled", true);




user_pref("CT2786678.AppTrackingLastCheckTime", "Wed May 04 2011 19:04:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.BrowserCompStateIsOpen_129579220236217502", true);

user_pref("CT2786678.CTID", "CT2786678");

user_pref("CT2786678.CurrentServerDate", "31-10-2011");

user_pref("CT2786678.DialogsAlignMode", "LTR");

user_pref("CT2786678.DialogsGetterLastCheckTime", "Mon Oct 31 2011 17:53:08 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.DownloadReferralCookieData", "");

user_pref("CT2786678.EMailNotifierPollDate", "Mon Oct 31 2011 17:53:06 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedLastCount5690698542593514850", 501);

user_pref("CT2786678.FeedPollDate129301619375443753", "Thu May 26 2011 18:37:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate129301619375443759", "Thu May 26 2011 18:37:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate129301619375444699", "Thu May 26 2011 18:37:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate129301619375444705", "Thu May 26 2011 18:37:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate129301619375444711", "Thu May 26 2011 18:37:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate129301619375444717", "Thu May 26 2011 18:37:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate129301619375444723", "Thu May 26 2011 18:37:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate129301619375444729", "Thu May 26 2011 18:37:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate129301619375444735", "Thu May 26 2011 18:37:27 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate129301619375444741", "Thu May 26 2011 18:37:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate129301619375444747", "Thu May 26 2011 18:37:26 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156812186649977", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156813040823546", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156813130095866", "Mon Oct 31 2011 17:53:06 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156813224203613", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156813230837251", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156813454291735", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156813729834876", "Mon Oct 31 2011 17:53:06 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156813860870021", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156814264681793", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156814863075366", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedPollDate2429156815257761081", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.FeedTTL129301619375444699", 10);

user_pref("CT2786678.FeedTTL129301619375444723", 15);

user_pref("CT2786678.FeedTTL129301619375444735", 5);

user_pref("CT2786678.FeedTTL129301619375444747", 5);

user_pref("CT2786678.FeedTTL2429156813040823546", 15);

user_pref("CT2786678.FeedTTL2429156813130095866", 10);

user_pref("CT2786678.FeedTTL2429156813454291735", 5);

user_pref("CT2786678.FeedTTL2429156814264681793", 5);

user_pref("CT2786678.FirstServerDate", "13-4-2011");

user_pref("CT2786678.FirstTime", true);

user_pref("CT2786678.FirstTimeFF3", true);

user_pref("CT2786678.FixPageNotFoundErrors", false);

user_pref("CT2786678.GroupingServerCheckInterval", 1440);


user_pref("CT2786678.HasUserGlobalKeys", true);

user_pref("CT2786678.HomePageProtectorEnabled", false);

user_pref("CT2786678.Initialize", true);

user_pref("CT2786678.InitializeCommonPrefs", true);

user_pref("CT2786678.InstallationAndCookieDataSentCount", 3);

user_pref("CT2786678.InstallationType", "UnknownIntegration");

user_pref("CT2786678.InstalledDate", "Wed Apr 13 2011 17:19:00 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.IsAlertDBUpdated", true);

user_pref("CT2786678.IsGrouping", false);

user_pref("CT2786678.IsMulticommunity", false);

user_pref("CT2786678.IsOpenThankYouPage", true);

user_pref("CT2786678.IsOpenUninstallPage", false);

user_pref("CT2786678.LanguagePackLastCheckTime", "Mon Oct 31 2011 17:53:08 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440);


user_pref("CT2786678.LastLogin_3.3.3.2", "Thu May 26 2011 15:37:27 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.LastLogin_3.6.0.10", "Mon Oct 31 2011 17:53:08 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.LatestVersion", "3.7.0.6");

user_pref("CT2786678.Locale", "en");

user_pref("CT2786678.MCDetectTooltipHeight", "83");


user_pref("CT2786678.MCDetectTooltipWidth", "295");

user_pref("CT2786678.MyStuffEnabledAtInstallation", true);


user_pref("CT2786678.SearchFromAddressBarIsInit", true);


user_pref("CT2786678.SearchInNewTabEnabled", true);

user_pref("CT2786678.SearchInNewTabIntervalMM", 1440);

user_pref("CT2786678.SearchInNewTabLastCheckTime", "Mon Oct 31 2011 17:53:06 GMT-0300 (Atlantic Daylight Time)");



user_pref("CT2786678.SearchProtectorEnabled", false);

user_pref("CT2786678.SearchProtectorToolbarDisabled", false);

user_pref("CT2786678.ServiceMapLastCheckTime", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.SettingsLastCheckTime", "Mon Oct 31 2011 17:53:06 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.SettingsLastUpdate", "1314985690");

user_pref("CT2786678.ThirdPartyComponentsInterval", 504);

user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Mon Oct 31 2011 17:53:06 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1312887586");

user_pref("CT2786678.ToolbarShrinkedFromSetup", false);


user_pref("CT2786678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com

user_pref("CT2786678.UserID", "UN58512424093920671");

user_pref("CT2786678.WeatherNetwork", "");

user_pref("CT2786678.WeatherPollDate", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.WeatherUnit", "C");

user_pref("CT2786678.alertChannelId", "1178763");

user_pref("CT2786678.backendstorage.cbfirsttime", "536174204F637420303820323031312032313A35323A323420474D542D30333030202841746C616E746963204461796C696768742054696D6529");

user_pref("CT2786678.backendstorage.pairingkey", "35314143454534373738454245323633343435443831373931434146363644323336443045363739");

user_pref("CT2786678.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F");

user_pref("CT2786678.backendstorage.url_history", "687474703A2F2F6D61696C2E676F6F676C652E636F6D2F6D61696C2F");

user_pref("CT2786678.backendstorage.url_history_time", "31333138313231353633363138");

user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP

user_pref("CT2786678.globalFirstTimeInfoLastCheckTime", "Mon Oct 31 2011 17:53:08 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.homepageProtectorEnableByLogin", true);

user_pref("CT2786678.initDone", true);

user_pref("CT2786678.isAppTrackingManagerOn", true);

user_pref("CT2786678.myStuffEnabled", true);

user_pref("CT2786678.myStuffPublihserMinWidth", 400);


user_pref("CT2786678.myStuffServiceIntervalMM", 1440);


user_pref("CT2786678.oldAppsList", "129295695672325902,129295695672325903,1000234,129295698017012804,1000034,129526967958500204,129309489763975460,5690698542593514850,12930948

user_pref("CT2786678.searchProtectorDialogDelayInSec", 10);

user_pref("CT2786678.searchProtectorEnableByLogin", true);

user_pref("CT2786678.testingCtid", "");

user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Mon Oct 31 2011 17:53:08 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Mon Oct 31 2011 17:53:08 GMT-0300 (Atlantic Daylight Time)");

user_pref("CT3300195_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1372911552161,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}


















user_pref("CommunityToolbar.EngineOwner", "");

user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");

user_pref("CommunityToolbar.IsEngineShown", true);

user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);


user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");

user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678");

user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}");

user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");

user_pref("CommunityToolbar.ToolbarsList", "CT2786678");

user_pref("CommunityToolbar.ToolbarsList2", "ConduitEngine,CT2786678");

user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Apr 13 2011 17:18:59 GMT-0300 (Atlantic Daylight Time)");

user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Apr 19 2011 20:21:12 GMT-0300 (Atlantic Daylight Time)");


user_pref("CommunityToolbar.alert.locale", "en");

user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu May 26 2011 15:37:25 GMT-0300 (Atlantic Daylight Time)");

user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");

user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);


user_pref("CommunityToolbar.alert.showTrayIcon", false);

user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

user_pref("CommunityToolbar.alert.userId", "5d285c47-893f-4d03-aac3-327fff8b689c");

user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Oct 31 2011 17:53:06 GMT-0300 (Atlantic Daylight Time)");

user_pref("CommunityToolbar.globalUserId", "b88f87df-47a1-4680-aada-84248d0d1775");

user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

user_pref("CommunityToolbar.killedEngine", true);

user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Oct 31 2011 17:53:09 GMT-0300 (Atlantic Daylight Time)");

user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);

user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Oct 31 2011 17:53:15 GMT-0300 (Atlantic Daylight Time)");


user_pref("CommunityToolbar.notifications.locale", "en");

user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Oct 31 2011 17:53:07 GMT-0300 (Atlantic Daylight Time)");

user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);


user_pref("CommunityToolbar.notifications.showTrayIcon", false);

user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

user_pref("CommunityToolbar.notifications.userId", "fbe3e69a-f429-4819-9ec2-a08e3e4995ec");

user_pref("CommunityToolbar.undefined", "");


user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke New V2 Customized Web Search");



user_pref("Smartbar.keywordURLSelectedCTID", "CT3300195");

user_pref("browser.search.defaultthis.engineName", "WhiteSmoke New V2 Customized Web Search");


user_pref("browser.search.selectedEngine", "WhiteSmoke New V2 Customized Web Search");


user_pref("extensions.4ffa2d38e36fc.scode", "if(window.self.location.protocol.indexOf('hxxp')>-1 && window.self==window.top){var script=document.createElement('script');script

user_pref("extensions.BabylonToolbar.aflt", "babsst");

user_pref("extensions.BabylonToolbar.babTrack", "affID=100888");

user_pref("extensions.BabylonToolbar.bbDpng", 31);

user_pref("extensions.BabylonToolbar.dfltLng", "en");

user_pref("extensions.BabylonToolbar.dfltSrch", true);

user_pref("extensions.BabylonToolbar.hmpg", true);

user_pref("extensions.BabylonToolbar.id", "920069fa00000000000006268255d5d8");

user_pref("extensions.BabylonToolbar.instlDay", "15253");

user_pref("extensions.BabylonToolbar.instlRef", "sst");


user_pref("extensions.BabylonToolbar.lastDP", 31);

user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1016:16:40");

user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "6.0");

user_pref("extensions.BabylonToolbar.newTab", true);


user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar.propectorlck", 58654448);

user_pref("extensions.BabylonToolbar.prtkDS", 1);

user_pref("extensions.BabylonToolbar.prtkHmpg", 1);

user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar.ptch_0717", true);

user_pref("extensions.BabylonToolbar.smplGrp", "none");

user_pref("extensions.BabylonToolbar.srcExt", "ss");

user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");

user_pref("extensions.BabylonToolbar.tlbrId", "base");

user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10");

user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1016:16:40");

user_pref("extensions.incredibar_i.aflt", "orgnl");

user_pref("extensions.incredibar_i.dfltLng", "");

user_pref("extensions.incredibar_i.did", "10650");

user_pref("extensions.incredibar_i.excTlbr", false);

user_pref("extensions.incredibar_i.id", "920069fa00000000000006268255d5d8");

user_pref("extensions.incredibar_i.installerproductid", "26");

user_pref("extensions.incredibar_i.instlDay", "15530");

user_pref("extensions.incredibar_i.instlRef", "");

user_pref("extensions.incredibar_i.ms_url_id", "");

user_pref("extensions.incredibar_i.newTab", false);

user_pref("extensions.incredibar_i.ppd", "20%5F5");

user_pref("extensions.incredibar_i.prdct", "incredibar");

user_pref("extensions.incredibar_i.productid", "26");

user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

user_pref("extensions.incredibar_i.smplGrp", "none");

user_pref("extensions.incredibar_i.tlbrId", "base");


user_pref("extensions.incredibar_i.upn2", "6R8ypWHLr7");

user_pref("extensions.incredibar_i.upn2n", "92824672769219061");

user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1422:03:02");

user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");


user_pref("smartbar.addressBarOwnerCTID", "CT3300195");



user_pref("smartbar.defaultSearchOwnerCTID", "CT3300195");

user_pref("smartbar.homePageOwnerCTID", "CT3300195");

user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.searc

user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio

user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.searc

 

 

 

~~~ Chrome

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 04/07/2013 at 11:51:50.08

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

# AdwCleaner v2.304 - Logfile created 07/04/2013 at 12:03:47

# Updated 03/07/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Midna-194 - SPB-HP

# Boot Mode : Normal

# Running from : C:\Users\Midna-194\Downloads\AdwCleaner (1).exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Users\Midna-194\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhapnjfnhgjijlphlbjbhkjbinbmcmjn

File Deleted : C:\Users\Public\Desktop\eBay.lnk

File Deleted : C:\Users\SPB\Desktop\Uninstall.exe

File Deleted : C:\Users\SPB3\AppData\Roaming\Mozilla\Firefox\Profiles\zm7qth54.default\searchplugins\MyStart Search.xml

Folder Deleted : C:\Users\MIDNA-~1\AppData\Local\Temp\AskSearch

Folder Deleted : C:\Users\MIDNA-~1\AppData\Local\Temp\TempDir

Folder Deleted : C:\Users\Midna-194\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhapnjfnhgjijlphlbjbhkjbinbmcmjn

Folder Deleted : C:\Users\Midna-194\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Midna-194\AppData\Roaming\Mozilla\Firefox\Profiles\c1sozl0e.default\Conduit

Folder Deleted : C:\Users\SPB 2\AppData\LocalLow\BabylonToolbar

Folder Deleted : C:\Users\SPB 2\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\SPB 2\AppData\LocalLow\ConduitEngine

Folder Deleted : C:\Users\SPB 2\AppData\LocalLow\incredibar.com

Folder Deleted : C:\Users\SPB 2\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\SPB 2\AppData\LocalLow\Toolbar4

Folder Deleted : C:\Users\SPB\AppData\LocalLow\BabylonToolbar

Folder Deleted : C:\Users\SPB\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\SPB\AppData\LocalLow\ConduitEngine

Folder Deleted : C:\Users\SPB\AppData\LocalLow\incredibar.com

Folder Deleted : C:\Users\SPB\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\SPB\AppData\LocalLow\Toolbar4

Folder Deleted : C:\Users\SPB\AppData\Roaming\Mozilla\Firefox\Profiles\2jrczaxe.default\extensions\staged

Folder Deleted : C:\Users\SPB3\AppData\LocalLow\BabylonToolbar

Folder Deleted : C:\Users\SPB3\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\SPB3\AppData\LocalLow\ConduitEngine

 

***** [Registry] *****

 

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\Google\Chrome\Extensions\bhapnjfnhgjijlphlbjbhkjbinbmcmjn

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A89A7E3-6ADD-4EF9-8EE7-A3C3B7D83BB0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C44BEE81-3F8A-F8CA-0E1C-BAE46F150DEC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C44BEE81-3F8A-F8CA-0E1C-BAE46F150DEC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C2178B36-2955-479B-818C-A2AE8E500454}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C44BEE81-3F8A-F8CA-0E1C-BAE46F150DEC}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bhapnjfnhgjijlphlbjbhkjbinbmcmjn

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C44BEE81-3F8A-F8CA-0E1C-BAE46F150DEC}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : HKLM\SOFTWARE\Web Assistant

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]

Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16490

 

[OK] Registry is clean.

 

-\\ Mozilla Firefox v22.0 (en-US)

 

File : C:\Users\SPB\AppData\Roaming\Mozilla\Firefox\Profiles\2jrczaxe.default\prefs.js

 

Deleted : user_pref("greasemonkey.scriptvals.mat/KOC Power Tools.Options_258", "{\"includeCity\":true,\"includ[...]

Deleted : user_pref("greasemonkey.scriptvals.mat/KOC Power Tools.Options_296", "{\"includeCity\":true,\"includ[...]

Deleted : user_pref("greasemonkey.scriptvals.mat/KOC Power Tools.Options_340", "{\"includeCity\":true,\"includ[...]

Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

 

File : C:\Users\Midna-194\AppData\Roaming\Mozilla\Firefox\Profiles\c1sozl0e.default\prefs.js

 

Deleted : user_pref("CT2786678.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]

Deleted : user_pref("CT3300195_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]













Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

 

File : C:\Users\SPB 2\AppData\Roaming\Mozilla\Firefox\Profiles\ywmmc8st.default\prefs.js

 

[OK] File is clean.

 

File : C:\Users\SPB3\AppData\Roaming\Mozilla\Firefox\Profiles\zm7qth54.default\prefs.js

 

Deleted : user_pref("extensions.greasemonkey.scriptvals.mat/KOC Power Tools.Options_364", "{\"includeCity\":tr[...]

Deleted : user_pref("extensions.greasemonkey.scriptvals.mat/KOC Power Tools.Options_373", "{\"includeCity\":tr[...]

Deleted : user_pref("extensions.greasemonkey.scriptvals.mat/KOC Power Tools.Options_376", "{\"includeCity\":tr[...]

Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=too[...]

Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

 

-\\ Google Chrome v27.0.1453.116

 

File : C:\Users\SPB\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

File : C:\Users\Midna-194\AppData\Local\Google\Chrome\User Data\Default\Preferences

 


 

File : C:\Users\SPB 2\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

File : C:\Users\SPB3\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [12749 octets] - [04/07/2013 12:01:34]

AdwCleaner[s1].txt - [12466 octets] - [04/07/2013 12:03:47]

 

########## EOF - C:\AdwCleaner[s1].txt - [12527 octets] ##########

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2013.07.04.06

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Midna-194 :: SPB-HP [administrator]

 

04/07/2013 12:11:55 PM

mbam-log-2013-07-04 (12-11-55).txt

 

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 311526

Time elapsed: 9 minute(s), 1 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

Link to post
Share on other sites

RogueKiller V8.6.2 _x64_ [Jul  2 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com




 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Midna-194 [Admin rights]

Mode : Scan -- Date : 07/04/2013 12:27:42

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 5 ¤¤¤

[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (127.0.0.1:8118) -> FOUND

[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 4 ¤¤¤





 

¤¤¤ Startup Entries : 1 ¤¤¤

[sheryl][sUSP PATH] Seagate Product Registration.lnk : E:\Documents and Settings\Sheryl\Start Menu\Programs\Startup\Seagate Product Registration.lnk @E:\Documents and Settings\Sheryl\Application Data\Leadertech\PowerRegister\Seagate Product Registration.exe /remind /language=ENC /BRND="Seagate" /BDSR="Seagate" [-][7][x][x] -> FOUND

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

-> E:\windows\system32\config\SYSTEM

 C:\WINDOWS\system32

 C:\Documents and Settings\Administrator\Start Menu\Programs\Startup

-> E:\windows\system32\config\SOFTWARE

 C:\WINDOWS\system32

 C:\Documents and Settings\Administrator\Start Menu\Programs\Startup

-> E:\windows\system32\config\SECURITY

 C:\WINDOWS\system32

 C:\Documents and Settings\Administrator\Start Menu\Programs\Startup

-> E:\windows\system32\config\SAM

 C:\WINDOWS\system32

 C:\Documents and Settings\Administrator\Start Menu\Programs\Startup

-> E:\windows\system32\config\DEFAULT

 C:\WINDOWS\system32

 C:\Documents and Settings\Administrator\Start Menu\Programs\Startup

-> E:\Documents and Settings\Administrator\NTUSER.DAT

 C:\WINDOWS\system32

 C:\Documents and Settings\Administrator\Start Menu\Programs\Startup

-> E:\Documents and Settings\All Users\NTUSER.DAT

 C:\WINDOWS\system32

 

-> E:\Documents and Settings\Default User\NTUSER.DAT

 C:\WINDOWS\system32

 C:\Documents and Settings\Owner\Start Menu\Programs\Startup

-> E:\Documents and Settings\Greg\NTUSER.DAT

 C:\WINDOWS\system32

 

-> E:\Documents and Settings\LocalService\NTUSER.DAT

 C:\WINDOWS\system32

 C:\Documents and Settings\LocalService\Start Menu\Programs\Startup

-> E:\Documents and Settings\NetworkService\NTUSER.DAT

 C:\WINDOWS\system32

 C:\Documents and Settings\NetworkService\Start Menu\Programs\Startup

-> E:\Documents and Settings\postgres\NTUSER.DAT

 C:\WINDOWS\system32

 C:\Documents and Settings\postgres\Start Menu\Programs\Startup

-> E:\Documents and Settings\Quentin\NTUSER.DAT

 C:\WINDOWS\system32

 C:\Documents and Settings\Quentin\Start Menu\Programs\Startup

-> E:\Documents and Settings\Quentin_2\NTUSER.DAT

 C:\WINDOWS\system32

 

-> E:\Documents and Settings\Rylan\NTUSER.DAT

 C:\WINDOWS\system32

 C:\Documents and Settings\Rylan\Start Menu\Programs\Startup

-> E:\Documents and Settings\Sheryl\NTUSER.DAT

 C:\WINDOWS\system32

 C:\Documents and Settings\Sheryl\Start Menu\Programs\Startup

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: Seagate ST31000528AS SCSI Disk Device +++++

--- User ---

[MBR] 41f64eb7a94fbdc49fa0cc2687dc3c22

[bSP] b933206a94f8ce56cc079c3c33bf997d : Windows Vista/7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 939733 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1924780032 | Size: 13839 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

 

+++++ PhysicalDrive1: Seagate ST31000528AS SCSI Disk Device +++++

--- User ---

[MBR] 00ca9b93bc8ef1950fa74b2f66859eea

[bSP] 74c3e5f98933aa316c7c225b4c7cf3a6 : MBR Code unknown

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 235185 Mo

2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 481757220 | Size: 3176 Mo

User = LL1 ... OK!

Error reading LL2 MBR!

 

+++++ PhysicalDrive2: Seagate ST31000528AS SCSI Disk Device +++++

Error reading User MBR!

User = LL1 ... OK!

Error reading LL2 MBR!

 

+++++ PhysicalDrive3: Seagate ST31000528AS SCSI Disk Device +++++

Error reading User MBR!

User = LL1 ... OK!

Error reading LL2 MBR!

 

+++++ PhysicalDrive4: Seagate ST31000528AS SCSI Disk Device +++++

Error reading User MBR!

User = LL1 ... OK!

Error reading LL2 MBR!

 

Finished : << RKreport[0]_S_07042013_122742.txt >>

RKreport[0]_S_07042013_020218.txt

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 9.0.8112.16490  BrowserJavaVersion: 10.25.2

Run by Midna-194 at 12:29:55 on 2013-07-04

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.2.1033.18.8184.6133 [GMT -3:00]

.

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe

C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe

C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\wuauclt.exe

C:\Program Files\TortoiseSVN\bin\TSVNCache.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\notepad.exe

C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Midna-194\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.



uProxyServer = 127.0.0.1:8118

uURLSearchHooks: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - <orphaned>

mWinlogon: Userinit = userinit.exe,

BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll

BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ips\ipsbho.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

BHO: WinToFlash Suggestor: {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coieplg.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 

EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>

EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file>

uRun: [Google Update] "C:\Users\Midna-194\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

uRun: [Dxtory Update Checker 2.0] C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe

uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

mRun: [browserPlugInHelper] C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

StartupFolder: C:\Users\MIDNA-~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Xfire.lnk - C:\Program Files (x86)\Xfire\xfire.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERHI~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERQU~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAPFI~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com



TCP: NameServer = 192.168.2.1 142.166.145.137

TCP: Interfaces\{60814483-CE62-4E86-BD59-3488D94C7B46} : DHCPNameServer = 192.168.2.1 142.166.145.137

TCP: Interfaces\{60814483-CE62-4E86-BD59-3488D94C7B46}\359656D656E637D2744424 : DHCPNameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{60814483-CE62-4E86-BD59-3488D94C7B46}\359656D656E637D2764626 : DHCPNameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{79AECEF7-3301-450F-A796-1FE5B953E982} : DHCPNameServer = 192.168.2.1 142.166.145.137

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

x64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Midna-194\AppData\Roaming\Mozilla\Firefox\Profiles\c1sozl0e.default\

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Program Files (x86)\WorldWinner.com, Inc\WorldWinner Games\npwwload.dll

FF - plugin: C:\Users\Midna-194\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Users\Midna-194\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\System32\npdeployJava1.dll

FF - plugin: C:\Windows\System32\npmproxy.dll

FF - plugin: C:\Windows\System32\npOGPPlugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - plugin: C:\Windows\SysWOW64\npOGPPlugin.dll

.

============= SERVICES / DRIVERS ===============

.

R0 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2009-5-18 231224]

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1207020.003\symds64.sys [2012-6-11 450680]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1207020.003\symefa64.sys [2012-6-11 912504]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [2013-7-2 1393240]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130703.001\IDSviA64.sys [2013-7-3 513184]

R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1207020.003\ironx64.sys [2012-6-11 171128]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1207020.003\symnets.sys [2012-6-11 386168]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]

R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]

R2 AVerRemote;AVerRemote;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2011-12-28 348160]

R2 AVerScheduleService;AVerScheduleService;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-12-28 403456]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2013-6-28 2470736]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]

R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe [2012-6-11 130008]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-1-11 1119768]

R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-8-31 46136]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-3-17 138912]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-12-29 412776]

R3 TRIDCap;AVerMedia service;C:\Windows\System32\drivers\AVerTM62_x64.sys [2011-12-28 2261120]

R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-1-11 38456]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-24 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-3 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-3 57856]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-13 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]

.

=============== Created Last 30 ================

.

2013-07-04 15:07:45 -------- d-----w- C:\Users\Midna-194\AppData\Local\{79EAAE3C-27C5-40E4-A225-CD09BDD6BF35}

2013-07-04 15:03:54 176 ----a-w- C:\Windows\DeleteOnReboot.bat

2013-07-04 14:48:09 -------- d-----w- C:\Windows\ERUNT

2013-07-04 14:46:33 -------- d-----w- C:\JRT

2013-07-04 05:28:27 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi

2013-07-04 05:11:54 -------- d-----w- C:\Users\Midna-194\AppData\Roaming\Malwarebytes

2013-07-04 05:11:46 -------- d-----w- C:\ProgramData\Malwarebytes

2013-07-04 05:11:45 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-07-04 05:11:45 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-07-04 05:11:30 -------- d-----w- C:\Users\Midna-194\AppData\Local\Programs

2013-07-04 04:08:15 -------- d-----w- C:\Users\Midna-194\AppData\Local\CRE

2013-07-04 04:07:42 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5

2013-07-04 02:50:11 -------- d-----w- C:\Users\Midna-194\AppData\Local\TSVNCache

2013-07-03 01:37:28 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-06-26 00:42:46 -------- d-----w- C:\Users\Midna-194\AppData\Local\4A Games

2013-06-25 19:56:32 -------- d-----w- C:\Users\Midna-194\AppData\Roaming\TortoiseSVN

2013-06-25 19:41:51 -------- d-----w- C:\Users\Midna-194\AppData\Roaming\Subversion

2013-06-25 19:40:34 -------- d-----w- C:\Program Files (x86)\Common Files\TortoiseOverlays

2013-06-25 19:40:31 -------- d-----w- C:\Program Files\TortoiseSVN

2013-06-25 19:40:31 -------- d-----w- C:\Program Files\Common Files\TortoiseOverlays

2013-06-24 02:30:04 -------- d-----w- C:\Users\Midna-194\OilRush

2013-06-22 02:10:08 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-06-22 02:10:08 -------- d-----w- C:\Program Files\iTunes

2013-06-22 02:10:08 -------- d-----w- C:\Program Files\iPod

2013-06-22 02:10:08 -------- d-----w- C:\Program Files (x86)\iTunes

2013-06-22 02:06:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2013-06-22 02:06:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2013-06-22 02:06:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2013-06-22 02:06:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2013-06-22 02:06:55 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2013-06-13 16:27:06 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-06-13 16:27:06 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-06-13 16:27:02 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-13 16:27:00 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-06-13 16:27:00 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-06-13 16:26:44 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-06-13 16:26:44 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-06-13 16:26:44 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-06-13 16:26:44 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-06-13 16:26:44 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-06-13 16:26:44 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-06-13 16:26:44 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-06-13 16:26:44 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-06-13 16:26:44 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-06-13 16:26:44 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

.

==================== Find3M  ====================

.

2013-07-03 01:37:20 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2013-07-03 01:37:20 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-06-24 02:23:29 466456 ----a-w- C:\Windows\System32\wrap_oal.dll

2013-06-24 02:23:28 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll

2013-06-24 02:23:28 122904 ----a-w- C:\Windows\System32\OpenAL32.dll

2013-06-24 02:23:28 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll

2013-06-12 08:26:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-12 08:26:13 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-04 22:40:25 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll

2013-05-04 22:40:24 971680 ----a-w- C:\Windows\System32\deployJava1.dll

2013-05-04 22:40:24 1092512 ----a-w- C:\Windows\System32\npDeployJava1.dll

2013-05-01 06:59:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2013-05-01 06:59:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys

.

============= FINISH: 12:30:48.62 ===============
Link to post
Share on other sites

Good, but we still have work to do.

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

ComboFix 13-07-07.01 - Midna-194 07/07/2013  12:21:46.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.2.1033.18.8184.5892 [GMT -3:00]

Running from: c:\users\Midna-194\Downloads\ComboFix.exe

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\install.exe

c:\program files (x86)\WinToFlash Suggestor\WiNToflashsuggestor.dll

c:\programdata\100

c:\programdata\Microsoft\Windows\Start Menu\Programs\ADDICT-THING

c:\programdata\Microsoft\Windows\Start Menu\Programs\ADDICT-THING\ADDICT-THING.lnk

c:\programdata\Microsoft\Windows\Start Menu\Programs\ADDICT-THING\Uninstall.lnk

c:\users\Midna-194\AppData\Local\Microsoft\Windows\Temporary Internet Files\{411B9B54-3218-4ADF-BFC1-0801A914C0BB}.xps

c:\users\Midna-194\AppData\Local\Microsoft\Windows\Temporary Internet Files\{9D40938B-0842-4A30-AA70-AAE3D52D501E}.xps

c:\users\Midna-194\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A6E0EAF9-6716-4611-BA9B-A3C600C455B4}.xps

c:\users\Midna-194\AppData\Local\Microsoft\Windows\Temporary Internet Files\{E67F8B21-4397-4026-9E2D-6EA40625E3B9}.xps

c:\users\Midna-194\Documents\~WRL0005.tmp

c:\users\Midna-194\Documents\~WRL3790.tmp

c:\users\Public\sdelevURL.tmp

c:\users\SPB\AppData\Local\Microsoft\Windows\Temporary Internet Files\{CB8C68D0-D14E-46B4-853C-741696D94B63}.xps

c:\users\SPB\Desktop\fraps.exe

c:\users\SPB\Desktop\fraps32.dll

c:\users\SPB\Desktop\fraps64.dat

c:\users\SPB\Desktop\fraps64.dll

c:\users\SPB\Desktop\frapslcd.dll

c:\users\SPB3\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7CA6A71A-8CEC-477A-A5FB-26E979FF47E9}.xps

c:\users\SPB3\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F77861AF-8D8B-477A-A02A-C44DF11638CF}.xps

c:\windows\SysWow64\frapsvid.dll

c:\windows\SysWow64\pthreadVC.dll

c:\windows\tmp

c:\windows\tmp\dd_vcredistMSI796C.txt

c:\windows\tmp\dd_vcredistUI796C.txt

c:\windows\tmp\qtsingleapp-koboex-7d5-5-lockfile

.

.

(((((((((((((((((((((((((   Files Created from 2013-06-07 to 2013-07-07  )))))))))))))))))))))))))))))))

.

.

2013-07-07 15:31 . 2013-07-07 15:31 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-07-07 15:31 . 2013-07-07 15:31 -------- d-----w- c:\users\SPB3\AppData\Local\temp

2013-07-07 15:31 . 2013-07-07 15:31 -------- d-----w- c:\users\SPB 2\AppData\Local\temp

2013-07-07 15:31 . 2013-07-07 15:31 -------- d-----w- c:\users\SPB\AppData\Local\temp

2013-07-04 15:03 . 2013-07-04 15:04 176 ----a-w- c:\windows\DeleteOnReboot.bat

2013-07-04 14:48 . 2013-07-04 14:48 -------- d-----w- c:\windows\ERUNT

2013-07-04 14:46 . 2013-07-04 14:46 -------- d-----w- C:\JRT

2013-07-04 05:28 . 2013-07-04 05:28 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi

2013-07-04 05:11 . 2013-07-04 05:11 -------- d-----w- c:\users\Midna-194\AppData\Roaming\Malwarebytes

2013-07-04 05:11 . 2013-07-04 05:11 -------- d-----w- c:\programdata\Malwarebytes

2013-07-04 05:11 . 2013-07-04 05:11 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-07-04 05:11 . 2013-04-04 17:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-07-04 05:11 . 2013-07-04 05:11 -------- d-----w- c:\users\Midna-194\AppData\Local\Programs

2013-07-04 04:08 . 2013-07-04 04:08 -------- d-----w- c:\users\Midna-194\AppData\Local\CRE

2013-07-04 04:07 . 2013-07-04 04:07 -------- d-----w- c:\program files (x86)\AviSynth 2.5

2013-07-04 02:50 . 2013-07-04 14:40 -------- d-----w- c:\users\Midna-194\AppData\Local\TSVNCache

2013-07-03 01:37 . 2013-07-03 01:37 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-06-29 03:35 . 2013-07-07 15:12 -------- d-----w- c:\users\SPB3\AppData\Local\TSVNCache

2013-06-29 03:35 . 2013-06-29 03:35 -------- d-----w- c:\users\SPB3\AppData\Roaming\Subversion

2013-06-26 00:42 . 2013-06-26 00:42 -------- d-----w- c:\users\Midna-194\AppData\Local\4A Games

2013-06-25 19:56 . 2013-06-25 19:56 -------- d-----w- c:\users\Midna-194\AppData\Roaming\TortoiseSVN

2013-06-25 19:41 . 2013-06-25 19:41 -------- d-----w- c:\users\Midna-194\AppData\Roaming\Subversion

2013-06-25 19:40 . 2013-06-25 19:40 -------- d-----w- c:\program files (x86)\Common Files\TortoiseOverlays

2013-06-25 19:40 . 2013-06-25 19:40 -------- d-----w- c:\program files\TortoiseSVN

2013-06-25 19:40 . 2013-06-25 19:40 -------- d-----w- c:\program files\Common Files\TortoiseOverlays

2013-06-24 02:30 . 2013-06-24 02:40 -------- d-----w- c:\users\Midna-194\OilRush

2013-06-22 02:10 . 2013-06-22 02:10 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-06-22 02:10 . 2013-06-22 02:10 -------- d-----w- c:\program files\iTunes

2013-06-22 02:10 . 2013-06-22 02:10 -------- d-----w- c:\program files (x86)\iTunes

2013-06-22 02:10 . 2013-06-22 02:10 -------- d-----w- c:\program files\iPod

2013-06-22 02:06 . 2013-06-22 02:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2013-06-22 02:06 . 2013-06-22 02:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2013-06-22 02:06 . 2013-06-22 02:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2013-06-22 02:06 . 2013-06-22 02:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2013-06-22 02:06 . 2013-06-22 02:06 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll

2013-06-22 02:06 . 2013-06-22 02:06 -------- d-----w- c:\program files (x86)\QuickTime

2013-06-13 16:27 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll

2013-06-13 16:27 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll

2013-06-13 16:27 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-06-13 16:27 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll

2013-06-13 16:27 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll

2013-06-13 16:26 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll

2013-06-13 16:26 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll

2013-06-13 16:26 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll

2013-06-13 16:26 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll

2013-06-13 16:26 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll

2013-06-13 16:26 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll

2013-06-13 16:26 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll

2013-06-13 16:26 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe

2013-06-13 16:26 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe

2013-06-13 16:26 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-07-03 01:37 . 2012-07-19 16:29 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll

2013-07-03 01:37 . 2011-03-12 03:57 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll

2013-06-24 02:23 . 2012-12-20 02:33 466456 ----a-w- c:\windows\system32\wrap_oal.dll

2013-06-24 02:23 . 2012-12-20 02:33 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll

2013-06-24 02:23 . 2012-12-20 02:33 122904 ----a-w- c:\windows\system32\OpenAL32.dll

2013-06-24 02:23 . 2012-12-20 02:33 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll

2013-06-13 16:28 . 2011-04-21 02:29 75825640 ----a-w- c:\windows\system32\MRT.exe

2013-06-12 08:26 . 2012-04-23 04:08 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2013-06-12 08:26 . 2011-06-08 03:07 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-11 20:46 . 2012-01-05 19:14 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2013-05-04 22:40 . 2013-05-04 22:40 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll

2013-05-04 22:40 . 2013-05-04 22:40 971680 ----a-w- c:\windows\system32\deployJava1.dll

2013-05-04 22:40 . 2013-05-04 22:40 311200 ----a-w- c:\windows\system32\javaws.exe

2013-05-04 22:40 . 2013-05-04 22:40 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-05-04 22:40 . 2013-05-04 22:40 188832 ----a-w- c:\windows\system32\javaw.exe

2013-05-04 22:40 . 2013-05-04 22:40 188320 ----a-w- c:\windows\system32\java.exe

2013-05-01 06:59 . 2013-05-01 06:59 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx

2013-05-01 06:59 . 2013-05-01 06:59 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts

2013-04-13 05:49 . 2013-06-03 05:09 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49 . 2013-06-03 05:09 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49 . 2013-06-03 05:09 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49 . 2013-06-03 05:09 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45 . 2013-06-03 05:09 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45 . 2013-06-03 05:09 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-04-12 14:45 . 2013-06-03 05:09 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-10 06:01 . 2013-06-03 05:09 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2013-04-10 06:01 . 2013-06-03 05:09 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-04-10 03:30 . 2013-06-03 05:09 3153920 ----a-w- c:\windows\system32\win32k.sys

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]

@="{C5994560-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]

@="{C5994561-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]

@="{C5994562-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]

@="{C5994563-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]

@="{C5994564-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]

@="{C5994565-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]

@="{C5994566-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]

@="{C5994567-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]

@="{C5994568-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-07-05 3077528]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2011-06-16 6276408]

"Dxtory Update Checker 2.0"="c:\program files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe" [2010-10-17 93696]

"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-11-23 393216]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]

.

c:\users\Midna-194\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Xfire.lnk - c:\program files (x86)\Xfire\xfire.exe [2006-11-28 2323024]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AVer HID Receiver.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2011-12-28 155648]

AVerQuick.lnk - c:\program files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2011-12-28 741376]

Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe -det [2010-9-28 1040952]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R3 X6va005;X6va005;c:\users\MIDNA-~1\AppData\Local\Temp\005B292.tmp;c:\users\MIDNA-~1\AppData\Local\Temp\005B292.tmp [x]

R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]

R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys;c:\windows\SYSNATIVE\DRIVERS\ahcix64s.sys [x]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1207020.003\SYMDS64.SYS [x]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1207020.003\SYMEFA64.SYS [x]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130702.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [x]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130705.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130705.001\IDSvia64.sys [x]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1207020.003\Ironx64.SYS [x]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1207020.003\SYMNETS.SYS [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]

S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]

S2 AVerRemote;AVerRemote;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [x]

S2 AVerScheduleService;AVerScheduleService;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe;c:\program files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [x]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]

S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]

S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [x]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 TRIDCap;AVerMedia service;c:\windows\system32\DRIVERS\AVerTM62_x64.sys;c:\windows\SYSNATIVE\DRIVERS\AVerTM62_x64.sys [x]

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2013-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 08:26]

.

2013-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2929451337-3149322565-4265649252-1000Core.job

- c:\users\SPB\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-11 21:29]

.

2013-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2929451337-3149322565-4265649252-1000UA.job

- c:\users\SPB\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-11 21:29]

.

2013-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2929451337-3149322565-4265649252-1001Core.job

- c:\users\Midna-194\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-11 22:00]

.

2013-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2929451337-3149322565-4265649252-1001UA.job

- c:\users\Midna-194\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-11 22:00]

.

2013-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2929451337-3149322565-4265649252-1002Core.job

- c:\users\SPB 2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-26 00:03]

.

2013-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2929451337-3149322565-4265649252-1002UA.job

- c:\users\SPB 2\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-26 00:03]

.

2013-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2929451337-3149322565-4265649252-1006Core.job

- c:\users\SPB3\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-29 00:03]

.

2013-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2929451337-3149322565-4265649252-1006UA.job

- c:\users\SPB3\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-29 00:03]

.

2013-07-06 c:\windows\Tasks\HPCeeScheduleForMidna-194.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

2013-07-01 c:\windows\Tasks\HPCeeScheduleForSPB-HP$.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

2013-06-19 c:\windows\Tasks\HPCeeScheduleForSPB3.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]

@="{C5994560-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]

@="{C5994561-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]

@="{C5994562-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]

@="{C5994563-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]

@="{C5994564-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]

@="{C5994565-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]

@="{C5994566-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]

@="{C5994567-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]

@="{C5994568-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 13:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]

.

------- Supplementary Scan -------

.


uLocal Page = c:\windows\system32\blank.htm


mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = 127.0.0.1:8118

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

FF - ProfilePath - c:\users\Midna-194\AppData\Roaming\Mozilla\Firefox\Profiles\c1sozl0e.default\

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)

BHO-{FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - c:\program files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll

Wow6432Node-HKLM-Run-Wondershare Helper Compact.exe - c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

Wow6432Node-HKLM-Run-BrowserPlugInHelper - c:\program files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)

AddRemove-Facecons - c:\program files (x86)\Facecons\uninstall.exe

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

AddRemove-{71277DC4-4217-462A-9FF4-62D7815B2C69} - c:\programdata\ADDICT-THING\uninstall.exe

AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll\" /prefetch:1"

--

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]

"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va005]

"ImagePath"="\??\c:\users\MIDNA-~1\AppData\Local\Temp\005B292.tmp"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]

"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-07-07  12:34:21

ComboFix-quarantined-files.txt  2013-07-07 15:34

.

Pre-Run: 168,760,299,520 bytes free

Post-Run: 171,469,553,664 bytes free

.

- - End Of File - - 672D9A754A32663FD4C3B5F2EF81F388

D41D8CD98F00B204E9800998ECF8427E
Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6U5ZEVT9\update[1] multiple threats

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6U5ZEVT9\update[2] multiple threats

C:\Users\Midna-194\Downloads\DownloadSetup.exe Win32/InstallMate application cleaned by deleting - quarantined

C:\Users\Midna-194\Downloads\HC2Setup (1).exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined

C:\Users\Midna-194\Downloads\installer_sony_vegas_pro.exe multiple threats cleaned by deleting - quarantined

C:\Users\SPB\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.572_0\main.js Win32/Toolbar.Perion.D application cleaned by deleting - quarantined

C:\Users\SPB\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.572_0\resources\localscript.js Win32/Toolbar.Perion.E application cleaned by deleting - quarantined

C:\Users\SPB 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.485_0\background.html Win32/Toolbar.Perion.D application cleaned by deleting - quarantined

C:\Users\SPB 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.572_0\main.js Win32/Toolbar.Perion.D application cleaned by deleting - quarantined

C:\Users\SPB 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.572_0\resources\localscript.js Win32/Toolbar.Perion.E application cleaned by deleting - quarantined

C:\Users\SPB3\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.572_0\main.js Win32/Toolbar.Perion.D application cleaned by deleting - quarantined

C:\Users\SPB3\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.572_0\resources\localscript.js Win32/Toolbar.Perion.E application cleaned by deleting - quarantined

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6U5ZEVT9\update[1] multiple threats cleaned by deleting - quarantined

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6U5ZEVT9\update[2] multiple threats cleaned by deleting - quarantined

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 5.2.2 (07.22.2013:2)

OS: Windows 7 Home Premium x64

Ran by Midna-194 on 23/07/2013 at  0:31:15.00

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Empty Folder] C:\Users\Midna-194\appdata\local\{79EAAE3C-27C5-40E4-A225-CD09BDD6BF35}

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 23/07/2013 at  0:36:21.25

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 


# AdwCleaner v2.306 - Logfile created 07/23/2013 at 00:39:53

# Updated 19/07/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Midna-194 - SPB-HP

# Boot Mode : Normal

# Running from : C:\Users\Midna-194\Downloads\AdwCleaner (2).exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

 

***** [Registry] *****

 

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71277DC4-4217-462A-9FF4-62D7815B2C69}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16496

 

[OK] Registry is clean.

 

-\\ Mozilla Firefox v21.0 (en-US)

 

File : C:\Users\SPB\AppData\Roaming\Mozilla\Firefox\Profiles\2jrczaxe.default\prefs.js

 

[OK] File is clean.

 

File : C:\Users\Midna-194\AppData\Roaming\Mozilla\Firefox\Profiles\c1sozl0e.default\prefs.js

 

[OK] File is clean.

 

File : C:\Users\SPB 2\AppData\Roaming\Mozilla\Firefox\Profiles\ywmmc8st.default\prefs.js

 

[OK] File is clean.

 

File : C:\Users\SPB3\AppData\Roaming\Mozilla\Firefox\Profiles\zm7qth54.default\prefs.js

 

Deleted : user_pref("extensions.greasemonkey.scriptvals.mat/KOC Power Tools.Options_373", "{\"includeCity\":tr[...]

Deleted : user_pref("extensions.greasemonkey.scriptvals.mat/KOC Power Tools.Options_376", "{\"includeCity\":tr[...]

 

-\\ Google Chrome v28.0.1500.72

 

File : C:\Users\SPB\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

File : C:\Users\Midna-194\AppData\Local\Google\Chrome\User Data\Default\Preferences

 


 

File : C:\Users\SPB 2\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

File : C:\Users\SPB3\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [12749 octets] - [04/07/2013 12:01:34]

AdwCleaner[s1].txt - [12575 octets] - [04/07/2013 12:03:47]

AdwCleaner[s2].txt - [3120 octets] - [23/07/2013 00:39:53]

 

########## EOF - C:\AdwCleaner[s2].txt - [3180 octets] ##########

 

Link to post
Share on other sites

Glad I could help! :)

Step 1

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Step 3

Please unisntall ESET Online Scanner .

Step 4

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.