Jump to content

Recommended Posts

I've scanned 4 times in a row now & I keep getting this 1 object that keeps getting detected and I remove it every time, but every time I scan again it shows up again, the file itself is different every time this times it has been: C\users\name\rgunas5426q3no\OuilJF.exe  C\users\name\mb5spidgd9d\mwlpGVZJo.exe  and 2 more random ones, I just can't seem to get rid of them, any idea on what this is or how to fix it?

Link to post
Share on other sites

Hello yavanda and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Hey, here are the two files as instructed.

________________________________

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 18-5-2012 16:57:10
System Uptime: 13-2-2014 23:15:56 (0 hours ago)
.
Motherboard: Foxconn |  | 2ABF
Processor: Intel® Core i7-2600 CPU @ 3.40GHz | CPU 1 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 453 GiB total, 165,423 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1,587 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: LinksysbyCisco Internet Gateway Device
Device ID: UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446\UMB\3&22208DD1&0&UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446
Manufacturer: 
Name: LinksysbyCisco Internet Gateway Device
PNP Device ID: UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446\UMB\3&22208DD1&0&UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446
Service: 
.
==== System Restore Points ===================
.
RP226: 13-2-2014 9:43:15 - Gepland controlepunt
.
==== Installed Programs ======================
.
.sol Editor 1.1.0.1
7-Zip 9.22beta
802.11n Wireless LAN Card
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Agatha Christie - Peril at End House
AuthenTec TrueAPI
AVG 2013
AVG Security Toolbar
Batman: Arkham Asylum GOTY Edition
Battle.net
Bejeweled 3
Blackhawk Striker 2
Blasterball 3
Bounce Symphony
Cake Mania
CCleaner
Chronicles of Albian
Chuzzle Deluxe
Cisco Network Magic
Counter-Strike: Global Offensive
Cradle of Rome 2
Curse Client
D3DX10
Diablo III
Dota 2
Dropbox
F.E.A.R. 3
f.lux
Farm Frenzy
FATE
Final Drive: Nitro
GeForce Experience NvStream Client Components
Google Chrome
Governor of Poker 2 Premium Edition
Hearthstone
Hewlett-Packard ACLM.NET v1.2.2.3
Hi-Rez Studios Authenticate and Update Service
HP Auto
HP Client Services
HP Customer Experience Enhancements
HP Games
HP LinkUp
HP Odometer
HP Setup
HP Setup Manager
HP SimplePass PE 2011
HP Support Assistant
HP Support Information
HP Update
HP Vision Hardware Diagnostics
Infestation Survivor Stories version 1.0
Infestation: Survivor Stories
Intel® Identity Protection Technology 1.1.2.0
Intel® Management Engine Components
Java 7 Update 45
Java Auto Updater
JavaFX 2.1.1
Jewel Quest: The Sleepless Star - Collector's Edition
Junk Mail filter update
LabelPrint
League of Legends
Left 4 Dead 2
Magic Desktop
Mah Jong Medley
Malwarebytes Anti-Malware versie 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4.5 NLD Language Pack
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Mathematics
Microsoft Office 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft XNA Framework Redistributable 4.0
Minecraft1.5.2
Mozilla Firefox 19.0 (x86 nl)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Mystery of Mortlake Mansion
Namco All-Stars: PAC-MAN
Network Magic
Norton Online Backup
NVIDIA-configuratiescherm 331.82
NVIDIA 3D Vision controllerstuurprogramma 331.82
NVIDIA 3D Vision stuurprogramma 331.82
NVIDIA GeForce Experience 1.7.1
NVIDIA Grafisch stuurprogramma 331.82
NVIDIA HD Audio-stuurprogramma 1.3.26.4
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA PhysX
NVIDIA PhysX systeemsoftware 9.13.0725
NVIDIA ShadowPlay 9.3.21
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 9.3.21
NVIDIA Update Components
NVIDIA Virtual Audio 1.2.9
Open Broadcaster Software
PDF Complete Special Edition
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PunkBuster Services
Pure Networks Platform
RaidCall
Razer Naga
Realtek High Definition Audio Driver
Recovery Manager
Remote Graphics Receiver
Rust
SHIELD Streaming
Skype™ 6.11
Slingo Supreme
Smite
StarCraft II
Taalpakket voor Microsoft .NET Framework 4.5 - NLD
TeamViewer 9
Tibia
Tibia Testserver
Tibiacast
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client
VIP Access SDK (1.0.1.4) 
Virtual Villagers 5 - New Believers
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
VLC media player 2.0.6
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (32-bit)
World of Warcraft
World of Warcraft Beta
Zuma Deluxe
.
==== End Of File ===========================
 
 
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by marco at 23:50:04 on 2014-02-13
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.31.1043.18.6125.3285 [GMT 1:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
C:\Users\marco\AppData\Local\Apps\2.0\CN01M3WW.VB3\PBG0W1YY.K3N\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\msiexec.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll
uRun: [Google Update] "C:\Users\marco\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [F.lux] "C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
uRun: [Xfire] C:\Program Files (x86)\Xfire2\Xfire.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
mRun: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exe
mRun: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Xfire] C:\Program Files (x86)\Xfire2\Xfire.exe
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
StartupFolder: C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\marco\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{D374E301-AA43-4576-807F-2805EDCEE196} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\34963736F64323230383 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\34963736F66323331373 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\C696E6B6379737 : DHCPNameServer = 192.168.1.1 212.54.40.25 212.54.35.25
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\marco\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\marco\AppData\Roaming\raidcall\plugins\nprcplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-16 46368]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-8-2 8704]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-13 15125280]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-3-5 1128952]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-5 2656280]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-1-8 1771544]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-3-5 1360960]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-26 39200]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-5 471144]
R3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2010-12-16 126464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-11-1 91352]
S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2012-3-5 31152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-19 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
.
=============== Created Last 30 ================
.
2014-02-13 21:53:46 -------- d-----w- C:\Users\marco\AppData\Local\{DB49F776-F693-46BF-929E-7354F74FA31F}
2014-02-13 21:12:27 -------- d-sh--r- C:\Users\marco\mb5spidgd9d
2014-02-13 21:11:55 -------- d-----w- C:\Users\marco\AppData\Local\{7866CC77-4CC2-4E49-A915-0181EFBFC3D9}
2014-02-13 08:12:08 -------- d-sh--w- C:\Users\marco\i15Z28qV
2014-02-13 08:11:45 -------- d-----w- C:\Users\marco\AppData\Local\{3E8F3572-06C3-446B-91C6-FE783D99F276}
2014-02-12 18:34:31 -------- d-----w- C:\Users\marco\InterruptBar
2014-02-12 07:36:11 -------- d-sh--r- C:\Users\marco\rgunas5426q3no
2014-02-12 07:36:05 -------- d-----w- C:\Users\marco\AppData\Local\{910DD5AB-D0DA-4883-877E-0C0FD559319B}
2014-02-10 21:55:53 3792 ----a-w- C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs
2014-02-10 21:55:53 -------- d-sh--r- C:\Users\marco\7p5wnh6sb9sq15
2014-02-10 10:37:41 -------- d-----w- C:\Users\marco\AppData\Local\{D342A0EE-9A3F-4ABA-8303-DB370F1CD810}
2014-02-09 09:00:15 -------- d-----w- C:\Users\marco\AppData\Local\{66DC7654-786F-4F05-8164-AEBC02A0943C}
2014-02-08 08:40:14 -------- d-----w- C:\Users\marco\AppData\Local\{CD9B9FF4-95D4-4FE7-95B4-A41C21A9E12C}
2014-02-07 08:13:20 -------- d-----w- C:\Users\marco\AppData\Local\{FCA331F4-8A47-45DC-A9DD-647B485DC461}
2014-02-06 07:48:03 -------- d-----w- C:\Users\marco\AppData\Local\{7F941768-63D6-49E1-9908-DB3C29DF4714}
2014-02-05 21:02:34 -------- d-----w- C:\Users\marco\AppData\Roaming\Xfire
2014-02-05 21:02:22 -------- d-----w- C:\ProgramData\Xfire
2014-02-04 10:27:38 -------- d-----w- C:\Users\marco\AppData\Local\{51FD153F-2573-469D-BEB6-C1225465C389}
2014-02-02 10:01:21 -------- d-----w- C:\Users\marco\AppData\Local\{EDAC6342-DE19-43CD-B4DF-D34A188E653C}
2014-02-01 09:51:27 -------- d-----w- C:\Users\marco\AppData\Local\{B898A6AD-107B-4A83-B8C7-8D3BE6B2DCA6}
2014-01-31 07:38:02 -------- d-----w- C:\Users\marco\AppData\Local\{F7061CB1-8317-457C-994A-8BD9349507F3}
2014-01-30 08:36:14 -------- d-----w- C:\Users\marco\AppData\Local\{3E56836B-856F-4A3C-8E49-66594C4854D0}
2014-01-29 23:28:53 -------- d-----w- C:\Windows\Migration
2014-01-29 08:02:26 -------- d-----w- C:\Users\marco\AppData\Local\{4C95D157-2E6A-4EEF-ACAE-C369553BF592}
2014-01-28 09:13:41 -------- d-----w- C:\Users\marco\AppData\Local\{3F6BC5A3-2D7D-4269-A46B-43129BBC2BBF}
2014-01-27 08:25:35 -------- d-----w- C:\Users\marco\AppData\Local\{5FBA23E3-0222-45A4-A078-119914705A9F}
2014-01-26 10:08:27 -------- d-----w- C:\Users\marco\AppData\Local\{92735383-7EED-45EA-BF69-9315776C127F}
2014-01-24 09:21:07 -------- d-----w- C:\Users\marco\AppData\Local\{416AE915-EFBE-42F1-A1E5-A173751B6A21}
2014-01-23 08:11:29 -------- d-----w- C:\Users\marco\AppData\Local\{0B188194-4A6A-4F66-812D-97448484836B}
2014-01-22 05:31:44 -------- d-----w- C:\Users\marco\AppData\Local\{C03C7430-8F24-4A6F-A519-26EF0E2E7315}
2014-01-21 10:42:36 -------- d-----w- C:\Users\marco\AppData\Local\{11D66729-3AC1-47EA-8DC6-F630B7FEF33B}
2014-01-19 22:53:42 -------- d-----w- C:\Program Files (x86)\Whorecraft
2014-01-19 09:49:33 -------- d-----w- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-19 09:35:49 -------- d-----w- C:\Users\marco\AppData\Local\{4E138510-502C-4C34-B6F9-0189B7A87233}
2014-01-18 09:44:44 -------- d-----w- C:\Users\marco\AppData\Local\{779DF3D5-BF37-438D-A0DC-F58639BB9437}
2014-01-17 08:02:09 -------- d-----w- C:\Users\marco\AppData\Local\{0A97F898-94D4-4545-8A9C-20B3D40CA4B8}
2014-01-16 08:07:46 -------- d-----w- C:\Users\marco\AppData\Local\{24BB34E0-9E0F-40FE-9B0C-27AE33F1CCB1}
2014-01-15 17:10:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-15 17:10:10 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 17:10:10 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-15 17:10:10 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-15 17:10:10 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-15 17:10:10 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-15 17:10:10 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 17:10:10 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-15 17:10:09 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-15 08:13:43 -------- d-----w- C:\Users\marco\AppData\Local\{91FB6627-66D7-477D-8971-287249ADF53D}
.
==================== Find3M  ====================
.
2014-02-05 19:11:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-05 19:11:10 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-31 13:56:56 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-12-31 13:56:56 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-12-30 19:45:34 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-11-30 14:34:05 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-25 00:48:36 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
.
============= FINISH: 23:50:14,86 ===============
 
Link to post
Share on other sites

Step 1

Please uninstall this program: AVG Security Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

Hey, thanks for doing this. I can't seem to get the malwarebytes report in english  :( Please let me know if I have to do something else or if it's fixed.

 

JRT File:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by marco on vr 14-02-2014 at  9:04:39,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2849859
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B78C4B0A-E785-4EA4-9192-6AFFE321D66F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B78C4B0A-E785-4EA4-9192-6AFFE321D66F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\starapp"
Successfully deleted: [Folder] "C:\Users\marco\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\marco\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\marco\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Users\marco\AppData\Roaming\microsoft\windows\start menu\programs\torntv.com"
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0168ED89-0F32-4A86-949B-D206739A5DB6}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{01F4479F-811F-4589-863D-6E8FF0E4946E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{028A025D-D510-432B-B747-7FED2EBAB729}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{034ABE32-85DE-417A-A0B2-0E0A234E504B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{034F9C53-BA90-46FC-BE9A-9FB86CD2A37A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{036E398E-1836-43C6-B075-400EB6982730}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{04558663-13BD-49E8-9870-7E667D21E63E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{045FACA2-5EB7-466C-92CE-9395BA8C3D7E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0467ABC7-75DE-46D0-844E-FDC8DE9A88BC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{04A56839-6B17-4123-AF21-BEDF580FE173}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{05075AF1-E237-48FD-B026-6132CAA16AE1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{052856B8-B87F-4F37-BA1A-F68F8527AE51}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{05773005-0E26-46CE-9412-CBFBAAFEB30E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{06116EF7-A547-4363-B903-65A41A35D1E1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{06CC1607-C990-4D20-BB0C-29156F45B4EE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{070B75DA-62E6-478C-975B-F2DCD70C2AB1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0794CCE8-0539-46FC-9512-CC4D06A4DCED}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{07CF29D3-9DC2-4948-A507-E8E0CCAEB0D0}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{07FC106B-998F-4B4B-8BA0-E91ACE28AEC7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{08073112-2F94-4D5A-8AB8-8D0190632F03}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{08B26D9C-9B25-4444-B303-A9438FA36C54}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{091DCF95-A41D-41E4-8D28-F6850790EAA1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0A97F898-94D4-4545-8A9C-20B3D40CA4B8}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0B188194-4A6A-4F66-812D-97448484836B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0B9AB694-9EE6-45BB-AEA0-1CFB434A91FA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0D539074-FDCB-4FFB-8741-33B856DE4073}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0DA2F0B8-FA31-4B4A-B6A5-C7510D88C7A5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0DD78B1F-DC9E-44E0-B3F4-AE29A07D2839}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0EB54405-D995-40FC-A21C-C71C61FD7101}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0F0F8756-938A-409E-8595-6EF334A341D5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1069DA9B-DA06-4DA0-8EE9-E40EA86401DE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1136C80E-11EB-4B8B-8899-65524B2F4085}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{11B7077A-9DAA-46B5-A615-59AD5A194B74}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{11D66729-3AC1-47EA-8DC6-F630B7FEF33B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{11E8C381-3525-40CF-8385-F427A2E3EFE7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{12250EC6-729B-451E-A770-921AC992F5C1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{123A18D1-81D3-4D45-8950-1425642CDBEC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1289DF11-6744-46FD-8F14-2B859C5CC1DA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{135FDBC4-2389-4DDC-867B-5DA3377C8B94}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{143FD7D0-A518-4CBC-91EB-BF5A69CEE5C5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{15105D27-80A9-4972-A317-BDBD596E20AB}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{15BC902D-CD8B-4191-BE5F-EE9C8048AAC3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{16154953-8657-4CF7-8F17-FEA4B186CC67}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{166A05E1-80C9-4B50-84F2-B18573E56A44}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1687DAF9-BCB8-4236-9C33-394339302992}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{16AA756F-B07B-4B8A-A408-50E84F2AB7B2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{170704A0-040D-478E-B0F1-11F5962609CE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{17BEAE8F-8336-4464-9195-013D262651F1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1838BA0E-0C34-4016-B403-EB5C40677827}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{190A4D5D-CE97-4601-985C-9CA2EF512B1A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{19445B32-C064-4E1D-93FE-B92B7018A7DA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{19F70208-0CF1-4468-B403-D60FAFA3E000}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1A08DACD-14C4-47A9-9350-05C754428710}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1A565170-7B71-4396-93B4-807DEEC8EA5E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1A6DED66-47EA-4CAA-8988-42D66B0072FC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1A926A02-D364-4E12-9164-4B0D1231A819}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1AC1032F-9CF7-43D8-BA25-75B21B0B1190}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1B528BEB-550C-402E-8314-94C5693D6E62}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1B892925-B4ED-45AF-B56F-E09A6DE62AB1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1C5FD571-C91D-4CDE-8E60-3EADBF70C1D5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1C69F2E5-06DD-4716-95E1-DE9BB71B24D4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1D0BB69A-ED7B-4668-9BB8-157D0AC112A1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1D23495E-746C-46EA-B5B7-ADA1C6417BE1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1DAC144E-2814-47F4-B1AD-93790BAB83D1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1EBDD186-158C-4524-9439-B74653A2B6C9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1ED27493-4412-4547-AA98-9F6D8E38F761}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1EF569ED-3BEB-415E-B127-C311971631F3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1F6DFC8D-CC8E-44FD-9712-46202D3E3BD2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1F7B559E-91DE-4C9C-9B77-22D9E1FD2083}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{204F2AD9-829F-4852-8EC1-C94D1A086B2F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{207304AE-C97B-4CF0-BB79-C1ED2C8F958B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{20A215B1-2A7E-4993-A20E-935EDDB216D4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{20FF92B8-59D0-49C5-B3C6-67578BA7299B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2242DEF8-8AED-4593-A2D3-21F0E58FEA8F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{226CFEE8-821C-4E01-BB54-A10A8D277C81}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2308AD8A-CD98-4DF2-BF13-8C25A97B3642}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2312FFA4-DF7A-4449-8DF7-C2A1153E381E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{24040F0C-AE5A-4F7F-9FB8-02A60CA5B8A4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{24807665-59B7-4D4D-86CE-17D6F1CC65CF}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{24BB34E0-9E0F-40FE-9B0C-27AE33F1CCB1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{25DD6174-97AC-4046-8DE8-26025F010151}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{262DCD68-67AB-4FBE-A0D0-DE83E7EAF74E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{26E80923-63E1-4B88-BD8C-AF7E290478EA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{27CC90D9-1B32-42A5-BBDF-BCB4A24D52A5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2861A4DA-7D4B-41A5-A825-6AAA52A511AA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{286B86FF-69E3-42DA-8925-9C6AFA3DD9DC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2891CD6A-5C80-43E2-B17A-6706DC5FC43E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{291E78BD-6E13-45A7-BFB1-E0E56345A3D1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2A2D2CD8-6911-4687-860A-26B69DB22BEC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2A9361E3-3F4C-42E9-BB72-AB67C0B03DFE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2ABFB3A1-6ED1-45B2-A8FA-222543BDC4BF}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2B092C2A-DE52-4AA7-8153-9392F559FBBB}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2BCB8702-8200-453C-8106-180737833E30}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2C2E61A0-4D52-409D-B4D2-2DBEDD3EAE59}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2D146820-FA09-4D38-A198-852AEEEB22ED}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2D19C48D-0F60-4931-B8B5-1AE0EC7ECFA4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2D29641E-FA33-4097-A162-F151756A8F16}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2D6B097E-8E3E-41BF-80E2-E7BE4727FB5C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2E2B2076-AF63-4892-8AD9-120C4E474752}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2E84F8C2-BBFD-4035-B7EF-4AA85DB3697E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2F874BEC-1D4C-40BB-B5A0-8565019F0D7B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2FD61910-78EE-4D41-9B68-718904DC72DA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{30EFFC50-AA09-4DD6-A524-BE3ED299E90B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{311D7C1C-A972-40D5-BFEC-D5D7CEAE3DFC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{32191D57-8A68-4943-9EDD-ACD5B2BD07F7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{328E8979-69D0-4C44-AEE3-DF6B0E21D44A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{329EB1FA-7823-4718-BDB3-35332E3D5AA7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{32A68220-4F94-447E-924D-876A447A9834}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3447CD8B-368D-42C8-9746-2CDCFB1E0B93}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{35135B3E-BEE2-4503-9A78-6F74FD65CB20}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3548F6F4-461C-4FDE-96B7-0643E0857AF3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{35D63C96-EE86-4B51-A442-5DE25D84F62D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{36326632-2198-4DC5-BF0A-E1E24FA4B87E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3879715E-E4F5-43A0-894A-54B364AC3E35}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{390E7C65-B473-49D2-8840-DE54BA240ABC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{392F5AC1-B36E-4BB3-96E1-D2CDEC789C4D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3932DC26-5E9D-4908-8A43-7A65499984DB}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{394505BF-6C2B-4DAE-A985-E2A26DD23981}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{39B4738F-EC3F-42C7-9016-6C977F91B9C9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3AAF8693-ACA5-4AED-87BD-9F76F11B7F2D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3B192D36-7BE9-4A96-9DB5-D3414C44728D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3B85FD4E-07FF-423A-B1A7-1727E4066C64}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3B92F7BD-D69A-41A8-A988-3C8CE3878B4A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3B955F92-0653-4C68-A045-CF647D0DC8EF}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3D076B3C-5AAE-4992-B00B-91AA9A6184A8}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3D0899AF-618C-4181-A912-772C228E80DD}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3D686FFC-4079-41B6-B68E-523B7D4DCC7B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3DBA192A-7A4D-4AE3-B816-DA5D95787BA7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3E56836B-856F-4A3C-8E49-66594C4854D0}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3E8F26D1-F4C9-4C44-9C3D-248983A845B1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3E8F3572-06C3-446B-91C6-FE783D99F276}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3EFE5405-8048-41DB-AAEB-6918A79EBDB8}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3F4DB86C-0D62-4F69-BBAA-CB83592307F3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3F6BC5A3-2D7D-4269-A46B-43129BBC2BBF}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4072AED1-273E-4FCD-A364-D936BDF54E32}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4075529D-67DF-4003-89D8-98E08926219C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{40A6290A-4B2A-42FE-A144-089BB620324C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{416AE915-EFBE-42F1-A1E5-A173751B6A21}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{41E4F178-9473-4AD1-B26A-7AA8A4F40E99}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4269A4F7-4D89-4BA3-9D71-927AAA6C5A0D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4297EFDD-276B-47BD-ACA5-737501633260}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4312440C-E476-432D-8165-AAC391070F01}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{43408E8C-2543-4AFB-9EDA-2652A065B849}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{43528C38-7304-4D12-BC68-4A21D3F107EA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{439D50D7-96ED-4A2D-B50B-1E57F20795F0}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{44350D98-3BAF-42BC-BD1A-CD437B602B16}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{44ED0BF3-20BC-4854-A0CF-775AA92C5EBE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{45825934-B1A0-4934-944C-1E63A3C15908}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{45FD6650-0B59-45DB-8585-037534759AA2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{473186D5-5BBD-4EBA-AE5A-95D8A1931FEC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{473188FC-64F5-4945-A46E-BECC92BCA830}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4767BD98-5A3C-4797-9FE9-8DC710D4523E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{47C6E8B3-2491-4C71-8631-389EC8BA9D91}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{48097D25-A8CE-4A53-9739-2613AD9A1071}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{48D5DB65-F0CE-409E-A8B7-99C9497C904D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{490AA95F-06F6-4E57-9161-95737A4CD053}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4A18E9C1-08A5-4986-9F88-0E4CDDCE8968}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4A18FA09-7BFE-4B61-A6D7-F1EC7EE107CA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4BB855FB-C839-4A5F-998D-FBBADA2561F7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4BECD881-10B6-452A-97FF-71C5407148AD}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4C95D157-2E6A-4EEF-ACAE-C369553BF592}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4CAE4CBB-C097-4216-8F0A-A6D568B6A444}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4CDCFC45-CC37-4091-805B-754FC7A8FDEE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4CEB682D-A581-45E6-86B5-DFF80B75A7AD}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4DF66E14-D4AD-4689-936B-C55127A18718}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4E138510-502C-4C34-B6F9-0189B7A87233}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4EDC235C-32DC-41FE-A188-65C2A2A780F2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4F215C3E-0779-4B65-93A3-540737FF0239}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4F65756A-B084-4D52-B7B0-0D9B53073B41}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4F7A13C2-C7D7-4942-8582-D46DFDDB8AC3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4FC5B25D-C728-4F32-A76C-76883EA15464}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{50135C2F-7EAD-44A9-AB78-6455803B9E20}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5102BA90-CAB6-4B5C-8AA5-507C50880690}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{51FD153F-2573-469D-BEB6-C1225465C389}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{524BD4B7-E92D-49C5-9335-562FEACC0D28}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{527967DA-7B57-4688-B6CE-00C63D2C5E07}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{527AD47C-9B98-48BF-92D1-E513A78DD192}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{52E0584A-ECA0-4F70-9F89-6A516EFA9D2A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{53465CB2-7530-44B4-9912-7A9F4CD78F6A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{538A3EBA-2817-427D-A558-E04E537F4C67}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{53EF4DE6-D034-4F31-9326-97784F0DDB64}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{54028028-6D6C-4E0F-B7E1-9F548CF95BBB}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{542B800E-9D8E-4C90-83E3-C7E18D864E1B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5480DCB7-DB8A-4A77-928E-923501CC90FA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{54A67039-FBCC-4809-839A-5BD8D3F18FC9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{54B7896C-52C5-44EB-8DD5-B57DA1CE7AE3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{552EB689-E879-41EF-B311-CABC53E062EF}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{554E2DDC-C2EF-49A2-88B6-17583738CF6B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{55CD26CA-0233-4B34-BF22-6A48A77C1859}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{56155801-74EC-4537-B636-BADB93B95289}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{564F5865-EC98-416D-8B32-4B4FE7A39E31}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{56ADB0F6-11B7-4E5E-8D4E-C485FA11E3DD}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{56B81E55-FCA1-441A-8C1F-2716B133A0B7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5793224A-A096-4041-B670-9C634399BAEC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{57DFE24B-D16A-4C4F-AD89-884D0C0D226F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{59162928-982C-4331-9DAA-0076AA3D953E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5A5E834F-7374-4091-87B0-F7E1D8BDCCE5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5B16928D-9CE2-4527-86A1-6B0993C3FFC6}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5B512C4A-5840-4353-9455-510A0600C3EC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5BA5B26B-0834-40A8-BEE4-293A71FC7520}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5BD7E1E6-F4D8-4081-A9FA-D6B3D6207D87}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5C25AC3B-3776-4D3F-834B-B8E221E52439}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5C64C54F-11DC-4317-A232-6A4373616443}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5D739C3F-D3DD-4E88-B11C-0A4FDA709BD0}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5E01A22F-4650-4737-A679-1019C546381E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5E455F29-D296-4971-80C9-03835F5A3AAA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5F373B06-4EA2-4467-BA27-21565A90CBF2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5F601E33-CD11-4AB9-9F5D-B12DB8484D08}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5FBA23E3-0222-45A4-A078-119914705A9F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5FEE52C5-3D68-4616-9556-D2507BF493A1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6002B7AE-9B43-4F32-8406-2468B8EBB64B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6051FAB1-B58D-4924-8791-253DFA9B5102}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{612801CB-7055-452C-B439-8BFFEF410938}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{61D59318-1230-4494-BE9D-34F44A4A8A6C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{620D5614-27AC-489B-92E6-934ED6CDAF51}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6345A201-7A19-4771-B45C-CBCC448937A9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6369D100-2600-4D89-9CA3-65E59552FB6D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{653AA858-D2C4-46AB-B5F4-A42F3AA6B168}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{65520744-4749-4135-BA78-206CD2FE0270}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{65C27005-AD84-4EC5-A594-A5E7C056277A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{66DC7654-786F-4F05-8164-AEBC02A0943C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{68192D1D-26A5-4EA2-8933-DDD345CAC201}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{68C75517-3E74-4484-AFA0-1ED1BB5181AF}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{69E2ACC7-652C-4310-8ADC-123D72224C31}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6A3D627D-18FB-4201-9BA8-7E1A9B3BF558}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6AC231A1-6262-42FD-98FC-8ECEA1AF3FD7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6AC45B09-F831-4DCE-88E2-4ED9CE90EBA9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6ADF493A-E8B5-4007-90DE-8EB8E463548F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6B55A484-DABB-411D-B947-978EE1415A91}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6B97FDF3-7F4F-4461-9F0B-6CDF98CD7F54}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6BB696F2-9D83-42CF-BCD4-CF0761B33E8C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6CE09FC8-BCE4-485D-BB5E-8C56F38671F8}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6D488A6D-B221-4275-97E6-B8F1CDE51F49}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6D885E00-D564-4431-BEF2-EBDE6786CD94}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6E3B822C-3712-4678-B08A-D79BB647AABA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6EA4A559-63D7-4B6E-B7DB-496EE87D1F93}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6EBEC7BB-46C2-454A-9A26-CACA569A89C6}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{703A5989-194B-4DFD-9205-82559AEA01B9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{71C94892-A05C-4370-A73B-15768DE1E1FF}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{72474F2A-4071-4384-812A-3D385C0494FA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7307DB89-30A4-4275-AD7D-36760EAA3A3D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{739301C8-8754-40C0-AB27-05608CCADA16}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{740804C9-9129-43C4-B66B-6B5148E54919}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{74301211-4D3D-4AD2-83CE-900DAAD67EE2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{761EE25B-AB57-4610-85A6-063A11A0E274}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{770DDBE2-7B48-4ECA-A945-6DE9EBC99711}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7713FFF3-D181-4F73-A7C1-38E763246E8E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7714A526-D623-4E07-B95C-FCA8D2719E58}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{779DF3D5-BF37-438D-A0DC-F58639BB9437}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{77C1A246-65EB-45F2-9535-D59F9FD30B64}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{77EEFC7F-FC5C-4C14-9A9B-DBF3F7A1C624}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{78026E31-29DD-4857-A3FB-DE49C41FBA7D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{781E6FD7-B0F8-4976-A9B5-8414D9354A28}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7866CC77-4CC2-4E49-A915-0181EFBFC3D9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7946C78C-9074-48EE-A456-34978179A8B9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{79EED0A2-2E81-4459-88D7-D65803FFA62F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7A0936F3-AB4A-4330-B750-11ECAF1DDDD7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7AD0197A-C740-4849-AF6D-8703AC6F81C0}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7B200219-D690-4F6F-B1E7-A995F255AF8C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7B2DA997-02B0-43A5-8D93-CA7921F4B597}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7B98E59E-6B64-4F8A-9FC4-3D6E7261555C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7CE12689-E1EB-4D74-ADAF-D324F31CD21D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7D86012D-B865-48B3-8361-C76BA9DB8C79}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7DEA93E6-2510-43FC-8DD5-7E5AB1559301}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7DF6443D-CC16-4F74-86B0-A9769CD752D5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7E92221F-70FB-44DC-B45D-3588C72797EE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7EA38C4F-B132-41B3-9D7C-C27B90952B28}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7EC5CF29-B9FB-40C0-B869-CBB5B985E1C8}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7ECB9EEF-0393-4118-BD9F-B81549D74156}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7F941768-63D6-49E1-9908-DB3C29DF4714}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8034906B-576E-4BF5-AE23-B28F6FE89741}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{82873D5F-E36A-4A4E-9DE9-04EFAC590147}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{82F0FA9D-7CA0-4BAB-A873-A6721B6EC907}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{830CCE1E-C1D4-47B8-8C08-866E040F9C69}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{843AAB89-009F-49D5-9FBE-0883B58D0009}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{84C304AE-34B5-4A96-A16A-98D0AB2EB9CC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8531BA0C-5A93-4291-A32B-A293FFD0C575}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8560C3DF-5429-4133-87D5-D4A12E69264D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{85BF0E41-8D67-413A-9979-447FBEBFA331}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8743854F-E3E9-4A13-9A95-0ECA3EC85A38}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{879FB09C-F886-41BA-B6AF-7853856D29F3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8875CE8E-84A1-4AB2-B2A3-55E48C4960EA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{88BD16E4-AD15-4724-959F-957A029EDF9F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8977A760-772A-411E-A326-AECAFD93FDC8}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{89C61E82-4928-40BE-A02B-7645769AC58C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8AD323F1-3C30-45DB-BE2A-963D0793DDC6}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8B0EFAD7-9166-4941-A37D-F6A78B1B9C98}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8B12D448-6B1D-45C8-AA11-268EE92F673A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8B8871E0-62D2-41BA-B2D2-210297A61CC2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8BDB8714-B292-440F-A131-A7ED276CEC4B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8BE6DBE9-831E-4703-9B7A-88E05705A502}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8BE959C9-FF67-4254-9240-4BA7A9522F38}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8C77CF64-594D-4290-B35C-1D21D3C06AFC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8CDE3616-B357-40A7-80C8-7449C2A34A7E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8D1FE586-A879-4734-A941-A453A01D5CC2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8D30D6CC-4227-4B42-B057-2A0674129A1A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8D678CD4-74AD-44E7-B1C4-69EC05AF5C7F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8DBE1A41-8BD4-45EA-AC67-A03F380CAFC7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8DF627E7-D1DC-4426-87A6-7ED747225A80}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8F26F2F8-DFBD-4847-AF96-3AB8BC901C22}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8F87E6B5-DE13-4282-BE58-05DED4D56191}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8FA8F8F8-18AC-4940-8CD9-CB7AAC1DF1A5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8FAE22C0-0DAF-4E66-B14E-5A3BE8DF3774}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{90163EDA-BCDF-407D-B11E-197B6452EA77}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9069E3E7-39AC-426D-AE3F-E573856A8963}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{910DD5AB-D0DA-4883-877E-0C0FD559319B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{911C09D5-4800-4D96-82FE-F143E1D44820}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{91682C19-9A43-4CE5-80B8-692DA58B89FD}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9187FD61-2BFA-4890-9374-558771197304}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{91A7EEAD-4226-461D-A3FF-E3B3770C45E1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{91FB6627-66D7-477D-8971-287249ADF53D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{92039DA5-BDB4-46BA-B199-43C44E0289D6}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{921C6885-861A-490B-976A-6108119D5BD6}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{92735383-7EED-45EA-BF69-9315776C127F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{930BB488-62AF-48EA-9849-468B8CD1BCB2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{949790D3-A094-4052-917F-71CB6D534D24}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{94F0BC94-E066-426C-8E5E-28C09F4CF5E0}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{950EB431-D8B6-4126-866C-7C6F216DBAD3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{95865239-79C4-4492-A606-F0EA610948B3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{95CA761C-F79C-4A8E-8349-8561A9BC2F01}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{969578C3-5849-4599-AD07-49B5FEAEF475}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{97BF9758-57F4-43B7-88D9-5AE01A681476}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{97EA380F-A4BF-4D3F-990F-D92917F2C400}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{97F42517-5C08-46EA-88D8-DAFC89BA0175}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{986F8BB5-F20A-4429-ACA3-14A340CA14DC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{98F14A90-DEA4-46DC-B1D1-FDD59E5EFF32}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{992172D3-D04B-4869-A69B-097035942CA2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9998356D-CF82-4D27-ACD3-3FAA5096E14D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9AAA81E7-04E9-42B3-B51A-EBD207803765}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9B11DB65-27E5-4B02-A3D8-10676302E872}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9B7A099B-B9B0-4B1D-8942-F9F5BA655155}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9B9AA963-A290-4D9B-A651-CB2BB5D0DDC7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9C41DA73-723D-46E2-8AAF-E57B292BCB2E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9C68F973-C78D-490C-9903-01E8161260FB}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9C6F90BE-4CB2-43E9-BE72-5DEDB141D2F1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9CC8676A-A05E-45A5-A3F0-A69CB00FF5BA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9D1DC43B-7D4F-4FCC-9B5E-3FBCF2401F4A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9DCD1BB6-4535-49B2-9B02-332F96426C60}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9EA991D5-0945-4F46-B70B-1EC24283708C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9EBB5F5B-84E1-4335-86D8-4965A81E9CA4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9F01BE6A-77F8-42C3-B4DF-1457A6E01046}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9F3885C6-BD41-439F-997C-32A4116A543F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9FFDAAB2-4E2C-40F6-BC51-43ACB1DB267D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A098F4C7-1BBF-4D0C-8E5E-CFD1AC63CE84}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A0CA651F-EF09-4348-9532-3F5B1AD61606}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A1B89C0C-FB59-4222-A2D8-80FA50F55799}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A20DB787-938E-459E-AC23-E04BA95E0325}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A304BBEC-71BE-4856-971F-D1758347AF83}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A39A6D0D-715E-4219-B2A3-B4C910017A5A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A447536F-A7BC-4FB9-8BB1-38FCCBB5E8F5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A44B6CB8-ADD3-4488-BBEB-BF113717F186}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A48B1218-6FCB-41A8-B9CA-C4687D04CCEB}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A50BF7F2-06BD-4E4B-80E5-800BA75C8F85}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A577FEBA-4B9A-4A96-B83A-76D6D190DB7A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A5C553B3-947B-4C03-B769-913083C672FF}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A6292075-FFD6-4726-9FC1-4270D70D757D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A687CAB2-7508-44FA-BB8A-58FC7DBF3FB4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A73D058A-5684-435E-AE7B-05FE07C37A35}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A7552C1B-A285-4278-ACFC-19B0DDEC0D68}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A90C877D-7907-4767-B801-1EC3B919D280}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A9203122-615D-4B8C-AA8B-5A02E606CE00}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A928CF80-8207-432D-B686-2BCAB80AF830}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A976E9A4-4CF8-491B-9225-675A1529188F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A9B49AEB-734A-492D-9A62-D05063828F0D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AA0856E4-3EA9-4738-BC01-6022489FB2BE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AAA0D4B1-5893-4D82-A933-6D13B0BA388C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AB6B7898-A799-4B41-8ADD-77276DEFCA6E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AC06AA7C-D5D9-4260-97DB-45BEE5E42DE0}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AC170AA3-3B35-4134-B784-65D2F4F30A7F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AD548E3B-5344-452C-AC9C-C5BAD6C394B4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AF3497A6-F395-4259-B35B-F84623F677E9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AFA96AEE-1832-47D7-A8ED-9E770043331B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B05147A6-FD81-4F06-8771-EBDCC0C1419E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B0722AB1-F0AA-4F31-AB65-30A9F235A6CE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B0E83D63-DEB1-4BF6-A3EF-B899715DD39F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B20A1F26-98D1-4A2A-81F7-3E7B1BAE6EF5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B2EDE650-8BF1-4F37-92E6-54F78C074078}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B3069C63-B92B-42C5-9F7A-1E96365E774C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B332B9BD-9869-4424-A71C-2AC48FB8E675}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B3383EA8-95DF-4B9B-8E81-0FCCBCFD9D28}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B3EBAE89-7516-460B-847A-ED31C7F3FDBF}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B4640688-E050-4BCA-90C9-C5748CEAB49C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B688A1DA-82F2-4D40-95E1-3BCC689CA4F4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B72A43BB-6CC5-4DC6-8471-661FB420C588}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B7D8037F-BE29-456A-B76F-488D749A7C09}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B898A6AD-107B-4A83-B8C7-8D3BE6B2DCA6}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B8DB0D34-E8CC-44BC-89C0-B60EE06A5B2C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B8E9BB7B-C267-41B1-BFA6-02EA2586177E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B8F4F83E-0FB0-4859-AC0B-32CC9B60570B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B970C087-2E96-4C7C-AA76-735867E5D72D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B9812C8F-7E07-4917-AEDE-91F9B39AEB80}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B98D700E-EAF9-45E3-873A-1D56713B40E4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BA8A8F1E-3A94-4BCD-B20A-A54DA8D8C32C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BAA1EC56-FBED-4378-A435-393B4BC129ED}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BAF14959-8267-4D01-9CDB-702EEC3B7D95}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BB4E706B-48A3-450B-B08C-2260981F24EF}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BB6E90A5-6BB3-4F7A-B91F-13624DF58A89}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BC7FBF97-8A2C-4363-8D31-D263E4079028}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BCD3964E-7C2D-4DFC-8679-FE49AFE1CCEE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BD347381-4093-4074-8810-1897D0D4E391}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BDD59FBB-B132-4E2B-94F2-B8DE4FB08A5E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BDE9FF7C-20F9-45E9-9E68-5B480996DF65}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BE36BA7A-F317-4AC0-8701-7D5DD9C03FCE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BE40BE89-3ACF-466E-B3DC-6C43A545BF58}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BFBBD177-09A1-4F94-BB78-9FFB8C366844}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C03C7430-8F24-4A6F-A519-26EF0E2E7315}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C078397E-DA04-41B9-957C-1FC196AAFA99}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C0C34590-EAE0-4A7B-A663-D514F90F1A36}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C1367DC9-4A91-45F0-A2A7-9CC93D115EF8}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C1EE5942-F6D4-40E5-B7C6-CD03301E2E56}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C2E7EB83-E49A-400A-B396-00AD7D54F8E8}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C33C93C7-6DD8-41D1-A589-5C08C8581CCB}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C345F1A6-A609-43B6-AB7C-7321BB838A79}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C3E4A3D2-DC52-4D94-AB6E-D668905F50AE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C3F22787-86B6-4327-A808-6708B387D252}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C6991EC9-A6EF-4D85-92C9-9A6D69680581}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C6D97226-9BD1-4F4A-91AB-37A3F1B7B4AE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C7328D94-3A6C-4B24-AFAC-F35EE265CB1C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C7B9B3E8-027E-4AF6-9CC8-6ED37BE5A588}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C9E65FBB-3153-4750-8B43-54DA4020FF42}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CA316D46-7D62-4CE5-821B-52B6BA16956B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CAB1104C-4BE6-4848-BD8E-3E21EA90351F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CB25CBE6-7F0A-47F7-AA45-FAC53E443985}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CC065D0C-F9D1-468B-8FB4-BA1E405BA441}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CD131D27-E19C-4B8B-ADC6-25C8C88B4331}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CD2AC21C-1213-4B5B-9001-19C762C7A68B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CD7FE58E-270A-4216-AC74-44AAF1963CF4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CD85447C-0BDE-4142-958A-30494EE82AE7}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CD9B9FF4-95D4-4FE7-95B4-A41C21A9E12C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CDB95A1B-1204-4CED-8FB8-8E142CAFCEC4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CDC594FA-3CEA-4818-88D4-BE9ADC0FDA63}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CE1478F5-655E-4D02-835D-9CFB850B30EB}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CED3ACC0-F8DA-4985-B7F1-AB1DB0C72393}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CFBEF9F6-89B5-4D5F-A13A-A800025E7708}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D02E78E7-14FC-4E40-A4E8-FD1B4C9B2A25}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D0B40775-54EF-41CF-BEF5-41C186488940}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D124F0A2-4B24-4355-973A-A8E3E33C4D11}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D1D21AB0-5E3B-4F47-A49F-4AAE8599CD7B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D25EB5D0-71F4-4A2E-9B1B-D3BD83871D10}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D342A0EE-9A3F-4ABA-8303-DB370F1CD810}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D3694F2C-6569-4CD9-BA48-7A358B778E47}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D3F9BA9C-5117-4312-B29F-BFD7B69D6A40}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D4E0EE9F-33D1-44EF-9ACE-E76563FC8D42}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D54DB7CB-D58D-4A77-8CB6-0F575B6CD6C9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D725D0F8-9799-429A-A95D-31F55166008E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D79C9D67-99D5-4322-904C-A3BEA0D87C00}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D7A50D72-06B8-454D-8950-61DAE476B909}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D82ED5FF-3DAF-4765-8407-72D7D2EE5AF6}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D898C6A4-E369-4335-BA85-89153413DC3E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D8B94AC8-3153-489E-BEF3-B9CCECE77738}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D8BD08BD-C031-4D38-8A21-F0108A14AB7B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D8DA999B-32E6-438B-AFCD-E113E69D00FE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D947082F-DE1A-444D-9A40-E2EAD6EE2540}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D9CE18D0-32AE-4B7F-A16D-604B24CB322D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D9FD5A58-C8A4-41F5-9984-16B608335D7C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DA7004A3-1D74-44D3-A3F3-FB783307F24D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DACC3741-41D5-4763-8ABA-6581ACDC9D51}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DB2F908B-46D4-49F7-930E-33E9595FF207}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DB49F776-F693-46BF-929E-7354F74FA31F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DC1F5901-06B3-4E45-AAB5-7DE1771CEA1C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DC700E90-B590-4954-8F12-12402947C054}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DD83FE26-B302-43EB-8035-5816B690A124}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DE0AC8C7-6C06-463F-8C39-98D40CF1B396}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DE1B9976-8F49-46EF-A379-461057AAEE1E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DE7BCA9A-8D33-4B3B-91D0-D52E29D71C83}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DEEE484A-EB1C-42C0-B3C3-53B175904959}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DF4B3278-429A-4967-BD44-7398AAD0B46C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DFCA92DA-2045-40DA-9537-EA6B0CE2B2E3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E047AA4D-B2B7-465B-9835-506E5416FB3E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E05FBEC8-ADB9-4E19-8353-F5CEB9CBBA6B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E1C7BB67-C032-4C18-9F83-F5FC4D26BA73}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E1E864FB-CA64-4CA6-AEFD-5268A9C983D5}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E2C50300-FDF8-49D8-BB6B-3C2DD224E8AC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E2C9BC9E-080A-4B62-B903-B5C8BDC53BDD}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E3B10F95-F14F-4A4E-A971-D5BF94160858}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E4AC9FB1-03E4-4080-8237-E6BFA5B14108}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E53785EC-A0B2-4883-BEE4-3DB9E3024C8A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E5DF1547-FDE6-4AEF-B98B-F82C0B4599AA}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E5F4F1F4-1EAE-420A-A776-961D0E0AC361}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E63A21F9-D4C5-4160-B03E-BA0B9C8D3027}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E6E29A02-0882-4C17-9C80-C626360EF7E1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E70B3ABE-1095-4F0A-96DB-8B7A56E9D09A}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E7EAC968-6305-48B5-BC84-1D9C48FFCC8C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E9513B62-E05E-49BF-8CF5-AF72616944D8}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E9E0E24A-FF63-4107-905F-E1D2EC169B19}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EA24649F-1732-43D2-80F9-0D56D7546E55}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EAC3D56B-3D69-44E7-9A75-7D09FBFA0533}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EADB937F-41A1-4949-B99E-39E1D9BE65DE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EBB8E34F-2A8C-4B61-9682-FB347B94B628}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EC125208-7CFD-45E4-A6BE-FBD8D4BEC0C4}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EC421507-65C4-4630-8F6F-A095589132CC}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EC795197-BAC0-4E52-8D7C-427484B60C0B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EC800DFF-98BF-4A65-BBC6-C63C13E5F77F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{ECA66F0D-BB96-43B7-A546-63513E1F3E04}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{ED0A7D88-69AF-47DD-9435-7B636FA6AA50}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EDAC6342-DE19-43CD-B4DF-D34A188E653C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EDDD71B5-E7B8-4AC6-B0A6-FD450544E52F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EE688769-250F-4CF0-BA4A-77CBA252925C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EF3363CE-3004-441B-B6F0-DAAF3C27C865}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F08757EE-A75D-43C4-9CA4-63373845A26B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F0E1CFCF-4AE7-456D-A814-962CC8EE4D12}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F15E40EF-8018-42DE-A25B-DE35A91F5D2D}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F1F28115-C36B-46AD-9451-8609644011F1}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F20042EA-4E18-4265-A4F5-30505D0A3389}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F21C2E42-2476-4127-A9D8-2F40EB587C46}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F226B393-42CE-403C-A667-2BC94017DB66}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F2462A78-2E36-4579-B2A6-E7DE164FB408}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F2E4D13D-EF1B-499E-B3BB-FD317DDDA248}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F330FB94-F46D-49B3-90AA-FDCD258868B9}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F4089A19-C0C7-49E0-AD79-1C6A285CA26E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F424E5C9-1163-410B-9E57-772B04CA3A6C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F44FC50C-C3E1-4755-9015-367A5B88D18C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F4BCF8F4-C716-440C-A665-2F709FBD1CA2}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F53E54D3-8E50-47E8-94D5-A5FD9485A103}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F5487ACC-D793-4D7F-A57F-192CD503A52F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F5BA9CDA-0B31-4C1F-A7AE-E0FBCE2C1B09}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F65A9F2D-43B8-4FF0-B09D-F63896A37B05}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F7061CB1-8317-457C-994A-8BD9349507F3}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F90593E5-9202-4F3F-8FCF-7BEDE3A13C1E}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F94FE30A-33FE-4E14-B97B-D684F258EF6F}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FAA9F674-27E0-4F39-97F6-3CC22219DB1C}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FAEE9E07-9042-4451-90EA-75F446F435AE}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FB86DB0E-77D7-4A68-B8F0-9884697AEE17}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FCA331F4-8A47-45DC-A9DD-647B485DC461}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FDED7982-4D27-438C-9CB3-7531A443178B}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FE4FCA6D-CCE9-4933-9D8D-D5B4EBC8F0A8}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FF4A14EF-DD7C-463A-B2C8-04A279C87240}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FF814CE3-51FC-497F-8D8A-4E3CE9AC8669}
Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FF97FB3A-F79A-4863-84CE-DDD7AA2A4D13}
 
 
 
~~~ FireFox
 
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted the following from C:\Users\marco\AppData\Roaming\mozilla\firefox\profiles\vawqgg9s.default\prefs.js
 
user_pref("extensions.51d02be4b00c9.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatio
Emptied folder: C:\Users\marco\AppData\Roaming\mozilla\firefox\profiles\vawqgg9s.default\minidumps [2 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on vr 14-02-2014 at  9:09:14,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Adwcleaner File:
 
# AdwCleaner v3.018 - Report created 14/02/2014 at 09:12:07
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : marco - MARCO-HP
# Running from : C:\Users\marco\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\saafe savea
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\marco\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\searchplugins\holasearch.xml
File Deleted : C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v19.0 (nl)
 
[ File : C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]
 
 
[ File : C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2827 octets] - [14/02/2014 09:11:42]
AdwCleaner[s0].txt - [2760 octets] - [14/02/2014 09:12:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2820 octets] ##########
 
 
 
Malware Bytes log:
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Databaseversie: v2014.02.14.03
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
marco :: MARCO-HP [administrator]
 
14-2-2014 9:16:17
mbam-log-2014-02-14 (09-16-17).txt
 
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 378232
Verstreken tijd: 15 minuut/minuten, 49 seconde(n)
 
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
(einde)
 
 
Link to post
Share on other sites

I'm not so sure, better safe than sorry, so let's proceed further.

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

ComboFix 14-02-14.01 - marco 16-02-2014  10:28:18.1.8 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.31.1043.18.6125.4436 [GMT 1:00]

Gestart vanuit: c:\users\marco\Desktop\ComboFix.exe

AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((   Bestanden Gemaakt van 2014-01-16 to 2014-02-16  ))))))))))))))))))))))))))))))

.

.

2014-02-16 09:34 . 2014-02-16 09:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2014-02-16 09:34 . 2014-02-16 09:34 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-02-16 08:42 . 2014-02-16 09:09 -------- d-sh--w- c:\users\marco\b49S56oS

2014-02-15 12:02 . 2014-02-15 12:02 -------- d-----w- c:\users\marco\AppData\Roaming\Awesomium

2014-02-14 08:52 . 2014-02-14 08:52 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB5E52E7-D0AD-452E-A096-802EA82D2AF5}\offreg.dll

2014-02-14 08:11 . 2014-02-14 08:12 -------- d-----w- C:\AdwCleaner

2014-02-14 08:06 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB5E52E7-D0AD-452E-A096-802EA82D2AF5}\mpengine.dll

2014-02-14 08:04 . 2014-02-14 08:04 -------- d-----w- c:\windows\ERUNT

2014-02-14 08:01 . 2014-02-15 08:26 -------- d-sh--r- c:\users\marco\15tyw951in

2014-02-13 21:12 . 2014-02-13 22:34 -------- d-sh--r- c:\users\marco\mb5spidgd9d

2014-02-13 08:12 . 2014-02-13 21:10 -------- d-sh--w- c:\users\marco\i15Z28qV

2014-02-12 18:34 . 2013-10-03 08:32 -------- d-----w- c:\users\marco\InterruptBar

2014-02-12 07:36 . 2014-02-13 21:09 -------- d-sh--r- c:\users\marco\rgunas5426q3no

2014-02-10 21:55 . 2014-02-11 09:27 -------- d-sh--r- c:\users\marco\7p5wnh6sb9sq15

2014-02-10 21:55 . 2014-02-10 18:00 3792 ----a-w- c:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs

2014-02-05 21:02 . 2014-02-05 21:27 -------- d-----w- c:\users\marco\AppData\Roaming\Xfire

2014-02-05 21:02 . 2014-02-05 21:28 -------- d-----w- c:\programdata\Xfire

2014-01-29 23:28 . 2014-01-29 23:28 -------- d-----w- c:\windows\Migration

2014-01-19 09:49 . 2014-01-19 09:49 -------- d-----w- c:\programdata\{18165758-115C-4DC0-9EC2-FF89F725767F}

.

.

.

(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-02-05 19:11 . 2013-03-16 16:21 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2014-02-05 19:11 . 2012-03-05 15:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-01-15 23:33 . 2013-04-19 19:48 86054176 ----a-w- c:\windows\system32\MRT.exe

2013-12-31 13:56 . 2013-11-26 21:08 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

2013-12-31 13:56 . 2013-10-13 11:02 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2013-12-30 19:45 . 2013-10-13 11:02 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0

2013-12-18 05:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe

2013-11-30 14:34 . 2013-10-13 11:02 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2013-11-27 01:41 . 2014-01-15 17:10 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys

2013-11-27 01:41 . 2014-01-15 17:10 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2013-11-27 01:41 . 2014-01-15 17:10 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys

2013-11-27 01:41 . 2014-01-15 17:10 325120 ----a-w- c:\windows\system32\drivers\usbport.sys

2013-11-27 01:41 . 2014-01-15 17:10 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys

2013-11-27 01:41 . 2014-01-15 17:10 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2013-11-27 01:41 . 2014-01-15 17:10 7808 ----a-w- c:\windows\system32\drivers\usbd.sys

2013-11-26 23:01 . 2013-11-26 23:01 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2013-11-26 23:01 . 2013-11-26 23:01 194048 ----a-w- c:\windows\SysWow64\elshyph.dll

2013-11-26 23:01 . 2013-11-26 23:01 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-11-26 23:01 . 2013-11-26 23:01 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll

2013-11-26 23:01 . 2013-11-26 23:01 235008 ----a-w- c:\windows\system32\elshyph.dll

2013-11-26 23:01 . 2013-11-26 23:01 182272 ----a-w- c:\windows\SysWow64\msls31.dll

2013-11-26 23:01 . 2013-11-26 23:01 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe

2013-11-26 23:01 . 2013-11-26 23:01 62464 ----a-w- c:\windows\SysWow64\tdc.ocx

2013-11-26 23:01 . 2013-11-26 23:01 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll

2013-11-26 23:01 . 2013-11-26 23:01 36352 ----a-w- c:\windows\SysWow64\imgutil.dll

2013-11-26 23:01 . 2013-11-26 23:01 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll

2013-11-26 23:01 . 2013-11-26 23:01 337408 ----a-w- c:\windows\SysWow64\html.iec

2013-11-26 23:01 . 2013-11-26 23:01 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll

2013-11-26 23:01 . 2013-11-26 23:01 151552 ----a-w- c:\windows\SysWow64\iexpress.exe

2013-11-26 23:01 . 2013-11-26 23:01 139264 ----a-w- c:\windows\SysWow64\wextract.exe

2013-11-26 23:01 . 2013-11-26 23:01 13312 ----a-w- c:\windows\SysWow64\mshta.exe

2013-11-26 23:01 . 2013-11-26 23:01 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll

2013-11-26 23:01 . 2013-11-26 23:01 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll

2013-11-26 23:01 . 2013-11-26 23:01 942592 ----a-w- c:\windows\system32\jsIntl.dll

2013-11-26 23:01 . 2013-11-26 23:01 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe

2013-11-26 23:01 . 2013-11-26 23:01 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll

2013-11-26 23:01 . 2013-11-26 23:01 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe

2013-11-26 23:01 . 2013-11-26 23:01 81408 ----a-w- c:\windows\system32\icardie.dll

2013-11-26 23:01 . 2013-11-26 23:01 77312 ----a-w- c:\windows\system32\tdc.ocx

2013-11-26 23:01 . 2013-11-26 23:01 616104 ----a-w- c:\windows\system32\ieapfltr.dat

2013-11-26 23:01 . 2013-11-26 23:01 52224 ----a-w- c:\windows\system32\msfeedsbs.dll

2013-11-26 23:01 . 2013-11-26 23:01 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll

2013-11-26 23:01 . 2013-11-26 23:01 48640 ----a-w- c:\windows\system32\mshtmler.dll

2013-11-26 23:01 . 2013-11-26 23:01 453120 ----a-w- c:\windows\system32\dxtmsft.dll

2013-11-26 23:01 . 2013-11-26 23:01 413696 ----a-w- c:\windows\system32\html.iec

2013-11-26 23:01 . 2013-11-26 23:01 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll

2013-11-26 23:01 . 2013-11-26 23:01 296960 ----a-w- c:\windows\system32\dxtrans.dll

2013-11-26 23:01 . 2013-11-26 23:01 263376 ----a-w- c:\windows\system32\iedkcs32.dll

2013-11-26 23:01 . 2013-11-26 23:01 247808 ----a-w- c:\windows\system32\msls31.dll

2013-11-26 23:01 . 2013-11-26 23:01 243200 ----a-w- c:\windows\system32\webcheck.dll

2013-11-26 23:01 . 2013-11-26 23:01 235520 ----a-w- c:\windows\system32\url.dll

2013-11-26 23:01 . 2013-11-26 23:01 13312 ----a-w- c:\windows\system32\msfeedssync.exe

2013-11-26 23:01 . 2013-11-26 23:01 131072 ----a-w- c:\windows\system32\IEAdvpack.dll

2013-11-26 23:01 . 2013-11-26 23:01 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll

2013-11-26 23:01 . 2013-11-26 23:01 105984 ----a-w- c:\windows\system32\iesysprep.dll

2013-11-26 23:01 . 2013-11-26 23:01 84992 ----a-w- c:\windows\system32\mshtmled.dll

2013-11-26 23:01 . 2013-11-26 23:01 83968 ----a-w- c:\windows\system32\MshtmlDac.dll

2013-11-26 23:01 . 2013-11-26 23:01 774144 ----a-w- c:\windows\system32\jscript.dll

2013-11-26 23:01 . 2013-11-26 23:01 62464 ----a-w- c:\windows\system32\pngfilt.dll

2013-11-26 23:01 . 2013-11-26 23:01 48128 ----a-w- c:\windows\system32\imgutil.dll

2013-11-26 23:01 . 2013-11-26 23:01 30208 ----a-w- c:\windows\system32\licmgr10.dll

2013-11-26 23:01 . 2013-11-26 23:01 167424 ----a-w- c:\windows\system32\iexpress.exe

2013-11-26 23:01 . 2013-11-26 23:01 147968 ----a-w- c:\windows\system32\occache.dll

2013-11-26 23:01 . 2013-11-26 23:01 143872 ----a-w- c:\windows\system32\wextract.exe

2013-11-26 23:01 . 2013-11-26 23:01 13824 ----a-w- c:\windows\system32\mshta.exe

2013-11-26 23:01 . 2013-11-26 23:01 135680 ----a-w- c:\windows\system32\iepeers.dll

2013-11-26 23:01 . 2013-11-26 23:01 101376 ----a-w- c:\windows\system32\inseng.dll

2013-11-26 11:40 . 2014-01-15 17:10 376768 ----a-w- c:\windows\system32\drivers\netio.sys

2013-11-26 10:32 . 2014-01-15 17:10 3156480 ----a-w- c:\windows\system32\win32k.sys

2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys

2013-11-23 18:26 . 2013-12-11 15:01 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll

2013-11-23 17:47 . 2013-12-11 15:01 465920 ----a-w- c:\windows\system32\WMPhoto.dll

.

.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"F.lux"="c:\users\marco\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]

"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424]

"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]

"nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]

"RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2012-07-19 3076096]

"Razer Naga Driver"="c:\program files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe" [2010-12-30 957840]

"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

.

c:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

CurseClientStartup.ccip [2012-6-11 0]

Dropbox.lnk - c:\users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]

mdwhuzmxv.vbs [2014-2-10 3792]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"EnableShellExecuteHooks"= 1 (0x1)

.

[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

.

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]

R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys;c:\windows\SYSNATIVE\drivers\pmxdrv.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]

S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]

S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]

S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]

S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x]

S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]

S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]

S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]

S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]

S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]

S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]

S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys;c:\windows\SYSNATIVE\DRIVERS\RzSynapse.sys [x]

.

.

Inhoud van de 'Gedeelde Taken' map

.

2014-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-16 19:11]

.

2014-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000Core.job

- c:\users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18 15:08]

.

2014-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000UA.job

- c:\users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18 15:08]

.

2014-01-27 c:\windows\Tasks\HPCeeScheduleForMARCO-HP$.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

2014-02-16 c:\windows\Tasks\HPCeeScheduleFormarco.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]

"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-14 1064224]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-01-28 21720]

.

------- Bijkomende Scan -------

.


uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\

.

- - - - ORPHANS VERWIJDERD - - - -

.

Wow6432Node-HKCU-Run-Overwolf - c:\program files (x86)\Overwolf\Overwolf.exe

Wow6432Node-HKCU-Run-Xfire - c:\program files (x86)\Xfire2\Xfire.exe

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe

Wow6432Node-HKLM-Run-Xfire - c:\program files (x86)\Xfire2\Xfire.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe

AddRemove-WildTangent hp Master Uninstall - c:\program files (x86)\HP Games\Uninstall.exe

AddRemove-WildTangentGameProvider-hp-genres - c:\program files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe

AddRemove-WildTangentGameProvider-hp-main - c:\program files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe

AddRemove-WildTangentGDF-hp-gunbros - c:\program files (x86)\HP Games\Web Link - Gun Bros\Uninstall.exe

AddRemove-WTA-068a32a3-e469-4c14-b78b-62ef7ae63bcc - c:\program files (x86)\HP Games\Blackhawk Striker 2\uninstall\uninstaller.exe

AddRemove-WTA-1e252d85-adb9-4c4e-9ea9-40ae7f8d7e88 - c:\program files (x86)\HP Games\Mystery of Mortlake Mansion\uninstall\uninstaller.exe

AddRemove-WTA-286a9c95-c790-4a23-9568-4f846557423e - c:\program files (x86)\HP Games\Penguins!\uninstall\uninstaller.exe

AddRemove-WTA-2c6df00c-d23e-4c6d-b629-72a6b5b5c6e2 - c:\program files (x86)\HP Games\Blasterball 3\uninstall\uninstaller.exe

AddRemove-WTA-377ebe4b-ddf1-4d55-8994-d16dccbbe1c0 - c:\program files (x86)\HP Games\Virtual Villagers 5 - New Believers\uninstall\uninstaller.exe

AddRemove-WTA-3a47674e-6286-4bd6-a4f9-fb0f04505f47 - c:\program files (x86)\HP Games\Cradle of Rome 2\uninstall\uninstaller.exe

AddRemove-WTA-4b4a1c75-4fab-448d-8bf7-dc4540ffadad - c:\program files (x86)\HP Games\Bounce Symphony\uninstall\uninstaller.exe

AddRemove-WTA-4eeb0c8e-3418-425d-928d-8f776496fa06 - c:\program files (x86)\HP Games\Chuzzle Deluxe\uninstall\uninstaller.exe

AddRemove-WTA-4eedebef-5544-4f46-80eb-cdd700669940 - c:\program files (x86)\HP Games\Agatha Christie - Peril at End House\uninstall\uninstaller.exe

AddRemove-WTA-51171669-e116-4a36-b992-5bc35e9ce9fd - c:\program files (x86)\HP Games\Namco All-Stars PAC-MAN\uninstall\uninstaller.exe

AddRemove-WTA-516831ea-5764-4b40-bacc-6cca7d93bace - c:\program files (x86)\HP Games\Chronicles of Albian\uninstall\uninstaller.exe

AddRemove-WTA-52927150-d423-4df5-a827-a51cfd03713a - c:\program files (x86)\HP Games\Poker Superstars III\uninstall\uninstaller.exe

AddRemove-WTA-5ef2ea74-edf3-437c-8303-cc0532945e33 - c:\program files (x86)\HP Games\Jewel Quest The Sleepless Star - Collectors Edition\uninstall\uninstaller.exe

AddRemove-WTA-6bc11f22-bb19-420c-9d54-29fbf930579d - c:\program files (x86)\HP Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe

AddRemove-WTA-73a29449-9398-427e-8c58-653416202cad - c:\program files (x86)\HP Games\Slingo Supreme\uninstall\uninstaller.exe

AddRemove-WTA-7a96c42c-f7ba-44ce-8ae7-0df904e7de79 - c:\program files (x86)\HP Games\Mah Jong Medley\uninstall\uninstaller.exe

AddRemove-WTA-90aee741-cbd9-4290-81ce-73119c45d1e2 - c:\program files (x86)\HP Games\FATE\uninstall\uninstaller.exe

AddRemove-WTA-967bad6c-eafd-4912-9363-cdc71f938889 - c:\program files (x86)\HP Games\Polar Bowler\uninstall\uninstaller.exe

AddRemove-WTA-96d9a103-8d41-4cd8-9ee6-118557eea107 - c:\program files (x86)\HP Games\Zuma Deluxe\uninstall\uninstaller.exe

AddRemove-WTA-b12ef7f4-76e9-42d6-8507-17571cf1325c - c:\program files (x86)\HP Games\Farm Frenzy\uninstall\uninstaller.exe

AddRemove-WTA-b97f9d01-f6b2-4027-b420-f03f6018b858 - c:\program files (x86)\HP Games\Governor of Poker 2 Premium Edition\uninstall\uninstaller.exe

AddRemove-WTA-ca2f47de-01ef-4782-a525-665b8d1de53d - c:\program files (x86)\HP Games\Cake Mania\uninstall\uninstaller.exe

AddRemove-WTA-d19d4618-60ed-4dbe-8f0d-a827daabb525 - c:\program files (x86)\HP Games\Bejeweled 3\uninstall\uninstaller.exe

AddRemove-WTA-d4532316-d7ad-4d43-84ce-5d07261e1841 - c:\program files (x86)\HP Games\Final Drive Nitro\uninstall\uninstaller.exe

AddRemove-WTA-d4fee06a-821b-4ae0-95b4-0ed12535e2d7 - c:\program files (x86)\HP Games\Vacation Quest - The Hawaiian Islands\uninstall\uninstaller.exe

AddRemove-WTA-f34a166f-3218-4c2a-8f90-5c2c6fcda4e3 - c:\program files (x86)\HP Games\Polar Golfer\uninstall\uninstaller.exe

AddRemove-{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1 - c:\users\marco\Documents\Infestation Survivor Stories\unins000.exe

AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]

"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Voltooingstijd: 2014-02-16  10:35:38

ComboFix-quarantined-files.txt  2014-02-16 09:35

.

Pre-Run: 188.353.851.392 bytes beschikbaar

Post-Run: 187.957.751.808 bytes beschikbaar

.

- - End Of File - - 7A1D5E4AE7B9A8BF4BABE1D5F4A6610F
Link to post
Share on other sites

That's why I asked from you to proceed further with my instructions, because dealing with current malware is not that simple.

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

File::

c:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs

Folder::

c:\users\marco\b49S56oS

c:\users\marco\AppData\Roaming\Awesomium

c:\users\marco\15tyw951in

c:\users\marco\mb5spidgd9d

c:\users\marco\i15Z28qV

c:\users\marco\InterruptBar

c:\users\marco\rgunas5426q3no

c:\users\marco\7p5wnh6sb9sq15

JavaClearCache::

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Link to post
Share on other sites

Hey, thanks for doing this again.

 

I did exactly as you asked, here is the log, it ran the combofix & rebooted my pc, after the reboot it said "Acces denied" in the blue combofix screen and after that it generated the log

 

ComboFix 14-02-16.01 - marco 16-02-2014  20:47:42.2.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.31.1043.18.6125.4049 [GMT 1:00]
Gestart vanuit: c:\users\marco\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\marco\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs"
.
.
((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\marco\15tyw951in
c:\users\marco\15tyw951in\czesMdGH.com
c:\users\marco\15tyw951in\eEWboUYIc
c:\users\marco\15tyw951in\run.vbs
c:\users\marco\15tyw951in\uEdI.YBH
c:\users\marco\15tyw951in\UGZoMhnu.GPP
c:\users\marco\7p5wnh6sb9sq15
c:\users\marco\7p5wnh6sb9sq15\afViavPcA.HOE
c:\users\marco\7p5wnh6sb9sq15\dLUHSYm
c:\users\marco\7p5wnh6sb9sq15\nwUHnLQxxQ.ELG
c:\users\marco\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\marco\AppData\Local\Temp\avgnt.exe\Avira.OE.NativeCore.dll
c:\users\marco\AppData\Local\Temp\avgnt.exe\Avira.OE.Wincore.dll
c:\users\marco\AppData\Roaming\Awesomium
c:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs
c:\users\marco\b49S56oS
c:\users\marco\i15Z28qV
c:\users\marco\i15Z28qV\DY.SXM
c:\users\marco\InterruptBar
c:\users\marco\InterruptBar\InterruptBar.lua
c:\users\marco\InterruptBar\InterruptBar.toc
c:\users\marco\mb5spidgd9d
c:\users\marco\mb5spidgd9d\DWhzrNRBBM.VJS
c:\users\marco\mb5spidgd9d\hfOyRTKLsIvd
c:\users\marco\mb5spidgd9d\sLGZCt.QMV
c:\users\marco\rgunas5426q3no
c:\users\marco\rgunas5426q3no\AKDDyiMMQ.MOG
c:\users\marco\rgunas5426q3no\GhkGM
c:\users\marco\rgunas5426q3no\NOvCEyWrOoV.VDM
.
.
((((((((((((((((((((   Bestanden Gemaakt van 2014-01-16 to 2014-02-16  ))))))))))))))))))))))))))))))
.
.
2014-02-16 19:55 . 2014-02-16 19:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-02-16 19:55 . 2014-02-16 19:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-16 17:01 . 2014-02-16 17:01 -------- d-----w- c:\users\marco\AppData\Roaming\Avira
2014-02-16 17:01 . 2013-12-09 10:37 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-02-16 17:01 . 2013-12-09 10:37 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-02-16 17:01 . 2013-12-09 10:37 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-02-16 16:59 . 2014-02-16 17:01 -------- d-----w- c:\programdata\Avira
2014-02-16 16:59 . 2014-02-16 17:01 -------- d-----w- c:\program files (x86)\Avira
2014-02-16 12:50 . 2014-02-16 14:55 -------- d-sh--w- c:\users\marco\b96E84lA
2014-02-14 08:11 . 2014-02-14 08:12 -------- d-----w- C:\AdwCleaner
2014-02-14 08:06 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB5E52E7-D0AD-452E-A096-802EA82D2AF5}\mpengine.dll
2014-02-14 08:04 . 2014-02-14 08:04 -------- d-----w- c:\windows\ERUNT
2014-02-13 08:17 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-05 21:02 . 2014-02-05 21:27 -------- d-----w- c:\users\marco\AppData\Roaming\Xfire
2014-02-05 21:02 . 2014-02-05 21:28 -------- d-----w- c:\programdata\Xfire
2014-01-29 23:28 . 2014-01-29 23:28 -------- d-----w- c:\windows\Migration
2014-01-19 09:49 . 2014-01-19 09:49 -------- d-----w- c:\programdata\{18165758-115C-4DC0-9EC2-FF89F725767F}
.
.
.
(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 19:11 . 2013-03-16 16:21 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-05 19:11 . 2012-03-05 15:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 23:33 . 2013-04-19 19:48 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-31 13:56 . 2013-11-26 21:08 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-12-31 13:56 . 2013-10-13 11:02 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-12-30 19:45 . 2013-10-13 11:02 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-12-18 05:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-11-30 14:34 . 2013-10-13 11:02 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-11-27 01:41 . 2014-01-15 17:10 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:41 . 2014-01-15 17:10 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:41 . 2014-01-15 17:10 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:41 . 2014-01-15 17:10 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-27 01:41 . 2014-01-15 17:10 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-11-27 01:41 . 2014-01-15 17:10 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-11-27 01:41 . 2014-01-15 17:10 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-26 23:01 . 2013-11-26 23:01 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 23:01 . 2013-11-26 23:01 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-26 23:01 . 2013-11-26 23:01 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 23:01 . 2013-11-26 23:01 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-26 23:01 . 2013-11-26 23:01 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-26 23:01 . 2013-11-26 23:01 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-26 23:01 . 2013-11-26 23:01 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 23:01 . 2013-11-26 23:01 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-26 23:01 . 2013-11-26 23:01 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 23:01 . 2013-11-26 23:01 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-26 23:01 . 2013-11-26 23:01 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 23:01 . 2013-11-26 23:01 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-26 23:01 . 2013-11-26 23:01 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-26 23:01 . 2013-11-26 23:01 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-26 23:01 . 2013-11-26 23:01 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-26 23:01 . 2013-11-26 23:01 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-26 23:01 . 2013-11-26 23:01 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 23:01 . 2013-11-26 23:01 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 23:01 . 2013-11-26 23:01 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-26 23:01 . 2013-11-26 23:01 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 23:01 . 2013-11-26 23:01 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-26 23:01 . 2013-11-26 23:01 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 23:01 . 2013-11-26 23:01 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-26 23:01 . 2013-11-26 23:01 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-26 23:01 . 2013-11-26 23:01 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-26 23:01 . 2013-11-26 23:01 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-26 23:01 . 2013-11-26 23:01 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-26 23:01 . 2013-11-26 23:01 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-26 23:01 . 2013-11-26 23:01 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-26 23:01 . 2013-11-26 23:01 413696 ----a-w- c:\windows\system32\html.iec
2013-11-26 23:01 . 2013-11-26 23:01 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 23:01 . 2013-11-26 23:01 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-26 23:01 . 2013-11-26 23:01 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-26 23:01 . 2013-11-26 23:01 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-26 23:01 . 2013-11-26 23:01 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-26 23:01 . 2013-11-26 23:01 235520 ----a-w- c:\windows\system32\url.dll
2013-11-26 23:01 . 2013-11-26 23:01 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-26 23:01 . 2013-11-26 23:01 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 23:01 . 2013-11-26 23:01 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-26 23:01 . 2013-11-26 23:01 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-26 23:01 . 2013-11-26 23:01 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-26 23:01 . 2013-11-26 23:01 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-26 23:01 . 2013-11-26 23:01 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-26 23:01 . 2013-11-26 23:01 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-26 23:01 . 2013-11-26 23:01 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-26 23:01 . 2013-11-26 23:01 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-26 23:01 . 2013-11-26 23:01 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-26 23:01 . 2013-11-26 23:01 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-26 23:01 . 2013-11-26 23:01 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-26 23:01 . 2013-11-26 23:01 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-26 23:01 . 2013-11-26 23:01 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 23:01 . 2013-11-26 23:01 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-26 11:40 . 2014-01-15 17:10 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2013-11-26 10:32 . 2014-01-15 17:10 3156480 ----a-w- c:\windows\system32\win32k.sys
2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-11-23 18:26 . 2013-12-11 15:01 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 15:01 465920 ----a-w- c:\windows\system32\WMPhoto.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F.lux"="c:\users\marco\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424]
"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
"nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]
"RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2012-07-19 3076096]
"Razer Naga Driver"="c:\program files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe" [2010-12-30 957840]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-01-29 172600]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-09 684600]
.
c:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2012-6-11 0]
Dropbox.lnk - c:\users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys;c:\windows\SYSNATIVE\drivers\pmxdrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys;c:\windows\SYSNATIVE\DRIVERS\RzSynapse.sys [x]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2014-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-16 19:11]
.
2014-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000Core.job
- c:\users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18 15:08]
.
2014-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000UA.job
- c:\users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18 15:08]
.
2014-01-27 c:\windows\Tasks\HPCeeScheduleForMARCO-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2014-02-16 c:\windows\Tasks\HPCeeScheduleFormarco.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-14 1064224]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\
.
- - - - ORPHANS VERWIJDERD - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-WildTangent hp Master Uninstall - c:\program files (x86)\HP Games\Uninstall.exe
AddRemove-WildTangentGameProvider-hp-genres - c:\program files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe
AddRemove-WildTangentGameProvider-hp-main - c:\program files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe
AddRemove-WildTangentGDF-hp-gunbros - c:\program files (x86)\HP Games\Web Link - Gun Bros\Uninstall.exe
AddRemove-WTA-068a32a3-e469-4c14-b78b-62ef7ae63bcc - c:\program files (x86)\HP Games\Blackhawk Striker 2\uninstall\uninstaller.exe
AddRemove-WTA-1e252d85-adb9-4c4e-9ea9-40ae7f8d7e88 - c:\program files (x86)\HP Games\Mystery of Mortlake Mansion\uninstall\uninstaller.exe
AddRemove-WTA-286a9c95-c790-4a23-9568-4f846557423e - c:\program files (x86)\HP Games\Penguins!\uninstall\uninstaller.exe
AddRemove-WTA-2c6df00c-d23e-4c6d-b629-72a6b5b5c6e2 - c:\program files (x86)\HP Games\Blasterball 3\uninstall\uninstaller.exe
AddRemove-WTA-377ebe4b-ddf1-4d55-8994-d16dccbbe1c0 - c:\program files (x86)\HP Games\Virtual Villagers 5 - New Believers\uninstall\uninstaller.exe
AddRemove-WTA-3a47674e-6286-4bd6-a4f9-fb0f04505f47 - c:\program files (x86)\HP Games\Cradle of Rome 2\uninstall\uninstaller.exe
AddRemove-WTA-4b4a1c75-4fab-448d-8bf7-dc4540ffadad - c:\program files (x86)\HP Games\Bounce Symphony\uninstall\uninstaller.exe
AddRemove-WTA-4eeb0c8e-3418-425d-928d-8f776496fa06 - c:\program files (x86)\HP Games\Chuzzle Deluxe\uninstall\uninstaller.exe
AddRemove-WTA-4eedebef-5544-4f46-80eb-cdd700669940 - c:\program files (x86)\HP Games\Agatha Christie - Peril at End House\uninstall\uninstaller.exe
AddRemove-WTA-51171669-e116-4a36-b992-5bc35e9ce9fd - c:\program files (x86)\HP Games\Namco All-Stars PAC-MAN\uninstall\uninstaller.exe
AddRemove-WTA-516831ea-5764-4b40-bacc-6cca7d93bace - c:\program files (x86)\HP Games\Chronicles of Albian\uninstall\uninstaller.exe
AddRemove-WTA-52927150-d423-4df5-a827-a51cfd03713a - c:\program files (x86)\HP Games\Poker Superstars III\uninstall\uninstaller.exe
AddRemove-WTA-5ef2ea74-edf3-437c-8303-cc0532945e33 - c:\program files (x86)\HP Games\Jewel Quest The Sleepless Star - Collectors Edition\uninstall\uninstaller.exe
AddRemove-WTA-6bc11f22-bb19-420c-9d54-29fbf930579d - c:\program files (x86)\HP Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe
AddRemove-WTA-73a29449-9398-427e-8c58-653416202cad - c:\program files (x86)\HP Games\Slingo Supreme\uninstall\uninstaller.exe
AddRemove-WTA-7a96c42c-f7ba-44ce-8ae7-0df904e7de79 - c:\program files (x86)\HP Games\Mah Jong Medley\uninstall\uninstaller.exe
AddRemove-WTA-90aee741-cbd9-4290-81ce-73119c45d1e2 - c:\program files (x86)\HP Games\FATE\uninstall\uninstaller.exe
AddRemove-WTA-967bad6c-eafd-4912-9363-cdc71f938889 - c:\program files (x86)\HP Games\Polar Bowler\uninstall\uninstaller.exe
AddRemove-WTA-96d9a103-8d41-4cd8-9ee6-118557eea107 - c:\program files (x86)\HP Games\Zuma Deluxe\uninstall\uninstaller.exe
AddRemove-WTA-b12ef7f4-76e9-42d6-8507-17571cf1325c - c:\program files (x86)\HP Games\Farm Frenzy\uninstall\uninstaller.exe
AddRemove-WTA-b97f9d01-f6b2-4027-b420-f03f6018b858 - c:\program files (x86)\HP Games\Governor of Poker 2 Premium Edition\uninstall\uninstaller.exe
AddRemove-WTA-ca2f47de-01ef-4782-a525-665b8d1de53d - c:\program files (x86)\HP Games\Cake Mania\uninstall\uninstaller.exe
AddRemove-WTA-d19d4618-60ed-4dbe-8f0d-a827daabb525 - c:\program files (x86)\HP Games\Bejeweled 3\uninstall\uninstaller.exe
AddRemove-WTA-d4532316-d7ad-4d43-84ce-5d07261e1841 - c:\program files (x86)\HP Games\Final Drive Nitro\uninstall\uninstaller.exe
AddRemove-WTA-d4fee06a-821b-4ae0-95b4-0ed12535e2d7 - c:\program files (x86)\HP Games\Vacation Quest - The Hawaiian Islands\uninstall\uninstaller.exe
AddRemove-WTA-f34a166f-3218-4c2a-8f90-5c2c6fcda4e3 - c:\program files (x86)\HP Games\Polar Golfer\uninstall\uninstaller.exe
AddRemove-{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1 - c:\users\marco\Documents\Infestation Survivor Stories\unins000.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Voltooingstijd: 2014-02-16  21:02:20 - machine werd herstart
ComboFix-quarantined-files.txt  2014-02-16 20:02
ComboFix2.txt  2014-02-16 09:35
.
Pre-Run: 192.500.879.360 bytes beschikbaar
Post-Run: 192.208.650.240 bytes beschikbaar
.
- - End Of File - - 401A5476FE84C44A5764514526A5E245
Link to post
Share on other sites

Thanks! :)

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

Hey  :)

I have done as you asked and here is the log, the scan took quite a while (~5 hours)

 

C:\Users\All Users\Avira\My Avira\Temp\antivirus.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
C:\Users\marco\Downloads\avc-free.exe Win32/OpenCandy potentially unsafe application
C:\Users\marco\Downloads\GraboidVideoSetup-3.11 (1).exe Win32/Graboid potentially unsafe application
C:\Users\marco\Downloads\GraboidVideoSetup-3.11 (2).exe Win32/Graboid potentially unsafe application
C:\Users\marco\Downloads\GraboidVideoSetup-3.11.exe Win32/Graboid potentially unsafe application
C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted (after the next restart) - quarantined
C:\ProgramData\Avira\My Avira\Temp\antivirus.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Qoobox\Quarantine\C\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs.vir VBS/TrojanDownloader.Agent.NJF trojan cleaned by deleting - quarantined
C:\Users\marco\Downloads\ccsetup318.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted - quarantined
C:\Users\marco\Downloads\otloader (1).rar VBS/TrojanDownloader.Agent.NJF trojan deleted - quarantined
C:\Users\marco\Downloads\wbot (1).jar a variant of Java/Obfuscated.AllatoriDemo.B potentially unsafe application deleted - quarantined
C:\Users\marco\Downloads\xfire_setup.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
Link to post
Share on other sites

Thanks!

Step 1

Download TFC to your desktop

  • Open the file and close any other windows.
  • It will close all programs itself when run, make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job
  • Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
Step 2

Please download the Kaspersky Virus Removal Tool from here to your Desktop.

Double-click the Removal Tool.

Click the cog in the upper right corner:

AVPfront.gif

Select down to and including your main drive.

Once done please select the Automatic Scan tab and press Start Scan.

avpsettings.gif

Allow AVP to delete all infections found.

Once it has finished select the Report tab.

Select the Detected threats report from the left and press the Save button.

Save it to your Desktop and post the contents in your next reply.

Link to post
Share on other sites

Okay, So the scan is finally done, however, the scan crashed :(  and I had to reinstall the program because I couldn't find the program itself anywhere to go further with the initial scan, but this time it was done in less then an hour. Now since it crashed and I had to reinstall the program, the scan no longer shows the 2 detected trojans so there isn't any log for me to post. What do I do now?

Link to post
Share on other sites

Good! :)

Step 1

  • Download OTL to your desktop and run it.
  • Click on CleanUp button.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Step 3

Please uninstall ESET Online Scanner and manually delete Kaspersky AVP .

Step 4

Some malware preventions:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.