Jump to content

frogdance

Members
  • Posts

    14
  • Joined

  • Last visited

Reputation

0 Neutral
  1. This appear to be running good. Thank you for the help. Would it be possible for a virus or malware to be on an external hard drive?
  2. I could not produce a log No threats were found
  3. After Combofix had finished the processes. I tried opening Firefox and Chrome and could not because they were associated with a registry that was marked for deletion. I just restarted the computer and it was okay after I did that. ComboFix 13-08-15.03 - Mark 08/16/2013 8:05.4.1 - x86 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2038.1343 [GMT -7:00] Running from: c:\users\Mark\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2013-07-16 to 2013-08-16 ))))))))))))))))))))))))))))))) . . 2013-08-16 15:14 . 2013-08-16 15:14 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-08-16 15:14 . 2013-08-16 15:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-08-16 10:52 . 2013-07-02 06:54 7143960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{96AB263E-F9E5-41F7-8762-27EEA8321742}\mpengine.dll 2013-08-16 03:24 . 2013-07-02 06:54 7143960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-08-15 10:11 . 2013-08-15 10:17 -------- d-----w- c:\windows\system32\MRT 2013-08-14 20:12 . 2013-07-09 04:50 652800 ----a-w- c:\windows\system32\rpcrt4.dll 2013-08-14 20:12 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll 2013-08-14 20:12 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-14 20:12 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\system32\crypt32.dll 2013-08-14 20:12 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-14 20:12 . 2013-07-09 05:03 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-14 20:12 . 2013-07-09 05:03 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-14 20:12 . 2013-07-09 04:53 1289096 ----a-w- c:\windows\system32\ntdll.dll 2013-08-14 20:12 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-08-14 20:12 . 2013-07-06 05:05 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-08-14 20:12 . 2013-07-19 01:41 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-14 20:12 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-14 04:02 . 2013-08-14 04:02 -------- d-----w- c:\program files\ESET 2013-08-14 03:22 . 2013-04-04 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-07-21 05:41 . 2013-08-15 16:46 -------- d-----w- c:\users\Mark\AppData\Roaming\foobar2000 2013-07-21 05:39 . 2013-07-21 05:39 -------- d-----w- c:\program files\foobar2000 2013-07-20 21:02 . 2013-07-20 21:04 -------- d-----w- c:\users\Mark\AppData\Roaming\Boom Audio Player . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-07-17 00:09 . 2013-07-17 00:11 698504 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B673045-F5A3-4619-8EAD-7FB05E363D09}\gapaengine.dll 2013-06-21 05:20 . 2011-04-06 01:50 724464 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-06-05 03:05 . 2013-07-11 00:58 2347520 ----a-w- c:\windows\system32\win32k.sys 2013-06-04 04:53 . 2013-07-11 00:58 509440 ----a-w- c:\windows\system32\qedit.dll 2013-05-28 07:17 . 2012-04-04 17:52 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-28 07:17 . 2012-08-10 01:22 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-19 04:19 . 2011-03-29 01:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-03-12 06:39 129272 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-03-12 06:39 129272 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-03-12 06:39 129272 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-03-12 06:39 129272 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F.lux"="c:\users\Mark\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152] "IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKLM\~\startupfolder\C:^Users^Mark^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk] path=c:\users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-12-18 19:08 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service] 2010-10-28 03:17 207424 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2011-10-14 07:46 136176 ----atw- c:\users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam] 2010-12-13 22:37 135536 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2012-03-09 01:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2013-03-01 02:30 18643048 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-07-03 16:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher] 2011-08-05 19:29 159456 ----a-w- c:\program files\Zune\ZuneLauncher.exe . R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-03-01 161384] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-07 1343400] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592] S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-12-13 30576] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - MPKSLBF93EA32 *Deregistered* - MpKslbf93ea32 . . ------- Supplementary Scan ------- . TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\bb1jcv1q.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - ExtSQL: 2013-07-13 16:33; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\bb1jcv1q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF - ExtSQL: 2013-07-15 16:16; jid1-xUfzOsOFlzSOXg@jetpack; c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\bb1jcv1q.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi FF - ExtSQL: 2013-08-15 01:21; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\bb1jcv1q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,af,cc,74,05,5a,66,49,bc,ad,e4,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,af,cc,74,05,5a,66,49,bc,ad,e4,\ . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. 0 W¶ f] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. 0 W¶ f\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. 0 r· f] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. 0 r· f\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*v*i*’ÊÙZ\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. c h s 1 1 0 3 2 5 1¶ f\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*e*†^l\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*e*+†^l\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*e*o†^l\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. D e r· f\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*e*u*_*s*t*a*r*l*e*t*s*-*p*o*w*¯ù;y\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*o*v*¡¢[\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*4*W3\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. n W¶ f] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. n W¶ f\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*e*x*p*l*o*i*t*e*d*c*o*Þ6ò:\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*i*n*y*a*-*e*r*o*b*e*r*Þ6ò:\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*i*n*y*a*-*e*r*o*b*e*r*97ò:\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*m*s*h*f*g*r*a*IÛ„'\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*m*s*h*f*g*r*a*ù;y\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*s*o*_*r*e*a*d*y*_*b*i*_²ïH\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*m*ÔV\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*ä/ÝN] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*ä/ÝN\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*ÑÛ„'] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*ÑÛ„'\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*Áù;y] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*Áù;y\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(4708) c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . Completion time: 2013-08-16 08:18:28 ComboFix-quarantined-files.txt 2013-08-16 15:18 . Pre-Run: 41,547,321,344 bytes free Post-Run: 41,258,856,448 bytes free . - - End Of File - - 71AFEBFEEC476CAE4E436A76CDC11806 A36C5E4F47E84449FF07ED3517B43A31
  4. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.15.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16660 Mark :: PC-PC [administrator] 8/15/2013 7:56:57 AM mbam-log-2013-08-15 (07-56-57).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 210316 Time elapsed: 18 minute(s), 17 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\Installer\33e4000.msi (Trojan.Inject.NR) -> Quarantined and deleted successfully. (end)
  5. I wanted to know if my computer is clean after having malwarebytes delete the Trojan. Is there a program or file that is still on my computer that can still be a potential threat? DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.7.2 Run by Mark at 12:17:44 on 2013-08-15 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2038.1395 [GMT -7:00] . AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskhost.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Windows\system32\igfxsrvc.exe C:\Users\Mark\Local Settings\Apps\F.lux\flux.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll uRun: [F.lux] "c:\users\mark\local settings\apps\f.lux\flux.exe" /noshow mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\24163796C6 : DHCPNameServer = 192.168.1.1 68.105.28.12 68.105.29.12 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\255637E45647D2355636572756 : DHCPNameServer = 169.231.0.3 169.231.0.4 128.111.1.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\4325543443633313 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\4636A636 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\46C696E6B6 : DHCPNameServer = 192.168.0.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\mp3 skype recorder\Skype4COM.dll Notify: igfxcui - igfxdev.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\mark\appdata\roaming\mozilla\firefox\profiles\bb1jcv1q.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll FF - plugin: c:\users\mark\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: c:\users\mark\appdata\local\pokki\download helper\npPokkiDownloadHelper.1.2.0.78.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - plugin: c:\windows\system32\wat\npWatWeb.dll FF - ExtSQL: 2013-07-13 16:33; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\mark\appdata\roaming\mozilla\firefox\profiles\bb1jcv1q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF - ExtSQL: 2013-07-15 16:16; jid1-xUfzOsOFlzSOXg@jetpack; c:\users\mark\appdata\roaming\mozilla\firefox\profiles\bb1jcv1q.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi FF - ExtSQL: 2013-08-15 01:21; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\mark\appdata\roaming\mozilla\firefox\profiles\bb1jcv1q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296] R1 MpKslbf93ea32;MpKslbf93ea32;c:\programdata\microsoft\microsoft antimalware\definition updates\{5315f837-1dcf-4656-91f0-b678bd01c46f}\MpKslbf93ea32.sys [2013-8-15 29904] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2012-7-29 13592] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-8-13 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-8-13 701512] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-8-13 22856] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-12-13 30576] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 100328] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-23 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-7 1343400] . =============== Created Last 30 ================ . 2013-08-15 18:59:09 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5315f837-1dcf-4656-91f0-b678bd01c46f}\MpKslbf93ea32.sys 2013-08-15 18:29:53 -------- d-----w- c:\users\mark\appdata\local\{46A8C15B-9483-42A8-AD4E-502704A3E5C8} 2013-08-15 10:11:44 -------- d-----w- c:\windows\system32\MRT 2013-08-15 06:29:24 -------- d-----w- c:\users\mark\appdata\local\{A9CBC7AB-1702-497C-9E8E-BC52EEFFC2EA} 2013-08-15 04:55:17 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{5315f837-1dcf-4656-91f0-b678bd01c46f}\mpengine.dll 2013-08-14 20:44:11 7143960 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-08-14 20:12:47 652800 ----a-w- c:\windows\system32\rpcrt4.dll 2013-08-14 20:12:43 175104 ----a-w- c:\windows\system32\wintrust.dll 2013-08-14 20:12:43 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-08-14 20:12:43 1166848 ----a-w- c:\windows\system32\crypt32.dll 2013-08-14 20:12:43 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-08-14 20:12:35 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-08-14 20:12:35 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-08-14 20:12:34 1289096 ----a-w- c:\windows\system32\ntdll.dll 2013-08-14 20:12:30 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-08-14 20:12:29 1293760 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-08-14 20:12:10 2048 ----a-w- c:\windows\system32\tzres.dll 2013-08-14 20:12:09 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2013-08-14 05:39:13 -------- d-----w- c:\users\mark\appdata\local\{319E137A-803B-4131-9192-9A0C0CD71652} 2013-08-14 04:02:48 -------- d-----w- c:\program files\ESET 2013-08-14 03:22:16 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-07-21 05:41:49 -------- d-----w- c:\users\mark\appdata\roaming\foobar2000 2013-07-21 05:39:11 -------- d-----w- c:\program files\foobar2000 2013-07-20 21:02:08 -------- d-----w- c:\users\mark\appdata\roaming\Boom Audio Player 2013-07-17 00:11:04 698504 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{3b673045-f5a3-4619-8ead-7fb05e363d09}\gapaengine.dll . ==================== Find3M ==================== . 2013-07-26 03:13:24 1767936 ----a-w- c:\windows\system32\wininet.dll 2013-07-26 03:12:04 2877440 ----a-w- c:\windows\system32\jscript9.dll 2013-07-26 03:12:00 61440 ----a-w- c:\windows\system32\iesetup.dll 2013-07-26 03:12:00 109056 ----a-w- c:\windows\system32\iesysprep.dll 2013-07-26 02:49:14 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2013-07-26 01:59:38 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-06-05 03:05:09 2347520 ----a-w- c:\windows\system32\win32k.sys 2013-06-04 04:53:07 509440 ----a-w- c:\windows\system32\qedit.dll 2013-05-28 07:17:35 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-28 07:17:34 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . ============= FINISH: 12:18:01.64 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 9/5/2010 11:59:03 PM System Uptime: 8/15/2013 3:35:49 AM (9 hours ago) . Motherboard: Quanta | | 30BB Processor: Genuine Intel® CPU T1350 @ 1.86GHz | U2E1 | 1064/533mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 112 GiB total, 39.104 GiB free. D: is CDROM () E: is FIXED (NTFS) - 233 GiB total, 0.941 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_30BB103C&REV_0A\4&16649F33&0&2BF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_30BB103C&REV_0A\4&16649F33&0&2BF0 Service: . Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_30BB103C&REV_01\4&16649F33&0&2AF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_30BB103C&REV_01\4&16649F33&0&2AF0 Service: . ==== System Restore Points =================== . RP618: 8/8/2013 3:58:49 AM - Windows Update RP619: 8/11/2013 9:32:37 AM - Windows Update RP620: 8/14/2013 9:53:28 PM - Windows Update RP621: 8/15/2013 3:00:19 AM - Windows Update . ==== Installed Programs ====================== . 7-Zip 9.16 beta Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.01) Adobe Shockwave Player 12.0 Apple Application Support ArcSoft Panorama Maker 5 CCleaner Compatibility Pack for the 2007 Office system D3DX10 Dropbox ESET Online Scanner v3 F.lux FLV Player 2.0 (build 25) foobar2000 v1.2.9 GnuWin32: Wget-1.11.4-1 Google Chrome Google Earth Google Update Helper HijackThis 2.0.2 ImageShack Uploader 2.2.0 Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Rapid Storage Technology Java 7 Update 7 Java Auto Updater JavaFX 2.1.1 LibreOffice 4.0 Help Pack (English) LibreOffice 4.0.0.3 Malwarebytes Anti-Malware version 1.75.0.1300 Media Player Classic - Home Cinema v1.5.2.3456 MediaMonkey 3.2 Messenger Companion MicroCAM Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Corporation Microsoft LifeCam Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Word Viewer 2003 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 23.0 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird 16.0.2 (x86 en-US) MP3 Skype Recorder MSVCRT MusicBee OpenOffice.org 3.2 PandoraRecovery (Remove Only) Pokki Download Helper Recuva Revo Uninstaller 1.95 Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Skype™ 6.3 SpeedFan (remove only) Strawberry Perl StrongDC++ 2.41 swMSM System Requirements Lab for Intel Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) VLC media player 1.1.11 Winamp Winamp Detector Plug-in Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Messenger Windows Live Messenger Companion Core Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Device Updater Component Yawcam 0.3.7 Zune Zune Language Pack (CHS) Zune Language Pack (CHT) Zune Language Pack (CSY) Zune Language Pack (DAN) Zune Language Pack (DEU) Zune Language Pack (ELL) Zune Language Pack (ESP) Zune Language Pack (FIN) Zune Language Pack (FRA) Zune Language Pack (HUN) Zune Language Pack (IND) Zune Language Pack (ITA) Zune Language Pack (JPN) Zune Language Pack (KOR) Zune Language Pack (MSL) Zune Language Pack (NLD) Zune Language Pack (NOR) Zune Language Pack (PLK) Zune Language Pack (PTB) Zune Language Pack (PTG) Zune Language Pack (RUS) Zune Language Pack (SVE) . ==== Event Viewer Messages From Past Week ======== . 8/15/2013 3:37:42 AM, Error: Service Control Manager [7022] - The Windows Audio service hung on starting. 8/14/2013 9:40:50 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. 8/14/2013 4:56:42 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. . ==== End Of File ===========================
  6. +++++ PhysicalDrive1: WDC WD1200BEVT-00A23T0 +++++ --- User --- [MBR] 2653db515c6e0e7113723f51e1ec5e6a [bSP] 7f9b32d57647f85fdbb820d0fa3f3a8c : Empty MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[0]_S_08132013_204134.txt >>
  7. Hello I'm not sure if this is the appropriate place to post. I had a feeling that I may have an infection and I ran some scans with MBAM and MSE. I also tried running a scan with Rogue Killer. It seems fine, but I noticed something with Google Update. I chose to delete them in RK. Wondering if that was a wise thing to do. I am also going to run an ESET test after I post this message. Thank You! Here is the log: RogueKiller V8.6.5 [Aug 5 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : Mark [Admin rights] Mode : Scan -- Date : 08/13/2013 20:41:34 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 4 ¤¤¤ [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-1907212456-2171594974-3975698673-1000UA.job : C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND [V1][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-1907212456-2171594974-3975698673-1000Core.job : C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-1907212456-2171594974-3975698673-1000Core : C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> FOUND [V2][sUSP PATH] GoogleUpdateTaskUserS-1-5-21-1907212456-2171594974-3975698673-1000UA : C:\Users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD1200BEVT-00A23T0 +++++ --- User --- [MBR] 90e9185dde658176beb783444a125fca [bSP] b14cf16d57f042a1b53190a189265bfd : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114463 Mo User = LL1 ... OK! User = LL2 ... OK!
  8. Things are running fine. Freecorder 6 seemed to be the problem among other things. I'm going to try to stay on top of updating and scanning my computer. Is it safe to say that my laptop is completely clean?
  9. Hello I completed the ESET scan and I assume you want to know what was on the txt file: "C:\Users\Mark\Downloads\freecorder6-setup.exe multiple threats cleaned by deleting - quarantined" I really appreciate your help thus far
  10. ComboFix 13-07-15.01 - Mark 07/15/2013 11:55:43.3.1 - x86 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2038.1467 [GMT -7:00] Running from: c:\users\Mark\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\nud0repor.pad c:\windows\system64 c:\windows\system64\msvcp100.dll c:\windows\system64\msvcr100.dll . . ((((((((((((((((((((((((( Files Created from 2013-06-15 to 2013-07-15 ))))))))))))))))))))))))))))))) . . 2013-07-15 19:05 . 2013-07-15 19:06 -------- d-----w- c:\users\Mark\AppData\Local\temp 2013-07-15 19:05 . 2013-07-15 19:05 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-07-15 19:05 . 2013-07-15 19:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-07-15 00:44 . 2013-06-12 04:18 7068072 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9E59C2EA-6B9F-4B18-A56F-C4B7A812C1E2}\mpengine.dll 2013-07-14 23:58 . 2013-07-14 23:58 -------- d-----w- c:\windows\ERUNT 2013-07-14 23:35 . 2013-07-14 23:35 -------- d-----w- c:\program files\VS Revo Group 2013-07-13 20:47 . 2013-06-12 04:18 7068072 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-07-11 10:20 . 2013-06-07 02:37 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2013-07-11 00:58 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll 2013-07-11 00:58 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-11 00:58 . 2013-06-04 04:53 509440 ----a-w- c:\windows\system32\qedit.dll 2013-07-11 00:58 . 2013-06-05 03:05 2347520 ----a-w- c:\windows\system32\win32k.sys 2013-07-11 00:58 . 2013-04-10 05:03 936448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2013-07-11 00:58 . 2013-04-10 05:03 988672 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll 2013-07-11 00:58 . 2013-04-10 05:03 969216 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2013-07-11 00:58 . 2013-04-10 05:04 1221632 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2013-07-11 00:57 . 2013-05-27 04:57 680960 ----a-w- c:\program files\Windows Defender\MpSvc.dll 2013-07-11 00:57 . 2013-05-27 04:57 392704 ----a-w- c:\program files\Windows Defender\MpClient.dll 2013-07-11 00:57 . 2013-05-27 04:57 224768 ----a-w- c:\program files\Windows Defender\MpCommu.dll 2013-06-21 05:23 . 2013-06-21 05:20 724464 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{49E84798-020E-4406-A638-F815BA3B151B}\gapaengine.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-05-28 07:17 . 2012-04-04 17:52 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-28 07:17 . 2012-08-10 01:22 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-21 04:54 . 2011-04-06 01:50 724464 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2013-05-19 04:19 . 2011-03-29 01:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-05-13 04:45 . 2013-06-12 11:00 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-05-13 04:45 . 2013-06-12 11:00 1160192 ----a-w- c:\windows\system32\crypt32.dll 2013-05-13 04:45 . 2013-06-12 11:00 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-05-13 03:08 . 2013-06-12 11:00 903168 ----a-w- c:\windows\system32\certutil.exe 2013-05-13 03:08 . 2013-06-12 11:00 43008 ----a-w- c:\windows\system32\certenc.dll 2013-05-10 10:06 . 2013-05-10 10:06 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-05-10 10:06 . 2013-05-10 10:06 185344 ----a-w- c:\windows\system32\elshyph.dll 2013-05-10 10:06 . 2013-05-10 10:06 158720 ----a-w- c:\windows\system32\msls31.dll 2013-05-10 10:06 . 2013-05-10 10:06 523264 ----a-w- c:\windows\system32\vbscript.dll 2013-05-10 10:06 . 2013-05-10 10:06 150528 ----a-w- c:\windows\system32\iexpress.exe 2013-05-10 10:06 . 2013-05-10 10:06 138752 ----a-w- c:\windows\system32\wextract.exe 2013-05-10 10:06 . 2013-05-10 10:06 38400 ----a-w- c:\windows\system32\imgutil.dll 2013-05-10 10:06 . 2013-05-10 10:06 137216 ----a-w- c:\windows\system32\ieUnatt.exe 2013-05-10 10:06 . 2013-05-10 10:06 12800 ----a-w- c:\windows\system32\mshta.exe 2013-05-10 10:06 . 2013-05-10 10:06 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-05-10 10:06 . 2013-05-10 10:06 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-05-10 10:06 . 2013-05-10 10:06 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-05-10 10:06 . 2013-05-10 10:06 61952 ----a-w- c:\windows\system32\tdc.ocx 2013-05-10 10:06 . 2013-05-10 10:06 361984 ----a-w- c:\windows\system32\html.iec 2013-05-10 10:06 . 2013-05-10 10:06 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-05-10 10:06 . 2013-05-10 10:06 23040 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-10 10:06 . 2013-05-10 10:06 1441280 ----a-w- c:\windows\system32\inetcpl.cpl 2013-05-10 03:20 . 2013-06-12 10:59 24576 ----a-w- c:\windows\system32\cryptdlg.dll 2013-05-08 05:38 . 2013-06-12 10:59 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-05-06 05:06 . 2013-06-12 10:59 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-06 05:06 . 2013-06-12 10:59 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-02 15:28 . 2010-09-06 17:18 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-04-26 04:55 . 2013-06-12 11:00 492544 ----a-w- c:\windows\system32\win32spl.dll 2013-04-25 23:30 . 2013-06-12 11:00 1505280 ----a-w- c:\windows\system32\d3d11.dll 2013-04-17 07:02 . 2013-06-12 10:59 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-03-12 06:39 129272 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-03-12 06:39 129272 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-03-12 06:39 129272 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-03-12 06:39 129272 ----a-w- c:\users\Mark\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F.lux"="c:\users\Mark\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-03-01 18643048] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 150552] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152] "IAStorIcon"="c:\program files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKLM\~\startupfolder\C:^Users^Mark^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk] path=c:\users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-12-18 19:08 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2011-10-14 07:46 136176 ----atw- c:\users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam] 2010-12-13 22:37 135536 ----a-w- c:\program files\Microsoft LifeCam\LifeExp.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2012-03-09 01:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-07-03 16:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher] 2011-08-05 19:29 159456 ----a-w- c:\program files\Zune\ZuneLauncher.exe . R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware2\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware2\mbamservice.exe [2013-04-04 701512] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-03-01 161384] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 100328] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 295232] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-07 1343400] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592] S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-12-13 30576] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - TRUESIGHT *Deregistered* - TrueSight . Contents of the 'Scheduled Tasks' folder . 2013-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1907212456-2171594974-3975698673-1000Core.job - c:\users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-14 07:46] . 2013-07-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1907212456-2171594974-3975698673-1000UA.job - c:\users\Mark\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-14 07:46] . . ------- Supplementary Scan ------- . TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\bb1jcv1q.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - hxxp://forums.malwarebytes.org/index.php?showtopic=129379|http://forums.malwarebytes.org/index.php?showtopic=129379 FF - ExtSQL: 2013-07-13 16:33; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\bb1jcv1q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} . - - - - ORPHANS REMOVED - - - - . MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,af,cc,74,05,5a,66,49,bc,ad,e4,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f7,af,cc,74,05,5a,66,49,bc,ad,e4,\ . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. 0 W¶ f] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. 0 W¶ f\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. 0 r· f] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. 0 r· f\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*a*v*i*’ÊÙZ\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. c h s 1 1 0 3 2 5 1¶ f\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*e*†^l\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*e*+†^l\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*e*o†^l\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. D e r· f\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*e*u*_*s*t*a*r*l*e*t*s*-*p*o*w*¯ù;y\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*o*v*¡¢[\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*4*W3\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. n W¶ f] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. n W¶ f\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*e*x*p*l*o*i*t*e*d*c*o*Þ6ò:\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*i*n*y*a*-*e*r*o*b*e*r*Þ6ò:\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*i*n*y*a*-*e*r*o*b*e*r*97ò:\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*m*s*h*f*g*r*a*IÛ„'\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*m*s*h*f*g*r*a*ù;y\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*o*r*g*_*s*o*_*r*e*a*d*y*_*b*i*_²ïH\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*m*ÔV\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*ä/ÝN] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*ä/ÝN\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*ÑÛ„'] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*ÑÛ„'\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*Áù;y] @Class="Shell" . [HKEY_USERS\S-1-5-21-1907212456-2171594974-3975698673-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*Áù;y\OpenWithList] @Class="Shell" "a"="vlc.exe" "MRUList"="a" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2013-07-15 12:09:17 ComboFix-quarantined-files.txt 2013-07-15 19:09 . Pre-Run: 41,975,635,968 bytes free Post-Run: 41,948,741,632 bytes free . - - End Of File - - 889F6513F4833ED279793C5898C5BB5C A36C5E4F47E84449FF07ED3517B43A31
  11. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 5.0.9 (07.12.2013:2) OS: Windows 7 Professional x86 Ran by Mark on Sun 07/14/2013 at 16:58:39.70 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Mark\appdata\locallow\toolbar4" Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0080078F-936B-4495-91B5-823041F34643} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0149C612-04C0-49C8-999D-DEE31FA6A632} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{01BA2DC5-510C-46AE-B28F-F38CECD4DA3B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{02522A9A-0EF6-4FFF-9F05-3EE63B72BFB5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{02B85220-24CE-4522-B0CF-D05618FA98E9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{02F206EA-EC3F-415B-ADDC-B865887E4ED5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{03A444DB-17EF-4B49-98C0-C56180AA2758} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{055280A2-DCEA-4939-95AD-2B064D668915} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{05C45D90-F252-4662-8061-656492637005} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{05F760AC-7A34-405C-BF8A-254C414CBC42} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{06305365-CA9A-40AF-AD42-94480B7903F8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{06A4CCAB-7F19-417E-A55B-DE2E5E38E561} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{073E75F2-72B0-4B59-82CB-975463CEC759} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0778960C-735C-440D-B322-FEF2B850E770} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{078AC2F3-A0F6-4EC0-8FA5-FD51D38BA32D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{07E2DCC2-C8CF-45DA-A51F-784BF8C82C81} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{082D7076-E4D7-414A-A95E-2CBB2D9AF93D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{08E76A98-A0BB-4F73-9FFB-0983BD85DA60} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{092422F3-5B0B-432B-A7BB-E0838424A381} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{09545924-F786-4EDE-B069-5501A2BB49FB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0A3BEF25-3EA6-47B3-8802-09BBF9D3E4E3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0A3CE197-8690-401E-A3D0-08488A107BF0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0A7C5031-6DF7-4DA8-AEAA-D83525A5E672} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0AF777D8-FB0B-4967-B9DC-7BC704B11A44} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0BD4A3A8-F624-40A0-8EC2-637523FF39C8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0D3EACC6-3A61-4160-8164-3545AB4D87E3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0D5902EF-21D1-47D8-B4CA-FF0CBE4D93A8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0D768DDE-1F71-47F3-84F8-77FF4437CA69} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0D8F07CF-DB04-41EF-92F6-6CEF329FE1BF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0E9B1649-A3DA-4AAE-9F99-87F3A6024292} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0F19A0D8-35A9-4EFC-87E5-6DED748949F2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0F2232A9-9F87-4764-8F14-674B21E6A85A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0F2BF089-1571-451B-B250-6B00B3C9C0FA} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0F388E34-9201-4E3A-96CE-4DE137E48DC2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0FE44407-B491-4053-B28A-A1ED0954AD66} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{0FE992EE-CDFB-4A87-A9BC-595249860A98} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1020753A-78A5-4D90-8615-16050656105B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{105FF8BA-89D6-4F24-B37F-9C897F9AA8B1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{10E77326-1813-48D1-8643-544E307C2228} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{10F743A7-B26A-44B5-9815-E733A14FC42B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{110C6D0D-9EAA-46BA-BB78-F04C00A7CC8F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{11419F25-5CD0-459C-AFE4-3C3CCDF13BC0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{11540349-4BD2-4BA7-A305-CA33D9932200} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{11635531-2143-4ECF-A0C6-FDDF7328D134} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{11C02F5F-70B5-4878-BAEF-BAD1856EA42C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{12189AFB-ACF5-4881-BDEE-99F9D6E46EFF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{122D4278-2B31-4A75-975F-33405983BE9F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{124AEFD4-277B-4522-BDB8-614F6BB11F00} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1298CE94-EEE5-45C6-A9DD-E7B9B428378B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{12BD698B-C185-4B0B-98EB-BC9D3BFD3B9C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{12BE0C8F-D063-4799-AE7D-7B9C17B9FA9E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1373FACC-2A58-4F3B-A1D0-4EF86ABBA0CD} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{13A58B6E-536A-499E-8669-B699567F8CFC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{13BEEF64-3CE4-4D7D-890B-0BDD5F7DDADB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{149AF721-08C2-49E6-A03A-8B80304CB8C9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{15326A92-A685-4E78-9D7E-A04DCF9E1C4F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{154523F8-F608-4701-A9E7-9766DC1B2ADA} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{156D4C44-9C4B-4C22-B9FE-7576A9CF7850} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{15A19674-F681-41F4-9A34-D9BAAD9AA41C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{15C80161-D05B-4636-8537-2CFC67A2B429} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1626FC1E-99BA-4F84-A724-C9B7C1E399CC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{16A85140-1E2E-4AE7-84BF-F8E1FC44FB82} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{173BE907-0B8A-4A2A-9469-98560B03B3C3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{174B674B-E91B-4133-A06D-C51C600D4BFE} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{174CDCCB-D0C9-4A9B-B8A6-BBC7F5FE6FD2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{177E8EB0-CC71-41B7-B310-96BB43CB74CE} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{17B2356D-3BC8-49D6-AAF2-F453AC5782C1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{17B9AC37-ED27-460F-8304-4AF8CA6E47A3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{194507C5-0646-49C6-B375-618292D1408F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{19905385-4C7D-4D2C-A490-7FD847CE349E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{199B65C9-54E3-4A68-90D4-FF1A387A9704} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{19B98D02-B092-4B9A-8177-9CD8644042D3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{19D6973F-2DC1-432C-8D5B-788C99CB14DB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{19F51BC5-2E3D-4BEB-8022-A17B8A498D41} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1A14C13E-E7F1-4897-AB12-4B42E135E261} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1A6306D6-59A3-4D5C-A418-F67860D980D6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1B17E765-29EF-430C-9BDF-B4B1F083C64C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1B4D5B33-B150-401F-BF64-34582745429C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1B7F5152-5701-4E7E-89F2-0F2A4DFFA98C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1BAA7F92-7250-4052-A518-614F1F60C585} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1BD63B6D-F1BA-441F-974F-6B8EB9B0F9F4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1D3212A3-CC7B-470D-BA21-A1620D014578} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1D3FF02D-C55F-46E6-90E0-3BFE9AB6BD43} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1EA58056-A344-4FB6-A996-365411C04370} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1F1908F7-BF4E-4913-9F75-C971D210BAEC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1F830911-75DD-43FC-8DB4-43338A7B9EA4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{1FE59E51-6F8C-42EE-AB5D-6AE840A91E5F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2087966C-4883-45DE-BAB4-57A1333AFA86} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{21510F3E-64EF-47F6-BCB5-E6B127CDA65A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{219012F9-92E2-484F-9A74-8E1BB192350D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{21901B99-417D-4248-977E-96F2C9A05852} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{22DDEB29-AE12-4E8A-ACDF-F84E67B73970} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{23491A25-1F80-435A-A2D7-990DCF0F2C3F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{23848EB8-7340-4EE2-A374-56F5283F218C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{239A7B16-E5F0-43BA-9B6E-903A4D4A3400} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{24C97707-2648-4CFB-8829-6DE61A1501B1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{24F692DE-34CF-4790-B322-05D1790CFBD8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{25098E75-D1FB-4121-9DCF-68ECB98EA49A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{25873D42-8A03-4F08-8196-412076B487C4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2659ADE8-40BC-4D12-9D20-8233C0EF8357} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{277AD4A6-A10D-4A26-B262-E8B3A9BC515A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{27FFF0F8-B5D4-4EE4-8529-A3EA92F1FF20} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{288C6041-255D-435C-AE24-A6D88B56BB3B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{293EDE79-EBF5-4713-90F7-F058F4A2D9F1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{29AFEE4C-8D70-4D69-8605-F7E741B253D8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{29BCCB60-CA4C-434C-920A-986959C79C27} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2A2A2E59-ECC2-431C-B462-1D1E20720EBB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2A63FFC3-9B54-4EC9-A88E-2CF763BEBEF7} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2A6416A6-CE8B-4A7E-8A20-616CC8C3B060} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2A7E48C6-6EA3-4F47-8F0E-AB0E05CEFB78} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2B8D6859-7EA2-4BAC-95E0-EC62A5BF92B7} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2BA0A9BA-6CD7-452D-8D43-127D611C7A6A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2BA628FB-0190-4C0E-B914-61945B747E5A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2BB2D3CA-FAC7-410D-AAE0-A0D6958B94FE} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2BBEFC7E-9717-4465-A4B2-4B792CBBC832} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2BE91D48-A111-44EA-AE66-0E79B9A9408B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2BE938D1-12B6-4D93-85E7-254CD3319068} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2BF2E58F-4E37-4EEE-90DD-C2129F0B5252} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2BF8E331-FBA2-4C9A-A03C-4AF87BEDB97A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2C374E3D-8764-479E-ADDE-44118AD1C095} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2C7D5A1A-D213-4265-8B47-70F35C9643A8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2C99842B-4A1B-4EC4-AAF4-1046CF6ECC21} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2E2B69B2-6C1D-484C-BC97-9114FBA52D8E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2F12FFEB-E6F2-499C-BD02-93DF55DC5190} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2F25262C-BABD-4032-9C19-84C1E544D416} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2F45C643-DB2D-412A-A4CE-02750E6F68C7} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{2FFE04B2-AC7B-4EA4-AB93-72A1A7E23FC5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3054C020-A0A6-41A6-8960-7421A3418F97} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3112EC02-1D27-41E9-9D8F-15071AB02DF4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{31487D6A-BAAF-447E-B4E7-E053FAF28C05} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{31A95B30-AD86-4C0E-A9C4-C95618B148D5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{31E9C46E-6BE0-4516-9184-0F7AB28B8558} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{325FDBBA-B5CF-451F-936C-0B5DCDBC5766} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{32AE3AFD-A2AC-41F4-B778-A55DF301A95A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{32E7D701-3BF7-48BC-B787-D71919F91206} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{33A8F930-7BCD-4631-A9EB-94BD2FCD98B9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{34B77B15-E1CE-40F8-9695-ACD2DA305D34} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{34BB8B29-3CD0-4DAE-89EE-2B1E3F16B457} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{34DD1964-4090-4805-A4AC-292A1D14E8B1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3520F700-FAF4-4A68-958F-352DCF196F19} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{358DA115-E179-473D-8F62-A8C6FE11325E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{369B1896-329C-45CF-B552-0D4EAA643F8C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{36BE45DE-B2A7-4AF1-9D69-EC2035D515BE} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{36FA3B96-ECD0-4DFB-824D-6EA4CEE63E47} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3711BEED-7A9A-4BC3-B46B-F7EEE179F687} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{37A02666-328E-447C-B983-40C76006682A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{37D36647-57A4-48A9-BD16-D3BF30EDE7B3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{382A6F87-27B2-462E-B898-C2179771B101} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{388DA060-D8F8-4A9C-AD84-76BC4BB5E9A6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{38D7835C-E453-4BB9-A775-59A21C4CEFD0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{392572AB-789C-4090-903E-B73DD3AB57CB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3974782B-6EA7-4686-A7B1-8A9855B15A21} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{39C3F747-A79A-4E6C-8760-F2A74E47CC7B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{39EE6908-D3D4-4B36-9631-AF6B0BCE71C0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3A2A5E65-9501-41FC-A0BF-7BFD2B7A7D35} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3A3E23F7-52EA-4E79-A893-948971D9A917} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3B4F962A-B310-45CB-AD1A-5FC6975CEC9F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3BBB17D5-D670-4E7F-9CBB-32C539CFF4C6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3BF9553C-DA5F-4185-89F0-13F5F2A24F01} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3D0E31CA-8754-4F65-988F-C32DAEC4A31E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3D3EDD8A-6E19-4525-BBAD-5EC39E21EACD} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3DB12A13-CC52-464D-A72E-6A77E850312D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3DD4D6F4-AD03-4167-BB6A-4917E464CC86} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3E92B498-5C88-4CB3-AEA8-5A54995867D9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3EF43905-90D4-48D8-AAE6-7556E15C3018} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3F438A5A-33F3-45C2-9798-FE9BACD1AB55} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{3FB5EE71-91B4-4563-B81B-C5D1B917A364} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{401F8063-4BCB-4EAA-9EFE-88F0C367A2FC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4034F215-D4E6-4FD7-BE1A-9585D21644AD} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4044B29A-A62E-4C8E-8193-2469D2A1D303} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{40E43B1F-7848-48E1-BFC8-6795E1594287} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{412B3E57-85B6-43D8-BC06-651278B256E1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4249B242-A1CA-4C78-818A-64F5331314A4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{42FE9668-D389-40FD-926B-BA12D5D08850} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{43EA38DE-831E-4708-BF68-637E330FB446} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4411BEBC-D6E8-496F-9BB4-57BB78A6F908} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{454FD980-D032-4068-93E5-28921323FF43} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{45888EAC-FA6D-4E92-B5AC-F9B40C26C0E2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{45BF2728-F169-4671-B70B-0AF66D1638FF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{46542D47-7AB5-442F-9673-6A4D00DFE9C2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{470CB139-5388-43B9-8069-23E57CF5C397} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{475EA70D-9E32-41D1-9644-FCDEF6B7B5DA} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{476A4E83-ED53-48A3-B718-F50F5B5CAC52} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{47CB2D69-649E-4EF1-BD20-00FC404FFBE2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4817E07C-674C-4E48-8DA2-9B3F515A4157} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{484828F3-2533-4E83-85C3-53A22A02B8DA} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4852CA2D-D432-4506-80BF-3CB56C0ABCE3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{49069145-7C90-459A-AEB5-FF91AADDCD26} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4A18F49E-9E05-4ADB-AC06-BCE8DD536546} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4A8D049C-B748-4867-9460-AF0789EA3494} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4AA92633-ABCE-4449-AA22-EBFE4B936456} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4D454CEB-19F6-4E8C-B7BE-7CDB33C1CD0A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4D9027B8-7930-4B43-A225-2DE93FDC02AD} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4DB944A6-B981-41BC-A79C-53EFD0CAE617} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4E59BF10-9948-42ED-902B-04B199D4E060} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4E5EAAE3-5BC9-49AA-89E5-8FF12A50FC62} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4E831534-E2F0-4B8B-B194-D64DF9CFF643} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4F2809D2-9A0E-4D3E-BD80-4CB038C8B13A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4F9677C2-C53E-4952-BFB3-85494286C6E1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{4F9C5344-72F2-4ED4-A3EC-C39993E855D3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{50160DB7-62C8-4677-89DA-3625300AF222} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{507156EE-F63A-462A-9D5D-F14AA683A217} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5099AC04-B8AC-46E8-8923-F992559AD567} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{51DB7B1E-3D94-41F2-84CC-C90459E87955} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{51DD35D8-EDDD-417F-9E61-05B692AE894C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5226B666-FC30-43BA-92EC-BCA960AA26EA} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5228F140-88A7-4383-8269-5093979475C6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{525A63DF-AA04-4F18-9EB3-294C19061AC7} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{52CBAFA2-9E81-4FD2-AFC8-A6A3F97E5795} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5395DA4D-111D-45B8-8C9E-575193648174} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{53DF61A0-A4A3-49F1-AC8E-8640543204C0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5433BF26-03A7-41BB-B4BD-5705F4CDD4B3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{543D50E1-698A-4469-96BF-40003E6E3257} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{544A20FC-8ADD-4D28-8306-14DD59C93F84} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5498B010-EDCE-430F-9271-E07E09B72BC2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{54D5FAEC-BB6A-4D5B-B401-CEE45F7E7B88} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5654112C-3DE1-4C05-9326-9C91C26BAAA6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{566AFEC2-E75C-4963-967A-989AEB4B4697} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{568DE612-FBA1-45BD-BC55-B10B35BF25C2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{569D94A0-ACBA-40DC-B12E-2B1758D1FC35} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{56B72754-F46D-4A56-8007-11E0F3F6D5EC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{56E8FEE5-1EA0-49F7-9043-FC48BC3362E3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5796465B-A976-4158-B508-749EDD100C0D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{57DD9A9E-5C99-4246-ADEA-966C3BAFAE67} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5903F6E6-12DD-49C2-97B8-E21F78EBB510} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{596AC5F1-4CFC-4DDB-8971-1FB8BAA42B42} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{59E7A3BB-6A5F-4D21-AB42-9325F744ACF5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{59FE2F6D-7686-4F98-ACD4-9F98BC0EFD07} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5A355E0A-3367-486B-9D47-681577C79C6C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5B03B843-E1BB-4679-8B17-A7BB94F59C38} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5B69B659-A7C5-47E3-82B5-E265471B0EB7} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5C46E82A-74E6-49D2-9F4F-6C1046594238} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5C56CFD7-5CBD-4496-89CC-192729BB7476} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5C74D037-8B23-48C1-BB5E-8E3072C66ED2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5CE4C3E2-156A-4B96-878C-DCD517B02981} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5CF8535B-F4FB-4117-89D0-A9E4ABC11807} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5D1C5AA6-185E-4D87-B9E0-1975ACD7D0CF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5D292531-4141-43CD-821F-C7BE15D0725D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5D4A7E16-7B1F-4198-ACBA-2A5E5693A180} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5E33450E-FC85-41A4-8A72-D6E6FC9B88F8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5EA3DDD0-28A2-42BB-B916-919371C615B1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5EE5673A-63AB-4911-9BA3-949C50482CA0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{5F03640A-B829-4400-8111-1F53CD32653C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{600F3CB3-1755-4635-AF4E-3AEAC94C7247} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{606C6065-4D34-408B-9DCD-5C909DCE03CE} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{60E7DCB4-4258-492F-B3AB-7B4D52C9FC2F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{619E638A-F198-4587-83B4-F6808D7E2FCD} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{61A78B01-F703-4292-8D62-ED9DE9522B6F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{61E0B4DA-4B2D-44B5-B90B-FFAAE9A1F614} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{61ECD502-D3A9-4869-9E54-1BAB0B0E829E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{61FDFE4C-CFAA-4D8E-A4B5-43BD2167DFCF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6226D2D7-DBDC-4161-AD87-9AEFA3DEF361} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{623A2823-8654-4346-8673-97CB82760261} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{62C95DD9-4C0F-4D11-B7C2-A6DC667A0226} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{62E0C945-E9AC-4FF3-9314-02315BA6FCDE} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{638A162F-C740-49DA-B888-889217A607B4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{63912105-1D49-43B0-8FCE-A29CF350C486} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6395128C-B407-42AD-AF1D-793D8681EE8A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{63B31AB9-94CC-4714-B309-7E81ABB3D4D1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{63DA8AF3-4970-4A4B-9BC3-04FCD41530E4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{64202465-1831-48D8-BA00-D82FFC4B025F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{642A1711-D1F5-443C-A5B5-343BCDD5D29B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{646CBAB8-E6F7-4867-BEF8-03894F28C7FD} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{64BB3587-D5CC-4B3C-B292-7C22DA5276D9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{64C097A2-1444-4960-9109-FD0A6E366CE5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{656E10AB-DB16-4115-AD2C-5CADB0CA2619} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{667A752C-1895-42E3-8B61-579613B6AA05} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{668E0C40-E17E-405D-9B84-1CD8FD620024} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{672AFC2A-7ED8-4F7F-A660-40B06DF66127} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{673B1A64-3749-4547-A714-A019B016D253} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{678E59BE-3BA3-4FBB-BFBA-0C99414BCED3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{67CB9051-639D-47EE-84F7-C3B76A84B9EE} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6855C5A5-03B7-406A-A1C3-3C487CF88E58} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{68674047-207C-4C45-BF70-74B457CEFB74} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{687B790B-960A-4A74-B03E-90CB0072C977} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{689F52B1-9DAE-4713-8A9B-39219CEF54B6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{68BE1FB2-46D3-423C-A3E4-04EC96AFF7B2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{68CBB492-5AD9-47F8-8E83-31203F155951} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{68EB3743-001F-4721-9010-98670FCBC67C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6983FE99-3E50-44BA-8663-3E2F0284172B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{69AB8495-785C-4A63-AD7B-677A06FDD0E5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{69BAC8DE-8F85-468A-A663-5016E9585074} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6A4F7F8E-9303-4D50-8AB2-F9C6321E9505} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6A5A6894-B83F-41AC-BA6E-506E730B77C1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6ABA0700-8F5F-4DF2-B7B1-DB314FD6755A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6C16CBE8-10FB-4B9B-94B8-33EF0E485843} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6CA956B1-6E27-4CE7-9F6F-67FB463B8442} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6D24AB52-DC05-4069-BB6E-C7476B495A47} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6D353B70-57EF-4309-B8F4-619323A17610} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6E3360D4-C118-4C52-8C6B-979A1C6CBE35} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6E869979-A1A1-4BFB-B9BA-5E30958D83B3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6E889530-AEDD-411D-BE95-445E0E8595D3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6EA40E3A-46D1-4F62-996A-EE1BDA9702C1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6EC72A0D-A4BA-4A04-937E-3A0BA8A0FD77} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6F6C2DA1-AACA-4B54-A91C-DBE78AD54DEB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6F7A4C1C-D48F-48DC-9CB8-4DE7963012BF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6F8AFFD0-A0FC-441B-A4CE-92036175FEA9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6F9DF476-E6E4-4476-BAA9-4D14B1AF9597} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{6F9F330A-20BB-4594-A6AC-540DA8AB072B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{73FE2D73-61AE-4F56-BD38-DAB90A755316} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7474E56B-5815-41BD-AE17-C3BC2D370134} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{74D88311-0DB3-43C5-81B4-8ABAB315B26B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7521A02F-8489-433A-95D0-607F8F8DE8C1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{752E8ABC-96F4-4C5E-BB39-BDDAE8D588E3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{753450CD-2084-42B5-B5D9-BE393B691C65} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{759EC0FA-B21C-4F9D-8301-04D113CC97F8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7645FB85-04B3-42E0-A221-9E16CA3152F6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{784A3194-250E-4477-A462-410CA001F2CD} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{788A3224-953B-4E4C-B5CE-98EFE52A5E96} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{78A997FB-2DC9-4AA3-A39F-9C60CB38BB0C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{79700EE2-119A-4469-9FF5-706931474191} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{79721207-A028-4D4D-8161-9598C19E7D1E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{79DE6981-768D-486C-82B3-1AE7191A95C2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7AF01623-BD55-4939-AFA6-D830D901EB92} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7B12BD47-073A-444D-840A-B2DB4F162FE6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7B15961C-0527-4CC8-A547-567763C83660} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7BDB49C3-3627-4AE7-A245-A9CE40F07E1E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7BE867E7-2AF5-4EFC-BFF8-E5745A9E9208} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7C44E647-BCC0-4197-B99F-AAED83DA0C62} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7C6D49D7-2C1C-4792-8DA4-EF2534A355DF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7C7C98F9-5B48-47B3-B50A-3F366867E7CC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7D415C48-4448-4A1D-9334-C88F40164F3F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{7D589FEC-3B93-4A0E-A11C-070D157A6BD5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8015E859-81C2-43F7-B559-80D856772429} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{806C857E-4037-47C4-B198-B9979534DC31} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{80BA9E49-9746-4702-A6E3-5794EB93AE05} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8102CA98-3695-4002-A175-BF6A7D18E1D3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{81B92DC4-A553-48FB-84F8-388DD26537EA} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{821501B8-030A-43BF-848B-598201920C07} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{82601AAC-4FF4-4499-B5B8-21DFB0405E51} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8371AEB4-9BAE-4F5E-955A-C22E93E56E4E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{837FCB0D-3784-4BCB-B0B8-BD8E33AE268F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{84C67878-3C4B-4D73-ACBB-665CFD5AA0A3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{856AC247-E933-4D23-A791-97844C533E19} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{857B1B40-A657-4856-AA70-60B59CD149A6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{85EEAC84-C779-4B80-A34E-43AB687E868E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{86635BF6-EC37-4571-906B-EA181570DA82} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8664CC61-EF2D-4B11-AF42-7D5741279CC0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{869EF693-B119-447B-9C9B-8FFB0830CBA9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{86E32388-DBAB-456E-876E-67F6887F91A4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{873B8528-8F53-414C-A4EE-F1F0DE3ED83D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{876851FC-286F-4224-9F2D-AE73A0C13753} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{877A24CC-214C-49E0-A6F5-806E4E238483} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{878C47B3-F4F8-4153-8943-64CA841529FA} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{88628BA1-5FCE-4300-B347-F7C039EB5186} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{89D9DDFC-3274-47FD-A982-76A0F0F40BB2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8A13FE44-A211-4A94-AE33-25C4F9AA671A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8A791142-06F9-4C4D-A71F-1D8BA4CF5645} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8A85847E-2939-4E81-A52F-5ACE3819C1F8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8AC9CB14-BCD4-4D1A-8E2A-4E388414BF78} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8B63DA01-7C4A-43E5-8AF5-3305706CBB48} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8B97FC30-B5F0-4ED7-9533-FAC69186DA0A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8BD3825D-0C2E-4DEE-B42E-6B3AB3E07295} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8C07EC7E-74BF-41DC-A381-F5B9072AFB56} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8C783603-F9E7-4E64-99AB-7E118DFE1243} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8D153FD0-A60E-4E5B-8176-2BEA66F043D1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8D1BA0DE-0CFA-4128-8EC2-AD618F1A2CDF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8D640750-2D3A-4B53-8C4D-6BEE022B0AE5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8DEAD56D-39F4-4DE3-B5EE-0FCE713065AC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8EBF73ED-C458-4C4D-AF5E-8BD3557A54CA} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8F37BC08-F009-4FEC-BB9A-0D01CEFA6A26} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{8F43662B-4780-4DE5-9CFD-50DD96C76604} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{901AB4E5-713E-4511-8633-03C6024B7946} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{90965124-98BC-4753-88D5-B2CCE4F869E4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{910F62A4-7C54-4A92-AD3E-DB90CF4D696F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{913688DA-CD80-4FD2-B25F-A5940481AF1B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9223C566-4838-45CA-9422-E1F533743788} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{92924305-D8E5-401C-8A4D-13EE01E295D9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{92A0FF2C-4426-4453-B9B1-2233C6FBA3D8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9358D4F7-3A7B-480D-BB66-199F15DA3742} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{93A52641-05A5-4969-B07E-FB9F2460963A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{93DC40EB-DB65-4D71-AF64-E1F074954F46} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9407933A-DB38-48D8-BAC8-7B57EB9403AE} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{940BBF55-683F-45D8-885D-8A6DF7AEEA0E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{943AC7DB-FF68-4519-A0CE-A7C32B9A8AAF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{953161C4-C72C-44C8-9E88-11A7294BAA25} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{954ECAD7-E6E5-4B22-8F31-D9D55243E703} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{95E8C310-0D65-41AC-B418-EFA4356676F0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{96217076-79A9-48C6-AEED-9870CB2556B5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{96453C5F-0921-4B2D-9534-4E8235C4CA2E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{969ECCC6-AEEB-4F5E-9C05-D3A901D76E4E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{97CC6ED6-78DD-43E1-81DF-4DE9B55063DC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{984EE006-4C89-4B89-B398-848247F1B35B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{98824304-BB1D-46C8-8CCD-DDC96385240E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{99F56FC3-2AD5-4D19-B041-435F1CEDF5BF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9BD30CCC-5239-4BDB-8276-59E450A7CE47} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9C33B555-1443-4A2E-9E39-B924FCAD5F1E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9CC88A21-A307-4D2B-B567-971A24C4D2C3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9D12CE86-5368-4BF2-BE3D-F245714AC946} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9D30ABBA-761C-4EF7-9C18-16AD38F43029} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9D750F71-3AE9-4431-BEBC-7549BC64A07D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9D88E6DF-9906-43A7-AAE3-9A762D145333} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9DF2B478-E413-47B3-83D4-03737BEA8783} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9E9BCD8D-6FA6-4771-8DBB-FEB06AB09A62} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9EF9849D-507C-45A2-A3C8-B35F9DCECC3B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9F357457-E348-41FA-A4A9-40989D5675AB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9F5FE643-C635-44AD-8E59-ECB640A792C9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9F70E002-12C3-4D85-9739-75171B984F6D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9FB9B135-D559-497D-B68A-DEEF8E00CAD4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{9FC9EB19-9236-4BF2-81EA-02FE782B4097} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A02EF72E-EF61-4717-A6BD-8C1DED3411C7} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A0AC2FBA-785E-4AC3-A32F-EE14419DA0ED} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A108A2BD-D201-4563-95ED-E2C76C3EB58B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A24E2661-9EB2-46B7-9CA9-3765CB6ED841} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A261945C-780B-42AF-B487-9991BEEB8730} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A31E0F48-11E1-45C0-9AC2-5E3B9C2707DC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A362515D-7152-44FA-A2E9-0C12B32E848B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A39F66B1-65B4-44DD-BC1D-E9A23269A032} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A3C7BA0C-DCE6-4FB5-9109-AD1896B2512D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A406F094-0881-474C-AB24-11B15FF539DB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A41C2DD2-81AE-46CC-AA43-626C442ABF14} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A42C19AB-9E6F-4D54-8799-DB092A48B748} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A47EC73A-59B0-4445-8C9F-F4D884B58F1E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A51DA0B8-C9D2-42C6-8E15-AAE6CAE8DC54} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A52CA581-B0CA-4320-B60D-86FDDA028A5B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A5644A27-9655-45C6-BBCB-544E198C4C55} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A5851739-6068-4904-80F3-82C437B153D3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A5E0D189-6D2E-4D9E-B296-1C37DD440A09} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A5E4D8AB-191A-4879-B372-6E676571F4AF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A5FBF171-E040-4812-944D-FBEAFB54B9F4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A74ADEC4-FF84-41E7-9239-6301AA70C898} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A85A484B-5DA9-487D-ACCB-186F89A371D0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A8C4AB7F-0D73-42ED-ADAE-143E577EDE21} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A8DBF485-24F2-4633-94B2-D0ACF0F48B97} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A8E025F1-0BE3-47BB-B4A2-99E815A07029} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A99574FB-24AF-4409-8421-D9FB4D27CF4A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{A9DF8DDC-2A6A-4B03-9E8E-1470C5D4FDA0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AA40B195-01B8-44DC-84E3-9F92A04A5A20} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AB02FA1F-8839-4E52-A9DB-55D4ECBDCB12} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AB66C82D-EECC-43FC-AE0B-D8B362EB0E8D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AB6EF2C7-5D28-4934-8D53-D3CA913A7EFB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AB8543F4-D974-4D48-82B0-EE93BACFFF01} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AC134B19-4A68-4AAE-AA77-EA906B9335A4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AD18CCC2-EE9A-4B14-8663-AC8D61F25D5D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AD634B8B-8B69-42EA-8B9A-FF7343DE6484} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AE5B2BBE-D585-4BF4-8348-7F61751A69B9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AE889BB9-64D4-4A97-AF2C-041AFD9B3B6F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{AF3DE13B-6C43-4CF7-AB25-99F9712ED9EA} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B0F2EDBD-7A3F-4EDE-B665-B294301A54A1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B189EF6D-F3A3-4DC5-BA44-05DEDEBDDB1F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B18EDA2A-6CD5-48BC-9625-0697FA792744} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B21AB3E7-40EC-44C2-AC01-7FCC44DE8901} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B22C4C69-1E22-4A2C-9983-9F953F4C300F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B29EA67D-1259-4DAB-8CF0-7C1E2FD9899A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B2FBAA08-815B-4B52-869F-F920F44AB704} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B38CE5D7-0584-4C1A-BB22-518CCFAF4BC3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B3B2C1CF-5FD6-4FB1-93AF-D077B1C95C2A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B3CAB874-D3F0-4B15-BE98-7F6E6CD0626B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B40F5A95-0972-4CBE-BDAA-BD2CE4A3C3D6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B4127C2E-4A34-4F22-8C2F-22CA17BDEC2A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B41BED92-131F-446A-9208-23E5918B551E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B4ADDE83-5418-42F5-898D-5FBF9752C72D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B4C9DD1B-6C48-4630-B78D-AE44333B64B3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B638F969-3DF3-4187-AED5-3A688948F94F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B64E2FE3-364F-47F7-8E29-CEB4DD66D9AB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B6F6986D-DDB5-468E-8D7A-F7B04A2DE818} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B76E12D7-FB7E-477B-9B02-B64B4BC71B3B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B7B326CD-575C-46F2-A86E-DB4EAECB9EBC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B8E45348-C8BC-4A32-8186-85DEB911B3D4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B8F783C0-A7D1-44E7-B866-6650AF6F61BC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B956CD89-CE88-4EA0-907F-D1DAE50F9136} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{B9A79FA5-E737-475B-9B7F-C7573D9428E1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BA7EF9A7-40FB-47D8-851B-49628C17C7D4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BA88987E-2656-4542-9266-8D55A8FE38BC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BAA9F7B8-6076-47DD-9E24-47A478881005} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BB061DCB-0F4F-4582-A506-29DEB4054349} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BB21720E-13AE-472D-9458-D0C77193F316} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BB26A108-D996-4FAC-8138-24BC97CF5924} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BB430EAD-AE65-4C7A-B39F-9856D655A80B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BB4EF74F-494E-47C8-A7DE-7D35B8F20CAC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BB70D2C8-D05D-4D10-AB96-E0CA13555568} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BC3210CA-5F76-4B5B-A4D8-E65877DFF479} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BC69823F-94DD-472E-8D92-5F6A2C8ED3B3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BD8568A9-C930-42F3-8EB4-7A841F3E9D8D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BDC06F0B-754F-452E-9372-1AA70B6405F7} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BDC260F0-0B7C-4298-8B68-932F611F7541} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BE2F179F-0316-409B-A69A-17D4A7125A20} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BE75192F-3942-4057-958C-395944A5AF31} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{BF81B783-8149-4B46-A344-EA6827A2D0B1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C013405A-ED3A-4C90-8BE0-179D75C47081} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C092E71A-B31C-405E-A937-5102CFB0CF7C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C09AA088-9E93-4AF1-A566-A244E277790E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C0F2F92A-3E6E-4A40-B563-823FE2DB378B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C1815A47-C4E6-4ED7-8416-C742207380BF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C197E5CB-F7C5-4762-AA1A-9FD203CD2679} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C24162D1-6214-4EDB-BA8B-633B9D94EA80} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C27C3900-5439-4973-A1F4-9B9F8DA5D399} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C323F3A4-70AB-4F6C-AE1B-81C9A376C63E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C3CABF2E-4505-42D8-BBA0-4C22E6659235} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C3D49E2C-A1BC-4C77-B50D-7F32E91F33A4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C46761D6-5D2A-456C-B808-3B9F2A15650B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C4B99FA7-0075-4051-9D19-4336249652A0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C4D6DE40-70B6-4BEF-818C-3C242ED6C50B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C564623E-547C-450F-8637-CA28878A56F2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C5C64A47-BC07-4232-B42A-D80B18E8C9A8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C5C9E813-8A0B-49B3-B6AD-0CDBC7BB5669} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C62B16BC-62D1-41BB-8172-E82EE5655138} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C63AF5C3-3471-4788-AAD8-BEFBD44D604B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C75A8B81-A5E3-4295-90DA-28E31ABA8449} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C80B88E9-1835-4807-8D95-F46F0AA37134} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C894A39C-15C3-4A44-9CCB-1B529E8AEB97} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C9891AA0-DDBF-496A-8B70-42C2536CAC4C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C98CFC83-8D89-4E8F-909B-245130B3E0E2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{C9BE2E7B-1706-4E6A-B157-55E7F7F04186} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CABA5D81-C177-4F2E-B27A-A9F776E27BED} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CB25F31B-BEAE-4358-81AC-91A9FE71188D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CB416D80-AD8F-4FD8-B78D-E88F9A58B749} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CB68BC6D-D1CD-42B9-BCA1-A1886BA661E4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CB7AA7C2-5AB0-4834-9C06-FDB13EBCE080} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CB814B26-AD80-431B-9ABC-BB29274A14C8} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CC06C60B-976D-4032-9FE9-A15D25EC1A35} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CC2058D9-642A-4134-BF46-40B4AD48C784} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CD1138A0-473D-4D74-8482-5A679C4F65A0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CD2D7CBA-2931-423A-8800-6B654F16C157} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CD4F3E15-4E26-40A3-8D62-DF0AFC0ABA86} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CD7B55DB-5B84-4B50-A820-D0BC3B9E9877} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CE1664D4-CC33-456D-A9AF-B99258168DC7} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CE18D57E-A853-433B-820D-54D7C795170E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CE1C4C51-9877-4E8B-A497-6E249E2644FE} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CE57B6E5-8BBC-49C6-A516-01DC98D15C2A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CEAAC426-4D3B-42D2-9D26-3F6101B20D5C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CF40CA42-B5CB-45BD-ABC8-126F2F51DF9F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CF64D6D4-1F41-4503-8FD8-BD09580E128D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CF86CDEF-B83C-481C-A433-2DFE9322C526} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{CFAFEF79-DBC7-43E6-A9D3-F105EF2DE714} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D04A6B79-938C-42BB-8DF8-072A9EDA2025} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D0567A0A-78F3-49F6-A870-07B88C4230B6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D0CD0230-F7A5-4701-AD42-4AD01EE9518C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D169FFAA-8866-4365-B8FC-605CB687B912} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D2520874-D62B-4E41-8368-8B0D2552C6E9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D2542A5B-CB86-467C-AE71-0F06872F478A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D2864912-0D85-4151-90C1-6423250950CA} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D2ED6D22-4AC8-4B09-B6FF-D02F466C70AC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D367E7D3-FA8A-492A-A6F1-E5F39DFB0988} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D3ED45CF-17A4-4E43-B890-6E274855F884} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D418AEFB-8C36-4C95-A3C2-D201558A8475} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D5781320-CB0B-4634-A9CA-641DBE9332B0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D641F023-6FB0-44D4-8333-6DA550A8EC95} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D6F52E60-FAE6-442C-8303-583AFF997C8F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D6FC98F8-45DD-4948-A6E5-C15B0826AFC9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D703D452-7CB0-4866-B905-568E43890ACF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D7477EB0-C1BD-4DEA-A469-9E0D6436BD52} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D7492D6F-501C-4548-8046-EAE8F8B43D71} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D8071785-C172-40F3-8343-E53E841BB025} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D9239C5B-D298-42CF-9160-BCCEEE5F27C2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D92AAD43-AEED-47A6-A01C-B37C6BA68C24} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{D9D738DB-1D01-4773-8284-ED09CF601CCC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DA6A8534-CBBB-4EB4-8632-DA77DE2BCDB0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DAE2848A-149A-41DA-AA2D-B973D27FA923} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DB6E1C24-8E6C-40F4-AE22-F0D0C6529890} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DB970267-1471-42FC-ACCB-1E9AE080B4AF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DBC8EF90-192D-482F-BA34-E1E4E2DC9FF3} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DC676D79-9397-4D41-9356-5ED9E5BA642E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DC722E18-1529-429C-B61C-8D5C38EC8EB1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DCC19938-EE67-407A-BC3F-BE397B3BC203} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DCF549EC-B949-42BE-8154-1E3AE5519ABB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DD4D3C42-93BC-4CD6-8837-2FDE01E83241} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DDD56095-72C4-4AC0-8408-16555A63485E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DE27227C-81D6-4DEC-9FAD-158A8D515900} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DE3DA799-7415-4979-8DCD-20226D2E420F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{DED0D976-F313-4BD7-9E55-E6D12E511CFC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E0448300-82DC-4A7F-A147-1C793F255E6A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E04607EC-9F32-4F06-B63D-873E52FAB389} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E0668BC1-2313-4DEE-9516-66DD6574B479} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E087CA83-6D3C-4833-93EB-0283617DE3E9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E0EE5E79-5E9F-408F-8C06-4B5D73A815C5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E1151C13-3A14-447D-8F18-8F1BAF60BE6E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E1B46B22-78B7-4755-8420-2C02739DF791} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E1C783C0-9507-4D9C-BBE9-E61F30DEB3B4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E30F313F-6F33-48A8-AA19-0F6104DC0B0E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E45DCE93-8F18-4CA1-85C5-12398A76243A} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E4C85370-5F02-4E4E-A76F-46E88F0C430D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E547EC65-80DE-4DF5-9A0C-F958B0477091} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E5BACF2F-8CB0-47D7-A7AC-16EAB70909CB} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E65BBE69-0E10-4851-A4E2-53485DB71B4D} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E670723C-6250-4618-A8A7-9CB424F3FF93} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E71C84EF-0DC2-47D5-ABD7-5D1FB5923BA2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E757F7FF-054C-4C83-B774-26685EA47363} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E778C8C2-F755-4B09-AC33-531F4C1FE143} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E7ADFD42-5BD1-4341-A647-9EBEDBBEFCEF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E7F85256-D0B4-415D-A201-F029186D4277} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E898CE4F-24CD-49FD-BFFB-D089D3DBA2BE} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E899439A-D3E1-4E85-A57F-FB8AD2883D60} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E8B14C63-B06E-4A33-B4F9-A8152578D49F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E9302F17-0ECF-417A-A9CB-773B64138645} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E96117C7-63F2-459F-8829-1AEA1E93DD22} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E96B9F59-D4D7-4F2F-9E38-11C94D3D47D9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{E9B3E90F-1248-499F-B3F9-D8AD58F2B5D6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EAAB0B14-DFFD-43B5-984F-E89311945000} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EB066472-4263-4741-B276-7AC9BA4ACE67} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EB11272A-B1D2-4E50-AE10-E280069B887C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EB24C663-9B0D-4A69-BD57-74C523E4ADAC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EB6CB14B-B707-4F2F-A352-45314A1F0251} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EB784E45-0815-4A8C-930E-B29684F4A01C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EB7E5A94-D411-497D-AD53-8CE380F1EB1E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EB8D2471-FC47-4E66-BA93-B037843E9A98} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EC010E24-0EE7-4AFD-9316-89796C8F3BF6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{ED1DC174-8DE2-4F43-8C4A-314286A5CD63} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{ED80E84D-ED78-44B2-A729-27EA8092161B} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EF27287D-B01A-4D30-A6CF-12F18178F630} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EFB943E8-9428-4155-ACBA-08DE8A7C7FF4} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EFC4DA65-F278-46D1-8130-5E18EF761C24} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{EFD7381A-43FA-48C7-B488-A9E71D2AB1C1} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F0959C6F-18D3-489A-8D50-FE1EBF491119} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F0B3818E-5943-447A-9CC3-1CC76E3D921E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F14305E4-AC5D-4604-A0FC-876515E2D4F2} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F188B4BE-A02E-41A2-A0F0-1F95CEC10E49} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F1BADD17-C7A3-4B10-A11D-E9A426449332} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F245F62A-E923-483C-A3DF-27CBAA9EA7ED} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F2AE6720-3877-40FD-9177-73AF7074306E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F375CDDE-E220-4CD0-9F57-AD37418FAA18} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F379EEB9-6254-4B7B-8AF7-323160E58092} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F4168C0C-6B55-4D46-943A-708AC62E406F} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F4B59400-E703-4745-AE80-571E1A3FF5C9} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F4B63053-5E20-4FD5-A50D-4232ECA69F5E} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F4BD59C7-07AE-460C-BD56-8DFF7FB50319} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F5B2A77E-4AE6-471D-B2ED-967249B12364} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F5BD6861-977F-4A85-AE2C-5179AA0AA265} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F762EE13-1BDC-42AC-980C-89DB1D19A487} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F7A8638C-53FF-4DC4-9CB4-84F1E443223C} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F7DB73E5-511B-44E0-A03E-4214776363F0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F813F625-17F5-41A5-AA02-99C82B94CCA0} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F8525B08-43B9-4ABE-B0E4-7D09CB643225} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F8BBCD7F-A5DA-4929-9B60-21ED81EFFB45} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F8E59161-4CEC-4830-A8A8-0BC4E0D034CF} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{F9513D37-791F-4400-93B1-FCB10E113397} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FA11CD8F-960F-416B-B008-84CF9C609139} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FAEFBADA-D186-462C-AA0C-0CAF1937DA45} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FB392F36-0335-43FD-AFAB-32D2A94C4E68} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FB57E286-F511-4567-9F20-0E9B9529E308} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FB8E0478-6F61-4C91-A4BD-69A8C08BD907} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FD307D68-D871-46F7-97C0-092B3F9BB0AD} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FDCFC68D-5BFE-4740-8B63-FAF86E738D63} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FDD28FA8-99CA-4BA1-93CD-D0A42A772A42} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FE910754-38E7-47FA-A3D5-B7047DA1F8A5} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FE9EB6A2-3BD9-459F-9EF8-019345BB0769} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FEC6A980-6364-418D-92FF-1264AEA06FB6} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FF4106AC-72A1-4D37-8269-C5687680A531} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FF70431C-213B-4E83-840F-8BB7631903CC} Successfully deleted: [Empty Folder] C:\Users\Mark\appdata\local\{FFB7ACAA-3834-4C4A-BBE2-8FA6B2539B55} ~~~ FireFox Successfully deleted: [File] "C:\Users\Mark\AppData\Roaming\mozilla\firefox\profiles\bb1jcv1q.default\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi" Successfully deleted: [File] "C:\Users\Mark\AppData\Roaming\mozilla\firefox\profiles\bb1jcv1q.default\extensions\LDSI_plashcor@gmail.com.xpi" Successfully deleted: [Folder] C:\Users\Mark\AppData\Roaming\mozilla\firefox\profiles\bb1jcv1q.default\jetpack Successfully deleted: [Folder] C:\Users\Mark\AppData\Roaming\mozilla\firefox\profiles\bb1jcv1q.default\extensions\staged Emptied folder: C:\Users\Mark\AppData\Roaming\mozilla\firefox\profiles\bb1jcv1q.default\minidumps [284 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 07/14/2013 at 17:01:00.01 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v2.305 - Logfile created 07/14/2013 at 17:02:33 # Updated 11/07/2013 by Xplode # Operating system : Windows 7 Professional Service Pack 1 (32 bits) # User : Mark - MARK-PC # Boot Mode : Normal # Running from : C:\Users\Mark\Desktop\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0} ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16635 [OK] Registry is clean. -\\ Mozilla Firefox v22.0 (en-US) File : C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\bb1jcv1q.default\prefs.js [OK] File is clean. -\\ Google Chrome v28.0.1500.72 File : C:\Users\Mark\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[s1].txt - [1050 octets] - [14/07/2013 17:02:33] ########## EOF - C:\AdwCleaner[s1].txt - [1110 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.07.14.08 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16635 Mark :: MARK-PC [administrator] 7/14/2013 5:09:21 PM mbam-log-2013-07-14 (17-09-21).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 207067 Time elapsed: 12 minute(s), 51 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) RogueKiller V8.6.2 [Jul 5 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : Mark [Admin rights] Mode : Scan -- Date : 07/14/2013 17:31:21 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD1200BEVT-00A23T0 +++++ --- User --- [MBR] 90e9185dde658176beb783444a125fca [bSP] b14cf16d57f042a1b53190a189265bfd : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 114463 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_07142013_173121.txt >> DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.7.2 Run by Mark at 17:33:16 on 2013-07-14 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2038.1202 [GMT -7:00] . AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Users\Mark\Local Settings\Apps\F.lux\flux.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Windows\system32\DllHost.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Malwarebytes' Anti-Malware2\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware2\mbamservice.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Malwarebytes' Anti-Malware2\mbamgui.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\Mark\Desktop\RogueKiller.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . dURLSearchHooks: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll uRun: [Google Update] "c:\users\mark\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [F.lux] "c:\users\mark\local settings\apps\f.lux\flux.exe" /noshow uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\24163796C6 : DHCPNameServer = 192.168.1.1 68.105.28.12 68.105.29.12 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\255637E45647D2355636572756 : DHCPNameServer = 169.231.0.3 169.231.0.4 128.111.1.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\4325543443633313 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\4636A636 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\46C696E6B6 : DHCPNameServer = 192.168.0.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\mp3 skype recorder\Skype4COM.dll Notify: igfxcui - igfxdev.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\mark\appdata\roaming\mozilla\firefox\profiles\bb1jcv1q.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - hxxp://forums.malwarebytes.org/index.php?showtopic=129379|http://forums.malwarebytes.org/index.php?showtopic=129379 FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll FF - plugin: c:\users\mark\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: c:\users\mark\appdata\local\pokki\download helper\npPokkiDownloadHelper.1.2.0.78.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - plugin: c:\windows\system32\wat\npWatWeb.dll FF - ExtSQL: 2013-07-13 16:33; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\mark\appdata\roaming\mozilla\firefox\profiles\bb1jcv1q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\intel\intel® rapid storage technology\IAStorDataMgrSvc.exe [2012-7-29 13592] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware2\mbamscheduler.exe [2012-9-14 418376] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware2\mbamservice.exe [2012-9-14 701512] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-26 22856] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-12-13 30576] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 100328] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-23 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-7 1343400] . =============== Created Last 30 ================ . 2013-07-15 00:27:59 15616 ----a-w- c:\windows\system32\TrueSight.sys 2013-07-14 23:58:29 -------- d-----w- c:\windows\ERUNT 2013-07-14 23:35:21 -------- d-----w- c:\program files\VS Revo Group 2013-07-14 04:56:50 7068072 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{f5a27122-382a-4e26-8d16-2a31939c7618}\mpengine.dll 2013-07-13 20:47:50 7068072 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-07-11 10:20:01 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2013-07-11 00:58:21 1247744 ----a-w- c:\windows\system32\DWrite.dll 2013-07-11 00:58:17 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-11 00:58:14 509440 ----a-w- c:\windows\system32\qedit.dll 2013-07-11 00:58:13 2347520 ----a-w- c:\windows\system32\win32k.sys 2013-07-11 00:58:10 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll 2013-07-11 00:58:10 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll 2013-07-11 00:58:10 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll 2013-07-11 00:58:07 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL 2013-07-11 00:57:45 680960 ----a-w- c:\program files\windows defender\MpSvc.dll 2013-07-11 00:57:44 392704 ----a-w- c:\program files\windows defender\MpClient.dll 2013-07-11 00:57:43 224768 ----a-w- c:\program files\windows defender\MpCommu.dll 2013-06-21 05:23:19 724464 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{49e84798-020e-4406-a638-f815ba3b151b}\gapaengine.dll . ==================== Find3M ==================== . 2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-05-28 07:17:35 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-28 07:17:34 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll 2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll 2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-04-26 04:55:21 492544 ----a-w- c:\windows\system32\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- c:\windows\system32\d3d11.dll 2013-04-17 07:02:06 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll . ============= FINISH: 17:34:30.00 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 9/5/2010 11:59:03 PM System Uptime: 7/14/2013 5:04:35 PM (0 hours ago) . Motherboard: Quanta | | 30BB Processor: Genuine Intel® CPU T1350 @ 1.86GHz | U2E1 | 784/533mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 112 GiB total, 39.005 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_30BB103C&REV_0A\4&16649F33&0&2BF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_30BB103C&REV_0A\4&16649F33&0&2BF0 Service: . Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_30BB103C&REV_01\4&16649F33&0&2AF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_30BB103C&REV_01\4&16649F33&0&2AF0 Service: . ==== System Restore Points =================== . RP594: 7/4/2013 1:24:29 PM - Windows Update RP595: 7/7/2013 8:36:09 PM - Windows Update RP596: 7/11/2013 3:00:24 AM - Windows Update RP598: 7/14/2013 4:38:03 PM - Revo Uninstaller's restore point - Freecorder 6 Add-on for Firefox RP600: 7/14/2013 4:42:18 PM - Revo Uninstaller's restore point - Freecorder 6 RP602: 7/14/2013 4:44:40 PM - Revo Uninstaller's restore point - Freecorder 6 Applications (6.0.0.45) . ==== Installed Programs ====================== . 7-Zip 9.16 beta Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.01) Adobe Shockwave Player 12.0 Apple Application Support ArcSoft Panorama Maker 5 CCleaner Compatibility Pack for the 2007 Office system D3DX10 Dropbox F.lux FLV Player 2.0 (build 25) GnuWin32: Wget-1.11.4-1 Google Chrome Google Earth Google Update Helper HijackThis 2.0.2 ImageShack Uploader 2.2.0 Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Rapid Storage Technology Java 7 Update 7 Java Auto Updater JavaFX 2.1.1 LibreOffice 4.0 Help Pack (English) LibreOffice 4.0.0.3 Malwarebytes Anti-Malware version 1.75.0.1300 Media Player Classic - Home Cinema v1.5.2.3456 MediaMonkey 3.2 Messenger Companion MicroCAM Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Corporation Microsoft LifeCam Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Word Viewer 2003 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 22.0 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird 16.0.2 (x86 en-US) MP3 Skype Recorder MSVCRT MusicBee OpenOffice.org 3.2 PandoraRecovery (Remove Only) Pokki Download Helper Recuva Revo Uninstaller 1.95 Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Skype™ 6.3 SpeedFan (remove only) Strawberry Perl StrongDC++ 2.41 swMSM System Requirements Lab for Intel Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) VLC media player 1.1.11 Winamp Winamp Detector Plug-in Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Messenger Windows Live Messenger Companion Core Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Device Updater Component Yawcam 0.3.7 Zune Zune Language Pack (CHS) Zune Language Pack (CHT) Zune Language Pack (CSY) Zune Language Pack (DAN) Zune Language Pack (DEU) Zune Language Pack (ELL) Zune Language Pack (ESP) Zune Language Pack (FIN) Zune Language Pack (FRA) Zune Language Pack (HUN) Zune Language Pack (IND) Zune Language Pack (ITA) Zune Language Pack (JPN) Zune Language Pack (KOR) Zune Language Pack (MSL) Zune Language Pack (NLD) Zune Language Pack (NOR) Zune Language Pack (PLK) Zune Language Pack (PTB) Zune Language Pack (PTG) Zune Language Pack (RUS) Zune Language Pack (SVE) . ==== End Of File ===========================
  12. . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 9/5/2010 11:59:03 PM System Uptime: 7/11/2013 8:15:34 PM (49 hours ago) . Motherboard: Quanta | | 30BB Processor: Genuine Intel® CPU T1350 @ 1.86GHz | U2E1 | 784/533mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 112 GiB total, 38.74 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_30BB103C&REV_0A\4&16649F33&0&2BF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_30BB103C&REV_0A\4&16649F33&0&2BF0 Service: . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: MpKsl7a9b2095 Device ID: ROOT\LEGACY_MPKSL7A9B2095\0000 Manufacturer: Name: MpKsl7a9b2095 PNP Device ID: ROOT\LEGACY_MPKSL7A9B2095\0000 Service: MpKsl7a9b2095 . Class GUID: Description: Base System Device Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_30BB103C&REV_01\4&16649F33&0&2AF0 Manufacturer: Name: Base System Device PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_30BB103C&REV_01\4&16649F33&0&2AF0 Service: . ==== System Restore Points =================== . RP594: 7/4/2013 1:24:29 PM - Windows Update RP595: 7/7/2013 8:36:09 PM - Windows Update RP596: 7/11/2013 3:00:24 AM - Windows Update . ==== Installed Programs ====================== . 7-Zip 9.16 beta Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.01) Adobe Shockwave Player 12.0 Apple Application Support ArcSoft Panorama Maker 5 CCleaner Compatibility Pack for the 2007 Office system D3DX10 Dropbox F.lux FLV Player 2.0 (build 25) Freecorder 6 Freecorder 6 Add-on for Firefox Freecorder 6 Applications (6.0.0.45) GnuWin32: Wget-1.11.4-1 Google Chrome Google Earth Google Update Helper HijackThis 2.0.2 ImageShack Uploader 2.2.0 Intel® Control Center Intel® Graphics Media Accelerator Driver Intel® Rapid Storage Technology Java 7 Update 7 Java Auto Updater JavaFX 2.1.1 LibreOffice 4.0 Help Pack (English) LibreOffice 4.0.0.3 Malwarebytes Anti-Malware version 1.75.0.1300 Media Player Classic - Home Cinema v1.5.2.3456 MediaMonkey 3.2 Messenger Companion MicroCAM Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Corporation Microsoft LifeCam Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Word Viewer 2003 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 22.0 (x86 en-US) Mozilla Maintenance Service Mozilla Thunderbird 16.0.2 (x86 en-US) MP3 Skype Recorder MSVCRT MusicBee OpenOffice.org 3.2 PandoraRecovery (Remove Only) Pokki Download Helper Recuva Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Skype™ 6.3 SpeedFan (remove only) Strawberry Perl StrongDC++ 2.41 swMSM System Requirements Lab for Intel Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) VLC media player 1.1.11 Winamp Winamp Detector Plug-in Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Messenger Windows Live Messenger Companion Core Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Mobile Device Updater Component Yawcam 0.3.7 Zune Zune Language Pack (CHS) Zune Language Pack (CHT) Zune Language Pack (CSY) Zune Language Pack (DAN) Zune Language Pack (DEU) Zune Language Pack (ELL) Zune Language Pack (ESP) Zune Language Pack (FIN) Zune Language Pack (FRA) Zune Language Pack (HUN) Zune Language Pack (IND) Zune Language Pack (ITA) Zune Language Pack (JPN) Zune Language Pack (KOR) Zune Language Pack (MSL) Zune Language Pack (NLD) Zune Language Pack (NOR) Zune Language Pack (PLK) Zune Language Pack (PTB) Zune Language Pack (PTG) Zune Language Pack (RUS) Zune Language Pack (SVE) . ==== Event Viewer Messages From Past Week ======== . 7/9/2013 8:05:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UxSms service. 7/11/2013 9:40:48 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. 7/10/2013 10:44:24 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. . ==== End Of File =========================== dfghjhgfdsasdfghjkhgfdsasdfghjkjhgfdsasdfghjkjhgfdsasdfghjkjhgfdsasdfg
  13. Hello A couple nights ago, my browsers (Firefox and Chrome) had a significant lag in the time it took to load pages. I might attribute it to internet connection or a modem issue, but this is familiar to what I experienced when I had a BSOD around this time last year. I ran a Malwarebytes quick scan and that turned up nothing. A MSE scan discovered a Trojan. I cleaned it. I would normally be satisfied with the results I achieved, but my previous experience and occasional browser delays still leave me cautious. I wanted to know if there still might be anything malicious with my system. Thanks DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.7.2 Run by M at 21:50:27 on 2013-07-13 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2038.1162 [GMT -7:00] . AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Malwarebytes' Anti-Malware2\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware2\mbamservice.exe C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Program Files\Malwarebytes' Anti-Malware2\mbamgui.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Users\Mark\Local Settings\Apps\F.lux\flux.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Freecorder 6\TbHelper2.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k SDRSVC . ============== Pseudo HJT Report =============== . uURLSearchHooks: ToolbarURLSearchHook Class: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - c:\program files\freecorder 6\tbhelper.dll dURLSearchHooks: ToolbarURLSearchHook Class: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - c:\program files\freecorder 6\tbhelper.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: TBSB00808 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - c:\program files\freecorder 6\tbcore3.dll TB: Freecorder 6: {6B34ACCF-1B63-4E1A-8633-461917C75544} - c:\program files\freecorder 6\tbcore3.dll TB: Freecorder 6: {6B34ACCF-1B63-4E1A-8633-461917C75544} - c:\program files\freecorder 6\tbcore3.dll uRun: [Google Update] "c:\users\mark\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [F.lux] "c:\users\mark\local settings\apps\f.lux\flux.exe" /noshow uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [iAStorIcon] c:\program files\intel\intel® rapid storage technology\IAStorIcon.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\24163796C6 : DHCPNameServer = 192.168.1.1 68.105.28.12 68.105.29.12 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\255637E45647D2355636572756 : DHCPNameServer = 169.231.0.3 169.231.0.4 128.111.1.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\4325543443633313 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\4636A636 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{D51F9FB3-306E-45B9-B35F-94EA8A8B31B3}\46C696E6B6 : DHCPNameServer = 192.168.0.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\mp3 skype recorder\Skype4COM.dll Notify: igfxcui - igfxdev.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\mark\appdata\roaming\mozilla\firefox\profiles\bb1jcv1q.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll FF - plugin: c:\users\mark\appdata\local\google\update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: c:\users\mark\appdata\local\pokki\download helper\npPokkiDownloadHelper.1.2.0.78.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1200112.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - plugin: c:\windows\system32\wat\npWatWeb.dll FF - ExtSQL: 2013-07-13 16:33; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\mark\appdata\roaming\mozilla\firefox\profiles\bb1jcv1q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-26 22856] R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2010-12-13 30576] R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 100328] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-23 52224] SUnknown MpKsl7a9b2095;MpKsl7a9b2095; [x] . =============== Created Last 30 ================ . 2013-07-14 03:49:42 60872 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e3d2f660-c71f-44e6-b451-b08d7c969764}\offreg.dll 2013-07-14 03:27:49 7068072 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{e3d2f660-c71f-44e6-b451-b08d7c969764}\mpengine.dll 2013-07-13 20:52:25 -------- d-----w- c:\users\mark\appdata\local\{43EA38DE-831E-4708-BF68-637E330FB446} 2013-07-13 20:47:50 7068072 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-07-13 06:13:58 -------- d-----w- c:\users\mark\appdata\local\{AB8543F4-D974-4D48-82B0-EE93BACFFF01} 2013-07-13 05:09:50 -------- d-----w- c:\users\mark\appdata\local\{F4BD59C7-07AE-460C-BD56-8DFF7FB50319} 2013-07-12 17:04:12 -------- d-----w- c:\users\mark\appdata\local\{3E92B498-5C88-4CB3-AEA8-5A54995867D9} 2013-07-12 04:53:26 -------- d-----w- c:\users\mark\appdata\local\{5D4A7E16-7B1F-4198-ACBA-2A5E5693A180} 2013-07-11 10:20:01 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2013-07-11 07:01:35 -------- d-----w- c:\users\mark\appdata\local\{EF27287D-B01A-4D30-A6CF-12F18178F630} 2013-07-11 00:58:21 1247744 ----a-w- c:\windows\system32\DWrite.dll 2013-07-11 00:58:17 1620480 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-11 00:58:14 509440 ----a-w- c:\windows\system32\qedit.dll 2013-07-11 00:58:13 2347520 ----a-w- c:\windows\system32\win32k.sys 2013-07-11 00:58:10 988672 ----a-w- c:\program files\windows journal\JNTFiltr.dll 2013-07-11 00:58:10 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll 2013-07-11 00:58:10 936448 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll 2013-07-11 00:58:07 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL 2013-07-11 00:57:45 680960 ----a-w- c:\program files\windows defender\MpSvc.dll 2013-07-11 00:57:44 392704 ----a-w- c:\program files\windows defender\MpClient.dll 2013-07-11 00:57:43 224768 ----a-w- c:\program files\windows defender\MpCommu.dll 2013-07-10 05:22:27 -------- d-----w- c:\users\mark\appdata\local\{2FFE04B2-AC7B-4EA4-AB93-72A1A7E23FC5} 2013-07-09 17:18:43 -------- d-----w- c:\users\mark\appdata\local\{B4127C2E-4A34-4F22-8C2F-22CA17BDEC2A} 2013-07-09 05:07:02 -------- d-----w- c:\users\mark\appdata\local\{759EC0FA-B21C-4F9D-8301-04D113CC97F8} 2013-07-08 16:32:11 -------- d-----w- c:\users\mark\appdata\local\{23491A25-1F80-435A-A2D7-990DCF0F2C3F} 2013-07-08 03:48:46 -------- d-----w- c:\users\mark\appdata\local\{39EE6908-D3D4-4B36-9631-AF6B0BCE71C0} 2013-07-07 04:12:08 -------- d-----w- c:\users\mark\appdata\local\{194507C5-0646-49C6-B375-618292D1408F} 2013-07-06 04:54:00 -------- d-----w- c:\users\mark\appdata\local\{E0668BC1-2313-4DEE-9516-66DD6574B479} 2013-07-05 04:57:34 -------- d-----w- c:\users\mark\appdata\local\{2BBEFC7E-9717-4465-A4B2-4B792CBBC832} 2013-07-04 04:21:27 -------- d-----w- c:\users\mark\appdata\local\{105FF8BA-89D6-4F24-B37F-9C897F9AA8B1} 2013-07-03 03:19:42 -------- d-----w- c:\users\mark\appdata\local\{6ABA0700-8F5F-4DF2-B7B1-DB314FD6755A} 2013-07-02 05:20:28 -------- d-----w- c:\users\mark\appdata\local\{CC2058D9-642A-4134-BF46-40B4AD48C784} 2013-07-01 16:21:14 -------- d-----w- c:\users\mark\appdata\local\{673B1A64-3749-4547-A714-A019B016D253} 2013-07-01 03:44:09 -------- d-----w- c:\users\mark\appdata\local\{7645FB85-04B3-42E0-A221-9E16CA3152F6} 2013-06-30 05:32:36 -------- d-----w- c:\users\mark\appdata\local\{CB814B26-AD80-431B-9ABC-BB29274A14C8} 2013-06-29 06:04:55 -------- d-----w- c:\users\mark\appdata\local\{6A5A6894-B83F-41AC-BA6E-506E730B77C1} 2013-06-28 14:28:08 -------- d-----w- c:\users\mark\appdata\local\{DC676D79-9397-4D41-9356-5ED9E5BA642E} 2013-06-28 00:25:35 -------- d-----w- c:\users\mark\appdata\local\{86E32388-DBAB-456E-876E-67F6887F91A4} 2013-06-27 06:01:32 -------- d-----w- c:\users\mark\appdata\local\{24F692DE-34CF-4790-B322-05D1790CFBD8} 2013-06-26 01:21:47 -------- d-----w- c:\users\mark\appdata\local\{B8E45348-C8BC-4A32-8186-85DEB911B3D4} 2013-06-25 04:40:51 -------- d-----w- c:\users\mark\appdata\local\{B7B326CD-575C-46F2-A86E-DB4EAECB9EBC} 2013-06-24 16:27:24 -------- d-----w- c:\users\mark\appdata\local\{45888EAC-FA6D-4E92-B5AC-F9B40C26C0E2} 2013-06-24 04:15:22 -------- d-----w- c:\users\mark\appdata\local\{8102CA98-3695-4002-A175-BF6A7D18E1D3} 2013-06-23 04:18:51 -------- d-----w- c:\users\mark\appdata\local\{BB21720E-13AE-472D-9458-D0C77193F316} 2013-06-22 05:41:48 -------- d-----w- c:\users\mark\appdata\local\{95E8C310-0D65-41AC-B418-EFA4356676F0} 2013-06-21 06:00:12 -------- d-----w- c:\users\mark\appdata\local\{9BD30CCC-5239-4BDB-8276-59E450A7CE47} 2013-06-21 05:23:19 724464 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{49e84798-020e-4406-a638-f815ba3b151b}\gapaengine.dll 2013-06-20 17:58:39 -------- d-----w- c:\users\mark\appdata\local\{454FD980-D032-4068-93E5-28921323FF43} 2013-06-20 05:58:13 -------- d-----w- c:\users\mark\appdata\local\{85EEAC84-C779-4B80-A34E-43AB687E868E} 2013-06-19 05:06:52 -------- d-----w- c:\users\mark\appdata\local\{5CE4C3E2-156A-4B96-878C-DCD517B02981} 2013-06-17 14:10:16 -------- d-----w- c:\users\mark\appdata\local\{EC010E24-0EE7-4AFD-9316-89796C8F3BF6} 2013-06-16 19:31:12 -------- d-----w- c:\users\mark\appdata\local\{3A3E23F7-52EA-4E79-A893-948971D9A917} 2013-06-16 06:44:40 -------- d-----w- c:\users\mark\appdata\local\{C75A8B81-A5E3-4295-90DA-28E31ABA8449} 2013-06-15 06:25:46 -------- d-----w- c:\users\mark\appdata\local\{2C99842B-4A1B-4EC4-AAF4-1046CF6ECC21} . ==================== Find3M ==================== . 2013-06-11 23:43:37 1767936 ----a-w- c:\windows\system32\wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- c:\windows\system32\jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- c:\windows\system32\iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- c:\windows\system32\iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-05-28 07:17:35 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-28 07:17:34 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-13 04:45:55 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- c:\windows\system32\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- c:\windows\system32\cryptnet.dll 2013-05-13 03:08:10 903168 ----a-w- c:\windows\system32\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- c:\windows\system32\certenc.dll 2013-05-10 03:20:54 24576 ----a-w- c:\windows\system32\cryptdlg.dll 2013-05-08 05:38:00 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-05-06 05:06:47 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-06 05:06:47 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-04-26 04:55:21 492544 ----a-w- c:\windows\system32\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- c:\windows\system32\d3d11.dll 2013-04-17 07:02:06 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll . ============= FINISH: 21:51:27.71 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.