Page 1 of 2 12 LastLast
Results 1 to 10 of 17
  1. #1
    Member
    Join Date
    Sep 2007
    Posts
    25
    Points
    0

    Default I think I have Malware? (getting pop ups)

    Hi

    I am getting a pop up in the bottom right hand corner saying I need to update RealPlayer, however when you click on it it does not follow the normal pattern for updating software, so I do not finish the process. I have the following scans for you to take a look at, but I can see there is big problems but don't know how to fix it. Your help would be much appreciated.

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 02/09/2014 at 07:55 PM

    Application Version : 5.7.1018

    Core Rules Database Version : 11029
    Trace Rules Database Version: 8841

    Scan type : Complete Scan
    Total Scan Time : 01:38:46

    Operating System Information
    Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 636
    Memory threats detected : 0
    Registry items scanned : 74314
    Registry threats detected : 0
    File items scanned : 102775
    File threats detected : 39

    Adware.Tracking Cookie
    accounts.google.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.clicksafe.lloydstsb.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .casalemedia.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .unrulymedia.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hertsandessexobserver.co.uk [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hertsandessexobserver.co.uk [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hertsandessexobserver.co.uk [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hertsandessexobserver.co.uk [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hertsandessexobserver.co.uk [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    All the latest news from Bishop's Stortford, Dunmow and Stansted - brought to you by the Herts & Essex Observer. [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    All the latest news from Bishop's Stortford, Dunmow and Stansted - brought to you by the Herts & Essex Observer. [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    All the latest news from Bishop's Stortford, Dunmow and Stansted - brought to you by the Herts & Essex Observer. [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaplex.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    track.adform.net [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    track.adform.net [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adform.net [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\PLATTEN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]


    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    Malwarebytes : Free Anti-Malware

    Database version: v2014.02.12.09

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 11.0.9600.16476
    Platten :: HOME-PC [administrator]

    Protection: Enabled

    12/02/2014 19:55:45
    mbam-log-2014-02-12 (19-55-45).txt

    Scan type: Full scan (C:\|D:\|E:\|F:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 483092
    Time elapsed: 2 hour(s), 14 minute(s), 15 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 7
    HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Quarantined and deleted successfully.
    HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.

    Registry Values Detected: 2
    HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0A2O0R1R1H2Z1S1G0H1F -> Quarantined and deleted successfully.
    HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {0EA926CD-552A-49A5-B9CA-429FD05B961E} -> Quarantined and deleted successfully.

    Registry Data Items Detected: 1
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchDial.A) -> Bad: (Mysearchdial Search) Good: (Google) -> Quarantined and repaired successfully.

    Folders Detected: 38
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0 (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\browser (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\browser\misc (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\data (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\newtab (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\external (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\gallery (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\icons (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\resources (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\chrome (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\favorites (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\info (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\ar (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\de (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\en (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\es (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\fr (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\he (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\it (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\ja (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\nl (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\pl (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\pt_BR (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\ru (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\tr (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.

    Files Detected: 148
    C:\Config.Msi\350f8f.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
    C:\Config.Msi\350fce.rbf (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Temp\SkypeUpdateSetup.exe (PUP.Optional.TSA) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Temp\is1852162411\89466548_stp\RightSurfSetup.exe (PUP.Optional.RightSurf.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\mysearchdial-speeddial.crx (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage (PUP.Optional.FunMoods.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\info.txt (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\manifest.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\browser\background.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\browser\background.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\browser\misc\screenshot.inject.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\data\favorites_de.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\data\favorites_en_gb.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\data\favorites_en_us.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\data\favorites_fr.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\data\favorites_he.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\data\favorites_it.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\data\favorites_pt_br.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\data\favorites_ru.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\data\favorites_tr.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external\crypto-js.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external\jquery-2.0.2.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external\jquery.autocomplete.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external\jquery.balloon.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external\jquery.fittext.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external\jquery.Jcrop.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external\jquery.simplecolorpicker.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external\mustache.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external\string.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\external\underscore-min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\newtab\gallery.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\newtab\gallery.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\newtab\newtab.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\newtab\newtab.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\newtab\search.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\content\newtab\search.min.js (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\external\foundation.min.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\external\indicator.gif (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\external\Jcrop.gif (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\external\jquery.autocomplete.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\external\jquery.Jcrop.min.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\external\jquery.simplecolorpicker.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\external\normalize.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\gallery\arrow-gallery-cat-selected.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\gallery\arrow.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\gallery\emptyArea.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\gallery\gallery.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\gallery\gallery_templates.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\gallery\icon-gallery-search.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\gallery\not_available_32.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\gallery\plus.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\gallery\X.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\icons\128.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\icons\16.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\icons\48.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\css\buttons.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\css\footer.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\css\header.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\css\list.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\css\newtab.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\css\search.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\css\themes.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\ajax-loader-2.gif (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\ajax-loader-bar.gif (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\ajax-loader-medium.gif (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\ajax-loader-small.gif (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\ajax-loader.gif (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\arrow-footer.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\arrow-header.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\attachment.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\close.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\edit-button.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\icon-chrome.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\icon-edit.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\icon-layout.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\icon-plus.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\icon-theme.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\menu_v.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\menu_v_white.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\provider.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\x-button.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\arab_tile.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\batthern_@2X.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\bo_play_pattern_@2X.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\dark_wood_@2X.jpg (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\diagonal_striped_brick.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\escheresque_ste_@2X.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\gold_scale.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\purty_wood_@2X.jpg (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\readme.txt (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\starring_@2X.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\tileable_wood_texture_@2X.jpg (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\weave_@2X.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\wild_oliva_@2X.jpg (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\images\patterns\woven.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\resources\list.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\newtab\resources\menu.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css\activetabs.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css\favorites.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css\layout.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css\modal-fav-add.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css\modal-fav-edit.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css\modal-fav-group.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css\readitlater.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css\recentlyclosed.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css\theme.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\css\webapps.css (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\chrome\bookmarks.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\chrome\download.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\chrome\downloads.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\chrome\downloas.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\chrome\extensions.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\chrome\history.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\chrome\settings.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\chrome\trash.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\favorites\empty.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\favorites\error.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\favorites\shadow.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\info\contactus.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\info\facebook.ico (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\info\rateus.png (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\images\info\twitter.ico (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\activetabs.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\favorites.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\layout.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\modal-fav-add.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\modal-fav-edit.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\modal-fav-group.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\readitlater.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\readitlater_content.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\readitlater_menu.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\recentlyclosed.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\theme.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\webapps.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\skin\plugins\resources\webapps_contextmenu.html (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\ar\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\de\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\en\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\es\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\fr\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\he\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\it\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\ja\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\nl\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\pl\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\pt_BR\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\ru\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.
    C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff\9.4.14_0\_locales\tr\messages.json (PUP.Optional.MySpeedDial.A) -> Quarantined and deleted successfully.

    (end)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:14:01, on 13/02/2014
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.16518)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\File Type Assistant\TSAssist.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
    C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN UK - Outlook.com formerly Hotmail, Bing, Skype and Latest News
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/webhp?sourc...en-GB&ie=UTF-8
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll
    O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
    O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
    O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://homebase.2020.net/Core/Player...erAX_Win32.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - MSN Games - Free Online Games
    O16 - DPF: {76392179-60A8-462D-8961-B95C14DAADF4} (PrintEngine ActiveX Control v4.2) - https://billcentre.vodafone.co.uk/bp...rintengine.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...Uploader55.cab
    O16 - DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} (20-20 3D Viewer for WEB) - http://homebase.2020.net/planner/Cor..._WEB_Win32.cab
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/...soft/wrc32.ocx
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - Free Online Games
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 17550 bytes

  2. #2
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Wander,

    My apologies for the delay.

    It appears that most of what was found are PUP's (Potentials Unwanted Programs) that were installed as foistware. Let's remove the majority of those nuisances so we can get a better look.

    Please download Junkware Removal Tool to your desktop.

    • Disable your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking on XP. Or right click and select Run as Administrator Vista/Win7 and above.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    Next:

    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double-click AdwCleaner.exe to run the tool.
      Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
    • Click the Scan button.
    • AdwCleaner will begin. Be patient as the scan may take some time to complete.
    • The contents of the scan results may be confusing. If you see a program name that you know should not be removed, uncheck the results and please let me know about it.
    • Click the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.


    Next:

    Please download OTL to your Desktop
    • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.

    Please post the contents of both OTL.txt and Extras.txt files in your next reply.

    In your next reply, please post the following logs:

    JRT.txt
    AdwCleaner[S0].txt
    OTL.txt
    Extras.txt


    Thank you,
    Donna
    Last edited by DonnaB; 02-22-2014 at 09:36 PM.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  3. #3
    Member
    Join Date
    Sep 2007
    Posts
    25
    Points
    0

    Red face

    Hi Donna.

    Thanks for your help. No need to apologise for delay, I'm none too quick either.. family commitments.

    Here are the logs as requested. ADWCleaner deleted everything.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.1 (02.04.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Platten on 15/02/2014 at 16:15:17.10
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2580634200-4174658610-4042989989-1000\Software\sweetim
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCS
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{09a5b2e9-9203-46f5-8a4f-b417a23b8a8a}
    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{09a5b2e9-9203-46f5-8a4f-b417a23b8a8a}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\Platten\AppData\Roaming\systweak"
    Successfully deleted: [Folder] "C:\Users\Platten\appdata\local\apn"
    Successfully deleted: [Folder] "C:\Users\Platten\appdata\local\filetypeassistant"
    Successfully deleted: [Folder] "C:\Users\Platten\appdata\locallow\iac"
    Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
    Successfully deleted: [Folder] "C:\Program Files (x86)\regclean pro"
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{000E6D60-631F-493F-A0A4-09517B3293CB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{00383CA8-2DD2-4D8F-B039-14941DED45CC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{00D3F883-D848-4273-B0A7-96683EC11BC9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{00D5872A-5FFF-4D51-87FE-D60E3A5D7996}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{00D7D3DE-1294-482E-9C65-7183D23B878B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{019611D9-DF1B-4F77-A29C-F2BDC9337974}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{02A3E277-E02A-46F9-8AAE-AEFAD6B9C878}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{02A43027-0019-4C0E-925B-C8CB19748B2E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{033947F4-C5CE-45B0-B956-D296F4DD054A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0392FA34-6EC7-439C-8976-CD5C703A301F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{051716A2-B329-4DD0-913A-FD68DA5DB63B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0553F460-C8BC-4200-914C-C24CBA6841C9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0578BD89-4A72-4D78-8C18-7AD952FD1431}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{05AECA6F-1A5A-4706-B9B2-66E042396A9E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{05BDAEDB-9A8F-4F14-BB07-3B0415DF2B2B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{05D6A17A-F77E-447F-963D-2B7602F1686E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0606245C-8522-4D76-A172-31DA977F8B16}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0614D6A4-6BF5-4E98-8752-35679D44ACEB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{061E61EB-7F22-4429-B51A-71D7D42F16A9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{066A5D77-7523-42A8-9180-BAE7B960ECD5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{06B21077-CA29-4E5B-9B4D-D712FB910312}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{06E1F7C6-5F91-4296-88F1-D409D6C68B2C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{06F20721-5225-4027-B841-CB467F3AD060}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{07396A77-11AA-4273-AC3A-BCFDF9E9C893}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{08377CF6-887E-4D0C-AAD1-BDCB98CE7D8B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{08560E5E-EE65-48B0-BFDA-4C58556212AB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{08DC1F0A-9E78-4F9B-88F8-257A4750CBFB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0937374B-1AC5-4B86-BA47-185082D529D0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0A0CC48C-CA0F-402A-999F-F96746304DF5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0A73BD90-961A-46C0-BD4A-CFF50507637A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0A81C1D7-3F4A-412D-B07F-AB896A7225F5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0A944D52-4CD5-43BF-B4F1-FF0CF98A96A5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0B3B3CD6-A6A2-4BB6-A545-653E11633193}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0B84DE6D-0D98-4411-A990-1B7B22958A80}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0B9776E9-349B-4C84-B88A-7745EA73E8BA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0BD5FEAB-C46E-450B-820F-32D338F3D06D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0BE488D5-D3E6-4918-A807-5B7AD37C4767}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0C625F05-E201-4432-A87D-7396A74752F0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0C7E8B25-CEEA-4E06-95EA-470F30B79EAA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0CDE2697-1E98-4381-A126-A156302BCD40}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0D6656EF-9761-44BD-A36A-AE48D85D2DE7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0E0A2DDF-4DF9-4177-8ABA-6221C46D9284}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0E329D75-86A6-47D1-A367-9EA4D1B77027}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0E3786F1-2E6B-4E05-919A-7DF7D877491B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0E8A85DC-EAC3-4659-B820-705B7D26AF37}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0EA40DA1-FEE2-42BA-9887-A76046727772}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0EA62C95-92AE-4CDD-9261-51C1056F1D56}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0F12258D-C852-472C-9FA7-D040F1A68113}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0F131964-BC67-414C-8D66-A8A516F2EEEF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0F41E023-8681-4CD9-B5E3-109DD79BF9DF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0F6FFC8B-A91D-49B4-8054-627CA9ADB542}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{0FFB9D58-4CD2-44E9-A2D0-32A47D8C05EB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{109E7A1A-E92E-430C-83EA-DE1BD4CA8A01}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{10D32133-501A-4008-817A-44AAD67AFE47}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{10E0D86E-AD14-4E33-B619-FCB5F9860A16}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1176AC76-564D-4198-90DE-085D5403DAC6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1190045E-6F89-4965-8DA6-47DB74DCB5BF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{11945258-4E00-4241-932D-77038481941F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{124BC422-C440-47CE-88DE-52B222FEF466}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{12920CAE-354F-41B5-9BE3-0772DA8A5379}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{12D87A2A-40BF-4B81-945E-E45CBCCB4160}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{136762CF-63DD-4747-8B68-037A5C315A7F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{136AE4CD-7578-4F67-ADDB-14935F1FF5B9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{13F06BF4-FB00-41A4-A3B5-3794ABB37218}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1406B918-9C21-4BCB-AC20-2053EAC2BA55}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1406DB10-20B0-4E8C-8A6E-55F105620E39}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1429D712-90F7-42DD-98F6-432707EBA916}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{152C16D3-CF97-41B9-ACCE-28BE0320FDA8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{16407180-B292-429B-8E2B-A57A1D1B6E2A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{166AD7DF-EA14-4D0A-9744-6621BA9099D1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{167A8310-84E9-45AA-9B01-6AF4FBC40AD2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{171B7C72-53FB-4DCA-B877-C3D0C2776712}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{179B3D65-1ED4-4AB9-8DA4-A433FB1D2DDD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{17FDD952-C70E-4AE4-9E9C-02566C2253D1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{183C48FB-5361-4433-B435-DB50EB167B0A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{18426FB9-A8C4-4244-ACBB-C00DC967A98F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{188587AA-A547-41E6-8059-4DFA40E349E3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{18C87E33-1593-46C3-9E45-4767F56D8BFC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{197B6E4A-5C95-4DD5-B928-266BC37108EA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{19DB5CB4-860D-4801-93ED-83191CAA36C5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1A245CBB-09DA-40B5-8E29-2BE1496662EE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1A505CE2-A810-48AC-9196-B8E3A819EDE3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1A600227-2084-4C7F-A026-7C4C0259244A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1A72DD49-0AAD-4D60-A42B-9E2C30FE5363}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1A8315AD-357E-4A59-BED8-A1F285867D87}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1AB7FFF3-DB37-44FA-9A76-97DFC20BDB5A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1AEB30FF-7815-45CC-A208-21760E0F887F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1B1024C1-A5F3-4441-BD6D-799E1B8DAA9D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1B46202E-D2F3-43F1-9F7C-BCA75525BE64}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1BDCE91A-87D7-4F23-A619-EAC721D1B871}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1BF3CBAD-C40E-444A-A367-111D857175F1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1C119573-3D52-416E-8173-C38DBA669E0E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1C19DC92-EEC5-40A6-AA0E-3E89BF4B33FE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1CA52E1A-FAD8-4635-BEF0-97AF9C9AB687}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1CC939C4-1001-4A5C-95C4-D9588F7A60A4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1D2DF8A3-67CB-4810-B8B2-0907C646F167}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1D85F656-B4FD-4AA1-B423-5A4FA0FF965E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1D929C7A-E027-4E17-8B04-A2E29FE54EC4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1DA8075D-5F4A-4E53-9AC4-152F12C40995}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1E0A1A26-BD5D-457B-B418-A2455F114F72}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1F01F26E-B6F4-41A8-BC1B-6E83B00E019F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1FA2A408-8CE0-42C9-9955-245B980F74F4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{1FFBD7F0-2627-40A6-B34A-2266A0C4829F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2049E09E-1A67-4486-9410-E928F8C633B2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{208E5764-2E87-4F3B-B486-2A8C135A77AA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{209255D9-76D7-49B9-B70D-F4EBB528745F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{209F8B3B-F131-4FCE-A706-6537C82F5560}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{20B55AF5-8CB3-4CA1-821F-A478EEB4E9E3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{216797A9-E369-4034-907D-A2876126749A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{216AC6B2-DA76-4996-85CE-CF74F53B79B2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{216EB1AC-E7CC-446A-9F3A-297BF3FFB2C1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2177779C-9375-472D-B045-A960537FC889}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{21865FD1-4944-412E-ADBD-07923DEA5CAA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{21FBE322-8EF0-40A6-A7F9-8E3D179E28B7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2288E0D1-5DBA-432B-A26D-E958631B03D4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{22EBCE04-BBCF-4D76-9C7B-CCEA675D47AB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2356A973-33EC-4AC4-A80A-E10E16A558C7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{235C5FB3-60B7-4CD1-B9F1-31B6B90223B2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2412C646-6256-46F5-8BA7-32DAE71532E4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{24686782-4640-4A93-88EE-B5BDC9DF3C8B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{24ABAFC0-75F9-4AFF-BD8E-A0E148861B41}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{25007711-83C2-4720-BA08-83ADA1CC8308}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{250EB3A1-4121-4AE6-AC4E-9BA498F584BA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2515697E-B8E6-47A2-AC94-1DBEED5D7F78}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{253DE02E-2190-40AC-B82B-169CD7FADD8B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{261E8945-60DC-44E1-B521-B96436E5CE2F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{265B4F86-75F0-4EE4-BDB1-4D2DB2B3D440}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{26604393-E32C-41AD-B79A-9B32C5C23A67}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{26A850C2-33EF-4A3C-A7E6-F34C2C5933B4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{26D2D718-B27D-4553-B053-C1976FD5CEA6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{272AC87B-BFEB-40D7-960E-79F611FE1E41}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{279F9AFD-C100-49C5-98ED-28AF83E0FA42}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{284F976A-72E8-4A42-B4DD-D9CCF6EA2333}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{285C691F-48B9-4FAE-A6DB-2295FCAC3B63}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{28E8B3BD-9106-4165-8B40-06CE64DDC559}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2906E5D2-412B-46A1-BBD8-ED2526C59F50}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{29439E01-49FE-4503-8248-B69D01B77F7B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{295DCD34-9BEF-4881-AAC0-AF36EB2E3C2A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{298FC23F-C387-438E-975A-995531D7FAAC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{29AFB3BE-D1B9-433D-B1F0-D7F6F946EBAC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2A75F460-AF70-4927-9540-A0650047576F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2AA49297-DCBD-44D8-BE51-ADC9595B3917}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2B676944-16A7-4F25-9FC7-4C2FA11EED5B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2BA72DA5-23D4-4566-98F0-C3F42B2766DF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2BB30145-01B9-4091-83FC-B7CF2031B983}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2CC467E6-DA22-465B-8F89-DC70B6CD9569}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2CF3AC27-1BBA-4B64-90B1-0231C1814642}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2D18B94E-F211-4E78-98F4-5A0881E9C296}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2DD08A4E-82B5-4C6A-9028-1B8671D87B3B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2DFB211E-609F-4502-9BCE-0392039F9E37}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2E3C4A02-6970-4CD3-8AA7-34D1AF0E3031}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2E568D2A-34B6-46C0-947F-D2AE732F6BF2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2EA486B9-84BB-41F7-B516-0404CE3B0236}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2ECE67D7-1C50-4A9C-974F-F929183B4D64}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2EEA206D-D270-4551-8DBC-4C04309804BF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2F6CA8E5-9D93-468F-8D63-CD0A32711981}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2FABB803-BDB6-45C4-A062-5ED2AFE5352D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{2FE6BDF6-4092-4F96-B24B-1A8E4E4C9A52}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{30593D3C-58AC-4C14-BDC2-16F9EEDDD484}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3096C111-B610-4A38-8F2A-78937BC202E0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{309FEDA0-C524-4346-B1B5-6072EB845FA6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{30C832DC-0347-4221-BA19-0399D970314E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{30FF72FC-6C18-4099-B8C1-F8EA3E5A7054}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{31092D9E-A714-43F6-82E4-D6DF61D907DE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3124A0A4-8B37-48AA-B5B0-3244ECF2793E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{313A5A0D-9DB1-4BA8-B3FA-1BDF307A3790}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{32E2C49D-6BE7-438B-BDE0-14C4CE1BFBBC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3330CB48-95E9-4769-A00A-A18BE61A134B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{33AFE69C-80B3-44B6-BACC-3E5BACC7A4FE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{34CC5FC1-00C6-45E2-823E-0B0F4BCBE7F4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{355D7E77-6BA3-4B29-8630-CD795E1460D2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3569B4BD-5EF4-410F-ACCA-1CE2E84DFEEB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3740AF50-AC6A-48D8-B9DC-8470DDCAE12B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{37438D57-E4B3-4F03-81C6-4CD4B228C7FF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3744EB7A-6527-4B75-B15A-F4D561C5F44B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{37C61C45-F7E0-41F5-B2B2-7E6F0F74AB18}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{380182E8-952F-40C0-9DE1-657DAD2DAAC6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3913A1CA-7F59-48D1-98A0-F6B7B2EE67A5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{391EA8B8-1473-4D6B-862D-4C7076A375C4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{394366AD-A676-4528-8D91-2B983718C9BB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{39ADAF6F-FED5-4028-81F4-A89D40704AA7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3A38AC35-F314-4A05-90FE-F1F229F409A5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3A918E41-F836-41F3-8BE1-B2D177823717}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3AA2B1D3-0A84-4296-967F-1A15FF8B14B6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3BC9886A-55DD-4A8D-982C-B60D58A3B7FB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3C0AD89D-90AA-4D83-987E-9323D083DE50}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3C13DADC-5DC8-47A2-BDA4-410979635F65}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3C1ED734-9755-4842-86D1-6E9B363ADA69}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3C3F349F-CFD8-4193-B62F-60F88665672C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3C76CF4F-B793-4DAA-8240-33274252ED19}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3CDDAACE-5534-4E83-8274-B374013BA778}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3D2453B2-693B-4474-86C0-E564F5011F62}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3D3D0DD7-D557-4C71-9EC2-1AC70B9FC70C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3D893DFD-6CD4-48FF-BF9D-E5B0BD398CD1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3DD0E795-A4EA-4293-964C-C2536AD9C433}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3DF95A2E-B927-4B44-A3C6-54597E398D03}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3DFD75F9-6189-4844-9F08-95E76C2B2BB6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3E57BC2B-099A-47DC-9C72-FA7DA3C2327D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3E817004-E6B9-4E14-B40A-5D10E217913D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3EAF3470-E611-45AE-A373-83DC51EA1C34}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3EB1BA81-AE54-47BC-8EF3-20A52FDB5B89}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3ED0B01E-EF75-46A4-8851-7CF9763DC3A1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3F5075A1-D966-4255-8C0F-A11C6107B9AE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3F6315B0-8F0D-4EB2-9A53-3AD63AE999AD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3F680E9E-BF9E-462C-BDC7-206DED5D5B5B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{3FA1AD14-CECB-4961-BCB1-0815CCE48A75}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4013B2B1-3DEF-4C79-A189-28A8BA709930}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4154A477-ABCB-4314-BB47-E901648EB767}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{41775B54-2FEE-43CD-8C14-C298A0751754}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{419B367D-8667-4DF4-A2CA-CEBAE689CAB1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{41CE18A4-6E9F-4D6D-9369-00AD6F93F234}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4245BE08-C861-4B2C-BB9E-9F916EC4889A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4272277E-BD11-4D9E-BA27-AFA5825FC07A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{42F573FC-BA9F-4BB6-8E65-36B8508DC377}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{42FD2939-47C9-4265-86CC-3CD9760DF4CB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{43003F4B-B55F-4D70-B54D-B9593A25F322}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{43AA6BDF-3AF0-46EC-8AC1-EF84DB822E97}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4435FD23-E6A5-4067-B3CF-810DF0855508}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{44704217-81F4-434C-8256-FE6ACAEABCF4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{452460A9-3032-4B5D-8A38-6D84C57B84DF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{453A4E7A-B843-4193-BFE4-D7DD8A8C351C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{45A8FA56-F5CA-4811-9809-DB19950E68DE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4619B0A4-5FEB-4E36-8E77-9CE7370AEBB3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{468E3966-C970-4F3C-84B3-F2493437B48A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{473DC124-537A-4341-B847-CAB1034701B5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{47CF778E-3BD4-4E5B-9B18-34BEB84904CD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{481D89C2-436F-4DD4-9E44-800931B5B429}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{48254D69-E21D-4E4D-93FA-65014202C3CE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{48432DCA-A294-4FFA-B6EA-A6365A062F90}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{48662BC4-E160-4909-A030-DAD3C7D8D5E6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{49374619-34B9-48A9-9C50-09013CF3B675}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4956E635-8B71-4912-B05C-BB4FCD6C3EDA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{49D42FD0-A621-4CE7-A1EF-48741E05B40F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{49E84BC9-0FA8-43DF-A566-0DC87D10C521}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4AE866CE-D81E-44EE-BA69-97BEE2794926}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4B19B5EF-01B7-4C2B-B343-896C44A64523}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4C00F59F-C20D-436E-8404-23603FA4AAA0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4C1277FD-50A5-4722-B0DB-3D78E94F5B71}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4C791B08-1D43-4E18-96CF-83DDD36EB42F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4CFB1239-0DC0-460D-A654-D8C5DB9C4B03}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4D36593C-01F7-43A8-AE96-40ADCFD640D5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4DD60E4E-EAF7-4FB2-8BD4-842CF6AB3E9F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4DD8FED3-3CC0-438D-89F7-66F5AC168090}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4DFB32BE-5579-4046-9CD9-FA7273CD1165}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4E025D8F-D04E-4EA0-B522-E302B8A97F9F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{4E9C1CC5-E13C-47E6-901C-F72E214D9AD0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{50522327-4879-466F-9905-C195B40BE8C1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5068AC17-B4C7-4933-804C-0AC1EA4F9197}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{50CA007D-AB1A-4CF1-80AE-442A5013664A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{50E81294-9901-43C9-A38A-C1073C9AB8CC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{53E35A61-80D7-41D5-959F-49F3330923AD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{541E1E47-915B-452B-8422-700654496F28}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{54E484A3-8FDC-40A4-9E39-7A660B23F82D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{55A9C476-7720-464B-88A4-3B4724B361C7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{55DCBA91-328D-4CA1-A9DA-5D732156324D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{55E582BA-F247-4553-9033-B8B3F56DD366}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{567D0E44-716D-42C4-9EC6-3C2E6EBD083F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{56BFC5DD-AA65-4C2E-BEE3-19176F5B8D85}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{56C2434A-276E-47F2-8AEA-FEB9A2E04DEF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{56E228D1-9732-4E0F-950C-308634F75BBB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{56E5F079-78C9-4C55-9144-B81CD93F0FDE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{573DAACD-EB07-489D-9945-659AB9811C10}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{57869E63-50D7-4E66-972A-19927A867222}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{578C5C8C-F775-4CDA-AD76-FCD78BCA95E4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{57B0A3A7-DCB6-48BA-82D7-09871E5D2AF4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{57B92086-2A46-472A-9515-DECD24A0D037}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{57F64AB9-304D-4EFE-B28A-35109E08CE28}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{585096A7-9D79-4AAC-A598-20A898FFC940}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{58893F48-3A1B-44CF-990E-EABE87CB6AA8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{58C114D9-916C-4E46-B64F-0FFCF379746D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5901DAE0-4FDD-40B6-A34D-1014D8E34DAB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5915D089-38F1-452C-9738-2B53CD475ADC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{592D136E-88C1-4A8A-9CCF-452066395334}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5940A99B-E703-4DD0-9726-2F95C9794292}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{59511233-6FD9-41ED-AC6D-9149C4DBEEB0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5954F13B-96B7-4069-B305-DF7EAD53BEAE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{595E9DA1-001B-4BE8-BE4D-E393E8B8C01B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{59991103-8D6E-4AEA-89A3-DD0B496CF57E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{599CA6DF-E196-4584-81A3-90989D4F87D6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5A06F434-3833-49A0-8903-CC85155017C0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5A825388-9799-45ED-A3D0-8AC18376270F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5A9693DF-63CB-4C89-93BC-20ADCB78D24B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5AF619A9-F9D6-4C4A-8A1C-A9D7203DA148}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5B63B8E6-34F9-4A2B-B898-8624DA4AFD92}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5B66D160-8CFF-4AFD-89D3-EB3B5A01BD55}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5C17E182-CBA1-4798-BC25-14D2D09B26BB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5C42E981-EE21-48F6-9BA7-C084FD65D6F5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5CDAF352-33EF-4465-ABAE-4D1CBA9954B1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5CE3474A-F980-4BB3-82C8-57D95935E57F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5D733E38-7C1C-4F30-AB31-F67422C357D8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5D99B6E8-D325-4A7A-B0C6-7721E74B9CFE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5DBAD0F3-A167-4FBE-88F9-E7DDD3582F41}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5DC1B3E6-16F7-4F0A-A890-13DE9CCBFD71}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5E198844-0984-4057-8325-D691B01AF3C0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5F7C9536-7BDE-4021-9EFE-F3038787971B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5F99074F-CD22-4B59-BE12-269D3ED5F096}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5FBBA5A6-A34E-44EA-A2BB-E99AE922D191}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{5FF6BA7B-200F-4CAB-BEBB-31F8338A013A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6086C3D8-A9B7-46C1-A54F-18E5F8D2FF93}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{60AC0BEB-011C-4A17-A267-09E81CF192E1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6175023D-F81F-4A93-97CA-66945CC81446}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{62162EAD-5EFA-4F1E-9CFF-40E4A9E3BE3F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{624EC4A2-231B-482F-B39E-CFFB442ABDAF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6350C3D4-95E1-4613-88F0-A258DECDDB9F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6375E2E0-8B9E-48E6-8A6D-6395124840F1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{638AA8A4-7704-4450-B653-40C1BD0C7F5B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{63D06C00-7DD4-4E65-83EE-CD1B3625E9C4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{63E1FDFB-D11D-4E7C-A86B-D24174233DC9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{63F9624E-7A33-4135-A8BD-F8BA7930CA35}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{64CEA72F-7E2B-4954-A376-E39C86816B6C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{64DB3685-A635-4A44-AEF2-027203FC6838}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{671DE667-7E43-4B4E-B55E-F32F7E368877}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6739560F-5AC8-4995-857A-49E2B7791E46}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{673E4D87-A4AE-45B6-A7D5-8DCBEC20FBA8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6748A686-3AAC-4F41-BF22-B62EB56DFD94}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{67579015-8927-4060-AC61-7AF3DEC63FDF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{67B6E30A-D8A5-46B1-B3BA-9A1840C67DAE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{67C1723E-39C5-4417-BE0E-52AAF452A8EF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{67C8B53F-DBAF-4D90-97C3-33B0B3549012}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{67F6C39C-766F-4764-90F8-8F2023ADA85F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{690E2EF1-5EFC-405A-900F-78285F1342B3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6999E5BD-8B0D-4DF0-9639-9FC9751A6B4D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{69AA0B9B-0767-49F1-A0FD-AD8F1F7BCA7C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{69F08A22-162D-4C03-BDD6-26FAF9BC05DB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{69FCF868-20FB-4566-B509-CECCFBC79A1A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6A07DFC9-C989-4561-B8AC-96AD1EBD9CCD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6A0A5F10-0F28-4173-A191-04E990E826BB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6A6345E6-FF00-46CA-95A4-86822E233813}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6A714D9E-3590-4983-8962-AEC22126302E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6AA02230-9DF5-4549-9A22-401E6F3685DD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6B543C71-8706-4035-B7B7-3D7B64FD432F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6B632DB1-DDD4-4618-B339-1BEE1AFC05B0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6B7AEA42-8968-4236-BF78-D8C87265530A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6B88F140-B5DC-4552-9A99-DE9570379EC3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6BA5EC7C-F2E5-4487-8498-EBC9F8BE592F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6BB083C6-7BA3-4CBA-8DE9-0BD8CCAB46C8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6BCAA65B-56F8-4AC8-B8FE-C5A906D5C034}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6C228CF4-4945-4409-A2D7-0C35C3616DB5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6C63687A-E1AA-4B57-B8C2-0EEE3F4EB97A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6CDB42E2-A43D-46A5-81F5-CCC6D4B48FE6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6D08EACD-7DFA-4360-8731-86E07109F873}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6D31B480-D99E-407E-BD17-39ADB3141A06}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6D60FD19-8EA8-47F0-8A75-CDA6CD037607}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6D698066-57A1-4FBB-A20B-F79149B0063B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6E078F95-A6C7-410C-941D-0AB8C2E12606}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6E3193DD-E01B-423B-BD03-C293EE66C20F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6E50E0F3-E6F0-4D7B-B011-C9E5F05DE127}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6EBD552B-4243-4F69-9B8C-569EACDA2975}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6EBFCA3D-522C-4EFE-8F0A-644AF7298AFE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6ED79FD8-BDA4-4ECD-8109-70CBB622C51E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6EECB57E-3AB1-4AEF-AE32-F6A79C924941}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6F4893F7-8089-4358-BD55-0DA0ABEDE882}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{6FB55DB3-C3DF-472A-B98C-ABDE8C2F9F24}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{70794732-E917-417E-84DF-1B00BD072BEC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{70B221A9-E25A-4176-8CDE-6F0F6CE3DD06}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{70E0EC02-435A-4665-97B7-8F5A98E1CE2E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{70E31C7A-EFEC-442D-A657-E4909470A67C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{70FDB961-ED44-4189-94CA-92222C8191E1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{710ADBEC-6275-4B6A-93B8-F9EBAEBD918F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{71A1A2F0-14BC-4878-AACC-B5734B0B469D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{71C5A2E2-2549-4889-812B-D034451F91D3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{72175D3A-BB67-4E39-9482-71D06A563EBA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{723EAAE7-A496-4AE6-9169-B840D479BA9D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{72663231-FFFD-4323-BB48-1E456AB11095}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7275525B-B9E9-4C8C-B6CF-2CE0A32864C6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{72A7D00C-BFF5-41EF-BCF1-3E1481AD41F0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{72F8A7F6-CBA4-44CA-A751-67C2B6410D74}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7340EB70-C226-4E34-9061-8873A05E3693}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7362872C-0B20-453C-983D-622422D10456}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{736B5F60-92D7-4674-B3D0-57F8DE46FAEB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{73F78A27-04BB-475A-9E8F-A9D55B744EF2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{749DEE23-B01E-4376-8ECA-7CFB6C3AE054}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{74C10FB7-63EF-4A26-A909-FB154134DA84}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{750E21DA-44C0-4AAC-8384-90D55A6B435C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{75290E85-165A-4463-B3A8-73EB62CBBB3C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7592A184-6A97-4B26-8F48-2438E2D9BF8B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{75963140-E405-4AE4-AB07-1573D5093639}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{75EC6A03-7288-4D34-AA14-D3D2795E7A7F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{75FCCB02-8632-4D44-B287-280FB17676A9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{76303CDB-7C29-46A3-80FE-3067E3195DC0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{766C66B4-8410-444D-AE77-15BB397F62C5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{76C2F6E8-09A3-4323-B12A-BB275952EBE7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7769E864-1017-4314-8720-601B9436D43A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{77E13221-0E99-485F-95D4-A5ED46DC3592}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{78261624-EABA-4A7A-827E-0B27EAA0D8DB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{782A808E-51F7-4203-A216-93103CB84BB3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7852E1BA-A5C4-4E7A-AC35-9196B3281D39}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{78884A76-EFE7-4870-B588-B2ECB49901E4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{78DB0A75-92C0-4A77-9DAF-CF716D29588E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{78EAEFCF-B291-4109-9717-C1DC624AD430}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{79127E57-5898-4094-82AA-FEB9D99994FC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{792139C7-D8AD-4BC2-A949-1D0B68F886E8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{798B135D-D7FE-4BA0-BCF0-A96A0B1B1C58}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{79B3B3BF-862D-4ADD-86BD-DB46699766BD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{79E8EAAA-4EA3-4432-8643-60B1145F2B0E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7A1ED2C4-7762-47DD-BE89-E236A8F574B0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7AA97594-51FF-4217-9AC5-120A2C3852D9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7AB3253E-732B-4357-88AE-A47624687D2E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7B4054EA-87CF-4E76-9B22-321648189F6F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7B673A1D-6387-42EA-A113-E497F5710DE2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7B9E581D-AA4D-4F35-820F-1292D2C8DD5D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7C024A5D-BB3F-4AF3-B878-5619B3EFE666}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7CBD9C11-C62B-4D96-A879-35771BE5781D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7CE1A889-3C98-4841-8FD9-25306864D252}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7CE8BFD4-6B4C-4A3B-B011-0455CC48612D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7CECF880-0864-42F2-87F6-65BBF0B41B0F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7D0299A0-A707-4FD7-8243-F148409AA532}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7D1A7A67-20DB-4937-9EDE-325790FA46CB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7D3C1392-476C-4B2F-80C8-4A4B26F5E8EB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7D55FE32-A02D-4EF5-9935-2364D2EA9390}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7DFB9B75-CD9D-404E-9B4B-7CF297F0885B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7E14649D-31FA-4766-933C-3D5D34DCC5DB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7E3B87BA-B7C5-4CB6-B9AD-4044EF04A54F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7EC567CE-4D56-46AE-8D59-D7644FEBEFA4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7EF3EBEB-5DE2-4C08-9427-057848894A48}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7F2C4858-D972-4C77-BBD4-6C211BAEE926}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7FCD0699-11AF-4A70-A118-EF955E7E0EB0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7FD3973D-A5AF-4495-999B-495DDBFEC614}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7FEAB0C0-38DA-449A-9EB9-ECC789FE3BAF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{7FEBDA73-DE1E-4D94-8132-B322A12194DF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{801B29EC-0D3F-4747-ADF5-1D4C35F09898}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8049C193-5246-4CA6-9FCA-8B2F2C85B4DA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{80B11D4E-0F33-4BC9-B74C-D388C81C3C50}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{81A05A8B-4B1B-4E8B-9562-B24CF607C396}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8226B47C-7B47-4AB4-8BBA-7F1225CED327}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{826BDA66-6F03-4679-93A0-5538CDB49FEB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{82AB0058-E0E4-4849-AE2E-B1F43F1E7EB4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{82B8CF00-BF4B-4EC4-87AB-11722EFBCBB6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{82C1314E-7BAA-4C53-950C-164D11B8FE1C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{82F7E104-BF54-4E39-AF9A-9428E68CCE95}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{833C7F82-88DE-4704-AC11-F8DE51D6FCF5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{838A208D-BAD7-4767-BBBF-42785E758510}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{83D9C5F4-3F12-4075-99F6-37EB9CBC48D9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{84486D4F-0152-4321-891A-2C15C120163D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8467DA5F-B556-47A3-B087-2B9D32F61AFA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{849D0FC6-335B-43AA-BB1D-F6A2397AB71D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{84AE039B-1CFD-4E8A-A5AC-6DCA2FF4AD92}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{851F3B5F-E091-49D6-B221-6575FF1CB9F0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{85C44F29-0934-4060-BF13-4D2DA625945B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8635733A-1D66-4205-AABC-011F24F84A30}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{86A697FA-57B5-4575-A85A-434F26A31E63}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{86CCBD6F-018B-4317-B5D9-D4BA565E6A26}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{86E7A5D9-834F-445B-8A62-00A7C1D45A0D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{873CBC62-120D-4D84-B5F7-2A62226E5A59}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{873ED3A9-D25D-45D3-A616-FE4BD2DCEB6E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{87951845-E67C-46B2-A046-50367461CD19}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8796AB9C-833E-443D-AEDA-96663A3A06CC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{879FC275-C0CD-4068-ADE8-F5BC605EED46}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{87CF644D-4A86-47DC-86F6-C1592FD79163}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8818F3F6-EB7E-4626-8BE9-CFEB5D89875F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8854F524-9EA9-4663-A5C5-B97E934A92C0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8973EF76-3DED-4F3E-8EA3-30A38B508BC8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{897723A1-F82A-4987-BFF8-62277FEA6D7C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8A1063F8-F660-4578-8C70-2F7ACE6BF2D6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8A75DB78-DE69-4F6A-ACBB-65C6B6E77D40}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8A77D644-056F-4D7D-94E3-76E1C548D5CD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8ABF833A-3040-4F2B-99C9-DAC053B6080B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8AED58A3-3C78-4223-83F7-389912E82C14}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8B329888-FB56-4BA3-A427-02A58D20E354}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8BA01B39-F9C8-4D29-840C-91F9EBD0C55F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8BC793E3-F94E-4E60-9BDA-ABE2A4177D58}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8BDE1B3F-8FCD-4666-8389-4EE8FCF01946}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8CE39BE9-CFE6-48C5-B246-D2FE6C16F4B8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8D075892-059A-48F6-B1E8-667B315BA31B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8D564B25-A23F-4E23-9D2A-9E3A7F6E1E17}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8D7ED8E1-7F00-499D-940A-55746F9BADC1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8DA68EDA-BC34-4321-A1EF-411A5BE02427}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8F2675A9-59AB-4DCF-98AF-DF2119BD031A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8F330D1A-98F4-4A7F-9C00-8DB6C7ED4E42}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8F354683-9395-4F8E-848D-4697793C6C3A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8F440E0B-1198-4B7E-ADA5-9712736109AE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8F8BE076-6DE9-4818-8959-803BCC8B2FE7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{8FE19A6F-5B8A-4D80-926C-F4169BE4C3CF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{902F74B0-0647-41C8-A8EA-9746B02007CA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{906C9453-E4B6-429E-93A0-17C7E115964D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{90856B6A-C932-44DA-85AF-061C20F75B41}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9085C439-A71E-47F4-AB46-F0F4456B0E1A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{908FB4EB-30F9-4D76-A1B1-D6EAEBB7CC21}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{90930D90-AD56-4C11-8C1C-1AFE0D221DCB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{910BF1F9-17D1-4494-A2AA-7517E70B778D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{912AC0DC-FF58-4D7F-A609-A3A62B8649C1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{913DA047-A497-489C-95D3-9F3B2FBBB0E8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9167B2F8-34A0-4F5C-82C1-E16C2DA7C175}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{91D82CA5-B934-4C8B-925A-77CD89F9B6E0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{91FEFCCF-76AA-4503-AC91-1D459AA2F792}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{92575076-F5C8-45A9-83AC-DA4D631D324D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9278DBB2-E1C3-49C7-9B88-CEF243A3E842}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{927BA88A-1BE9-4F66-9172-898C0519864E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9448B8F8-2557-462D-A06F-55743203900D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{945C2829-505B-4D16-8252-2BF3E2278E6B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9476073F-B1A4-4449-8B22-EBCF3EF16AE5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{955D7516-13A6-4F2E-ADB3-8BFF0BD15347}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{975BFCFC-9750-4F3B-9F25-6BE39E840134}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{977F68CE-FDA3-4EAD-A23F-940F07FB954C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{982287CD-60DC-4049-9855-960F7DCC91B5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{98A84BF2-576B-4DDD-9A84-8D6F8986763C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{98E2AE71-219A-4F80-AD47-B8A489E7D5F2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{998B2079-87FC-4C40-AA2F-642E8825A5FE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{99B61C71-1BB7-46ED-9479-26677B4EE9EB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9A1FE406-3561-4DC8-B54D-707A5B7052A9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9A4ABB53-7F90-488A-9BE5-F2323B2AC8C7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9AC6C076-2600-4AD2-940C-D832D43A49F5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9B0ED773-E555-4417-8A98-ABAD7445FD1D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9B6D6F92-9054-4FF3-9CBC-1217FC288A68}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9B6EDF28-A78B-4473-9872-180154729EF9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9B725001-BBA2-48A0-9BAF-FF06822AB29A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9B7EABD6-C75E-4B49-90F7-6DE2549848AE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9BCA3900-BD48-4870-82BB-0367470CFB3A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9C169C2C-DDED-468E-B273-D6142686F402}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9C263912-494D-4BEF-AE23-B69C35054038}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9C402534-9F10-4D80-97B9-68E973F1068D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9C6E1371-63E8-4323-B14C-922EB68F024B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9CC437AE-DB34-4490-8DBA-13B348D48B32}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9CC51D94-4681-4260-9466-D19CB5450183}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9CCC9DE2-2E9A-47E5-8B37-85766A7CBAA5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9CF9C4E7-1E2C-4D4E-8B42-8B1A1F35A806}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9DE25495-3BB3-4323-B808-4A7B63D50C70}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9E6A842E-1D15-4C13-A7AC-A02EF0A0F5EE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9E9B0FB7-3471-43F8-B86D-7484249B3763}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9EF79A38-258F-4FC9-AB55-52C130BB678D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9F04AC6D-FBD1-461A-B0A1-0D38970B6C2A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9F14AC38-6EB0-440C-B171-BC72E733AECA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9F1C51B3-778F-424B-8E60-13740156D19E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9F1CF606-2474-4D68-B3A8-BBE12F7FD078}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9F6C9939-D3DD-4287-8756-A8CEA798578D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9F6DC206-AC4E-49C6-9D63-165FFE7278DA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9FB3749D-A77F-4440-B3B0-7B8B6FCDB853}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9FC01522-8F4C-4678-ACA0-A907E840BC41}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{9FDDF1A3-32D6-4680-81B4-641712625FB2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A0024F31-6E8A-4F5E-A030-70A924F219C2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A0228BA5-4C5C-4F21-80C9-A7FBF128316C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A16B0460-7A96-4858-8589-FCE5841E19DB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A198F13C-5176-4E8B-823E-98B87AAED41A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A1F622C1-B0FD-4D3F-97A3-725B86341573}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A3604183-6B3A-452D-B0A5-9973A7B5CFBC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A38B1213-BC35-4483-8784-BC1103C63684}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A3995305-B542-43FE-A67A-836ED6DE068B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A3B9CB91-9400-44D6-A7EC-0C3CD6CEFF93}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A3FBFD80-B209-4FBA-899F-C591FF5B1D3C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A469B347-5D5A-426A-A357-6FC585F3C378}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A4B7B1C3-8C51-416E-875F-13D689867595}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A581F18C-08B1-43A5-807A-D846FA5F3C4C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A5BA0094-7705-4753-B71A-208446D0538E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A5C69BD1-B491-4FFA-8C35-A76092F097FA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A622266D-B237-4B81-AFDD-05B540FAA1D1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A63AF9C6-E6A2-4C68-9A62-B23753FACF10}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A64C0704-61DF-49AD-8956-43DED7178D88}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A6AB34F9-02D6-4BDA-B7CA-BE426BF7E453}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A70FD798-CB87-429A-8963-6D3519ECFF8B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A716BD85-664A-4E88-AE44-0DEF2198FDC3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A729B32A-0849-40EB-AD58-8459956E9AB3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A7EFC53B-79F2-4BCF-81D8-706F09A65C2B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A83A4531-48BA-4872-A411-F8A28F9770D6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A883DD1A-DE99-4FB6-9FB8-33532FA8BC16}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A8D6BCB5-4714-4E56-B5A7-67A9B4EC446E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{A9B1352E-B69B-4E81-9C4E-C54FCECE6DA4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AA83A050-60D3-498D-A09C-13DC9D25769E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AB7DC9F9-93FE-47F4-AF45-C7532F935B33}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AB9C3409-9460-4787-AEBD-E7A52CF7344F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{ABE4A992-27DE-4D0C-AB10-781CBFDFA091}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AC2CC0F0-6A04-474C-A5D3-7CB13391639F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AC311295-DA99-4084-83FD-47264C67F77F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AC773710-AEEB-411B-9D1B-36AC8F8CBF50}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AC9DE083-A1E6-481D-84F6-40A76590ACA8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AD724986-F414-46F9-A61F-7C8B96018001}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{ADC7E8FB-7D62-4F22-8176-B632D665D3A6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AE51E70F-32F3-4100-97BB-02FE4019F3D6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AEC5DDB3-CC1C-4575-B45E-B3F16A5CA45B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AEE15077-9067-4C2E-98D7-AB994EFF110C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AEF27588-32B7-4424-A01E-66DC46674550}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AEFD72AC-64A1-4F6D-AACE-F0CA7F73F5BF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AF85D07D-EBC0-4256-876D-C38C598AAF3E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AFA1850B-7700-4D14-89F0-0A0588740817}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{AFC61FA9-224C-4C5C-AF09-4A0EEEC2E515}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B00CB39C-A705-4B44-8222-F7FDCBA02022}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B0C356B8-A9EA-4339-B28E-E6654648308D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B0E80818-84E3-4B3B-87A6-145FEB5FC9AD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B1367C10-6F98-4A7F-A271-F5497060CEAE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B1E6EFCD-B94D-468A-AA62-6F341C0EF3B1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B1F77BA4-8A6E-4732-8ADC-1340A204EE25}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B21AA8C7-7F20-4383-9B7B-F330F3E32B50}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B266134D-BB48-4F7E-838F-FE1346D77B17}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B294230F-40F9-4193-A2AC-CADC73904799}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B33DEF69-50D1-4742-B092-ECA882754AF0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B35815FB-6057-4A0A-8CB2-1B74963EE167}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B37657EE-8023-4396-B541-1BC5095910F8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B3914FAD-86DA-4D78-AF1D-5714835D0F2B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B44F8897-1357-4F3F-B53D-0B0C047F8787}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B497E0DB-7422-42D1-9D76-76CA5357F46F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B4FFE9F0-5675-4E13-8BCA-45EEABD71237}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B5122C49-A7BF-4E72-AF6F-21FAFFC2F036}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B5A738F9-2D5C-4A45-B178-3ABB7A4F8001}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B5A7B4DC-4376-425D-8B39-3BC0B5F0DA93}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B63CDE88-E5FC-478F-B464-FDA1D200FE51}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B66376AD-DA57-46EF-8846-4FA4CECDF144}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B6991427-4F1C-4170-BC5D-5FC816B8EE0E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B75D6339-744D-486F-9638-F46534784CE0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B7839C42-2C14-483A-886C-E0FA02A6F57D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B7E2F879-53B4-43AE-A887-67667603E864}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B7ECBFE4-E59B-4221-A13C-4CC7B12C7849}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B8B45C26-6FF9-4BB5-B734-62830F0B4D0C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B8BF09AE-0983-4840-9857-1DB0E67527E7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B96095E0-7DE1-4B52-B698-8BA513E49680}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B9624838-02D2-4827-BC91-C4C2A5BDC072}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B9661A91-0789-477D-82A2-73EFE7421001}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B96C76A5-B13D-4C50-A17C-A884A9B7AC89}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B99B14E2-3113-4914-B569-5D02828295B5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B9ACBE3E-2902-47F2-B5BB-936CD7B3F47D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{B9DDC975-599B-4442-8188-24B554244BFB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BA13F46E-718B-48AB-8E25-EFCE5861A374}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BA2BB9C2-8FD6-4FDF-BB03-C0C654484A98}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BADA6F09-453F-4DCA-BAD3-39FF83546FE8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BAFDFA09-D0ED-4263-922A-2AB4C5B63468}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BBD1DA41-7D71-4AD4-9F24-7698750890BE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BC2263BA-43F5-4925-87F8-5A83C3C36822}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BCA1564D-8C5D-45A9-BC34-86BA417AC2A0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BD6B5DE2-A5F1-4493-A7BC-24929887718C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BD747E41-E04B-4975-AB56-7AC3B5E069D4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BD81560E-F757-48DF-8104-2587374BF5C7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BDFCC357-90E7-4DFB-A516-DE26BEB25499}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BE7BB768-A79E-4415-86C3-B989B6DC3D76}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BEAFF273-F37F-4B73-8D19-2A85EE8ADA80}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BEBB43D3-A5E7-4621-9DB7-AF6A937A36FE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BF2E080E-3ADB-41AB-96CF-847503961CB0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BF61961A-148B-4CD9-993A-910C3B1EBB40}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BF9CA5F3-E832-4A1E-8EB8-767C27FBD8C3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{BFA421D3-AD90-4FB9-B944-8586F8C22F4A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C059647C-A611-40EC-AEBE-8D1E653F4661}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C05BCDE2-5506-4337-B5D5-DC2B1E7830D1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C08E2AFD-9C43-45E4-803A-CFA2256D1D06}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C0A5863C-1212-4940-900F-79BB153DB4C8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C1732842-37C4-42C9-9CBA-5F6F962E1779}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C19C9964-7F28-4930-A4A9-24E8D16826F9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C1BCD203-0E10-451B-94E0-645CD96AFE36}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C1D48F8C-1C10-482C-BFD0-41D31F857A47}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C1FC510B-A772-4C75-A9E0-43283C32DCEE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C213D819-E6CE-474D-B78E-49AC7499EE7E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C218A407-D0A1-4D43-AF8B-1C83DB3AAF2B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C25C9FE1-1A4E-4073-B7B9-D7D6CB1E6BD6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C28DE56B-AC2D-4519-A090-DE1CA9E64E84}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C2B9ED81-3CF0-49A1-8AD4-59C70046FDCE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C2CF0769-F56C-4147-A7CC-3AB781D73092}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C3495A75-F9E7-49AD-96D8-D59310B59931}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C3BB0951-317E-4A7A-B99D-2AB8634A18ED}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C41B8460-4E4D-4C9C-8E14-B768D193755C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C42819BB-57FA-4126-96CA-FCE65C276765}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C42E5336-BC8A-484A-B408-E67DE5311B3E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C4744A48-7259-4CA5-B8CB-7DA254D6EC93}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C48B4D67-82D3-4AF8-949C-A91C80D10D16}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C49A1190-E42B-4E48-8E9F-296D7AAFA021}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C5681577-B89C-4247-9B81-ACCE40C4285B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C5B89F22-B3F3-4E9F-9CBF-79D279562879}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C5D7608C-834F-41AC-9E75-537E69639A01}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C6544850-A1DA-4070-B10D-BA26D648CA01}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C6D87967-D87B-4529-98E0-B57150C42692}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C6E9282F-2AFD-4B38-807F-535D4D187155}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C720E6B5-338B-4AD7-8D69-F452D6D2B2EA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C7227E29-180C-4755-ADD1-7DDCC8311E24}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C7FDB66A-4AD9-434B-A8F8-2F51D21CF757}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C84FCE98-2D9B-4FDE-AE04-220309DC4ACB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C862C468-4D13-40FD-80C6-A2B93312A6A7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C8CE8F22-D759-4134-BAE4-E519FFC4100E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C92D42E3-A954-454B-A171-DA3DC8A24B80}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C9976EB6-1F3B-4D86-A5E2-D5BF0F3D8994}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{C9DD67F7-5C51-4640-AB5A-33A3B153C103}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CA40B578-D752-499E-9ACB-4E15076C236C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CAD06FD8-C7D7-48D2-8AD2-FAA629E67974}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CAD1FA6D-1D48-42CF-AB53-05A074538F82}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CAF530DC-AEA0-4B68-8747-69271C888622}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CB6C2B2C-C2D2-496B-8DEB-9F7F68DE7189}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CBB3FB9A-43CD-4C08-AC6F-016E7525B4D0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CBF70F1D-1825-45DE-8D22-814BF16E3218}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CC3A1299-E71D-4867-8CE8-82351B613B20}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CC64EC37-E628-4406-A8D1-096C8CC980FB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CCC0390F-751C-4DDE-9BD8-492B0FA5E6F9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CD0CABA0-3B26-4179-A3CB-22972C430F51}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CD7A129B-B392-4F57-BF28-2E5EC6B98306}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CD7C5CAC-F72A-470D-A318-5E63521CADF4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CD7CBD94-4D44-470C-AB66-7766F3FAC371}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CD9E1B2A-916D-476D-9690-A0FCC05B4169}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CDC36247-C20B-4F82-96CF-7CAD462B21CC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CE01A082-2902-4087-84BA-D89AB19F6FCD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CE14F5AC-E656-49ED-9091-D96614865DC0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CE817ECC-CE8A-411E-8F39-AB2A1FC75DA5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CF0C939D-F988-4F86-AB1B-36D8652EFB05}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CF39EF1F-4B96-4184-BE1C-7635F09E69BB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CF45F4B7-7D94-451B-AD23-7E7EF2A46032}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CF4A62DE-B619-47B9-A9D4-8E75E6AE898D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{CFEC108D-790D-4178-A7B4-595AA78989EB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D0198A44-16DE-49E5-ADA6-AD67C5AFE513}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D03A1CFC-9475-4764-B430-5EC25E5E8D0D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D07ECD1C-CD67-484A-AAF9-E78337EFA4C6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D0B5CA25-C980-490F-B0F8-8276BB1EB1C9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D0E497A8-0021-45C1-BB94-1DAFFA023496}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D1FB69EA-726C-472E-9023-4CCDC72A2C3B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D2234C34-4D6E-417C-8B9B-E0772863F3EE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D22A7245-F033-4D1C-A0C8-D89EA1892D7F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D249DA8C-34C2-4135-A46B-765692C74E8E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D334B47B-8554-437D-AE29-2E7C9CD783B3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D359547A-1010-4453-96DC-62437AB8425B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D3A322CF-6EB1-4071-B657-C0C78B4CB7C6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D3B4B048-9B43-4A82-A764-663B79C67ED8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D3B617D6-2D50-4BB0-BE1F-60806CF01E8C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D3FF07CC-F836-4B43-A166-7D8BFC876163}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D425AA74-9BBC-4991-B97C-5B33A747EB14}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D473FDDC-A976-4176-8032-C2C16FF67636}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D55606CE-8CC9-4B66-8027-D1A6E5F2C423}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D589B65B-AEB9-4199-BFBB-5A2777F31323}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D5D45918-BEE7-4A33-BB2E-64D97046A357}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D6826C96-7ECE-4CAC-93B3-62751F196013}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D6C081EB-4C72-4F6D-BE05-5DFCB06AED01}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D6F20875-3D04-4D3E-AAED-34E9B7291DD9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D776C133-96CD-4383-8746-E1A9525B2FAD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D7AC5CDF-98D5-4577-AA5A-4FEEAEF7C293}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D7B61483-2001-4BE5-846B-C1C66555C2A8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D85403DE-1DCC-4403-8D52-68DC9ABF03E0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D86A2538-2DA4-4B0C-B178-36DE9C145B8B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D8746CA5-83DA-4B7A-9E32-DBB3F7469A36}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D8DE67AC-5211-465D-9069-D41E76EFCFE4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D8FBD07C-D075-4305-A73D-5044E89C601A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D913BA0D-5CDA-4EF4-A618-EB62FB16DD7B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D9347CCB-8203-402F-B99D-15936CDB7C4D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D9610D44-E1F5-471C-B2BF-2CD64AC6A490}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D976D683-15C0-4A73-80F6-1A3884B6E1F7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{D9B002B0-BDD7-4C22-9B9A-F1AEAF833C31}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DA1A3615-8BDF-44EF-B95C-2E2BEF709435}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DA3884A9-8A09-4059-B232-D3B5E453CBC7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DA76C7EE-AD9F-44A0-A2D2-3B5336E56388}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DA889B6B-057B-48DE-A41B-DB5D2C88E97D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DAAB2017-E38C-49E0-B4FD-AE7EE0C58983}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DB504C0D-0312-4C2C-B048-16C0A906A307}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DC1135A0-5FB9-4E04-83A8-D4EC76CF6D25}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DC2964D9-BE2C-44AA-AA64-BC6A036ECABD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DCF6EA66-198B-446D-945E-C5BC922F6CEF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DD1EEFBA-A490-4859-884C-627D831B630A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DD217662-108A-4BD5-B983-1F74EA4B212A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DD3B3ECD-0FE2-4FE8-A3F9-DA3E4956A342}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DD63BFCA-46DC-4AB7-9A45-C17986D21018}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DD7F26FF-9DBB-412E-AA7D-C6FCF947A5F4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DE90C281-E1B6-4807-8C4C-525DAA6EA227}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DE97E2B8-5EF4-465E-9D2B-FA8EECD7B2C1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DE9AF476-5FA8-46C8-B4A4-8765235112B6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DE9E22BC-6664-4065-8C4F-72C3246B54C1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DED4E0E3-B7A1-408F-A964-87DE37B8954B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{DF0B7D39-00E9-4AAE-81F2-16C296E0B345}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E01AF45D-7BB1-4BA6-ACA4-BEF531A8EFA0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E05618DE-617A-46C5-807E-0ABFACFE79D5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E062286A-5FD1-4000-A2D3-CFC207A925FA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E1142A0F-45CC-474D-AB16-D3434ECF91D3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E119030D-0612-4172-92F0-A01D14E2FB03}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E121A091-ADA4-4702-8487-677AD899E40B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E18FDF32-74D2-46C6-A793-CCC1D4B12E78}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E1E4C6D9-F5AC-46B5-AAEA-36502E14FECC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E1E77B6F-1170-4EEE-A256-E430D0A1EEAF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E208F3DC-32BE-4C02-8ECE-86B2C90171D3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E2171895-A458-41D2-9840-AC348A8BF99F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E22370D3-6126-4DB5-BA01-B2180B5393DD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E292D903-7DE8-4ACC-8AE1-067AB90FFB71}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E2C43F2E-4BB8-49F1-B293-3FA1DDC52B74}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E2C54085-53F9-45E8-B0AE-618468CE8A79}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E314A8AF-5A9A-4499-A0BF-96FFE643B17C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E3313DDC-5C6D-4848-84A1-82E35E77572E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E38E0EB6-DDFE-43D6-835E-6442DB13F412}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E3F7E6FC-0B60-4DBB-A37A-F7737B3605BB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E418496D-6278-44FE-AC1C-1068F2E253EE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E423178F-E87B-48C1-AF77-0A4EB1C44236}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E4883A76-159E-416E-BC5A-0DC627142885}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E4908BF0-1A49-4EEB-906A-C1FF5A937356}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E4ABCEF2-D097-4EFE-A277-ABC48385BFD4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E579D39C-393B-4EA4-9B13-ACCBC2FD77AC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E5F35482-9DB1-4718-B100-27F0079445A6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E6846ED8-28CD-4CD3-908E-F0974325E8EF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E68B90C5-6470-4207-A203-7A21046C16C7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E6E40F3E-67E0-4E5A-8529-73A4250578F6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E6FEF480-78DD-4157-A950-81E642B876E4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E755B69D-6BB0-4540-9F0E-802996A6E90B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E7EA9419-145A-455A-91EE-A994CA902A02}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E82A8AC7-9FDA-4449-B581-EA42442A0989}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E82E1031-B33E-4362-9FA2-62266A738D18}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E841CF37-03D3-497D-A301-4F1F86F21D86}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E8531D78-7569-45ED-9B49-FB3AB17C503F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E872D3A2-6739-4060-A649-36CC03724E4A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E8A0321A-ACC6-4E97-B7E4-F3FACF924849}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E8DC8F55-DED3-4259-BAA6-FA536935429F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E8EFF085-406F-4404-8EA3-ACDCC1FE4D5D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E9268B78-0C0E-4048-B7E2-9427BC9D2378}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E932CFEE-B1E2-442F-B6E7-E4163F04ABCF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E948E261-95C5-4B52-8DB4-7DB5D7EA229C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E97C6863-BD4A-44DF-894A-8C44C49AA462}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{E9F7FD4B-DD80-42E9-8BFE-920C6F423678}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EA0AEFC9-8775-45D9-A2ED-94BA144DF673}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EA4E89EB-D432-4AE1-A82D-A26A77E2C6B1}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EA57688A-DF3B-4F3E-8A07-FCF96E1D7CE2}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EA7686A2-E982-4953-98FA-A8A2116CB9E9}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EA93871D-7DB4-4671-BF8B-3460D22EE9BA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EAD7B2C6-A09F-4DF4-A6EC-BBA925B0A84B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EB15F021-5681-496E-A06E-2280F1283797}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EB1A85AB-475A-4340-8738-1346FBBED90C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EB5D0B6B-D155-4715-BD64-82E703CEA367}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EB9518BA-5E56-4FD3-9A2A-ED8A4127F824}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EBD0FA9A-18DB-45B7-BCB3-0F955589FA54}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EC331004-7E76-43D9-A522-70EA51B090C6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EC4CE07D-B92C-4AE5-814B-E97F681E3CCA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EC548127-D24E-4CCD-A4F3-69E333228771}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{ED61EE39-A589-452B-9348-C2C65B1A0522}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{ED7F8E34-C7CD-46D9-9793-CC49F32EF286}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EDD02AFC-9FC6-4DAA-81E5-14779B6FA800}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EDDF78B5-A0ED-4115-8782-111BCA64900E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EE7313FF-D07C-4BC7-98AA-D99C260D81FF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EEC7F6AA-4DBF-4FAC-B3FC-37BD93A7B524}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EF6945DC-7697-454A-9033-4745A803A62F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EF6DC12F-9DCD-4757-A2ED-241E6ED7222F}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EF94B843-E98C-48C9-A206-73F2C65B37F7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{EFA9A3A1-D7A4-41FC-A4D6-F7CF81C3F494}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F01ABE67-C149-41A2-A044-35F7D63D9F1E}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F12DB9B5-036D-408C-BE76-1C019DEDB0EA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F13A158E-9E7B-4AA8-8590-ACA5292EF51D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F196F55B-A5E7-4197-834C-1D0F2FE8140A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F1A1F89D-6425-4370-972B-10AB71522F7B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F27A23AD-BB6D-47D1-9E0E-0530322B1991}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F300C4C5-AD57-402E-8F51-63B7A5BD55DA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F3096C28-621E-4E47-B0C8-68AE11D13471}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F3177EFA-9329-4AC6-A6A0-AB2BCA9819DC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F39194AB-088D-4326-A900-B6D9DAA69DC0}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F393F96A-8796-46FB-8959-ED6C26D91BE3}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F4168BC6-8705-449D-AE94-415EE302FB4C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F472225A-AD4D-4ED6-B8B8-916713A6C020}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F4B572E5-D5F5-4CB2-978E-A9073222C5EB}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F4BFC26A-74DD-4DD0-BA3D-83EE09FA3052}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F55B28B6-3195-44FC-8FF2-943E3B44B43A}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F56A49AB-77F2-435D-A19D-4322D14873C5}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F5945A6E-E695-4F51-AC59-737AE2B1A106}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F5C574A4-FE87-486F-87ED-59D3439DE28C}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F5E0F0FE-EDF4-472A-A468-D8999FF6C932}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F6CDD742-FE22-410A-B9C4-9CCC8B0665A8}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F7662B6E-6063-4D06-8F6B-0BED74E0C4AF}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F78986CA-72D0-4E03-A789-177A6BBB2DD4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F796CC33-5C00-4245-813D-C4E47DCB7D1D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F7C8A00C-9364-45B3-A19A-49D4A28FB2EA}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F7F6FB0B-B09E-4339-A8D2-4510E686C6AD}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F80A8EA0-B23A-4AFA-AA71-DE734F885D57}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F85C1FBE-6A1D-470F-B6FD-C9E153721B50}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F8937368-5ABA-4D35-A652-96485BE9C274}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F94A959D-DE9E-4359-AB8E-2473B3E5E040}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{F9D9CB00-A54E-4870-AFCF-A61C6FEFF78D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FA2AAB2B-2212-42B6-A5BB-76D804F15E74}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FAED16E7-CAB3-4BD7-ABD4-A22828779C06}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FBC84B32-99F1-4342-80FE-670B79249460}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FBD0857A-9A12-445C-A7A6-4B62A7EDD986}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FC0E4217-5AD8-471C-9BEE-F4F5AF962658}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FC43DC13-2955-43FB-959A-6720D617B338}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FCCB6036-91E6-4CAE-96A3-9D975FCD92DC}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FD22A3DC-D415-4751-8FB8-42AFB99A7428}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FD52B2CE-FDE7-43CC-AB87-5308DAB4E3F4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FDABA26A-EFA3-48EC-819E-1A62DC430B06}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FDE0597D-D351-4DD1-AE38-3DA59E6469B6}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FE07C3B5-C386-4B9A-B520-5E6598660746}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FEA61D7A-DA73-42CC-AEA1-2754E225D4E4}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FEA7B7C6-B85B-4B32-95A3-68A74EF99F7B}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FEB022BA-1051-4A04-AB31-50F161882FE7}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FEDDF3CC-63A7-43E6-B9EB-B29076A918EE}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FEE12C0A-25F1-4A30-A6D2-4EF165BF0321}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FEEDA473-150E-4D79-8010-3E1A11A79410}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FF28A4B9-F8DA-4F51-BA0C-9106D91D8367}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FF350348-DCD6-46E9-9E09-B054407E958D}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FFCCFAF5-C32E-4410-AF62-2B4F32437640}
    Successfully deleted: [Empty Folder] C:\Users\Platten\appdata\local\{FFE05BC4-9D64-44ED-92F4-779C771625F4}



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 15/02/2014 at 16:30:20.71
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    # AdwCleaner v3.018 - Report created 15/02/2014 at 17:34:26
    # Updated 28/01/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Platten - HOME-PC
    # Running from : C:\Users\Platten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QQPEQ91P\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    File Deleted : C:\Windows\System32\roboot64.exe

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
    Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2
    Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
    Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16518

    Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

    -\\ Google Chrome v32.0.1700.107

    [ File : C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [4232 octets] - [15/02/2014 16:49:19]
    AdwCleaner[S0].txt - [4004 octets] - [15/02/2014 17:34:26]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4064 octets] ##########

    More to Follow...............files too big.

    Wander

  4. #4
    Member
    Join Date
    Sep 2007
    Posts
    25
    Points
    0

    Default

    Second Post...

    OTL logfile created on: 2/15/2014 6:00:19 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Platten\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16518)
    Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.93 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 49.63% Memory free
    5.86 Gb Paging File | 3.60 Gb Available in Paging File | 61.41% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 285.42 Gb Total Space | 195.34 Gb Free Space | 68.44% Space Free | Partition Type: NTFS
    Drive D: | 12.48 Gb Total Space | 2.09 Gb Free Space | 16.72% Space Free | Partition Type: NTFS
    Drive F: | 60.93 Mb Total Space | 23.86 Mb Free Space | 39.16% Space Free | Partition Type: FAT

    Computer Name: HOME-PC | User Name: Platten | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/02/15 17:44:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Platten\Downloads\OTL.exe
    PRC - [2014/02/13 20:19:48 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
    PRC - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/12/14 19:19:54 | 000,309,328 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    PRC - [2013/11/19 19:05:11 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    PRC - [2013/10/16 18:05:49 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
    PRC - [2013/08/14 15:19:56 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2012/12/21 14:32:50 | 000,819,040 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe


    ========== Modules (No Company Name) ==========

    MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2012/12/20 18:19:26 | 000,479,752 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
    MOD - [2010/02/22 10:19:10 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
    MOD - [2010/02/22 10:19:08 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
    MOD - [2010/02/22 10:19:08 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014/02/06 10:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2013/10/10 22:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
    SRV:64bit: - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/08/03 18:43:08 | 000,253,440 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2010/08/03 18:43:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
    SRV - [2014/02/05 07:27:56 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/10/16 18:05:49 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -- (AVP)
    SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
    SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012/12/21 14:32:50 | 000,819,040 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
    SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
    SRV - [2010/09/30 21:44:46 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
    SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/02/22 20:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/10/16 18:08:41 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
    DRV:64bit: - [2013/10/16 18:08:41 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
    DRV:64bit: - [2013/10/16 18:08:41 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
    DRV:64bit: - [2013/10/16 18:08:40 | 000,626,272 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
    DRV:64bit: - [2013/10/16 18:08:35 | 007,717,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
    DRV:64bit: - [2013/07/15 17:42:07 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
    DRV:64bit: - [2013/07/15 17:42:06 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
    DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2011/06/02 14:39:44 | 000,084,536 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
    DRV:64bit: - [2011/06/02 14:39:44 | 000,066,616 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
    DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 13:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 11:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 09:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2010/08/03 18:43:09 | 000,506,880 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2010/05/27 21:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2010/03/02 15:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009/09/02 17:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2009/08/27 16:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/10 14:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
    DRV:64bit: - [2009/06/10 21:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
    DRV:64bit: - [2009/06/10 21:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
    DRV:64bit: - [2009/06/10 21:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
    DRV:64bit: - [2009/06/10 21:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
    DRV:64bit: - [2009/06/10 20:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/06/10 20:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
    DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/04/29 16:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
    DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2008/04/16 13:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
    DRV - [2009/09/02 17:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (All) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0103&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDzy0AyE0FtBtCtA0CyBtCtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1076044487&ir=
    IE:64bit: - HKLM\..\SearchScopes\{848438F6-FCC2-4597-8003-D27F540D55CC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes\{848438F6-FCC2-4597-8003-D27F540D55CC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox


    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Platten\Downloads
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN UK - Outlook.com formerly Hotmail, Bing, Skype and Latest News
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/webhp?sourc...en-GB&ie=UTF-8
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_enGB370
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\SearchScopes\{848438F6-FCC2-4597-8003-D27F540D55CC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/09 20:14:51 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/11/19 19:05:53 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/11/19 19:05:53 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/09 20:14:51 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: Google
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
    CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gears.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gcswf32.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: YouTube = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Kaspersky URL Advisor = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
    CHR - Extension: Safe Money = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
    CHR - Extension: Content Blocker = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.2.614_0\
    CHR - Extension: RealDownloader = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
    CHR - Extension: Virtual Keyboard = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.614_0\
    CHR - Extension: Webcam Toy = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0\
    CHR - Extension: Skype Click to Call = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
    CHR - Extension: Google Wallet = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
    CHR - Extension: Gmail = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
    CHR - Extension: Anti-Banner = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\

    O1 HOSTS File: ([2009/06/10 21:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    O2 - BHO: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
    O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
    O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3:64bit: - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
    O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
    O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
    O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
    O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
    O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
    O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Company)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
    O4 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
    O4 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
    O4 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - Startup: C:\Users\Platten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
    O7 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
    O7 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
    O7 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
    O7 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
    O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
    O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
    O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
    O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
    O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts.../ieawsdc32.cab (Microsoft Office Template and Media Control)
    O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://homebase.2020.net/Core/Player...erAX_Win32.cab (20-20 3D Viewer)
    O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} MSN Games - Free Online Games (UnoCtrl Class)
    O16 - DPF: {76392179-60A8-462D-8961-B95C14DAADF4} https://billcentre.vodafone.co.uk/bp...rintengine.cab (PrintEngine ActiveX Control v4.2)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} http://homebase.2020.net/planner/Cor..._WEB_Win32.cab (20-20 3D Viewer for WEB)
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/...soft/wrc32.ocx (WRC Class)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} MSN Games - Free Online Games (MessengerStatsClient Class)
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} Free Online Games (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E73781B-9486-4D06-89E4-6C40EA97C033}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2AB0D2C-904E-45D5-B4A4-05FD4F867382}: DhcpNameServer = 192.168.1.254
    O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\gopher - No CLSID value found
    O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\livecall - No CLSID value found
    O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim - No CLSID value found
    O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
    O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
    O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
    O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
    O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
    O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
    O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
    O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
    O31 - SafeBoot: AlternateShell - cmd.exe
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{566c2af9-a87d-11df-affc-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{566c2af9-a87d-11df-affc-806e6f6e6963}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\F\Shell - "" = AutoRun
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/02/15 17:36:47 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Local\FileTypeAssistant
    [2014/02/15 16:48:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/02/15 16:15:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2014/02/13 19:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
    [2014/02/13 19:59:04 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    [2014/02/13 07:37:41 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
    [2014/02/13 07:36:15 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2014/02/13 07:36:15 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2014/02/13 07:36:15 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2014/02/13 07:36:14 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2014/02/13 07:36:13 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2014/02/13 07:36:13 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2014/02/13 07:36:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2014/02/13 07:36:12 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2014/02/13 07:36:12 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2014/02/13 07:36:11 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2014/02/13 07:36:11 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2014/02/13 07:36:11 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2014/02/13 07:36:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2014/02/13 07:36:11 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
    [2014/02/13 07:36:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2014/02/13 07:36:11 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2014/02/13 07:36:09 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2014/02/13 07:36:09 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2014/02/13 07:36:09 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2014/02/13 07:36:09 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2014/02/13 07:36:05 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2014/02/13 07:36:04 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2014/02/13 07:35:58 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2014/02/12 19:53:23 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\Malwarebytes
    [2014/02/12 19:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2014/02/12 19:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2014/02/12 19:53:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2014/02/12 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2014/02/12 19:26:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
    [2014/02/12 19:26:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
    [2014/02/12 19:25:44 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
    [2014/02/12 19:25:43 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
    [2014/02/12 19:25:43 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
    [2014/02/12 19:25:43 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
    [2014/02/12 19:25:42 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
    [2014/02/12 19:25:42 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
    [2014/02/12 19:25:41 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
    [2014/02/12 19:25:40 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
    [2014/02/12 19:25:40 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
    [2014/02/12 19:25:39 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
    [2014/02/12 19:25:38 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
    [2014/02/12 19:25:38 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
    [2014/02/12 19:25:35 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
    [2014/02/12 19:25:34 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
    [2014/02/12 19:25:34 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
    [2014/02/12 19:25:34 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
    [2014/02/12 19:25:34 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
    [2014/02/12 19:24:49 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
    [2014/02/12 19:24:49 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
    [2014/02/09 19:57:49 | 000,000,000 | ---D | C] -- C:\SUPERDelete
    [2014/02/09 18:15:33 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\SUPERAntiSpyware.com
    [2014/02/09 18:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2014/02/09 18:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2014/02/09 18:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2014/01/26 15:05:42 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Local\Skype
    [2014/01/26 15:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    [2014/01/26 15:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
    [2014/01/26 15:02:32 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\1O1L1I1PtF1F1C1N
    [2014/01/21 21:05:30 | 000,000,000 | ---D | C] -- C:\Windows\Migration
    [2014/01/21 20:08:35 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
    [2014/01/21 20:08:24 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
    [2014/01/21 20:08:24 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
    [2014/01/21 20:08:24 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    [2014/01/18 18:35:22 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
    [2014/01/18 18:35:22 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
    [2014/01/18 18:35:13 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
    [3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
    [2 C:\Users\Platten\Documents\*.tmp files -> C:\Users\Platten\Documents\*.tmp -> ]
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Users\Platten\AppData\Local\*.tmp files -> C:\Users\Platten\AppData\Local\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/02/15 18:00:00 | 000,000,614 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Platten - Full System Scan.job
    [2014/02/15 17:44:29 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/02/15 17:44:29 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/02/15 17:36:46 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/02/15 17:36:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/02/15 17:36:25 | 2361,593,856 | -HS- | M] () -- C:\hiberfil.sys
    [2014/02/15 17:33:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/02/15 17:32:32 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/02/13 19:59:04 | 000,002,985 | ---- | M] () -- C:\Users\Platten\Desktop\HiJackThis.lnk
    [2014/02/12 19:53:08 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/02/09 18:15:17 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2014/02/06 11:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
    [2014/02/06 11:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2014/02/06 11:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
    [2014/02/06 10:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2014/02/06 10:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2014/02/06 10:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
    [2014/02/06 10:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
    [2014/02/06 10:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
    [2014/02/06 10:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2014/02/06 10:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
    [2014/02/06 10:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2014/02/06 10:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2014/02/06 10:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
    [2014/02/06 09:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2014/02/06 09:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2014/02/06 09:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
    [2014/02/06 09:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2014/02/06 09:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
    [2014/02/06 09:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
    [2014/02/06 09:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
    [2014/02/06 09:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
    [2014/02/06 08:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
    [2014/02/06 08:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
    [2014/02/05 19:30:52 | 000,000,370 | ---- | M] () -- C:\Windows\wininit.ini
    [2014/02/05 07:30:23 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2014/02/05 07:27:54 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
    [2014/02/05 07:27:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2014/01/26 17:42:22 | 000,404,454 | ---- | M] () -- C:\Users\Platten\Documents\cc_20140126_174210.reg
    [2014/01/26 17:36:42 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2014/01/26 17:17:21 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl
    [2014/01/26 17:09:22 | 000,000,000 | ---- | M] () -- C:\Users\Platten\Documents\DownloadStatement_pdf.ka6nkfc.partial
    [2014/01/26 15:05:16 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
    [2014/01/26 15:02:43 | 000,000,059 | ---- | M] () -- C:\Users\Platten\AppData\Roaming\WB.CFG
    [2014/01/21 16:51:46 | 000,439,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
    [2 C:\Users\Platten\Documents\*.tmp files -> C:\Users\Platten\Documents\*.tmp -> ]
    [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Users\Platten\AppData\Local\*.tmp files -> C:\Users\Platten\AppData\Local\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/02/13 19:59:04 | 000,002,985 | ---- | C] () -- C:\Users\Platten\Desktop\HiJackThis.lnk
    [2014/02/12 19:53:08 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/02/09 18:15:17 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2014/01/26 17:42:14 | 000,404,454 | ---- | C] () -- C:\Users\Platten\Documents\cc_20140126_174210.reg
    [2014/01/26 17:17:21 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl
    [2014/01/26 15:02:43 | 000,000,059 | ---- | C] () -- C:\Users\Platten\AppData\Roaming\WB.CFG
    [2014/01/05 18:35:36 | 000,000,370 | ---- | C] () -- C:\Windows\wininit.ini
    [2013/10/09 20:46:56 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp
    [2013/10/09 20:07:39 | 000,207,607 | ---- | C] () -- C:\Windows\hpwins28.dat
    [2013/10/09 20:07:39 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat
    [2012/03/30 06:35:28 | 000,017,408 | ---- | C] () -- C:\Users\Platten\AppData\Local\WebpageIcons.db
    [2011/05/14 10:28:59 | 000,000,000 | ---- | C] () -- C:\Users\Platten\AppData\Local\{24AD922F-DFE5-457F-8CA5-F12AB2DAC071}

    ========== ZeroAccess Check ==========

    [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >

  5. #5
    Member
    Join Date
    Sep 2007
    Posts
    25
    Points
    0

    Default

    Last file. Had a little difficulty uploading these, maybe because they are very big.

    OTL Extras logfile created on: 2/15/2014 6:00:20 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Platten\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16518)
    Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.93 Gb Total Physical Memory | 1.46 Gb Available Physical Memory | 49.63% Memory free
    5.86 Gb Paging File | 3.60 Gb Available in Paging File | 61.41% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 285.42 Gb Total Space | 195.34 Gb Free Space | 68.44% Space Free | Partition Type: NTFS
    Drive D: | 12.48 Gb Total Space | 2.09 Gb Free Space | 16.72% Space Free | Partition Type: NTFS
    Drive F: | 60.93 Mb Total Space | 23.86 Mb Free Space | 39.16% Space Free | Partition Type: FAT

    Computer Name: HOME-PC | User Name: Platten | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .chm[@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
    .hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta[@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
    .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
    .js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .reg[@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
    .vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
    .wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\SysWOW64\mshta.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .inf [@ = inffile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\SysWow64\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\SysWow64\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\SysWow64\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\SysWOW64\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0BD66917-158B-44E4-B12D-120EAC521AEE}" = rport=445 | protocol=6 | dir=out | app=system |
    "{0F431EB0-B5A3-4532-A329-21474921C723}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{13817236-240F-49D5-86DC-1980939B73AE}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{168B71AC-6AB4-4399-A5BD-21E10C42121B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{1F6A8332-2C12-46A2-99C3-B9298E6B28B6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{1FB026BC-01C1-4547-A370-04A8AB051FDB}" = lport=137 | protocol=17 | dir=in | app=system |
    "{35BA11E9-2752-4808-943C-AF40B2977D5D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{39139D88-9245-488C-9EC8-0FF5E0814637}" = rport=139 | protocol=6 | dir=out | app=system |
    "{3991DBA7-0D50-4A84-8E6A-835D7CECB18C}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
    "{3BA45046-D3E4-482C-A968-CBDFD3E74488}" = rport=137 | protocol=17 | dir=out | app=system |
    "{3ECB0493-FCCB-491E-8D21-C88BED999EFB}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
    "{477A0E53-1FC7-42E8-88B3-816809FEEDFF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{4B047215-8134-45E1-A89D-8E8140B0D1D1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
    "{53C540DF-E40D-440A-8A4A-955612ABB03C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{5429ACF3-C246-4AFD-9CF8-C0CDCFD0EF10}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{565C96DA-2CAF-484E-8082-E2E893A6DF43}" = lport=445 | protocol=6 | dir=in | app=system |
    "{6042F189-3440-4CDF-9520-1E262F2D0E5C}" = lport=138 | protocol=17 | dir=in | app=system |
    "{62F13B07-169C-4772-AABB-5F2D9082CD5F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{66D384E9-6107-4A54-8029-75BA616931E0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{70F238A3-EFF7-40ED-932B-BEEA6FA0AE10}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{73306C87-16A9-40DC-BF76-E50D84E94325}" = lport=139 | protocol=6 | dir=in | app=system |
    "{785FB4AB-FE5E-4AF8-B6AA-E4E255B1B35C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{81FED0C9-A0D4-4F7F-9B46-605842AB7935}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{A8813DAE-A913-4608-BB2E-E37767F732E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{B2DF4805-EF13-4E41-BE33-279185C49A63}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{C3BB7FC0-516B-4E15-9CC2-3D42F04BE7EC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{CC929DED-44FC-42F1-9597-9AF25D992D95}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{D7210C8D-5B7D-4014-8D4C-E977DA30BEC2}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{DACB2B10-E963-451B-B66D-13DA18C24A93}" = rport=138 | protocol=17 | dir=out | app=system |
    "{F4F05336-A166-46A7-8C72-EC897359AB25}" = lport=2869 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{01280555-2CD8-4861-AF91-8CEAE7C254F1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{0A36F70E-4AF1-4A56-977A-45236C380265}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{12A7FBB5-8F16-4A81-8A80-1D987AE398BA}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{17FC85E3-42AB-4E43-8581-78518FEB2AFB}" = dir=in | app=c:\program files (x86)\file type assistant\tsassist.exe |
    "{182EAE04-B196-4417-9FDC-E6E95893C2F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{18AFA0A2-C8CE-4E5C-8022-BF16F4636560}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{19A7EDC5-57B9-45D2-AB1B-859AA00DC915}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{22AFB6A0-05C8-4523-B90F-921B538F1504}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{2324DDF1-2AA1-49D1-94AD-706FBB08F55E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{25E0A0A7-9637-4B2A-9C07-A0086FFE13BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
    "{2C8594F9-92E7-481F-B346-980D2FD0549C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{2DFD8783-A639-4EAD-B33C-43A0658E4CBF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{3E63CE38-64A1-422F-8573-CDF152557739}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{3F0F36B2-4DF5-4B96-BC65-064FECEB923C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{4565E4D8-9BF3-4B82-A4FC-83DF146D27A1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
    "{4D537F12-23AB-41BC-BC9D-D7EF381EB2D7}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
    "{549EA333-90A8-41E1-9EDE-5D35E592FD40}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
    "{5A1CBEDF-9BFE-4D32-93BE-7A3E09EDC633}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
    "{65DC424A-D0CA-44C3-84F8-742B5264B802}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{69DFD1F7-ACE8-46C6-9547-9F1C06BB691E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
    "{6ABC0E64-2AA6-4149-A185-D2DD17007CE2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
    "{721CA6EB-63FD-452E-884A-35072370C748}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{75B2B8F7-FFCD-4E14-8A53-AE2720798C8F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
    "{763B600E-B1DA-4C3E-A379-CCB90B8C668D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{781BB632-B6C6-4160-B064-CBFE71522C5D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
    "{7CC00A1E-4625-4C1D-8572-2324A54B9313}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
    "{8B2E4238-2D49-42FE-9018-2AC6607D27ED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
    "{944592A6-0239-46F4-A753-6B6D7186C9D4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
    "{95831C83-8465-459F-8EB3-111C836D92DF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{9D349E19-B98F-413E-B4BE-F27F9FB8E82E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{9E9D5F49-029B-473D-8F18-1E91D92D47B8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{9F5229AB-9740-414F-B4CE-E95991D4DDF0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
    "{A234CA2A-EF18-495A-A4A0-597CD6F073A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{AD791E9A-1DB0-4541-B056-B8E7CA488824}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{AF13E1B1-2945-4DC7-942A-E5D9FD3ABF83}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{B2AD7D13-5D72-4226-8875-DD364CF9B87A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
    "{B2C0D8DF-DE0A-41B3-B7CE-0B40AEA69688}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
    "{B31E1886-B26B-40DF-90DA-DCD948BEE539}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
    "{B5059BF2-FBA6-41E5-9C8E-4A0A9788D8A4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{BBD9D4CA-5289-426C-AC58-8B8534C940FE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
    "{BE8C3523-A249-4F52-8809-F28E15BCAA53}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{BEA179DA-2B22-47AC-BAAD-68F767DA2E7A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{C595AFBD-2F28-4F6C-96B6-E98999E76622}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{C9BD7582-9F31-4DA0-89AC-23C05195EAC3}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
    "{CDC54010-B949-4A82-88BC-3EE3FF64B9DA}" = protocol=6 | dir=out | app=system |
    "{D61214D2-8262-472C-BD9D-4B9F5E3F1E48}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
    "{DEA8A1D5-F7D8-4223-8802-00393D5ED384}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{E1883A59-6DEE-49E4-B091-D14DD5900491}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
    "{E2A96709-EFF3-4956-80DB-BB819AB67899}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{EA4970AE-D9BF-401D-A8AA-4134D43D59D3}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
    "{EBB73C38-E3FC-4FCC-9477-9CFAC9C5902A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{F289D6A3-CCA7-4CB7-9D1E-497524194120}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
    "{F476283A-14F5-4EB0-A308-32D4C5C69B3E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{FA1CD6BB-6A82-40A5-8143-38F3301A4946}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{FC196B76-FEA7-460E-AE2D-DBFA41E34C4B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{FC9B0C6F-A66D-46D7-B4CA-2221ED32B01F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
    "{FD0BBF63-5B97-4DCD-BAB2-8CEF83B6A9E9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
    "{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
    "{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java(TM) 6 Update 15 (64-bit)
    "{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java(TM) SE Development Kit 6 Update 15 (64-bit)
    "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
    "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
    "{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z
    "{81E20D41-C277-4526-934D-F2380AF91B78}" = iCloud
    "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
    "CCleaner" = CCleaner
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HP Document Manager" = HP Document Manager 2.0
    "HP Imaging Device Functions" = HP Imaging Device Functions 13.0
    "HP Smart Web Printing" = HP Smart Web Printing 4.5
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
    "HPExtendedCapabilities" = HP Customer Participation Program 13.0
    "HPOCR" = OCR Software by I.R.I.S. 13.0
    "Shop for HP Supplies" = Shop for HP Supplies
    "SynTPDeinstKey" = Synaptics Pointing Device Driver

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
    "{17B4760F-334B-475D-829F-1A3E94A6A4E6}" = HP Setup
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
    "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
    "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
    "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
    "{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
    "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
    "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
    "{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
    "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
    "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
    "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
    "{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
    "{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant
    "{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
    "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
    "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
    "{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz
    "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
    "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
    "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
    "{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help
    "{6AFDE3BE-BC01-45A4-9D06-BBF5AD207313}" = LightScribe System Software
    "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
    "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.13
    "{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
    "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
    "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
    "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{97486FBE-A3FC-4783-8D55-EA37E9D171CC}" = HP Update
    "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}" = HP User Guides 0148
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}" = Apple Application Support
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
    "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
    "{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
    "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
    "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
    "{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
    "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
    "{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
    "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
    "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
    "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
    "{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
    "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D0C30215-95B5-4624-A963-834A6BD778F4}" = BankTree Personal Finance 2.0
    "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
    "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
    "{DE5BA3CD-C553-4E71-8E3D-216360BB7414}_is1" = BankTree Personal Finance 2.0 Install Manager
    "{DE626616-D7C4-4F00-7E0B-EAF26FA65749}" = muvee Reveal
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
    "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
    "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
    "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
    "Adobe Shockwave Player" = Adobe Shockwave Player 12.0
    "EasyBits Magic Desktop" = Magic Desktop
    "ENTERPRISE" = Microsoft Office Enterprise 2007
    "Google Chrome" = Google Chrome
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
    "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
    "InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}" = Kaspersky PURE 3.0
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "RealPlayer 16.0" = RealPlayer
    "Theme Park World" = Theme Park World
    "Trusted Software Assistant_is1" = File Type Assistant
    "WildTangent hp Master Uninstall" = HP Games
    "WinLiveSuite" = Windows Live Essentials
    "WT084054" = Collapse!
    "WT088047" = Sparkle
    "Yahoo! Companion" = Yahoo! Toolbar
    "YTdetect" = Yahoo! Detect

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-2580634200-4174658610-4042989989-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Adobe Shockwave Player Free Download Packages" = Adobe Shockwave Player Free Download Packages
    "Skype Free Download Packages" = Skype Free Download Packages

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 2/15/2014 1:24:58 PM | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 2/15/2014 1:24:58 PM | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 7207

    Error - 2/15/2014 1:24:58 PM | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 7207

    Error - 2/15/2014 1:32:11 PM | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 2/15/2014 1:32:11 PM | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 440843

    Error - 2/15/2014 1:32:11 PM | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 440843

    [ Hewlett-Packard Events ]
    Error - 11/16/2010 2:19:20 PM | Computer Name = Platten-PC | Source = Hewlett-Packard | ID = 0
    Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\111016061847.xml
    File not created by asset agent

    Error - 11/23/2010 12:42:08 PM | Computer Name = Platten-PC | Source = Hewlett-Packard | ID = 0
    Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\111023044136.xml
    File not created by asset agent

    Error - 11/30/2010 3:43:28 PM | Computer Name = Platten-PC | Source = Hewlett-Packard | ID = 0
    Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\111030074256.xml
    File not created by asset agent

    Error - 12/7/2010 2:12:21 PM | Computer Name = Platten-PC | Source = Hewlett-Packard | ID = 0
    Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\121007061147.xml
    File not created by asset agent

    Error - 12/7/2010 2:21:28 PM | Computer Name = Platten-PC | Source = Hewlett-Packard | ID = 0
    Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\121007062056.xml
    File not created by asset agent

    Error - 12/14/2010 12:40:36 PM | Computer Name = Platten-PC | Source = Hewlett-Packard | ID = 0
    Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\121014044004.xml
    File not created by asset agent

    Error - 12/22/2010 7:36:30 AM | Computer Name = Platten-PC | Source = Hewlett-Packard | ID = 0
    Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\121022113558.xml
    File not created by asset agent

    Error - 12/28/2010 12:10:49 PM | Computer Name = Platten-PC | Source = Hewlett-Packard | ID = 0
    Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\121028041017.xml
    File not created by asset agent

    Error - 1/4/2011 9:27:38 AM | Computer Name = Platten-PC | Source = Hewlett-Packard | ID = 0
    Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011104012706.xml
    File not created by asset agent

    Error - 1/12/2011 6:00:08 PM | Computer Name = Platten-PC | Source = Hewlett-Packard | ID = 0
    Description = AAProcessExited() C:\ProgramData\Hewlett-Packard\HP Support Framework\Telemetry\011112095935.xml
    File not created by asset agent

    [ OSession Events ]
    Error - 5/19/2011 12:09:29 PM | Computer Name = Platten-PC | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3892
    seconds with 1440 seconds of active time. This session ended with a crash.

    Error - 6/3/2011 12:37:45 PM | Computer Name = Platten-PC | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13
    seconds with 0 seconds of active time. This session ended with a crash.

    Error - 10/23/2012 3:37:30 PM | Computer Name = Home-PC | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 7
    seconds with 0 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 2/15/2014 1:35:33 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
    Description = The Peer Networking Grouping service depends on the Peer Name Resolution
    Protocol service which failed to start because of the following error: %%-2140993535

    Error - 2/15/2014 1:38:02 PM | Computer Name = Home-PC | Source = PNRPSvc | ID = 102
    Description =

    Error - 2/15/2014 1:38:02 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7023
    Description = The Peer Name Resolution Protocol service terminated with the following
    error: %%-2140993535

    Error - 2/15/2014 1:38:02 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
    Description = The Peer Networking Grouping service depends on the Peer Name Resolution
    Protocol service which failed to start because of the following error: %%-2140993535

    Error - 2/15/2014 1:38:10 PM | Computer Name = Home-PC | Source = PNRPSvc | ID = 102
    Description =

    Error - 2/15/2014 1:38:11 PM | Computer Name = Home-PC | Source = PNRPSvc | ID = 102
    Description =

    Error - 2/15/2014 1:38:10 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
    Description = The Peer Networking Grouping service depends on the Peer Name Resolution
    Protocol service which failed to start because of the following error: %%-2140993535

    Error - 2/15/2014 1:38:10 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7023
    Description = The Peer Name Resolution Protocol service terminated with the following
    error: %%-2140993535

    Error - 2/15/2014 1:38:11 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7023
    Description = The Peer Name Resolution Protocol service terminated with the following
    error: %%-2140993535

    Error - 2/15/2014 1:38:11 PM | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
    Description = The Peer Networking Grouping service depends on the Peer Name Resolution
    Protocol service which failed to start because of the following error: %%-2140993535


    < End of report >


    Thanks ... Wander

  6. #6
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Last file. Had a little difficulty uploading these, maybe because they are very big.
    Yes! These scans do generate some pretty big logs! You did right by posting them in seperate replies. Thank you kindly!

    I see that Regclean Pro was found and removed by JRT and AdwareCleaner. They're really good at removing undesirable programs. We advise not to use this or any registry cleaner as there have been reports of them clearing out needed registry entries and messing up PCs. In addition, what they do clean up is so small that little or no advantages are noticed.

    Same with the reg cleaning tool in Ccleaner. Though it isn't as bad as many Registry Cleaners, if you don't understand the registry and what is targeted as being removed you're best to leave well enough alone.

    The pop up that you are experiencing with the RealPlayer Update is due to a Registry key that was created when RealPlayer was installed and enabled to run at boot time as a scheduled update notice. It's more of a nag than anything.

    O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

    You may wish to try StartupLite to stop the above from starting at boot. Simply download this tool to your desktop and run it. You do have several programs that do not need to start at boot. Startuplite will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance. Let me know if this stops the nagging.

    Let's clean up a few residuals here with OTL:


    • Double click on the to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      :Commands
      [CREATERESTOREPOINT]

      :OTL
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0103&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDzy0AyE0FtBtCtA0CyBtCtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1076044487&ir=
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_enGB370
      O3 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)
      O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
      [2014/01/26 15:02:32 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\1O1L1I1PtF1F1C1N
      [2014/02/15 18:00:00 | 000,000,614 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Platten - Full System Scan.job

      :Services

      :Reg

      :Files
      ipconfig /flushdns /c

      :Commands
      [resethosts]
      [emptytemp]
    • Make sure all other windows are closed.
    • Click the Run Fix button at the top
    • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
    • Post the log that is found in C:\_OTL\Moved Files in your next reply.
    • Open OTL again and click the Quick Scan button.


    Please post the following logs in your next reply:

    C:\_OTL\Moved Files
    OTL.txt


    Thank you,
    Donna
    Last edited by DonnaB; 02-16-2014 at 06:50 PM.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  7. #7
    Member
    Join Date
    Sep 2007
    Posts
    25
    Points
    0

    Default

    Hi Donna

    I don't recall downloading Regclean pro. But then other's in the family use this laptop. I have CCleaner to clean up. I've looked again at Real Player, I thought it was a rogue programme, but I think that one of the family uses it to watch tv online. I'll decide what I want to do later, he works nights attm so not seen him to discuss. Here are the logs.

    All processes killed
    ========== COMMANDS ==========
    Restore point Set: OTL Restore Point
    Error: Unable to interpret < :OTL> in the current context!
    Error: Unable to interpret < IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0103&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDzy0AyE0FtBtCtA0CyBtCtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1076044487&ir=> in the current context!
    Error: Unable to interpret < IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7> in the current context!
    Error: Unable to interpret < IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}> in the current context!
    Error: Unable to interpret < IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_enGB370> in the current context!
    Error: Unable to interpret < O3 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.> in the current context!
    Error: Unable to interpret < O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
    Error: Unable to interpret < O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found> in the current context!
    Error: Unable to interpret < O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)> in the current context!
    Error: Unable to interpret < O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)> in the current context!
    Error: Unable to interpret < [2014/01/26 15:02:32 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\1O1L1I1PtF1F1C1N> in the current context!
    Error: Unable to interpret < [2014/02/15 18:00:00 | 000,000,614 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Platten - Full System Scan.job> in the current context!
    Error: Unable to interpret < :Services> in the current context!
    Error: Unable to interpret < :Reg> in the current context!
    Error: Unable to interpret < :Files> in the current context!
    Error: Unable to interpret < ipconfig /flushdns /c> in the current context!
    Error: Unable to interpret < :Commands> in the current context!
    C:\Windows\System32\drivers\etc\Hosts moved successfully.
    HOSTS file reset successfully

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes
    ->Flash cache emptied: 57472 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes
    ->Flash cache emptied: 0 bytes

    User: Platten
    ->Temp folder emptied: 43749638 bytes
    ->Temporary Internet Files folder emptied: 23363419 bytes
    ->Java cache emptied: 9222 bytes
    ->Google Chrome cache emptied: 8182390 bytes
    ->Flash cache emptied: 58220 bytes

    User: Public

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 5 bytes
    %systemroot%\System32 (64bit) .tmp files removed: 2320896 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 9344221 bytes
    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95403 bytes
    RecycleBin emptied: 5575 bytes

    Total Files Cleaned = 83.00 mb


    OTL by OldTimer - Version 3.2.69.0 log created on 02162014_192841

    Files\Folders moved on Reboot...
    C:\Users\Platten\AppData\Local\Temp\Low\JavaDeployReg.log moved successfully.
    C:\Users\Platten\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
    C:\Users\Platten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\V8CWEQ44\110184-i-think-i-have-malware-getting-pop-ups[1].htm moved successfully.
    C:\Users\Platten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SKEWR40Y\index[1].htm moved successfully.
    C:\Users\Platten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3Y6JMERN\plusone_gadget[1].htm moved successfully.
    C:\Users\Platten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\4A72F430-B40C-4D36-A068-CE33ADA5ADF9.dat moved successfully.
    C:\Users\Platten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
    C:\Users\Platten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\SuggestedSites.dat moved successfully.
    C:\Users\Platten\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...

    OTL logfile created on: 2/16/2014 7:40:02 PM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Platten\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16518)
    Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.93 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 48.62% Memory free
    5.86 Gb Paging File | 3.83 Gb Available in Paging File | 65.37% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 285.42 Gb Total Space | 196.20 Gb Free Space | 68.74% Space Free | Partition Type: NTFS
    Drive D: | 12.48 Gb Total Space | 2.09 Gb Free Space | 16.72% Space Free | Partition Type: NTFS
    Drive F: | 60.93 Mb Total Space | 23.86 Mb Free Space | 39.16% Space Free | Partition Type: FAT

    Computer Name: HOME-PC | User Name: Platten | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/02/15 17:44:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Platten\Downloads\OTL.exe
    PRC - [2014/02/13 20:19:48 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
    PRC - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/12/14 19:19:54 | 000,309,328 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    PRC - [2013/11/19 19:05:11 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    PRC - [2013/10/16 18:05:49 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
    PRC - [2013/08/14 15:19:56 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2012/12/21 14:32:50 | 000,819,040 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe


    ========== Modules (No Company Name) ==========

    MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2012/12/20 18:19:26 | 000,479,752 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
    MOD - [2010/02/22 10:19:10 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
    MOD - [2010/02/22 10:19:08 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
    MOD - [2010/02/22 10:19:08 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014/02/06 10:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2013/10/10 22:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
    SRV:64bit: - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/08/03 18:43:08 | 000,253,440 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2010/08/03 18:43:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
    SRV - [2014/02/05 07:27:56 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/10/16 18:05:49 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -- (AVP)
    SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
    SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012/12/21 14:32:50 | 000,819,040 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
    SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
    SRV - [2010/09/30 21:44:46 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
    SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/02/22 20:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/10/16 18:08:41 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
    DRV:64bit: - [2013/10/16 18:08:41 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
    DRV:64bit: - [2013/10/16 18:08:41 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
    DRV:64bit: - [2013/10/16 18:08:40 | 000,626,272 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
    DRV:64bit: - [2013/10/16 18:08:35 | 007,717,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
    DRV:64bit: - [2013/07/15 17:42:07 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
    DRV:64bit: - [2013/07/15 17:42:06 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
    DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2011/06/02 14:39:44 | 000,084,536 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
    DRV:64bit: - [2011/06/02 14:39:44 | 000,066,616 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
    DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 13:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 11:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 09:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2010/08/03 18:43:09 | 000,506,880 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2010/05/27 21:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2010/03/02 15:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009/09/02 17:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2009/08/27 16:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/10 14:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
    DRV:64bit: - [2009/06/10 21:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
    DRV:64bit: - [2009/06/10 21:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
    DRV:64bit: - [2009/06/10 21:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
    DRV:64bit: - [2009/06/10 21:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
    DRV:64bit: - [2009/06/10 20:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/06/10 20:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
    DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/04/29 16:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
    DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2008/04/16 13:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
    DRV - [2009/09/02 17:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0103&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDzy0AyE0FtBtCtA0CyBtCtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1076044487&ir=
    IE:64bit: - HKLM\..\SearchScopes\{848438F6-FCC2-4597-8003-D27F540D55CC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
    IE - HKLM\..\SearchScopes\{848438F6-FCC2-4597-8003-D27F540D55CC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Platten\Downloads
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN UK - Outlook.com formerly Hotmail, Bing, Skype and Latest News
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/webhp?sourc...en-GB&ie=UTF-8
    IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_enGB370
    IE - HKCU\..\SearchScopes\{848438F6-FCC2-4597-8003-D27F540D55CC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/09 20:14:51 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/11/19 19:05:53 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/11/19 19:05:53 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/09 20:14:51 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: Google
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
    CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gears.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gcswf32.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: YouTube = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Kaspersky URL Advisor = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
    CHR - Extension: Safe Money = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
    CHR - Extension: Content Blocker = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.2.614_0\
    CHR - Extension: RealDownloader = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
    CHR - Extension: Virtual Keyboard = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.614_0\
    CHR - Extension: Webcam Toy = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0\
    CHR - Extension: Skype Click to Call = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
    CHR - Extension: Google Wallet = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
    CHR - Extension: Gmail = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
    CHR - Extension: Anti-Banner = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\

    O1 HOSTS File: ([2014/02/16 19:29:28 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
    O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
    O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
    O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
    O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
    O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
    O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts.../ieawsdc32.cab (Microsoft Office Template and Media Control)
    O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://homebase.2020.net/Core/Player...erAX_Win32.cab (20-20 3D Viewer)
    O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} MSN Games - Free Online Games (UnoCtrl Class)
    O16 - DPF: {76392179-60A8-462D-8961-B95C14DAADF4} https://billcentre.vodafone.co.uk/bp...rintengine.cab (PrintEngine ActiveX Control v4.2)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} http://homebase.2020.net/planner/Cor..._WEB_Win32.cab (20-20 3D Viewer for WEB)
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/...soft/wrc32.ocx (WRC Class)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} MSN Games - Free Online Games (MessengerStatsClient Class)
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} Free Online Games (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E73781B-9486-4D06-89E4-6C40EA97C033}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2AB0D2C-904E-45D5-B4A4-05FD4F867382}: DhcpNameServer = 192.168.1.254
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\gopher - No CLSID value found
    O18 - Protocol\Handler\livecall - No CLSID value found
    O18 - Protocol\Handler\msnim - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{566c2af9-a87d-11df-affc-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{566c2af9-a87d-11df-affc-806e6f6e6963}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\F\Shell - "" = AutoRun
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/02/16 19:28:41 | 000,000,000 | ---D | C] -- C:\_OTL
    [2014/02/15 17:36:47 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Local\FileTypeAssistant
    [2014/02/15 16:48:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/02/15 16:15:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2014/02/13 19:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
    [2014/02/13 19:59:04 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    [2014/02/12 19:53:23 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\Malwarebytes
    [2014/02/12 19:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2014/02/12 19:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2014/02/12 19:53:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2014/02/12 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2014/02/09 19:57:49 | 000,000,000 | ---D | C] -- C:\SUPERDelete
    [2014/02/09 18:15:33 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\SUPERAntiSpyware.com
    [2014/02/09 18:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2014/02/09 18:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2014/02/09 18:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2014/01/26 15:05:42 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Local\Skype
    [2014/01/26 15:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    [2014/01/26 15:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
    [2014/01/26 15:02:32 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\1O1L1I1PtF1F1C1N
    [2014/01/21 21:05:30 | 000,000,000 | ---D | C] -- C:\Windows\Migration
    [2 C:\Users\Platten\Documents\*.tmp files -> C:\Users\Platten\Documents\*.tmp -> ]
    [1 C:\Users\Platten\AppData\Local\*.tmp files -> C:\Users\Platten\AppData\Local\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/02/16 19:40:14 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/02/16 19:40:14 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/02/16 19:33:08 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/02/16 19:31:58 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/02/16 19:31:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/02/16 19:31:39 | 2361,593,856 | -HS- | M] () -- C:\hiberfil.sys
    [2014/02/16 19:29:28 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
    [2014/02/16 19:25:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/02/16 18:37:59 | 000,000,614 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Platten - Full System Scan.job
    [2014/02/13 19:59:04 | 000,002,985 | ---- | M] () -- C:\Users\Platten\Desktop\HiJackThis.lnk
    [2014/02/12 19:53:08 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/02/09 18:15:17 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2014/02/05 19:30:52 | 000,000,370 | ---- | M] () -- C:\Windows\wininit.ini
    [2014/02/05 07:30:23 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2014/01/26 17:42:22 | 000,404,454 | ---- | M] () -- C:\Users\Platten\Documents\cc_20140126_174210.reg
    [2014/01/26 17:36:42 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2014/01/26 17:17:21 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl
    [2014/01/26 17:09:22 | 000,000,000 | ---- | M] () -- C:\Users\Platten\Documents\DownloadStatement_pdf.ka6nkfc.partial
    [2014/01/26 15:05:16 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
    [2014/01/26 15:02:43 | 000,000,059 | ---- | M] () -- C:\Users\Platten\AppData\Roaming\WB.CFG
    [2014/01/21 16:51:46 | 000,439,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2 C:\Users\Platten\Documents\*.tmp files -> C:\Users\Platten\Documents\*.tmp -> ]
    [1 C:\Users\Platten\AppData\Local\*.tmp files -> C:\Users\Platten\AppData\Local\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/02/13 19:59:04 | 000,002,985 | ---- | C] () -- C:\Users\Platten\Desktop\HiJackThis.lnk
    [2014/02/12 19:53:08 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/02/09 18:15:17 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2014/01/26 17:42:14 | 000,404,454 | ---- | C] () -- C:\Users\Platten\Documents\cc_20140126_174210.reg
    [2014/01/26 17:17:21 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl
    [2014/01/26 15:02:43 | 000,000,059 | ---- | C] () -- C:\Users\Platten\AppData\Roaming\WB.CFG
    [2014/01/05 18:35:36 | 000,000,370 | ---- | C] () -- C:\Windows\wininit.ini
    [2013/10/09 20:46:56 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp
    [2013/10/09 20:07:39 | 000,207,607 | ---- | C] () -- C:\Windows\hpwins28.dat
    [2013/10/09 20:07:39 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat
    [2012/03/30 06:35:28 | 000,017,408 | ---- | C] () -- C:\Users\Platten\AppData\Local\WebpageIcons.db
    [2011/05/14 10:28:59 | 000,000,000 | ---- | C] () -- C:\Users\Platten\AppData\Local\{24AD922F-DFE5-457F-8CA5-F12AB2DAC071}

    ========== ZeroAccess Check ==========

    [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2014/02/05 19:29:38 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\1O1L1I1PtF1F1C1N
    [2012/11/29 20:58:15 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\HTC
    [2011/07/10 20:48:15 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\Samsung
    [2010/04/25 15:35:11 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\Tific
    [2011/11/05 14:06:35 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\UpdateTemp608441793
    [2010/04/14 16:23:35 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\WildTangent
    [2010/09/05 19:29:45 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\WinBatch
    [2010/11/03 21:15:25 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\Windows Live Writer
    [2010/03/14 13:49:57 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\_MDLogs

    ========== Purity Check ==========



    < End of report >

    Thanks for your help. Wander.

  8. #8
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Wander,

    If nobody recalls installing RegClean Pro, there is a good possibility that it was installed as foistware, meaning that someone is "click happy" and when they downloaded software that program was bundled with the download. You have to be very careful, and pay close attention when downloading software these days or you end up with undesirable software that is unwanted such as scanners, reg cleaners, toolbars, etc.

    It appears that OTL had a problem reading the script. It might be because OTL.exe is located in the Downloads folder instead of on the desktop.

    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Platten\Downloads

    Could you please drag and drop OTL.exe from the downloads folder to the desktop and run the fix script again? Also, make sure to right click on OTL.exe to open the program. Hopefully, that will correct the problem! I'll go ahead and repost the instructions below so you don't have to scroll upwards.

    • Double click on the to open the program. On Vista/Win7/Win8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      :Commands
      [CREATERESTOREPOINT]

      :OTL
      IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=file0103&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyDzy0AyE0FtBtCtA0CyBtCtN0D0Tzu0SyByCyBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1076044487&ir=
      IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
      IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
      IE - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNC_enGB370
      O3 - HKU\S-1-5-21-2580634200-4174658610-4042989989-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
      O16:64bit: - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_15)
      O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Reg Error: Key error.)
      [2014/01/26 15:02:32 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\1O1L1I1PtF1F1C1N
      [2014/02/15 18:00:00 | 000,000,614 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Platten - Full System Scan.job

      :Files
      ipconfig /flushdns /c

      :Commands
      [emptytemp]
    • Make sure all other windows are closed.
    • Click the Run Fix button at the top
    • Let the program run uninterrupted. The computer should reboot when the scan is done. If not, please reboot the computer.
    • Post the log that is found in C:\_OTL\Moved Files in your next reply.
    • Open OTL again and click the Quick Scan button.


    Please post the following logs in your next reply:

    C:\_OTL\Moved Files
    OTL.txt


    Thank you,
    Donna
    Last edited by DonnaB; 02-16-2014 at 06:52 PM.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  9. #9
    Member
    Join Date
    Sep 2007
    Posts
    25
    Points
    0

    Default

    Hi Donna,

    Sorry for delay in replying. Sorry you were correct I executed from the downloads. I didn't know how to get on the desktop until your advice.

    Logs herewith...

    All processes killed
    ========== OTL ==========
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
    HKEY_USERS\S-1-5-21-2580634200-4174658610-4042989989-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-21-2580634200-4174658610-4042989989-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
    Registry value HKEY_USERS\S-1-5-21-2580634200-4174658610-4042989989-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
    Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
    Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
    Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
    Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
    C:\Users\Platten\AppData\Roaming\1O1L1I1PtF1F1C1N\Skype Free Download Packages folder moved successfully.
    C:\Users\Platten\AppData\Roaming\1O1L1I1PtF1F1C1N\Adobe Shockwave Player Free Download Packages folder moved successfully.
    C:\Users\Platten\AppData\Roaming\1O1L1I1PtF1F1C1N folder moved successfully.
    C:\Windows\Tasks\Norton Internet Security - Platten - Full System Scan.job moved successfully.
    File ptytemp] not found.

    OTL by OldTimer - Version 3.2.69.0 log created on 02182014_203249

    Files\Folders moved on Reboot...

    PendingFileRenameOperations files...

    Registry entries deleted on Reboot...

    OTL logfile created on: 2/18/2014 8:49:13 PM - Run 3
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Platten\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.9600.16518)
    Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.93 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 45.14% Memory free
    5.86 Gb Paging File | 3.61 Gb Available in Paging File | 61.57% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 285.42 Gb Total Space | 196.04 Gb Free Space | 68.69% Space Free | Partition Type: NTFS
    Drive D: | 12.48 Gb Total Space | 2.09 Gb Free Space | 16.72% Space Free | Partition Type: NTFS
    Drive F: | 60.93 Mb Total Space | 23.86 Mb Free Space | 39.16% Space Free | Partition Type: FAT

    Computer Name: HOME-PC | User Name: Platten | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2014/02/15 17:44:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Platten\Desktop\OTL.exe
    PRC - [2014/02/13 20:19:48 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
    PRC - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2013/12/14 19:19:54 | 000,309,328 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    PRC - [2013/11/19 19:05:11 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
    PRC - [2013/10/16 18:05:49 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
    PRC - [2013/08/14 15:19:56 | 000,233,048 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
    PRC - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2012/12/21 14:32:50 | 000,819,040 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe


    ========== Modules (No Company Name) ==========

    MOD - [2014/01/20 13:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2014/01/20 13:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2012/12/20 18:19:26 | 000,479,752 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
    MOD - [2010/02/22 10:19:10 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
    MOD - [2010/02/22 10:19:08 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
    MOD - [2010/02/22 10:19:08 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


    ========== Services (SafeList) ==========

    SRV:64bit: - [2014/02/06 10:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
    SRV:64bit: - [2013/10/10 22:54:28 | 000,144,152 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
    SRV:64bit: - [2013/05/27 05:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
    SRV:64bit: - [2010/08/03 18:43:08 | 000,253,440 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2010/08/03 18:43:08 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
    SRV - [2014/02/05 07:27:56 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/12/21 06:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2013/10/16 18:05:49 | 000,356,128 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe -- (AVP)
    SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2013/08/14 15:19:22 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
    SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2012/12/21 14:32:50 | 000,819,040 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
    SRV - [2010/10/22 12:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
    SRV - [2010/09/30 21:44:46 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
    SRV - [2009/06/10 21:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/02/22 20:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2013/10/16 18:08:41 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
    DRV:64bit: - [2013/10/16 18:08:41 | 000,029,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
    DRV:64bit: - [2013/10/16 18:08:41 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
    DRV:64bit: - [2013/10/16 18:08:40 | 000,626,272 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
    DRV:64bit: - [2013/10/16 18:08:35 | 007,717,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
    DRV:64bit: - [2013/07/15 17:42:07 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
    DRV:64bit: - [2013/07/15 17:42:06 | 000,054,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
    DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
    DRV:64bit: - [2012/03/01 06:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2011/07/22 16:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
    DRV:64bit: - [2011/07/12 21:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
    DRV:64bit: - [2011/06/02 14:39:44 | 000,084,536 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
    DRV:64bit: - [2011/06/02 14:39:44 | 000,066,616 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
    DRV:64bit: - [2011/03/11 06:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/11 06:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2010/11/20 13:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 11:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 09:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
    DRV:64bit: - [2010/08/03 18:43:09 | 000,506,880 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2010/05/27 21:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2010/03/02 15:45:24 | 001,594,368 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
    DRV:64bit: - [2009/09/02 17:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV:64bit: - [2009/08/27 16:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
    DRV:64bit: - [2009/07/14 01:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/14 01:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/14 01:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/07/10 14:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
    DRV:64bit: - [2009/06/10 21:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
    DRV:64bit: - [2009/06/10 21:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
    DRV:64bit: - [2009/06/10 21:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
    DRV:64bit: - [2009/06/10 21:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
    DRV:64bit: - [2009/06/10 20:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
    DRV:64bit: - [2009/06/10 20:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
    DRV:64bit: - [2009/06/10 20:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 20:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 20:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 20:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/04/29 16:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
    DRV:64bit: - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2008/04/16 13:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
    DRV - [2009/09/02 17:58:08 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV - [2009/07/14 01:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{848438F6-FCC2-4597-8003-D27F540D55CC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{848438F6-FCC2-4597-8003-D27F540D55CC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Platten\Downloads
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN UK - Outlook.com formerly Hotmail, Bing, Skype and Latest News
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.co.uk/webhp?sourc...en-GB&ie=UTF-8
    IE - HKCU\..\SearchScopes,DefaultScope = {848438F6-FCC2-4597-8003-D27F540D55CC}
    IE - HKCU\..\SearchScopes\{848438F6-FCC2-4597-8003-D27F540D55CC}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


    ========== FireFox ==========

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
    FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2013/10/16 18:09:01 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/09 20:14:51 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/11/19 19:05:53 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/11/19 19:05:53 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/09 20:14:51 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - homepage: Google
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
    CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gears.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\gcswf32.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
    CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: YouTube = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: Kaspersky URL Advisor = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0\
    CHR - Extension: Safe Money = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0\
    CHR - Extension: Content Blocker = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.2.614_0\
    CHR - Extension: RealDownloader = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
    CHR - Extension: Virtual Keyboard = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.614_0\
    CHR - Extension: Webcam Toy = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade\1.5_0\
    CHR - Extension: Skype Click to Call = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
    CHR - Extension: Google Wallet = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
    CHR - Extension: Gmail = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
    CHR - Extension: Anti-Banner = C:\Users\Platten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0\

    O1 HOSTS File: ([2014/02/16 19:29:28 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
    O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
    O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
    O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (Kaspersky Passsword Manager Toolbar) - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab)
    O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Kaspersky Lab ZAO)
    O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
    O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
    O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm ()
    O9:64bit: - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
    O9:64bit: - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
    O9 - Extra Button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts.../ieawsdc32.cab (Microsoft Office Template and Media Control)
    O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://homebase.2020.net/Core/Player...erAX_Win32.cab (20-20 3D Viewer)
    O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} MSN Games - Free Online Games (UnoCtrl Class)
    O16 - DPF: {76392179-60A8-462D-8961-B95C14DAADF4} https://billcentre.vodafone.co.uk/bp...rintengine.cab (PrintEngine ActiveX Control v4.2)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8A5BE387-D09A-4DFA-A56B-DCB89BD11468} http://homebase.2020.net/planner/Cor..._WEB_Win32.cab (20-20 3D Viewer for WEB)
    O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/...soft/wrc32.ocx (WRC Class)
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} MSN Games - Free Online Games (MessengerStatsClient Class)
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} Free Online Games (Reg Error: Key error.)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E73781B-9486-4D06-89E4-6C40EA97C033}: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2AB0D2C-904E-45D5-B4A4-05FD4F867382}: DhcpNameServer = 192.168.1.254
    O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\gopher - No CLSID value found
    O18 - Protocol\Handler\livecall - No CLSID value found
    O18 - Protocol\Handler\msnim - No CLSID value found
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
    O32 - HKLM CDRom: AutoRun - 1
    O33 - MountPoints2\{566c2af9-a87d-11df-affc-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{566c2af9-a87d-11df-affc-806e6f6e6963}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O33 - MountPoints2\F\Shell - "" = AutoRun
    O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2014/02/16 19:28:41 | 000,000,000 | ---D | C] -- C:\_OTL
    [2014/02/15 17:42:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Platten\Desktop\OTL.exe
    [2014/02/15 17:36:47 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Local\FileTypeAssistant
    [2014/02/15 16:48:48 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2014/02/15 16:15:05 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2014/02/13 19:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
    [2014/02/13 19:59:04 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    [2014/02/12 19:53:23 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\Malwarebytes
    [2014/02/12 19:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2014/02/12 19:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2014/02/12 19:53:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2014/02/12 19:53:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2014/02/09 19:57:49 | 000,000,000 | ---D | C] -- C:\SUPERDelete
    [2014/02/09 18:15:33 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Roaming\SUPERAntiSpyware.com
    [2014/02/09 18:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2014/02/09 18:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2014/02/09 18:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2014/01/26 15:05:42 | 000,000,000 | ---D | C] -- C:\Users\Platten\AppData\Local\Skype
    [2014/01/26 15:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    [2014/01/26 15:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
    [2014/01/21 21:05:30 | 000,000,000 | ---D | C] -- C:\Windows\Migration
    [2 C:\Users\Platten\Documents\*.tmp files -> C:\Users\Platten\Documents\*.tmp -> ]
    [1 C:\Users\Platten\AppData\Local\*.tmp files -> C:\Users\Platten\AppData\Local\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2014/02/18 20:42:16 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2014/02/18 20:42:16 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2014/02/18 20:34:03 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2014/02/18 20:33:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2014/02/18 20:33:46 | 2361,593,856 | -HS- | M] () -- C:\hiberfil.sys
    [2014/02/18 20:33:04 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2014/02/18 20:26:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2014/02/16 19:29:28 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
    [2014/02/15 17:44:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Platten\Desktop\OTL.exe
    [2014/02/13 19:59:04 | 000,002,985 | ---- | M] () -- C:\Users\Platten\Desktop\HiJackThis.lnk
    [2014/02/12 19:53:08 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/02/09 18:15:17 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2014/02/05 19:30:52 | 000,000,370 | ---- | M] () -- C:\Windows\wininit.ini
    [2014/02/05 07:30:23 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
    [2014/01/26 17:42:22 | 000,404,454 | ---- | M] () -- C:\Users\Platten\Documents\cc_20140126_174210.reg
    [2014/01/26 17:36:42 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
    [2014/01/26 17:17:21 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl
    [2014/01/26 17:09:22 | 000,000,000 | ---- | M] () -- C:\Users\Platten\Documents\DownloadStatement_pdf.ka6nkfc.partial
    [2014/01/26 15:05:16 | 000,002,697 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
    [2014/01/26 15:02:43 | 000,000,059 | ---- | M] () -- C:\Users\Platten\AppData\Roaming\WB.CFG
    [2014/01/21 16:51:46 | 000,439,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2 C:\Users\Platten\Documents\*.tmp files -> C:\Users\Platten\Documents\*.tmp -> ]
    [1 C:\Users\Platten\AppData\Local\*.tmp files -> C:\Users\Platten\AppData\Local\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2014/02/13 19:59:04 | 000,002,985 | ---- | C] () -- C:\Users\Platten\Desktop\HiJackThis.lnk
    [2014/02/12 19:53:08 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2014/02/09 18:15:17 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    [2014/01/26 17:42:14 | 000,404,454 | ---- | C] () -- C:\Users\Platten\Documents\cc_20140126_174210.reg
    [2014/01/26 17:17:21 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl
    [2014/01/26 15:02:43 | 000,000,059 | ---- | C] () -- C:\Users\Platten\AppData\Roaming\WB.CFG
    [2014/01/05 18:35:36 | 000,000,370 | ---- | C] () -- C:\Windows\wininit.ini
    [2013/10/09 20:46:56 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp
    [2013/10/09 20:07:39 | 000,207,607 | ---- | C] () -- C:\Windows\hpwins28.dat
    [2013/10/09 20:07:39 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat
    [2012/03/30 06:35:28 | 000,017,408 | ---- | C] () -- C:\Users\Platten\AppData\Local\WebpageIcons.db
    [2011/05/14 10:28:59 | 000,000,000 | ---- | C] () -- C:\Users\Platten\AppData\Local\{24AD922F-DFE5-457F-8CA5-F12AB2DAC071}

    ========== ZeroAccess Check ==========

    [2009/07/14 04:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 02:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 01:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 01:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 12:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 01:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2012/11/29 20:58:15 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\HTC
    [2011/07/10 20:48:15 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\Samsung
    [2010/04/25 15:35:11 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\Tific
    [2011/11/05 14:06:35 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\UpdateTemp608441793
    [2010/04/14 16:23:35 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\WildTangent
    [2010/09/05 19:29:45 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\WinBatch
    [2010/11/03 21:15:25 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\Windows Live Writer
    [2010/03/14 13:49:57 | 000,000,000 | ---D | M] -- C:\Users\Platten\AppData\Roaming\_MDLogs

    ========== Purity Check ==========



    < End of report >

    Your help is much appreciated.

    Wander.

  10. #10
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Wander,

    No need to worry about the delay. And no need to apologize for OTL being in the downloads folder. I totally missed that myself. I take it for granted that everyone has their downloads directed to the desktop. I shouldn't do that. Hard habit to break.

    The logs look very nice. I'm going to have you scan with MBAM one more time and then ESET online scanner to make sure nothing is lurking in the background:

    Double Click
    • Click on the Update tab then the Check for Updates button.
    • Under the Scanner tab, click on Perform Quick Scan then click Scan.
    • The scan may take some time to finish, so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy & Paste the entire report in your next reply.

    Extra Note:
    If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

    Next:

    ESET Online Scanner

    Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

    • Please go >>HERE<< then click on:

      Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the icon to install.

      All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
    • Select the option YES, I accept the Terms of Use then click on:
    • When prompted allow the Add-On/Active X to install.
    • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
    • Now click on Advanced Settings and select the following:
      1. Scan for potentially unwanted applications
      2. Scan for potentially unsafe applications
      3. Enable Anti-Stealth Technology
    • Now click on:
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
    • Copy and paste that log as a reply to this topic.
    • Now click on:
      (Selecting Uninstall application on close if you so wish)


    In your next reply, please post the following logs:

    C:\Program Files\ESET\EsetOnlineScanner\log.txt
    MBAM log


    Thank you!
    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

Page 1 of 2 12 LastLast