dslreports logo
site
    All Forums Hot Topics Gallery
spc
Search Topic:
uniqs
3210
share rss forum feed


dougfccn

@comcast.net

My Toshiba laptop is infected and I can't get it clean

I picked up one or more viruses a few months ago on my Toshiba laptop running Windows 7 Pro. I have been keeping it off the network because I didn't want to risk infecting other computers on my network. So it doesn't have the very latest updates for Windows, Java, etc. I have McAfee installed but it doesn't seem to be able to get rid of the bugs. So I followed your steps in the Clean-Up forum.
Please see attachment.
Thanks.
Doug


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
opened:

I picked up one or more viruses a few months ago on my Toshiba laptop running Windows 7 Pro. I have been keeping it off the network because I didn't want to risk infecting other computers on my network. So it doesn't have the very latest updates for Windows, Java, etc. I have McAfee installed but it doesn't seem to be able to get rid of the bugs. So I followed your steps in the Clean-Up forum:

1. Don't have Spybot or AdAware installed.
2. Ran everything with "Run as Administrator" as instructed
3. Enabled Show Hidden Files and Folders (including System stuff)
4. Turned off wordwrap in Notepad
5. Don't have Windows Defender installed
6. Turned off realtime Anti-virus protection in McAfee
7. Don't have CCleaner installed
8. Downloaded all cleaning programs at once on a different computer and put them on a USB flash drive for use on the laptop.
9. Cleaning steps started
10. (Clean Step #1) Ran TFC (successful) and rebooted.
11. (Clean Step #2) MBAM: installed it, updated it, and launched it.
11.a. Ran MBAM without removal process. Here's the log:
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast

1 edit
=============MBAM log without removal process START==================
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.09.05

Windows 7 Service Pack 1 x64 FAT32
Internet Explorer 11.0.9600.16428
Judy Forester :: BLACKDIAMOND [administrator]

Protection: Enabled

2/9/2014 11:13:33 AM
MBAM-log-2014-02-09 (12-25-59).txt

Scan type: Full scan (C:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 502036
Time elapsed: 1 hour(s), 11 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> No action taken.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> No action taken.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> No action taken.

Registry Values Detected: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0J1F1G1P0M1J1H1J2WtG0T1R -> No action taken.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Folders Detected: 1
C:\Users\Judy Forester\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> No action taken.

Files Detected: 5
C:\ProgramData\ReadOnlyInstaller.msi (PUP.Optional.WeCare.A) -> No action taken.
C:\Users\Judy Forester\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> No action taken.
C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data (PUP.Optional.BProtector.A) -> No action taken.
C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences (PUP.Optional.BProtector.A) -> No action taken.
C:\Users\Judy Forester\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> No action taken.

(end)
=============MBAM log without removal process END==================
11.b. Ran MBAM with removal process. Here's the log:
=============MBAM log with removal process START==================
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.09.05

Windows 7 Service Pack 1 x64 FAT32
Internet Explorer 11.0.9600.16428
Judy Forester :: BLACKDIAMOND [administrator]

Protection: Enabled

2/9/2014 11:13:33 AM
mbam-log-2014-02-09 (11-13-33).txt

Scan type: Full scan (C:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 502036
Time elapsed: 1 hour(s), 11 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0J1F1G1P0M1J1H1J2WtG0T1R -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 1
C:\Users\Judy Forester\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.

Files Detected: 5
C:\ProgramData\ReadOnlyInstaller.msi (PUP.Optional.WeCare.A) -> Quarantined and deleted successfully.
C:\Users\Judy Forester\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.
C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully.
C:\Users\Judy Forester\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully.

(end)
=============MBAM log with removal process END==================
11.c. Rebooted
12. Ran AdwCleaner, rebooted. Here's the log:
============= AdwCleaner log with after reboot START =================
# AdwCleaner v3.018 - Report created 09/02/2014 at 12:43:22
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Judy Forester - BLACKDIAMOND
# Running from : F:\Infected\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\Owner\AppData\Local\PackageAware
Folder Deleted : C:\Users\Judy Forester\AppData\Local\PackageAware
Folder Deleted : C:\Users\Judy Forester\AppData\LocalLow\Claro LTD
Folder Deleted : C:\Users\Judy Forester\AppData\Roaming\Babylon
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKCU\Software\5955db8bb06aef46
Key Deleted : HKLM\SOFTWARE\5955db8bb06aef46
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v

[ File : C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup

[ File : C:\Users\Doug Forester\AppData\Local\Google\Chrome\User Data\Default\preferences ]


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
*************************

AdwCleaner[R0].txt - [4188 octets] - [09/02/2014 12:41:29]
AdwCleaner[R1].txt - [4248 octets] - [09/02/2014 12:42:29]
AdwCleaner[S0].txt - [4010 octets] - [09/02/2014 12:43:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4070 octets] ##########
============= AdwCleaner log with after reboot END =================

12. Ran OTL twice, both with LOP Check and Purity Check on. First time, selected all files. Here's the log scanning All Files:
============= OTL All Files log START =================
OTL logfile created on: 2/9/2014 12:55:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Infected
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 41.80% Memory free
9.83 Gb Paging File | 7.03 Gb Available in Paging File | 71.56% Paging File free
Paging file location(s): c:\pagefile.sys 6039 6039 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.24 Gb Total Space | 61.38 Gb Free Space | 10.51% Space Free | Partition Type: NTFS
Drive F: | 7.49 Gb Total Space | 7.46 Gb Free Space | 99.73% Space Free | Partition Type: FAT32

Computer Name: BLACKDIAMOND | User Name: Judy Forester | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014/02/09 08:38:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Infected\OTL.exe
PRC - [2013/12/04 11:38:09 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Users\Judy Forester\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/10/23 17:41:22 | 001,608,008 | ---- | M] (Hobbyist Software) -- C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
PRC - [2013/09/03 00:03:16 | 003,233,806 | ---- | M] () -- C:\Program Files (x86)\Tor\tor.exe
PRC - [2013/08/03 09:45:04 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/02/25 08:58:30 | 003,093,024 | ---- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
PRC - [2013/02/25 08:58:30 | 001,239,584 | ---- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
PRC - [2010/04/23 10:34:08 | 000,040,960 | ---- | M] () -- C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoEJCD.exe
PRC - [2010/04/23 10:34:08 | 000,016,384 | ---- | M] () -- C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoInstallEJCDSvc.exe
PRC - [2010/03/03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/12/25 15:21:16 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2009/11/11 16:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\AirPort\APAgent.exe
PRC - [2009/02/23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
PRC - [2008/02/08 20:32:54 | 000,253,952 | ---- | M] (PIXELA CORPORATION) -- C:\Program Files (x86)\PIXELA\ImageMixer 3 SE for SD\CameraMonitor.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/11/21 15:56:29 | 000,194,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\729da3bff06db24c800c87b743d2049f\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2013/11/21 15:55:43 | 002,659,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
MOD - [2013/11/21 15:55:41 | 000,393,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f58dc6b661c4fb91c68945da9b701135\System.Xml.Linq.ni.dll
MOD - [2013/11/21 15:24:49 | 018,003,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll
MOD - [2013/11/21 15:24:34 | 011,451,904 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll
MOD - [2013/11/21 15:24:34 | 006,817,280 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\de9e77138e17f0188104c9ec32d375da\System.Data.ni.dll
MOD - [2013/11/21 15:24:27 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll
MOD - [2013/11/21 15:24:23 | 007,070,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2013/11/21 15:24:19 | 001,014,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013/11/21 15:24:18 | 003,858,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll
MOD - [2013/10/04 15:45:45 | 000,221,696 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013/10/04 15:43:59 | 001,801,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/10/04 15:22:48 | 000,595,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll
MOD - [2013/10/04 15:22:46 | 005,628,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/10/04 15:22:43 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/10/04 15:22:38 | 009,099,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/10/04 14:58:13 | 000,145,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\cfbc74c91b44af85d10b272ae5c70d5a\System.Numerics.ni.dll
MOD - [2013/10/04 14:58:08 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/01/04 14:44:12 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\PIXELA\ImageMixer 3 SE for SD\pxl_m17n_tool.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2013/11/22 11:59:58 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/04 16:46:16 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/11/04 16:41:02 | 000,219,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/09/24 16:07:30 | 000,178,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2013/09/20 09:46:36 | 001,017,016 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013/08/02 17:52:58 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/11/02 21:43:00 | 000,112,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\WhsMcClient.exe -- (WhsMcClient)
SRV:64bit: - [2012/11/02 21:07:28 | 000,080,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe -- (arXfrSvc)
SRV:64bit: - [2012/08/05 21:42:30 | 005,274,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe -- (GsServer)
SRV:64bit: - [2012/01/12 11:26:20 | 000,040,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe -- (ServiceProviderRegistry)
SRV:64bit: - [2011/03/02 15:46:44 | 000,027,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\LANConfigSvc.exe -- (LANConfig)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (WSS_ComputerBackupProviderSvc)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (SqmProviderSvc)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (providers_system)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (NotificationsProviderSvc)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (initMonitor)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (HealthAlertsSvc)
SRV:64bit: - [2011/03/02 15:46:34 | 000,228,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe -- (WSConnectorUpdate)
SRV:64bit: - [2010/04/06 14:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/02/23 17:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/10/21 09:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/07/28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/09/03 00:03:16 | 003,233,806 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tor\tor.exe -- (tor)
SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/25 08:58:30 | 001,239,584 | ---- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe -- (Fitbit Connect)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/15 01:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/04/23 10:34:08 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoInstallEJCDSvc.exe -- (AutoInstallEJCD)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2013/11/04 16:51:44 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013/11/04 16:46:34 | 000,343,696 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/11/04 16:43:04 | 000,782,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/11/04 16:41:22 | 000,519,576 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/11/04 16:40:00 | 000,311,120 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/11/04 16:39:20 | 000,179,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/09/20 09:38:14 | 000,095,984 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2013/09/20 09:37:56 | 000,390,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/16 12:00:12 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2013/02/16 12:00:12 | 000,075,016 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/06/24 22:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/07/07 16:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/06/20 09:07:08 | 001,225,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2011/05/26 08:21:28 | 000,174,680 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/02 13:33:12 | 000,063,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BackupReader.sys -- (BackupReader)
DRV:64bit: - [2011/02/18 22:48:28 | 000,045,624 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ZDCNDIS6a64.sys -- (ZDCNDIS6a64)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 02:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/10/16 14:12:47 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/04/23 10:34:09 | 000,752,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WLANUHN.sys -- (QW720S64)
DRV:64bit: - [2010/03/12 18:21:52 | 000,097,280 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2010/03/10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/05 17:15:14 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2010/01/15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/12 14:37:34 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/09/28 00:07:04 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 17:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009/06/29 16:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 10:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2007/05/18 15:36:48 | 000,082,944 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\marsqx5.sys -- (marsqx5)
DRV - [2011/02/18 22:48:28 | 000,045,624 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ZDCNDIS6a64.sys -- (ZDCNDIS6a64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/04/02 16:02:02 | 000,072,576 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\marsqx5.sys -- (marsqx5)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {BAF64DD8-4818-4F1D-9C5E-A02AC6BC4F36}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{BAF64DD8-4818-4F1D-9C5E-A02AC6BC4F36}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A2136B2-6430-4DD6-A35D-B7A77F84D242}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{07305ADC-BA3C-4A42-9DBE-1DEEC1DF92D4}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_en
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBR
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{6A2136B2-6430-4DD6-A35D-B7A77F84D242}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
[color=#E56717]========== FireFox ==========[/color]

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Judy Forester\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Judy Forester\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/09/28 15:42:12 | 000,000,000 | ---D | M]

[2012/11/23 13:35:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.29_0\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.28\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2013/09/04 00:04:16 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Easy PDF Creator] "C:\Program Files\Easy PDF Creator\EasyPDFCreator.exe" File not found
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launchpad] C:\Program Files\Windows Server\Bin\Launchpad.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files (x86)\AutoInstall\AR9170_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
O4 - HKLM..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe" File not found
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004..\Run: [Hobbyist Software VLC Streamer] C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe (Hobbyist Software)
O4 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Judy Forester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC119C4B-4995-4508-82C8-F0731B0FD2A5}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f82af37b-37a8-11e0-809d-88ae1d3d2a6c}\Shell - "" = AutoRun
O33 - MountPoints2\{f82af37b-37a8-11e0-809d-88ae1d3d2a6c}\Shell\AutoRun\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within (All) ==========[/color]

[2014/02/09 12:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/02/09 12:40:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/09 11:11:38 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Malwarebytes
[2014/02/09 11:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/09 11:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/09 11:11:16 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/02/09 11:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/12/21 11:36:07 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
[2013/12/21 11:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
[2013/12/21 11:36:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicISO
[2013/12/21 10:44:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/12/06 09:10:45 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Oracle
[2013/12/06 09:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/12/06 09:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/12/06 09:09:07 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2013/12/06 09:08:58 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2013/12/06 09:08:58 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2013/12/06 09:08:58 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2013/12/06 09:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/12/04 00:15:54 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/12/04 00:15:54 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/04 00:15:53 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Macromed
[2013/12/04 00:15:51 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed
[2013/12/01 20:34:49 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\My Kindle Content
[2013/12/01 20:34:16 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2013/12/01 20:34:04 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Local\Amazon
[2013/12/01 19:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Streamer
[2013/11/29 15:49:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sudoku
[2013/11/29 13:08:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AirPort
[2013/11/28 22:37:50 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\27243
[2013/11/24 17:03:53 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys
[2013/11/22 12:02:38 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEUDINIT.EXE
[2013/11/22 12:00:05 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/22 12:00:05 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/11/22 11:59:58 | 023,212,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtml.dll
[2013/11/22 11:59:58 | 017,142,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtml.dll
[2013/11/22 11:59:58 | 012,995,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieframe.dll
[2013/11/22 11:59:58 | 011,220,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieframe.dll
[2013/11/22 11:59:58 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/11/22 11:59:58 | 004,240,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9.dll
[2013/11/22 11:59:58 | 002,764,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iertutil.dll
[2013/11/22 11:59:58 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtml.tlb
[2013/11/22 11:59:58 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtml.tlb
[2013/11/22 11:59:58 | 002,332,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wininet.dll
[2013/11/22 11:59:58 | 002,166,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iertutil.dll
[2013/11/22 11:59:58 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/11/22 11:59:58 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/11/22 11:59:58 | 001,818,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wininet.dll
[2013/11/22 11:59:58 | 001,394,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\urlmon.dll
[2013/11/22 11:59:58 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/11/22 11:59:58 | 001,156,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\urlmon.dll
[2013/11/22 11:59:58 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/11/22 11:59:58 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2013/11/22 11:59:58 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/11/22 11:59:58 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/11/22 11:59:58 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2013/11/22 11:59:58 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/11/22 11:59:58 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2013/11/22 11:59:58 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/11/22 11:59:58 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/11/22 11:59:58 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/11/22 11:59:58 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/11/22 11:59:58 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/11/22 11:59:58 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2013/11/22 11:59:58 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/11/22 11:59:58 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll
[2013/11/22 11:59:58 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vbscript.dll
[2013/11/22 11:59:58 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/11/22 11:59:58 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/11/22 11:59:58 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/11/22 11:59:58 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxtmsft.dll
[2013/11/22 11:59:58 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/11/22 11:59:58 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/11/22 11:59:58 | 000,263,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iedkcs32.dll
[2013/11/22 11:59:58 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/11/22 11:59:58 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxtrans.dll
[2013/11/22 11:59:58 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webcheck.dll
[2013/11/22 11:59:58 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iedkcs32.dll
[2013/11/22 11:59:58 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/11/22 11:59:58 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/11/22 11:59:58 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/11/22 11:59:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/11/22 11:59:58 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webcheck.dll
[2013/11/22 11:59:58 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/11/22 11:59:58 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msls31.dll
[2013/11/22 11:59:58 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/11/22 11:59:58 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/11/22 11:59:58 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/11/22 11:59:58 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/11/22 11:59:58 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/11/22 11:59:58 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/11/22 11:59:58 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/11/22 11:59:58 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/11/22 11:59:58 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/11/22 11:59:58 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/11/22 11:59:58 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/11/22 11:59:58 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/11/22 11:59:58 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2013/11/22 11:59:58 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/11/22 11:59:58 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/11/22 11:59:58 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/11/22 11:59:58 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/11/22 11:59:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/11/22 11:59:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/11/22 11:59:58 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/11/22 11:59:58 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2013/11/22 11:59:58 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/11/22 11:59:58 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/11/22 11:59:58 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/11/22 11:59:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/11/22 11:59:58 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/22 11:59:58 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/11/22 11:59:58 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/11/22 11:59:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/11/22 11:59:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/11/22 11:59:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/11/22 11:59:58 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2013/11/22 11:59:58 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/11/22 11:59:58 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/11/22 11:59:58 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsproxy.dll
[2013/11/22 11:59:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedsbs.dll
[2013/11/22 11:59:58 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2013/11/22 11:59:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/11/22 11:59:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/11/22 11:59:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2013/11/22 11:59:58 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/11/22 11:59:58 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedsbs.dll
[2013/11/22 11:59:58 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsproxy.dll
[2013/11/22 11:59:58 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/22 11:59:58 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imgutil.dll
[2013/11/22 11:59:58 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/22 11:59:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/11/22 11:59:58 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/11/22 11:59:58 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/11/22 11:59:58 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/11/22 11:59:58 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/11/22 11:59:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshta.exe
[2013/11/22 11:59:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/11/22 11:59:58 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/11/22 11:59:58 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2013/11/22 11:56:43 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\en-US\tsusbflt.sys.mui
[2013/11/22 11:56:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RdpGroupPolicyExtension.dll
[2013/11/22 11:56:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013/11/22 11:56:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013/11/22 11:56:33 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\TsUsbFlt.sys
[2013/11/22 11:56:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdpvideominiport.sys
[2013/11/22 11:56:27 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2013/11/22 11:56:27 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2013/11/22 11:56:27 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2013/11/22 11:56:27 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprt.exe
[2013/11/22 11:56:27 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2013/11/22 11:56:27 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2013/11/22 11:56:27 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll
[2013/11/22 11:56:27 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpendp_winip.dll
[2013/11/22 11:56:27 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpendp_winip.dll
[2013/11/22 11:56:27 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWbPrxy.exe
[2013/11/22 11:56:27 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsRdpWebAccess.dll
[2013/11/22 11:56:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MsRdpWebAccess.dll
[2013/11/22 11:56:27 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2013/11/22 11:56:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsUsbGDCoInstaller.dll
[2013/11/22 11:56:27 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2013/11/22 11:56:27 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wksprtPS.dll
[2013/11/22 11:56:27 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wksprtPS.dll
[2013/11/22 11:56:26 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2013/11/22 11:56:25 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2013/11/22 11:54:19 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2013/11/22 11:54:19 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbccgp.sys
[2013/11/22 11:54:19 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbehci.sys
[2013/11/22 11:54:19 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2013/11/22 11:54:18 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbhub.sys
[2013/11/22 11:54:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbuhci.sys
[2013/11/22 11:54:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbohci.sys
[2013/11/21 14:05:34 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2013/11/21 14:05:33 | 001,168,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\crypt32.dll
[2013/11/21 14:05:33 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptsvc.dll
[2013/11/21 14:05:32 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptnet.dll
[2013/11/21 14:05:31 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptsvc.dll
[2013/11/21 14:05:31 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2013/11/21 14:04:49 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\afd.sys
[2013/11/21 14:04:36 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2013/11/21 14:04:35 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2013/11/21 14:04:35 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2013/11/21 14:04:34 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2013/11/21 14:04:33 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\credui.dll
[2013/11/21 14:04:33 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2013/11/21 14:03:58 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schannel.dll
[2013/11/21 14:03:58 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\schannel.dll
[2013/11/21 14:03:57 | 000,458,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\cng.sys
[2013/11/21 14:03:57 | 000,154,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ksecpkg.sys
[2013/11/21 14:03:56 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2013/11/21 14:03:56 | 000,095,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ksecdd.sys
[2013/11/21 14:03:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2013/11/21 14:03:55 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sspicli.dll
[2013/11/21 14:03:54 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2013/11/21 14:03:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsass.exe
[2013/11/21 14:03:54 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secur32.dll
[2013/11/21 14:03:53 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncrypt.dll
[2013/11/21 14:03:52 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2013/11/21 14:03:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2013/11/21 14:03:37 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2013/11/21 14:03:37 | 000,311,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gdi32.dll
[2013/11/21 14:03:33 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IKEEXT.DLL
[2013/11/21 14:03:32 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll
[2013/11/21 14:03:32 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL
[2013/11/21 14:03:32 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2013/11/21 14:03:31 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2013/11/21 13:58:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OverDrive Media Console
[2013/11/21 13:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OverDrive Media Console
[2013/10/19 21:21:48 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2013/10/19 21:21:47 | 000,530,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comctl32.dll
[2013/10/19 21:21:45 | 000,785,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Wdf01000.sys
[2013/10/19 21:21:43 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2013/10/19 21:21:43 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2013/10/19 21:21:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2013/10/19 21:21:42 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2013/10/19 21:21:42 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2013/10/19 21:21:42 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2013/10/19 21:21:42 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\lpk.dll
[2013/10/19 21:21:42 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dciman32.dll
[2013/10/19 21:21:41 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2013/10/19 21:21:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2013/10/19 21:21:38 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbvideo.sys
[2013/10/19 21:21:37 | 000,109,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBAUDIO.sys
[2013/10/19 21:21:37 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbcir.sys
[2013/10/19 21:21:35 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2013/10/19 21:21:35 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidparse.sys
[2013/10/19 21:21:33 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WebClnt.dll
[2013/10/19 21:21:33 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WebClnt.dll
[2013/10/19 21:21:32 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxdav.sys
[2013/10/19 21:21:32 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2013/10/19 21:21:32 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\davclnt.dll
[2013/10/19 21:21:29 | 001,903,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tcpip.sys
[2013/10/19 21:21:28 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mswsock.dll
[2013/10/19 21:21:27 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mswsock.dll
[2013/10/19 21:21:26 | 003,155,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32k.sys
[2013/10/19 21:21:18 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013/10/19 21:21:17 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2013/10/19 21:21:15 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2013/10/19 21:21:15 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2013/10/19 21:21:14 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013/10/19 21:21:14 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll
[2013/10/19 21:21:13 | 001,292,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntdll.dll
[2013/10/19 21:21:13 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll
[2013/10/19 21:21:12 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\advapi32.dll
[2013/10/19 21:21:12 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2013/10/19 21:21:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2013/10/19 21:21:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2013/10/19 21:21:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2013/10/19 21:21:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2013/10/19 21:21:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2013/10/19 21:20:35 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013/10/19 21:20:34 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013/10/19 21:20:32 | 000,983,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgkrnl.sys
[2013/10/19 21:20:32 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2013/10/19 21:20:31 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2013/10/19 21:20:29 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2013/10/04 15:33:14 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2013/10/01 23:39:15 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Local\avgchrome
[2013/09/29 09:06:54 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Local\{887F8BAD-F651-471D-B3F4-176950932E06}
[2013/09/28 14:09:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin GPS Plugin
[2013/09/28 14:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Garmin GPS Plugin
[2013/09/28 14:09:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Garmin
[2013/09/28 14:09:16 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Garmin
[2013/09/28 13:44:17 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\DVDFab9
[2013/09/28 13:44:17 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\DVDFab9
[2013/09/20 09:38:30 | 000,010,856 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeclnrk.sys
[2013/09/20 09:38:14 | 000,095,984 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfencrk.sys
[2013/09/20 09:37:56 | 000,390,552 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfencbdc.sys
[2013/09/16 11:09:42 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2013/09/16 11:09:21 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013/09/16 11:09:19 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2013/09/16 11:09:19 | 001,114,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kernel32.dll
[2013/09/16 11:09:19 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KernelBase.dll
[2013/09/16 11:09:19 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2013/09/16 11:09:18 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013/09/16 11:09:18 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2013/09/16 11:09:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2013/09/16 11:09:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2013/09/16 11:09:17 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2013/09/16 11:09:16 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013/09/16 11:09:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/16 11:09:15 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013/09/16 11:09:15 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013/09/16 11:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013/09/16 11:09:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013/09/16 11:09:14 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/16 11:09:14 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/16 11:09:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/16 11:09:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013/09/16 11:09:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/09/16 11:09:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013/09/16 11:09:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013/09/16 11:09:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013/09/16 11:09:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013/09/16 11:09:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/16 11:09:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/16 11:09:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/09/16 11:09:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013/09/16 11:09:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013/09/16 11:09:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013/09/16 11:09:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013/09/16 11:09:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/16 11:09:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/09/16 11:09:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/09/16 11:09:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/16 11:09:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013/09/16 11:09:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013/09/16 11:09:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/16 11:09:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/09/16 11:09:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/16 11:09:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013/09/16 11:09:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013/09/16 11:09:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013/09/16 11:09:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013/09/16 11:09:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013/09/16 11:09:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013/09/16 11:09:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013/09/16 11:09:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/16 11:09:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013/09/16 11:09:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/16 11:09:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/16 11:09:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013/09/16 11:09:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013/09/16 11:09:07 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013/09/16 11:09:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/16 11:09:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013/09/16 11:09:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/09/16 11:09:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013/09/16 11:09:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013/09/16 11:09:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013/09/16 11:09:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013/09/16 11:09:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013/09/16 11:09:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013/09/16 11:09:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013/09/16 11:09:02 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013/09/16 11:08:48 | 014,172,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shell32.dll
[2013/09/16 11:08:47 | 012,872,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shell32.dll
[2013/09/16 11:08:46 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2013/09/16 11:08:46 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shdocvw.dll
[2013/09/03 00:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tor
[2013/08/15 17:59:37 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2013/08/15 17:59:37 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wintrust.dll
[2013/08/15 17:58:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tzres.dll
[2013/08/15 17:58:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tzres.dll
[2013/08/15 17:58:35 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2013/08/15 17:58:33 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpcrt4.dll
[2013/08/15 17:58:31 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2013/08/15 17:58:31 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2013/08/15 17:58:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tssecsrv.sys
[2013/08/15 17:58:25 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2013/08/03 15:55:26 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Judy Forester\AppData\Roaming\pcouffin.sys
[2013/08/03 15:55:25 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Vso
[2013/08/03 15:55:25 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\PcSetup
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
[2013/08/03 15:55:25 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Vso
[2013/08/03 15:55:25 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\PcSetup
[2013/08/03 14:49:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/07/25 15:17:14 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\My_Cabinets
[2013/07/11 00:57:48 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2013/07/11 00:57:48 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2013/07/11 00:57:21 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013/07/11 00:57:21 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DWrite.dll
[2013/07/05 10:11:40 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptdlg.dll
[2013/07/05 10:11:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptdlg.dll
[2013/07/05 10:11:34 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013/07/05 10:11:34 | 001,230,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WindowsCodecs.dll
[2013/07/05 09:40:03 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2013/07/05 09:40:03 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d2d1.dll
[2013/07/05 09:40:03 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2013/07/05 09:40:03 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2013/07/05 09:40:03 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2013/07/05 09:40:03 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10warp.dll
[2013/07/05 09:40:03 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2013/07/05 09:40:03 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2013/07/05 09:40:03 | 001,175,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FntCache.dll
[2013/07/05 09:40:03 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2013/07/05 09:40:03 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10.dll
[2013/07/05 09:40:03 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2013/07/05 09:40:03 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10level9.dll
[2013/07/05 09:40:03 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013/07/05 09:40:03 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2013/07/05 09:40:03 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2013/07/05 09:40:03 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013/07/05 09:40:03 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2013/07/05 09:40:03 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2013/07/05 09:40:03 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2013/07/05 09:40:03 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxgi.dll
[2013/07/05 09:40:03 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10_1core.dll
[2013/07/05 09:40:03 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2013/07/05 09:40:03 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2013/07/05 09:40:03 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10core.dll
[2013/07/05 09:40:03 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WindowsCodecsExt.dll
[2013/07/05 09:40:03 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2013/07/05 09:40:03 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2013/07/05 09:40:03 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d10_1.dll
[2013/07/05 09:40:03 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/07/05 09:40:03 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/07/05 09:40:03 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/07/05 09:40:03 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/07/05 09:40:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/07/05 09:40:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/07/05 09:40:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/07/05 09:40:03 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/07/05 09:40:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/07/05 09:40:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/07/05 09:40:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/07/05 09:40:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/07/05 09:40:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/07/05 09:40:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013/07/05 09:40:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/07/05 09:40:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/07/05 09:40:03 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/07/05 09:40:03 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/07/05 09:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/07/05 09:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/07/05 09:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/06/13 19:48:09 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013/06/13 19:48:09 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2013/06/13 19:48:04 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certutil.exe
[2013/06/13 19:48:04 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certutil.exe
[2013/06/13 19:48:04 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certenc.dll
[2013/06/13 19:48:04 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certenc.dll
[2013/06/13 19:47:53 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2013/06/13 19:47:53 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2013/05/21 15:12:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee.com
[2013/05/21 15:12:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2013/05/21 15:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2013/05/21 15:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2013/05/21 15:08:38 | 000,182,752 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\mfevtps.exe
[2013/05/16 20:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fitbit Connect
[2013/05/16 20:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\FitbitConnect
[2013/05/16 20:13:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fitbit Connect
[2013/05/14 21:18:57 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2013/05/14 21:18:56 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appinfo.dll
[2013/05/14 21:18:24 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwansvc.dll
[2013/05/14 21:18:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2013/04/23 23:56:40 | 001,656,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ntfs.sys
[2013/04/10 00:12:36 | 000,223,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fvevol.sys
[2013/03/20 14:35:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys
[2013/03/17 13:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\OCTech, LLC
[2013/03/15 17:17:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/15 17:17:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/14 07:15:12 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Local\{0C47A90F-A72C-4A86-8DE7-FD37971121C3}
[2013/02/16 12:00:12 | 000,256,392 | ---- | C] (FTDI Ltd.) -- C:\windows\SysNative\ftd2xx.dll
[2013/02/16 12:00:12 | 000,218,504 | ---- | C] (FTDI Ltd.) -- C:\windows\SysWow64\ftd2xx.dll
[2013/02/16 12:00:12 | 000,214,920 | ---- | C] (FTDI Ltd.) -- C:\windows\SysNative\FTLang.dll
[2013/02/16 12:00:12 | 000,108,936 | ---- | C] (FTDI Ltd.) -- C:\windows\SysNative\ftbusui.dll
[2013/02/16 12:00:12 | 000,085,384 | ---- | C] (FTDI Ltd.) -- C:\windows\SysNative\drivers\ftser2k.sys
[2013/02/16 12:00:12 | 000,075,016 | ---- | C] (FTDI Ltd.) -- C:\windows\SysNative\drivers\ftdibus.sys
[2013/02/16 12:00:12 | 000,065,416 | ---- | C] (FTDI Ltd.) -- C:\windows\SysNative\ftcserco.dll
[2013/02/16 12:00:12 | 000,055,176 | ---- | C] (FTDI Ltd.) -- C:\windows\SysNative\ftserui2.dll
[2013/01/08 19:46:17 | 002,002,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6.dll
[2013/01/08 19:46:17 | 001,882,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3.dll
[2013/01/08 19:46:16 | 001,389,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6.dll
[2013/01/08 19:46:16 | 001,236,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3.dll
[2013/01/08 19:46:10 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2013/01/08 19:46:10 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usp10.dll
[2013/01/08 19:45:52 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
[2013/01/08 19:45:51 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
[2013/01/08 19:45:51 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
[2013/01/08 19:45:51 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
[2013/01/08 19:45:51 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
[2013/01/08 19:45:51 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
[2013/01/08 19:45:50 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
[2013/01/08 19:45:50 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
[2013/01/08 19:45:50 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
[2013/01/08 19:45:50 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
[2013/01/08 19:45:49 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
[2013/01/08 19:45:49 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
[2013/01/08 19:45:49 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
[2013/01/08 19:45:49 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
[2013/01/08 19:45:48 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
[2013/01/08 19:45:48 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
[2013/01/08 19:45:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
[2013/01/08 19:45:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
[2013/01/08 19:45:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
[2013/01/08 19:45:47 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
[2013/01/08 19:45:46 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
[2013/01/08 19:45:45 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2013/01/08 19:45:45 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2013/01/08 19:45:45 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
[2013/01/08 19:45:38 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
[2013/01/08 19:45:38 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
[2013/01/08 19:45:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
[2013/01/08 19:45:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
[2013/01/08 19:45:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
[2013/01/08 19:45:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
[2013/01/08 19:45:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
[2013/01/08 19:45:37 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
[2013/01/08 19:44:18 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2013/01/08 19:44:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2013/01/08 19:44:17 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2013/01/08 19:42:56 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2012/12/26 09:55:26 | 000,070,112 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\cfwids.sys
[2012/12/26 09:52:44 | 000,343,696 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfewfpk.sys
[2012/12/26 09:50:48 | 000,782,360 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfehidk.sys
[2012/12/26 09:49:42 | 000,519,576 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfefirek.sys
[2012/12/26 09:49:00 | 000,311,120 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeavfk.sys
[2012/12/26 09:48:30 | 000,179,792 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\mfeapfk.sys
[2012/12/20 23:53:37 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys
[2012/12/20 23:53:37 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wdfres.dll
[2012/12/20 23:53:37 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\en-US\wdf01000.sys.mui
[2012/12/12 00:35:12 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnet.dll
[2012/12/12 00:35:12 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnet.dll
[2012/12/03 09:26:10 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WUDFRd.sys
[2012/12/03 09:26:10 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WUDFPf.sys
[2012/12/03 09:26:09 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2012/12/03 09:26:09 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFSvc.dll
[2012/12/03 09:26:09 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2012/12/03 09:26:08 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2012/12/03 09:26:08 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2012/11/29 22:04:15 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll
[2012/11/29 22:04:15 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcsvc6.dll
[2012/11/29 22:04:05 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll
[2012/11/29 22:04:05 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll
[2012/11/29 22:03:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netevent.dll
[2012/11/29 22:03:46 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcorehc.dll
[2012/11/29 22:03:46 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2012/11/29 22:03:46 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlaapi.dll
[2012/11/29 22:03:36 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nlasvc.dll
[2012/11/29 22:03:35 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2012/11/29 22:03:35 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nlaapi.dll
[2012/11/29 22:03:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netevent.dll
[2012/11/29 22:03:32 | 000,569,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iphlpsvc.dll
[2012/11/29 22:03:32 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcorehc.dll
[2012/11/29 22:03:32 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tcpipreg.sys
[2012/11/29 22:03:01 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
[2012/11/29 22:03:01 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
[2012/11/23 13:36:02 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\searchplugins
[2012/11/23 13:36:02 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Extensions
[2012/10/10 01:06:22 | 000,715,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kerberos.dll
[2012/10/10 01:06:21 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kerberos.dll
[2012/09/27 07:35:37 | 000,000,000 | ---D | C] -- C:\_Queue
[2012/09/27 07:04:14 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2012/09/27 07:04:14 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2012/09/26 21:51:33 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OxpsConverter.exe
[2012/09/12 08:29:39 | 000,950,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ndis.sys
[2012/09/12 08:29:38 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\RNDISMP.sys
[2012/09/12 08:29:33 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2012/08/14 19:39:18 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2012/08/14 19:39:18 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\srclient.dll
[2012/08/14 19:39:09 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spoolsv.exe
[2012/08/14 19:39:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/08/14 19:39:03 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browser.dll
[2012/08/14 19:39:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/08/14 19:39:03 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/08/14 19:39:03 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netapi32.dll
[2012/08/14 19:39:02 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/08/14 19:38:53 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/07/11 03:07:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2012/07/11 03:07:34 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2012/07/11 03:07:13 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll
[2012/07/11 03:07:10 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll
[2012/06/24 22:24:48 | 000,052,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dc3d.sys
[2012/06/22 01:26:27 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2012/06/22 01:26:27 | 002,428,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuaueng.dll
[2012/06/22 01:26:27 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2012/06/22 01:26:27 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2012/06/22 01:26:02 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2012/06/22 01:26:02 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2012/06/22 01:26:02 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2012/06/22 01:25:33 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2012/06/22 01:25:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2012/06/20 01:48:14 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\statins_files
[2012/06/13 00:44:01 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2012/06/13 00:44:01 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2012/06/13 00:44:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2012/06/13 00:43:49 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\profsvc.dll
[2012/06/13 00:43:40 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdpwd.sys
[2012/06/13 00:43:39 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2012/06/13 00:43:38 | 002,342,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msi.dll
[2012/06/06 08:49:52 | 001,070,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSCOMCTL.OCX
[2012/06/02 09:46:15 | 000,000,000 | ---D | C] -- C:\windows\en
[2012/05/28 07:09:04 | 002,168,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\coin91.dll
[2012/05/11 15:23:14 | 000,075,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\partmgr.sys
[2012/04/28 13:25:44 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\My Media
[2012/04/15 12:00:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2012/04/15 12:00:10 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys
[2012/04/15 12:00:09 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imagehlp.dll
[2012/04/15 12:00:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmi.dll
[2012/04/15 12:00:09 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmi.dll
[2012/04/14 21:11:25 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\GEARAspi64.dll
[2012/04/14 21:11:25 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysWow64\GEARAspi.dll
[2012/04/14 21:11:25 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys
[2012/04/07 14:40:57 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\My Digital Editions
[2012/04/07 14:34:10 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\My Barnes & Noble eBooks
[2012/04/02 17:53:42 | 002,872,680 | ---- | C] (Hewlett-Packard Co.) -- C:\windows\SysNative\hpinkinsBC11.exe
[2012/04/02 17:53:26 | 000,269,160 | ---- | C] (Hewlett-Packard Co.) -- C:\windows\SysNative\hpinkcoiBC11.dll
[2012/04/02 17:53:14 | 000,329,576 | ---- | C] (Hewlett-Packard Co.) -- C:\windows\SysNative\hpinkstsBC11LM.dll
[2012/03/14 11:37:54 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2012/03/14 11:37:53 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2012/03/14 11:37:52 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdtcp.sys
[2012/03/08 18:50:28 | 000,049,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\sirenacm.dll
[2012/03/08 18:37:20 | 000,302,448 | ---- | C] (Microsoft Corporation) -- C:\windows\WLXPGSS.SCR
[2012/02/15 16:45:39 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2012/02/15 16:45:38 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntshrui.dll
[2012/02/15 16:45:36 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2012/02/15 16:45:35 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2012/02/15 16:45:20 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll
[2012/02/15 16:45:19 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcrt.dll
[2012/01/20 17:27:47 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\OBDwiz
[2012/01/19 13:50:44 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2012/01/19 13:50:44 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2012/01/11 13:22:51 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2012/01/11 13:22:51 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2012/01/11 13:22:45 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2012/01/11 13:22:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2011/12/14 22:19:25 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2011/12/14 22:19:24 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2011/11/27 00:18:54 | 001,452,648 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdagenco6420102.dll
[2011/11/27 00:18:54 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvhda64v.sys
[2011/11/27 00:18:54 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdap64.dll
[2011/11/27 00:18:42 | 000,068,928 | ---- | C] (Khronos Group) -- C:\windows\SysNative\OpenCL.dll
[2011/11/27 00:18:42 | 000,061,248 | ---- | C] (Khronos Group) -- C:\windows\SysWow64\OpenCL.dll
[2011/11/27 00:18:41 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglv64.dll
[2011/11/27 00:18:40 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglv32.dll
[2011/11/27 00:18:39 | 012,971,840 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvlddmkm.sys
[2011/11/27 00:18:39 | 001,533,248 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco64.dll
[2011/11/27 00:18:39 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvgenco64.dll
[2011/11/27 00:18:37 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvid.dll
[2011/11/27 00:18:37 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvid.dll
[2011/11/27 00:18:37 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvenc.dll
[2011/11/27 00:18:37 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvenc.dll
[2011/11/27 00:18:36 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuda.dll
[2011/11/27 00:18:36 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuda.dll
[2011/11/27 00:18:35 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcompiler.dll
[2011/11/27 00:18:35 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcompiler.dll
[2011/11/25 16:47:45 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\Aimersoft DVD Ripper
[2011/11/25 16:47:28 | 000,892,928 | ---- | C] (Free Software Foundation) -- C:\windows\SysWow64\iconv.dll
[2011/11/22 14:29:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CATraxx
[2011/10/31 08:30:22 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\AutoHotkey
[2011/10/28 16:33:38 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\DVDFab
[2011/10/13 08:00:43 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisdecd.dll
[2011/10/13 08:00:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisrndr.ax
[2011/10/13 08:00:41 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\psisdecd.dll
[2011/10/13 08:00:41 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\psisrndr.ax
[2011/10/13 08:00:29 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleacc.dll
[2011/10/13 08:00:29 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\oleacc.dll
[2011/10/13 08:00:27 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2011/10/13 08:00:27 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\oleaut32.dll
[2011/08/31 12:54:48 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcr100.dll
[2011/08/31 12:54:48 | 000,773,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr100.dll
[2011/08/31 12:54:48 | 000,608,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcp100.dll
[2011/08/31 12:54:48 | 000,421,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcp100.dll
[2011/08/31 12:54:48 | 000,158,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\atl100.dll
[2011/08/30 23:05:32 | 000,212,840 | ---- | C] (Apple Inc.) -- C:\windows\SysNative\dnssdX.dll
[2011/08/30 23:05:32 | 000,096,104 | ---- | C] (Apple Inc.) -- C:\windows\SysNative\dns-sd.exe
[2011/08/30 23:05:32 | 000,085,864 | ---- | C] (Apple Inc.) -- C:\windows\SysNative\dnssd.dll
[2011/08/30 23:05:32 | 000,061,288 | ---- | C] (Apple Inc.) -- C:\windows\SysNative\jdns_sd.dll
[2011/08/30 23:05:04 | 000,178,536 | ---- | C] (Apple Inc.) -- C:\windows\SysWow64\dnssdX.dll
[2011/08/30 23:05:04 | 000,083,816 | ---- | C] (Apple Inc.) -- C:\windows\SysWow64\dns-sd.exe
[2011/08/30 23:05:04 | 000,073,064 | ---- | C] (Apple Inc.) -- C:\windows\SysWow64\dnssd.dll
[2011/08/30 23:05:04 | 000,050,536 | ---- | C] (Apple Inc.) -- C:\windows\SysWow64\jdns_sd.dll
[2011/08/22 14:22:03 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\My RoboForm Data
[2011/08/11 02:00:14 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xmllite.dll
[2011/08/11 02:00:13 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xmllite.dll
[2011/08/11 02:00:11 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccu32.dll
[2011/08/11 02:00:11 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccr32.dll
[2011/08/11 02:00:10 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcjt32.dll
[2011/08/11 02:00:10 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2011/08/11 02:00:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2011/08/11 02:00:09 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccu32.dll
[2011/08/11 02:00:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccr32.dll
[2011/08/11 02:00:08 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2011/08/11 02:00:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
2011/08/11 02:00:10 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2011/08/11 02:00:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2011/08/11 02:00:09 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccu32.dll
[2011/08/11 02:00:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccr32.dll
[2011/08/11 02:00:08 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2011/08/11 02:00:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
[2011/08/11 02:00:04 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxsmb10.sys
[2011/08/01 15:59:06 | 000,045,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\point64.sys
[2011/06/28 16:30:56 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umpnpmgr.dll
[2011/06/28 16:30:56 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe
[2011/06/28 16:30:56 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cfgmgr32.dll
[2011/06/28 16:30:56 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devobj.dll
[2011/06/28 16:30:56 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll
[2011/06/28 16:30:51 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2011/06/28 16:30:51 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2011/06/28 16:30:51 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchIndexer.exe
[2011/06/28 16:30:50 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2011/06/28 16:30:50 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2011/06/28 16:30:50 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2011/06/28 16:30:50 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll
[2011/06/28 16:30:50 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchIndexer.exe
[2011/06/28 16:30:50 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll
[2011/06/28 16:30:50 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2011/06/28 16:30:50 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe
[2011/06/28 16:30:50 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchProtocolHost.exe
[2011/06/28 16:30:50 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe
[2011/06/28 16:30:49 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2011/06/28 16:30:49 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssphtb.dll
[2011/06/28 16:30:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchFilterHost.exe
[2011/06/28 16:30:49 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll
[2011/06/28 16:30:49 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll
[2011/06/20 09:07:08 | 001,225,832 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\SysNative\drivers\rtl8192se.sys
[2011/06/14 12:04:18 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\srv2.sys
[2011/06/14 12:04:17 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\srv.sys
[2011/06/14 12:04:17 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\srvnet.sys
[2011/06/14 12:03:33 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxsmb.sys
[2011/06/14 12:03:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxsmb20.sys
[2011/06/14 11:55:48 | 000,976,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcomm.dll
[2011/06/14 11:55:48 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcomm.dll
[2011/06/14 11:44:30 | 000,274,432 | ---- | C] (Riverdeep Interactive Learning Limited) -- C:\windows\TLCUninstall.exe
[2011/05/26 08:21:28 | 000,174,680 | ---- | C] (JMicron Technology Corporation) -- C:\windows\SysNative\drivers\jmcr.sys
[2011/05/25 10:21:13 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2011/05/18 08:08:44 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\itpcoin82.dll
[2011/05/18 08:08:40 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipcoin82.dll
[2011/05/13 16:58:12 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdagenco642040.dll
[2011/05/13 16:58:11 | 007,041,856 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvwgf2um.dll
[2011/05/13 16:58:08 | 001,404,008 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvgenco642060.dll
[2011/05/13 16:58:07 | 001,619,048 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco6420140.dll
[2011/05/13 16:58:02 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvBridge.kmd
[2011/05/13 16:56:58 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/05/13 16:50:56 | 000,000,000 | -H-D | C] -- C:\windows\AxInstSV
[2011/05/12 10:48:19 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2011/05/12 10:48:18 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2011/04/28 11:47:57 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
[2011/04/28 11:47:00 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2011/04/28 11:17:28 | 000,000,000 | ---D | C] -- C:\LGVX9700
[2011/04/28 11:09:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml4a.dll
[2011/04/27 10:55:09 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2011/04/27 10:55:08 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2011/04/27 10:54:42 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2011/04/27 10:54:41 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2011/04/27 10:54:41 | 000,410,496 | ---- | C] (Intel Corporation) -- C:\windows\SysNative\drivers\iaStorV.sys
[2011/04/27 10:54:41 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2011/04/27 10:54:41 | 000,166,272 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvstor.sys
[2011/04/27 10:54:41 | 000,148,352 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvraid.sys
[2011/04/27 10:54:41 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys
[2011/04/27 10:54:41 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsutil.exe
[2011/04/27 10:54:41 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBSTOR.SYS
[2011/04/27 10:54:41 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fsutil.exe
[2011/04/27 10:54:41 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys
[2011/04/27 10:54:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe
[2011/04/27 10:54:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe
[2011/04/23 13:35:25 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2011/04/23 13:35:25 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2011/04/23 13:35:18 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2011/04/23 13:35:09 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2011/04/23 13:35:09 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2011/04/23 13:35:08 | 001,743,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysmain.dll
[2011/04/23 13:35:07 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pmcsnap.dll
[2011/04/23 13:35:06 | 003,650,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSVidCtl.dll
[2011/04/23 13:35:05 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2011/04/23 13:35:03 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmcndmgr.dll
[2011/04/23 13:35:03 | 000,444,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscoree.dll
[2011/04/23 13:35:02 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2011/04/23 13:35:02 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2011/04/23 13:35:02 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2011/04/23 13:35:01 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xpsservices.dll
[2011/04/23 13:35:01 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2011/04/23 13:35:01 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2011/04/23 13:35:01 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2011/04/23 13:35:00 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2011/04/23 13:35:00 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2011/04/23 13:34:59 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2011/04/23 13:34:59 | 001,110,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schedsvc.dll
[2011/04/23 13:34:59 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2011/04/23 13:34:59 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ppcsnap.dll
[2011/04/23 13:34:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PushPrinterConnections.exe
[2011/04/23 13:34:58 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizui.dll
[2011/04/23 13:34:57 | 001,646,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wevtsvc.dll
[2011/04/23 13:34:57 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RacEngn.dll
[2011/04/23 13:34:57 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagperf.dll
[2011/04/23 13:34:57 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2011/04/23 13:34:57 | 000,297,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscoree.dll
[2011/04/23 13:34:56 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2011/04/23 13:34:56 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2011/04/23 13:34:55 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vssapi.dll
[2011/04/23 13:34:55 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertEnroll.dll
[2011/04/23 13:34:55 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NaturalLanguage6.dll
[2011/04/23 13:34:55 | 000,273,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msiscsi.sys
[2011/04/23 13:34:54 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbon.dll
[2011/04/23 13:34:54 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll
[2011/04/23 13:34:53 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2011/04/23 13:34:52 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVCORE.DLL
[2011/04/23 13:34:52 | 002,018,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmSvc.dll
[2011/04/23 13:34:52 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2011/04/23 13:34:51 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertEnroll.dll
[2011/04/23 13:34:51 | 000,828,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MPSSVC.dll
[2011/04/23 13:34:51 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spinstall.exe
[2011/04/23 13:34:51 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2011/04/23 13:34:51 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spreview.exe
[2011/04/23 13:34:51 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2011/04/23 13:34:51 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpdd.dll
[2011/04/23 13:34:51 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2011/04/23 13:34:50 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSAT.exe
[2011/04/23 13:34:49 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d9.dll
[2011/04/23 13:34:48 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthFWSnapin.dll
[2011/04/23 13:34:48 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RacEngn.dll
[2011/04/23 13:34:48 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFolder.dll
[2011/04/23 13:34:47 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuthFWSnapin.dll
[2011/04/23 13:34:47 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbgeng.dll
[2011/04/23 13:34:47 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2011/04/23 13:34:47 | 001,600,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VSSVC.exe
[2011/04/23 13:34:47 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gpsvc.dll
[2011/04/23 13:34:46 | 000,753,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\http.sys
[2011/04/23 13:34:45 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2011/04/23 13:34:45 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2011/04/23 13:34:44 | 001,414,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ole32.dll
[2011/04/23 13:34:44 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll
[2011/04/23 13:34:43 | 000,849,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qmgr.dll
[2011/04/23 13:34:43 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gpprefcl.dll
[2011/04/23 13:34:43 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\termsrv.dll
[2011/04/23 13:34:43 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiosrv.dll
[2011/04/23 13:34:42 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqmapi.dll
[2011/04/23 13:34:41 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d9.dll
[2011/04/23 13:34:41 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2fs.dll
[2011/04/23 13:34:41 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\propsys.dll
[2011/04/23 13:34:41 | 001,128,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vssapi.dll
[2011/04/23 13:34:41 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netlogon.dll
[2011/04/23 13:34:41 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchFolder.dll
[2011/04/23 13:34:41 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENTRT.DLL
[2011/04/23 13:34:41 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winhttp.dll
[2011/04/23 13:34:41 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msv1_0.dll
[2011/04/23 13:34:40 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2011/04/23 13:34:40 | 001,504,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wbengine.exe
[2011/04/23 13:34:40 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcss.dll
[2011/04/23 13:34:40 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2011/04/23 13:34:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PushPrinterConnections.exe
[2011/04/23 13:34:39 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werconcpl.dll
[2011/04/23 13:34:39 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll
[2011/04/23 13:34:39 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2011/04/23 13:34:38 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certmgr.dll
[2011/04/23 13:34:38 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll
[2011/04/23 13:34:38 | 000,577,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDApi.dll
[2011/04/23 13:34:38 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore.dll
[2011/04/23 13:34:38 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umrdp.dll
[2011/04/23 13:34:38 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdx.sys
[2011/04/23 13:34:37 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceApi.dll
[2011/04/23 13:34:37 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2011/04/23 13:34:37 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2011/04/23 13:34:37 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsmf.dll
[2011/04/23 13:34:37 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netbt.sys
[2011/04/23 13:34:36 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2011/04/23 13:34:36 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2011/04/23 13:34:36 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shlwapi.dll
[2011/04/23 13:34:35 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netshell.dll
[2011/04/23 13:34:35 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdtctm.dll
[2011/04/23 13:34:35 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll
[2011/04/23 13:34:35 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedynos.dll
[2011/04/23 13:34:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpmonui.dll
[2011/04/23 13:34:34 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comdlg32.dll
[2011/04/23 13:34:34 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll
[2011/04/23 13:34:34 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\csc.sys
[2011/04/23 13:34:34 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appmgr.dll
[2011/04/23 13:34:34 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2011/04/23 13:34:34 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.exe
[2011/04/23 13:34:34 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ws2_32.dll
[2011/04/23 13:34:33 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2011/04/23 13:34:33 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Query.dll
[2011/04/23 13:34:33 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroles.dll
[2011/04/23 13:34:33 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll
[2011/04/23 13:34:33 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpps.dll
[2011/04/23 13:34:33 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll
[2011/04/23 13:34:33 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsmf.dll
[2011/04/23 13:34:33 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3api.dll
[2011/04/23 13:34:32 | 001,667,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupapi.dll
[2011/04/23 13:34:32 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Vault.dll
[2011/04/23 13:34:32 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2011/04/23 13:34:32 | 000,705,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BFE.DLL
[2011/04/23 13:34:32 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winhttp.dll
[2011/04/23 13:34:32 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmd.exe
[2011/04/23 13:34:32 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apphelp.dll
[2011/04/23 13:34:32 | 000,281,600 | ---- | C] (Microsoft) -- C:\windows\SysNative\DShowRdpFilter.dll
[2011/04/23 13:34:32 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENT.DLL
[2011/04/23 13:34:31 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbgeng.dll
[2011/04/23 13:34:31 | 002,291,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSVidCtl.dll
[2011/04/23 13:34:31 | 000,692,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscsvc.dll
[2011/04/23 13:34:31 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetup.exe
[2011/04/23 13:34:31 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netlogon.dll
[2011/04/23 13:34:30 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll
[2011/04/23 13:34:30 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpclip.exe
[2011/04/23 13:34:29 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Query.dll
[2011/04/23 13:34:29 | 001,175,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmSvc.dll
[2011/04/23 13:34:29 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gpprefcl.dll
[2011/04/23 13:34:29 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sxs.dll
[2011/04/23 13:34:29 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2011/04/23 13:34:29 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfds.dll
[2011/04/23 13:34:29 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wldap32.dll
[2011/04/23 13:34:29 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcbuilder.exe
[2011/04/23 13:34:29 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscobj.dll
[2011/04/23 13:34:29 | 000,215,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\vhdmp.sys
[2011/04/23 13:34:28 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmcndmgr.dll
[2011/04/23 13:34:28 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pnidui.dll
[2011/04/23 13:34:28 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipsmsnap.dll
[2011/04/23 13:34:28 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\SysWow64\DShowRdpFilter.dll
[2011/04/23 13:34:28 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgprint.dll
[2011/04/23 13:34:28 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll
[2011/04/23 13:34:27 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webservices.dll
[2011/04/23 13:34:27 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2fs.dll
[2011/04/23 13:34:27 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdrm.dll
[2011/04/23 13:34:27 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msv1_0.dll
[2011/04/23 13:34:27 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2011/04/23 13:34:27 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpendp.dll
[2011/04/23 13:34:27 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SessEnv.dll
[2011/04/23 13:34:27 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SessEnv.dll
[2011/04/23 13:34:27 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2011/04/23 13:34:26 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlsrv32.dll
[2011/04/23 13:34:26 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceApi.dll
[2011/04/23 13:34:26 | 000,366,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msrpc.sys
[2011/04/23 13:34:26 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shlwapi.dll
[2011/04/23 13:34:26 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll
[2011/04/23 13:34:26 | 000,295,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\volsnap.sys
[2011/04/23 13:34:26 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2011/04/23 13:34:26 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mcbuilder.exe
[2011/04/23 13:34:26 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prncache.dll
[2011/04/23 13:34:26 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3api.dll
[2011/04/23 13:34:25 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certmgr.dll
[2011/04/23 13:34:25 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanpref.dll
[2011/04/23 13:34:25 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMNetMgr.dll
[2011/04/23 13:34:25 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcmde.dll
[2011/04/23 13:34:25 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2011/04/23 13:34:25 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnike.dll
[2011/04/23 13:34:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\userenv.dll
[2011/04/23 13:34:24 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xpsservices.dll
[2011/04/23 13:34:24 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2011/04/23 13:34:24 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comdlg32.dll
[2011/04/23 13:34:24 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\photowiz.dll
[2011/04/23 13:34:24 | 000,309,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdbss.sys
[2011/04/23 13:34:24 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\1394ohci.sys
[2011/04/23 13:34:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userenv.dll
[2011/04/23 13:34:23 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SyncCenter.dll
[2011/04/23 13:34:23 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPEncEn.dll
[2011/04/23 13:34:23 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2011/04/23 13:34:23 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2011/04/23 13:34:23 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSSVC.exe
[2011/04/23 13:34:23 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpeffects.dll
[2011/04/23 13:34:23 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPSECSVC.DLL
[2011/04/23 13:34:23 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2011/04/23 13:34:23 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmd.exe
[2011/04/23 13:34:23 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2011/04/23 13:34:23 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedyn.dll
[2011/04/23 13:34:23 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2011/04/23 13:34:22 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shsvcs.dll
[2011/04/23 13:34:22 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srvsvc.dll
[2011/04/23 13:34:22 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tscfgwmi.dll
[2011/04/23 13:34:21 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\propsys.dll
[2011/04/23 13:34:21 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSATAPI.dll
[2011/04/23 13:34:21 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2011/04/23 13:34:21 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfds.dll
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast

1 edit


2011/08/11 02:00:10 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbctrac.dll
[2011/08/11 02:00:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbccp32.dll
[2011/08/11 02:00:09 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccu32.dll
[2011/08/11 02:00:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccr32.dll
[2011/08/11 02:00:08 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbccp32.dll
[2011/08/11 02:00:07 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbctrac.dll
[2011/08/11 02:00:04 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxsmb10.sys
[2011/08/01 15:59:06 | 000,045,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\point64.sys
[2011/06/28 16:30:56 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umpnpmgr.dll
[2011/06/28 16:30:56 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvinst.exe
[2011/06/28 16:30:56 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cfgmgr32.dll
[2011/06/28 16:30:56 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devobj.dll
[2011/06/28 16:30:56 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\devrtl.dll
[2011/06/28 16:30:51 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2011/06/28 16:30:51 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2011/06/28 16:30:51 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchIndexer.exe
[2011/06/28 16:30:50 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2011/06/28 16:30:50 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2011/06/28 16:30:50 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2011/06/28 16:30:50 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll
[2011/06/28 16:30:50 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchIndexer.exe
[2011/06/28 16:30:50 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll
[2011/06/28 16:30:50 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2011/06/28 16:30:50 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe
[2011/06/28 16:30:50 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchProtocolHost.exe
[2011/06/28 16:30:50 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe
[2011/06/28 16:30:49 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2011/06/28 16:30:49 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssphtb.dll
[2011/06/28 16:30:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchFilterHost.exe
[2011/06/28 16:30:49 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll
[2011/06/28 16:30:49 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll
[2011/06/20 09:07:08 | 001,225,832 | ---- | C] (Realtek Semiconductor Corporation ) -- C:\windows\SysNative\drivers\rtl8192se.sys
[2011/06/14 12:04:18 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\srv2.sys
[2011/06/14 12:04:17 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\srv.sys
[2011/06/14 12:04:17 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\srvnet.sys
[2011/06/14 12:03:33 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxsmb.sys
[2011/06/14 12:03:33 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\mrxsmb20.sys
[2011/06/14 11:55:48 | 000,976,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcomm.dll
[2011/06/14 11:55:48 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcomm.dll
[2011/06/14 11:44:30 | 000,274,432 | ---- | C] (Riverdeep Interactive Learning Limited) -- C:\windows\TLCUninstall.exe
[2011/05/26 08:21:28 | 000,174,680 | ---- | C] (JMicron Technology Corporation) -- C:\windows\SysNative\drivers\jmcr.sys
[2011/05/25 10:21:13 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2011/05/18 08:08:44 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\itpcoin82.dll
[2011/05/18 08:08:40 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipcoin82.dll
[2011/05/13 16:58:12 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvhdagenco642040.dll
[2011/05/13 16:58:11 | 007,041,856 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvwgf2um.dll
[2011/05/13 16:58:08 | 001,404,008 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvgenco642060.dll
[2011/05/13 16:58:07 | 001,619,048 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco6420140.dll
[2011/05/13 16:58:02 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvBridge.kmd
[2011/05/13 16:56:58 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011/05/13 16:50:56 | 000,000,000 | -H-D | C] -- C:\windows\AxInstSV
[2011/05/12 10:48:19 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2011/05/12 10:48:18 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2011/04/28 11:47:57 | 000,000,000 | ---D | C] -- C:\windows\SysNative\SPReview
[2011/04/28 11:47:00 | 000,000,000 | ---D | C] -- C:\windows\SysNative\EventProviders
[2011/04/28 11:17:28 | 000,000,000 | ---D | C] -- C:\LGVX9700
[2011/04/28 11:09:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml4a.dll
[2011/04/27 10:55:09 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2011/04/27 10:55:08 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2011/04/27 10:54:42 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2011/04/27 10:54:41 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2011/04/27 10:54:41 | 000,410,496 | ---- | C] (Intel Corporation) -- C:\windows\SysNative\drivers\iaStorV.sys
[2011/04/27 10:54:41 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2011/04/27 10:54:41 | 000,166,272 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvstor.sys
[2011/04/27 10:54:41 | 000,148,352 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvraid.sys
[2011/04/27 10:54:41 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdsata.sys
[2011/04/27 10:54:41 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsutil.exe
[2011/04/27 10:54:41 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBSTOR.SYS
[2011/04/27 10:54:41 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fsutil.exe
[2011/04/27 10:54:41 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\windows\SysNative\drivers\amdxata.sys
[2011/04/27 10:54:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\prevhost.exe
[2011/04/27 10:54:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prevhost.exe
[2011/04/23 13:35:25 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2011/04/23 13:35:25 | 000,048,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netfxperf.dll
[2011/04/23 13:35:18 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2011/04/23 13:35:09 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40.dll
[2011/04/23 13:35:09 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfc40u.dll
[2011/04/23 13:35:08 | 001,743,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysmain.dll
[2011/04/23 13:35:07 | 000,629,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pmcsnap.dll
[2011/04/23 13:35:06 | 003,650,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSVidCtl.dll
[2011/04/23 13:35:05 | 014,633,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2011/04/23 13:35:03 | 003,205,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmcndmgr.dll
[2011/04/23 13:35:03 | 000,444,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscoree.dll
[2011/04/23 13:35:02 | 004,120,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2011/04/23 13:35:02 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2011/04/23 13:35:02 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2011/04/23 13:35:01 | 003,008,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xpsservices.dll
[2011/04/23 13:35:01 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2011/04/23 13:35:01 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2011/04/23 13:35:01 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2011/04/23 13:35:00 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2011/04/23 13:35:00 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2011/04/23 13:34:59 | 002,086,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2011/04/23 13:34:59 | 001,110,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schedsvc.dll
[2011/04/23 13:34:59 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2011/04/23 13:34:59 | 000,238,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ppcsnap.dll
[2011/04/23 13:34:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PushPrinterConnections.exe
[2011/04/23 13:34:58 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spwizui.dll
[2011/04/23 13:34:57 | 001,646,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wevtsvc.dll
[2011/04/23 13:34:57 | 001,556,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RacEngn.dll
[2011/04/23 13:34:57 | 001,340,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagperf.dll
[2011/04/23 13:34:57 | 001,197,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskschd.dll
[2011/04/23 13:34:57 | 000,297,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscoree.dll
[2011/04/23 13:34:56 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2011/04/23 13:34:56 | 001,866,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2011/04/23 13:34:55 | 001,753,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vssapi.dll
[2011/04/23 13:34:55 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertEnroll.dll
[2011/04/23 13:34:55 | 001,326,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NaturalLanguage6.dll
[2011/04/23 13:34:55 | 000,273,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msiscsi.sys
[2011/04/23 13:34:54 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbon.dll
[2011/04/23 13:34:54 | 000,299,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcupdate_GenuineIntel.dll
[2011/04/23 13:34:53 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2011/04/23 13:34:52 | 003,027,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVCORE.DLL
[2011/04/23 13:34:52 | 002,018,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmSvc.dll
[2011/04/23 13:34:52 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHostProxy.dll
[2011/04/23 13:34:51 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertEnroll.dll
[2011/04/23 13:34:51 | 000,828,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MPSSVC.dll
[2011/04/23 13:34:51 | 000,598,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spinstall.exe
[2011/04/23 13:34:51 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHost.exe
[2011/04/23 13:34:51 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\spreview.exe
[2011/04/23 13:34:51 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationHost.exe
[2011/04/23 13:34:51 | 000,274,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpdd.dll
[2011/04/23 13:34:51 | 000,109,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationHostProxy.dll
[2011/04/23 13:34:50 | 003,957,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSAT.exe
[2011/04/23 13:34:49 | 002,067,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d9.dll
[2011/04/23 13:34:48 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AuthFWSnapin.dll
[2011/04/23 13:34:48 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RacEngn.dll
[2011/04/23 13:34:48 | 000,867,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFolder.dll
[2011/04/23 13:34:47 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AuthFWSnapin.dll
[2011/04/23 13:34:47 | 003,391,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbgeng.dll
[2011/04/23 13:34:47 | 001,632,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2011/04/23 13:34:47 | 001,600,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VSSVC.exe
[2011/04/23 13:34:47 | 000,777,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gpsvc.dll
[2011/04/23 13:34:46 | 000,753,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\http.sys
[2011/04/23 13:34:45 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2011/04/23 13:34:45 | 000,958,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2011/04/23 13:34:44 | 001,414,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ole32.dll
[2011/04/23 13:34:44 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll
[2011/04/23 13:34:43 | 000,849,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qmgr.dll
[2011/04/23 13:34:43 | 000,784,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gpprefcl.dll
[2011/04/23 13:34:43 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\termsrv.dll
[2011/04/23 13:34:43 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiosrv.dll
[2011/04/23 13:34:42 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqmapi.dll
[2011/04/23 13:34:41 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d9.dll
[2011/04/23 13:34:41 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imapi2fs.dll
[2011/04/23 13:34:41 | 001,212,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\propsys.dll
[2011/04/23 13:34:41 | 001,128,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vssapi.dll
[2011/04/23 13:34:41 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netlogon.dll
[2011/04/23 13:34:41 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SearchFolder.dll
[2011/04/23 13:34:41 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENTRT.DLL
[2011/04/23 13:34:41 | 000,444,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winhttp.dll
[2011/04/23 13:34:41 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msv1_0.dll
[2011/04/23 13:34:40 | 001,900,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2011/04/23 13:34:40 | 001,504,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wbengine.exe
[2011/04/23 13:34:40 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcss.dll
[2011/04/23 13:34:40 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskschd.dll
[2011/04/23 13:34:40 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PushPrinterConnections.exe
[2011/04/23 13:34:39 | 001,281,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werconcpl.dll
[2011/04/23 13:34:39 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbc32.dll
[2011/04/23 13:34:39 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskeng.exe
[2011/04/23 13:34:38 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certmgr.dll
[2011/04/23 13:34:38 | 001,008,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll
[2011/04/23 13:34:38 | 000,577,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDApi.dll
[2011/04/23 13:34:38 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore.dll
[2011/04/23 13:34:38 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\umrdp.dll
[2011/04/23 13:34:38 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tdx.sys
[2011/04/23 13:34:37 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PortableDeviceApi.dll
[2011/04/23 13:34:37 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2011/04/23 13:34:37 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certcli.dll
[2011/04/23 13:34:37 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsmf.dll
[2011/04/23 13:34:37 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netbt.sys
[2011/04/23 13:34:36 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2011/04/23 13:34:36 | 000,457,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2011/04/23 13:34:36 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shlwapi.dll
[2011/04/23 13:34:35 | 002,652,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netshell.dll
[2011/04/23 13:34:35 | 001,509,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdtctm.dll
[2011/04/23 13:34:35 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbc32.dll
[2011/04/23 13:34:35 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedynos.dll
[2011/04/23 13:34:35 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tcpmonui.dll
[2011/04/23 13:34:34 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comdlg32.dll
[2011/04/23 13:34:34 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll
[2011/04/23 13:34:34 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\csc.sys
[2011/04/23 13:34:34 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appmgr.dll
[2011/04/23 13:34:34 | 000,390,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2011/04/23 13:34:34 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.exe
[2011/04/23 13:34:34 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ws2_32.dll
[2011/04/23 13:34:33 | 002,543,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2011/04/23 13:34:33 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Query.dll
[2011/04/23 13:34:33 | 000,897,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\azroles.dll
[2011/04/23 13:34:33 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll
[2011/04/23 13:34:33 | 000,481,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpps.dll
[2011/04/23 13:34:33 | 000,342,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apphelp.dll
[2011/04/23 13:34:33 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsmf.dll
[2011/04/23 13:34:33 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dot3api.dll
[2011/04/23 13:34:32 | 001,667,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setupapi.dll
[2011/04/23 13:34:32 | 001,098,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Vault.dll
[2011/04/23 13:34:32 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2011/04/23 13:34:32 | 000,705,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BFE.DLL
[2011/04/23 13:34:32 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winhttp.dll
[2011/04/23 13:34:32 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cmd.exe
[2011/04/23 13:34:32 | 000,295,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apphelp.dll
[2011/04/23 13:34:32 | 000,281,600 | ---- | C] (Microsoft) -- C:\windows\SysNative\DShowRdpFilter.dll
[2011/04/23 13:34:32 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\QAGENT.DLL
[2011/04/23 13:34:31 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbgeng.dll
[2011/04/23 13:34:31 | 002,291,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSVidCtl.dll
[2011/04/23 13:34:31 | 000,692,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscsvc.dll
[2011/04/23 13:34:31 | 000,653,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpksetup.exe
[2011/04/23 13:34:31 | 000,563,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netlogon.dll
[2011/04/23 13:34:30 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll
[2011/04/23 13:34:30 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpclip.exe
[2011/04/23 13:34:29 | 001,363,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Query.dll
[2011/04/23 13:34:29 | 001,175,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmSvc.dll
[2011/04/23 13:34:29 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gpprefcl.dll
[2011/04/23 13:34:29 | 000,582,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sxs.dll
[2011/04/23 13:34:29 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskcomp.dll
[2011/04/23 13:34:29 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfds.dll
[2011/04/23 13:34:29 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wldap32.dll
[2011/04/23 13:34:29 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcbuilder.exe
[2011/04/23 13:34:29 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscobj.dll
[2011/04/23 13:34:29 | 000,215,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\vhdmp.sys
[2011/04/23 13:34:28 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmcndmgr.dll
[2011/04/23 13:34:28 | 001,808,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pnidui.dll
[2011/04/23 13:34:28 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ipsmsnap.dll
[2011/04/23 13:34:28 | 000,252,928 | ---- | C] (Microsoft) -- C:\windows\SysWow64\DShowRdpFilter.dll
[2011/04/23 13:34:28 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hgprint.dll
[2011/04/23 13:34:28 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\upnp.dll
[2011/04/23 13:34:27 | 001,158,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webservices.dll
[2011/04/23 13:34:27 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imapi2fs.dll
[2011/04/23 13:34:27 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msdrm.dll
[2011/04/23 13:34:27 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msv1_0.dll
[2011/04/23 13:34:27 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2011/04/23 13:34:27 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpendp.dll
[2011/04/23 13:34:27 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SessEnv.dll
[2011/04/23 13:34:27 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SessEnv.dll
[2011/04/23 13:34:27 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netfxperf.dll
[2011/04/23 13:34:26 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sqlsrv32.dll
[2011/04/23 13:34:26 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PortableDeviceApi.dll
[2011/04/23 13:34:26 | 000,366,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msrpc.sys
[2011/04/23 13:34:26 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\shlwapi.dll
[2011/04/23 13:34:26 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll
[2011/04/23 13:34:26 | 000,295,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\volsnap.sys
[2011/04/23 13:34:26 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSNP.ax
[2011/04/23 13:34:26 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mcbuilder.exe
[2011/04/23 13:34:26 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\prncache.dll
[2011/04/23 13:34:26 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dot3api.dll
[2011/04/23 13:34:25 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certmgr.dll
[2011/04/23 13:34:25 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanpref.dll
[2011/04/23 13:34:25 | 001,243,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMNetMgr.dll
[2011/04/23 13:34:25 | 001,009,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcmde.dll
[2011/04/23 13:34:25 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\schtasks.exe
[2011/04/23 13:34:25 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vpnike.dll
[2011/04/23 13:34:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\userenv.dll
[2011/04/23 13:34:24 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xpsservices.dll
[2011/04/23 13:34:24 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\evr.dll
[2011/04/23 13:34:24 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\comdlg32.dll
[2011/04/23 13:34:24 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\photowiz.dll
[2011/04/23 13:34:24 | 000,309,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdbss.sys
[2011/04/23 13:34:24 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\1394ohci.sys
[2011/04/23 13:34:24 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\userenv.dll
[2011/04/23 13:34:23 | 002,262,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SyncCenter.dll
[2011/04/23 13:34:23 | 002,072,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPEncEn.dll
[2011/04/23 13:34:23 | 001,082,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2011/04/23 13:34:23 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2011/04/23 13:34:23 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FXSSVC.exe
[2011/04/23 13:34:23 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpeffects.dll
[2011/04/23 13:34:23 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IPSECSVC.DLL
[2011/04/23 13:34:23 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2011/04/23 13:34:23 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cmd.exe
[2011/04/23 13:34:23 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2011/04/23 13:34:23 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\framedyn.dll
[2011/04/23 13:34:23 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2011/04/23 13:34:22 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shsvcs.dll
[2011/04/23 13:34:22 | 000,236,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srvsvc.dll
[2011/04/23 13:34:22 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tscfgwmi.dll
[2011/04/23 13:34:21 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\propsys.dll
[2011/04/23 13:34:21 | 000,501,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinSATAPI.dll
[2011/04/23 13:34:21 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2011/04/23 13:34:21 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfds.dll
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
[ File : C:\Users\Doug Forester\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [4188 octets] - [09/02/2014 12:41:29]
AdwCleaner[R1].txt - [4248 octets] - [09/02/2014 12:42:29]
AdwCleaner[S0].txt - [4010 octets] - [09/02/2014 12:43:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4070 octets] ##########
============= AdwCleaner log with after reboot END =================

12. Ran OTL twice, both with LOP Check and Purity Check on. First time, selected all files. Here's the log scanning All Files:
============= OTL All Files log START =================
OTL logfile created on: 2/9/2014 12:55:47 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Infected
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 1.64 Gb Available Physical Memory | 41.80% Memory free
9.83 Gb Paging File | 7.03 Gb Available in Paging File | 71.56% Paging File free
Paging file location(s): c:\pagefile.sys 6039 6039 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.24 Gb Total Space | 61.38 Gb Free Space | 10.51% Space Free | Partition Type: NTFS
Drive F: | 7.49 Gb Total Space | 7.46 Gb Free Space | 99.73% Space Free | Partition Type: FAT32

Computer Name: BLACKDIAMOND | User Name: Judy Forester | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014/02/09 08:38:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Infected\OTL.exe
PRC - [2013/12/04 11:38:09 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Users\Judy Forester\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/10/23 17:41:22 | 001,608,008 | ---- | M] (Hobbyist Software) -- C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
PRC - [2013/09/03 00:03:16 | 003,233,806 | ---- | M] () -- C:\Program Files (x86)\Tor\tor.exe
PRC - [2013/08/03 09:45:04 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/02/25 08:58:30 | 003,093,024 | ---- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
PRC - [2013/02/25 08:58:30 | 001,239,584 | ---- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
PRC - [2010/04/23 10:34:08 | 000,040,960 | ---- | M] () -- C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoEJCD.exe
PRC - [2010/04/23 10:34:08 | 000,016,384 | ---- | M] () -- C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoInstallEJCDSvc.exe
PRC - [2010/03/03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/03/03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/12/25 15:21:16 | 000,034,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
PRC - [2009/11/11 16:17:02 | 000,771,360 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\AirPort\APAgent.exe
PRC - [2009/02/23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
PRC - [2008/02/08 20:32:54 | 000,253,952 | ---- | M] (PIXELA CORPORATION) -- C:\Program Files (x86)\PIXELA\ImageMixer 3 SE for SD\CameraMonitor.exe

[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013/11/21 15:56:29 | 000,194,048 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\729da3bff06db24c800c87b743d2049f\System.ComponentModel.DataAnnotations.ni.dll
MOD - [2013/11/21 15:55:43 | 002,659,328 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
MOD - [2013/11/21 15:55:41 | 000,393,216 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\f58dc6b661c4fb91c68945da9b701135\System.Xml.Linq.ni.dll
MOD - [2013/11/21 15:24:49 | 018,003,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll
MOD - [2013/11/21 15:24:34 | 011,451,904 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll
MOD - [2013/11/21 15:24:34 | 006,817,280 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\de9e77138e17f0188104c9ec32d375da\System.Data.ni.dll
MOD - [2013/11/21 15:24:27 | 013,199,360 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\e40d894a772b2cff5ffd5a84ef20d2d4\System.Windows.Forms.ni.dll
MOD - [2013/11/21 15:24:23 | 007,070,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2013/11/21 15:24:19 | 001,014,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013/11/21 15:24:18 | 003,858,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll
MOD - [2013/10/04 15:45:45 | 000,221,696 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013/10/04 15:43:59 | 001,801,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/10/04 15:22:48 | 000,595,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\228b114c79c5d9024bdb4cc580e32c09\PresentationFramework.Aero.ni.dll
MOD - [2013/10/04 15:22:46 | 005,628,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/10/04 15:22:43 | 001,667,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3a3fc0216674bdea0be809b305517c98\System.Drawing.ni.dll
MOD - [2013/10/04 15:22:38 | 009,099,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/10/04 14:58:13 | 000,145,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\cfbc74c91b44af85d10b272ae5c70d5a\System.Numerics.ni.dll
MOD - [2013/10/04 14:58:08 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008/01/04 14:44:12 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\PIXELA\ImageMixer 3 SE for SD\pxl_m17n_tool.dll

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2013/11/22 11:59:58 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/04 16:46:16 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/11/04 16:41:02 | 000,219,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/09/24 16:07:30 | 000,178,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2013/09/20 09:46:36 | 001,017,016 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013/08/02 17:52:58 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/11/02 21:43:00 | 000,112,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\WhsMcClient.exe -- (WhsMcClient)
SRV:64bit: - [2012/11/02 21:07:28 | 000,080,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe -- (arXfrSvc)
SRV:64bit: - [2012/08/05 21:42:30 | 005,274,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe -- (GsServer)
SRV:64bit: - [2012/01/12 11:26:20 | 000,040,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe -- (ServiceProviderRegistry)
SRV:64bit: - [2011/03/02 15:46:44 | 000,027,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\LANConfigSvc.exe -- (LANConfig)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (WSS_ComputerBackupProviderSvc)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (SqmProviderSvc)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (providers_system)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (NotificationsProviderSvc)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (initMonitor)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (HealthAlertsSvc)
SRV:64bit: - [2011/03/02 15:46:34 | 000,228,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe -- (WSConnectorUpdate)
SRV:64bit: - [2010/04/06 14:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/02/23 17:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/10/21 09:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/07/28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/09/03 00:03:16 | 003,233,806 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tor\tor.exe -- (tor)
SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/25 08:58:30 | 001,239,584 | ---- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe -- (Fitbit Connect)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/15 01:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/04/23 10:34:08 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoInstallEJCDSvc.exe -- (AutoInstallEJCD)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2013/11/04 16:51:44 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013/11/04 16:46:34 | 000,343,696 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/11/04 16:43:04 | 000,782,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/11/04 16:41:22 | 000,519,576 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/11/04 16:40:00 | 000,311,120 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/11/04 16:39:20 | 000,179,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/09/20 09:38:14 | 000,095,984 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2013/09/20 09:37:56 | 000,390,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/16 12:00:12 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2013/02/16 12:00:12 | 000,075,016 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/06/24 22:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/07/07 16:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/06/20 09:07:08 | 001,225,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2011/05/26 08:21:28 | 000,174,680 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/02 13:33:12 | 000,063,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BackupReader.sys -- (BackupReader)
DRV:64bit: - [2011/02/18 22:48:28 | 000,045,624 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ZDCNDIS6a64.sys -- (ZDCNDIS6a64)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 02:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/10/16 14:12:47 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/04/23 10:34:09 | 000,752,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WLANUHN.sys -- (QW720S64)
DRV:64bit: - [2010/03/12 18:21:52 | 000,097,280 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2010/03/10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/05 17:15:14 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2010/01/15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/12 14:37:34 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/09/28 00:07:04 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 17:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009/06/29 16:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 10:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2007/05/18 15:36:48 | 000,082,944 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\marsqx5.sys -- (marsqx5)
DRV - [2011/02/18 22:48:28 | 000,045,624 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ZDCNDIS6a64.sys -- (ZDCNDIS6a64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/04/02 16:02:02 | 000,072,576 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\marsqx5.sys -- (marsqx5)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {BAF64DD8-4818-4F1D-9C5E-A02AC6BC4F36}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{BAF64DD8-4818-4F1D-9C5E-A02AC6BC4F36}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A2136B2-6430-4DD6-A35D-B7A77F84D242}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{07305ADC-BA3C-4A42-9DBE-1DEEC1DF92D4}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_en
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBR
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{6A2136B2-6430-4DD6-A35D-B7A77F84D242}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

[color=#E56717]========== FireFox ==========[/color]

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Judy Forester\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Judy Forester\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/09/28 15:42:12 | 000,000,000 | ---D | M]

[2012/11/23 13:35:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.29_0\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.28\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2013/09/04 00:04:16 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Easy PDF Creator] "C:\Program Files\Easy PDF Creator\EasyPDFCreator.exe" File not found
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launchpad] C:\Program Files\Windows Server\Bin\Launchpad.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files (x86)\AutoInstall\AR9170_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
O4 - HKLM..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe" File not found
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004..\Run: [Hobbyist Software VLC Streamer] C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe (Hobbyist Software)
O4 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Judy Forester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC119C4B-4995-4508-82C8-F0731B0FD2A5}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f82af37b-37a8-11e0-809d-88ae1d3d2a6c}\Shell - "" = AutoRun
O33 - MountPoints2\{f82af37b-37a8-11e0-809d-88ae1d3d2a6c}\Shell\AutoRun\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within (All) ==========[/color]

[2014/02/09 12:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/02/09 12:40:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/09 11:11:38 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Malwarebytes
[2014/02/09 11:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/09 11:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/09 11:11:16 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/02/09 11:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/12/21 11:36:07 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO
[2013/12/21 11:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
[2013/12/21 11:36:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MagicISO
[2013/12/21 10:44:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/12/06 09:10:45 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Oracle
[2013/12/06 09:09:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/12/06 09:09:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/12/06 09:09:07 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2013/12/06 09:08:58 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2013/12/06 09:08:58 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2013/12/06 09:08:58 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2013/12/06 09:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/12/04 00:15:54 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/12/04 00:15:54 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/04 00:15:53 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Macromed
[2013/12/04 00:15:51 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed
[2013/12/01 20:34:49 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\Documents\My Kindle Content
[2013/12/01 20:34:16 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2013/12/01 20:34:04 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Local\Amazon
[2013/12/01 19:51:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Streamer
[2013/11/29 15:49:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sudoku
[2013/11/29 13:08:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AirPort
[2013/11/28 22:37:50 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\27243
[2013/11/24 17:03:53 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\windows\SysNative\drivers\HipShieldK.sys
[2013/11/22 12:02:38 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEUDINIT.EXE
[2013/11/22 12:00:05 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/11/22 12:00:05 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/11/22 11:59:58 | 023,212,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtml.dll
[2013/11/22 11:59:58 | 017,142,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtml.dll
[2013/11/22 11:59:58 | 012,995,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieframe.dll
[2013/11/22 11:59:58 | 011,220,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieframe.dll
[2013/11/22 11:59:58 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/11/22 11:59:58 | 004,240,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9.dll
[2013/11/22 11:59:58 | 002,764,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iertutil.dll
[2013/11/22 11:59:58 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtml.tlb
[2013/11/22 11:59:58 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtml.tlb
[2013/11/22 11:59:58 | 002,332,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wininet.dll
[2013/11/22 11:59:58 | 002,166,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iertutil.dll
[2013/11/22 11:59:58 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/11/22 11:59:58 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/11/22 11:59:58 | 001,818,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wininet.dll
[2013/11/22 11:59:58 | 001,394,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\urlmon.dll
[2013/11/22 11:59:58 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/11/22 11:59:58 | 001,156,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\urlmon.dll
[2013/11/22 11:59:58 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/11/22 11:59:58 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2013/11/22 11:59:58 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/11/22 11:59:58 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/11/22 11:59:58 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2013/11/22 11:59:58 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/11/22 11:59:58 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2013/11/22 11:59:58 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/11/22 11:59:58 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/11/22 11:59:58 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/11/22 11:59:58 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/11/22 11:59:58 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/11/22 11:59:58 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2013/11/22 11:59:58 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/11/22 11:59:58 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeeds.dll
[2013/11/22 11:59:58 | 000,454,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vbscript.dll
[2013/11/22 11:59:58 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/11/22 11:59:58 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/11/22 11:59:58 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/11/22 11:59:58 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxtmsft.dll
[2013/11/22 11:59:58 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/11/22 11:59:58 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/11/22 11:59:58 | 000,263,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iedkcs32.dll
[2013/11/22 11:59:58 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/11/22 11:59:58 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dxtrans.dll
[2013/11/22 11:59:58 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webcheck.dll
[2013/11/22 11:59:58 | 000,238,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iedkcs32.dll
[2013/11/22 11:59:58 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/11/22 11:59:58 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/11/22 11:59:58 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/11/22 11:59:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/11/22 11:59:58 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webcheck.dll
[2013/11/22 11:59:58 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/11/22 11:59:58 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msls31.dll
[2013/11/22 11:59:58 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/11/22 11:59:58 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/11/22 11:59:58 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/11/22 11:59:58 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/11/22 11:59:58 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/11/22 11:59:58 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/11/22 11:59:58 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/11/22 11:59:58 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/11/22 11:59:58 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/11/22 11:59:58 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/11/22 11:59:58 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/11/22 11:59:58 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/11/22 11:59:58 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2013/11/22 11:59:58 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/11/22 11:59:58 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/11/22 11:59:58 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/11/22 11:59:58 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/11/22 11:59:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/11/22 11:59:58 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/11/22 11:59:58 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/11/22 11:59:58 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2013/11/22 11:59:58 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/11/22 11:59:58 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/11/22 11:59:58 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/11/22 11:59:58 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/11/22 11:59:58 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/11/22 11:59:58 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/11/22 11:59:58 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/11/22 11:59:58 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/11/22 11:59:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/11/22 11:59:58 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/11/22 11:59:58 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2013/11/22 11:59:58 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/11/22 11:59:58 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/11/22 11:59:58 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsproxy.dll
[2013/11/22 11:59:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedsbs.dll
[2013/11/22 11:59:58 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2013/11/22 11:59:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/11/22 11:59:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/11/22 11:59:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2013/11/22 11:59:58 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/11/22 11:59:58 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedsbs.dll
[2013/11/22 11:59:58 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsproxy.dll
[2013/11/22 11:59:58 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2013/11/22 11:59:58 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\imgutil.dll
[2013/11/22 11:59:58 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2013/11/22 11:59:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/11/22 11:59:58 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
reply to dougfccn

[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:64bit: - [2013/11/22 11:59:58 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/04 16:46:16 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2013/11/04 16:41:02 | 000,219,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2013/09/24 16:07:30 | 000,178,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)
SRV:64bit: - [2013/09/20 09:46:36 | 001,017,016 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)
SRV:64bit: - [2013/08/02 17:52:58 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)
SRV:64bit: - [2013/05/26 22:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/11/02 21:43:00 | 000,112,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\WhsMcClient.exe -- (WhsMcClient)
SRV:64bit: - [2012/11/02 21:07:28 | 000,080,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe -- (arXfrSvc)
SRV:64bit: - [2012/08/05 21:42:30 | 005,274,840 | ---- | M] () [Auto | Running] -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe -- (GsServer)
SRV:64bit: - [2012/01/12 11:26:20 | 000,040,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe -- (ServiceProviderRegistry)
SRV:64bit: - [2011/03/02 15:46:44 | 000,027,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\LANConfigSvc.exe -- (LANConfig)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (WSS_ComputerBackupProviderSvc)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (SqmProviderSvc)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (providers_system)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (NotificationsProviderSvc)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (initMonitor)
SRV:64bit: - [2011/03/02 15:46:40 | 000,030,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\SharedServiceHost.exe -- (HealthAlertsSvc)
SRV:64bit: - [2011/03/02 15:46:34 | 000,228,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe -- (WSConnectorUpdate)
SRV:64bit: - [2010/04/06 14:53:14 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2010/02/23 17:57:42 | 000,835,952 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2010/02/05 17:44:48 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/11/05 22:05:28 | 000,489,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/10/21 09:30:36 | 000,531,520 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\ThpSrv.exe -- (Thpsrv)
SRV:64bit: - [2009/07/28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/09/03 00:03:16 | 003,233,806 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tor\tor.exe -- (tor)
SRV - [2013/05/11 03:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/25 08:58:30 | 001,239,584 | ---- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe -- (Fitbit Connect)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/15 01:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/02/11 13:45:52 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2010/04/23 10:34:08 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoInstallEJCDSvc.exe -- (AutoInstallEJCD)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 14:42:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/03 14:41:58 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2013/11/04 16:51:44 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2013/11/04 16:46:34 | 000,343,696 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2013/11/04 16:43:04 | 000,782,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2013/11/04 16:41:22 | 000,519,576 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2013/11/04 16:40:00 | 000,311,120 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2013/11/04 16:39:20 | 000,179,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2013/09/20 09:38:14 | 000,095,984 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)
DRV:64bit: - [2013/09/20 09:37:56 | 000,390,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/02/16 12:00:12 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2013/02/16 12:00:12 | 000,075,016 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2012/08/23 07:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 07:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/06/24 22:24:48 | 000,052,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/07/07 16:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/06/20 09:07:08 | 001,225,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2011/05/26 08:21:28 | 000,174,680 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/02 13:33:12 | 000,063,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BackupReader.sys -- (BackupReader)
DRV:64bit: - [2011/02/18 22:48:28 | 000,045,624 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ZDCNDIS6a64.sys -- (ZDCNDIS6a64)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 02:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/10/16 14:12:47 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/04/23 10:34:09 | 000,752,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WLANUHN.sys -- (QW720S64)
DRV:64bit: - [2010/03/12 18:21:52 | 000,097,280 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2010/03/10 18:51:32 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/03/05 17:15:14 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2010/01/15 12:22:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/01/12 14:37:34 | 000,325,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/09/28 00:07:04 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/09/17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/14 15:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/13 17:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009/06/29 16:16:20 | 000,014,784 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Thpevm.sys -- (Thpevm)
DRV:64bit: - [2009/06/29 10:25:22 | 000,034,880 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\thpdrv.sys -- (Thpdrv)
DRV:64bit: - [2009/06/22 17:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2007/05/18 15:36:48 | 000,082,944 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\marsqx5.sys -- (marsqx5)
DRV - [2011/02/18 22:48:28 | 000,045,624 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ZDCNDIS6a64.sys -- (ZDCNDIS6a64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2007/04/02 16:02:02 | 000,072,576 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\marsqx5.sys -- (marsqx5)

[color=#E56717]========== Standard Registry (All) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {BAF64DD8-4818-4F1D-9C5E-A02AC6BC4F36}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{BAF64DD8-4818-4F1D-9C5E-A02AC6BC4F36}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
reply to dougfccn
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A2136B2-6430-4DD6-A35D-B7A77F84D242}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{07305ADC-BA3C-4A42-9DBE-1DEEC1DF92D4}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_en
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNO
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBR
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\SearchScopes\{6A2136B2-6430-4DD6-A35D-B7A77F84D242}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

[color=#E56717]========== FireFox ==========[/color]

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Judy Forester\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Judy Forester\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/09/28 15:42:12 | 000,000,000 | ---D | M]

[2012/11/23 13:35:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.29_0\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm\1.0.0.28\
CHR - Extension: No name found = C:\Users\Judy Forester\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2013/09/04 00:04:16 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TOSHIBA Media Controller Plug-in) - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Easy PDF Creator] "C:\Program Files\Easy PDF Creator\EasyPDFCreator.exe" File not found
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launchpad] C:\Program Files\Windows Server\Bin\Launchpad.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [ThpSrv] C:\windows\SysNative\thpsrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files (x86)\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] C:\Program Files (x86)\AutoInstall\AR9170_Auto_Install_CD_Only_Gen_0ACE20FF\AutoEJCD.EXE ()
O4 - HKLM..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TSleepSrv] "%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe" File not found
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004..\Run: [Google Update] C:\Users\Judy Forester\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004..\Run: [Hobbyist Software VLC Streamer] C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe (Hobbyist Software)
O4 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Judy Forester\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC119C4B-4995-4508-82C8-F0731B0FD2A5}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f82af37b-37a8-11e0-809d-88ae1d3d2a6c}\Shell - "" = AutoRun
O33 - MountPoints2\{f82af37b-37a8-11e0-809d-88ae1d3d2a6c}\Shell\AutoRun\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014/02/09 12:50:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2014/02/09 12:40:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/09 11:11:38 | 000,000,000 | ---D | C] -- C:\Users\Judy Forester\AppData\Roaming\Malwarebytes
[2014/02/09 11:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/09 11:11:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/09 11:11:16 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/02/09 11:11:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/08/03 15:55:26 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Judy Forester\AppData\Roaming\pcouffin.sys
[2004/09/05 12:25:33 | 000,024,576 | ---- | C] (BackWeb) -- C:\Users\Judy Forester\AppData\Local\TempIadHide3.dll
[1 C:\Users\Judy Forester\Documents\*.tmp files -> C:\Users\Judy Forester\Documents\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014/02/09 14:43:01 | 000,000,940 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3518411881-486804064-2977211178-1004UA.job
[2014/02/09 14:42:01 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/09 12:53:45 | 000,021,472 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/09 12:53:45 | 000,021,472 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/09 12:53:11 | 000,000,732 | ---- | M] () -- C:\Users\Judy Forester\Desktop\OTL.exe - Shortcut.lnk
[2014/02/09 12:50:14 | 000,001,855 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2014/02/09 12:45:22 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/09 12:44:39 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/02/09 12:44:35 | 3166,703,616 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/09 12:39:52 | 000,000,825 | ---- | M] () -- C:\Users\Judy Forester\Desktop\adwcleaner.exe - Shortcut (2).lnk
[2014/02/09 11:43:07 | 000,000,888 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3518411881-486804064-2977211178-1004Core.job
[2014/02/09 11:11:17 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/09 10:47:56 | 000,779,266 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/02/09 10:47:56 | 000,660,530 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/02/09 10:47:56 | 000,121,426 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/02/05 22:26:27 | 000,002,420 | ---- | M] () -- C:\Users\Judy Forester\Desktop\Google Chrome.lnk
[1 C:\Users\Judy Forester\Documents\*.tmp files -> C:\Users\Judy Forester\Documents\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014/02/09 12:53:11 | 000,000,732 | ---- | C] () -- C:\Users\Judy Forester\Desktop\OTL.exe - Shortcut.lnk
[2014/02/09 12:39:51 | 000,000,825 | ---- | C] () -- C:\Users\Judy Forester\Desktop\adwcleaner.exe - Shortcut (2).lnk
[2014/02/09 11:11:17 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/08/03 15:55:26 | 000,099,384 | ---- | C] () -- C:\Users\Judy Forester\AppData\Roaming\inst.exe
[2013/08/03 15:55:26 | 000,007,859 | ---- | C] () -- C:\Users\Judy Forester\AppData\Roaming\pcouffin.cat
[2013/08/03 15:55:26 | 000,001,167 | ---- | C] () -- C:\Users\Judy Forester\AppData\Roaming\pcouffin.inf
[2012/11/23 13:36:10 | 000,033,958 | ---- | C] () -- C:\ProgramData\uninstaller.exe
[2012/04/15 11:52:45 | 000,000,410 | ---- | C] () -- C:\windows\BRWMARK.INI
[2012/04/15 11:52:45 | 000,000,034 | ---- | C] () -- C:\windows\SysWow64\BD7820N.DAT
[2012/03/23 18:50:10 | 000,773,482 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/02/03 11:33:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/12 09:28:52 | 000,007,610 | ---- | C] () -- C:\Users\Judy Forester\AppData\Local\Resmon.ResmonCfg
[2008/07/19 19:43:33 | 000,035,840 | ---- | C] () -- C:\Users\Judy Forester\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003/09/21 11:58:13 | 000,000,700 | ---- | C] () -- C:\Users\Judy Forester\.plugin141_02.trace
[2003/08/22 20:11:43 | 000,055,880 | ---- | C] () -- C:\Users\Judy Forester\AppData\Local\GDIPFONTCACHEV1 (1).DAT
[2003/04/03 15:18:15 | 000,001,292 | ---- | C] () -- C:\Users\Judy Forester\AppData\Local\FASTWiz.html
[2003/04/02 21:06:56 | 001,636,826 | -H-- | C] () -- C:\Users\Judy Forester\AppData\Local\IconCache (1).db
[2003/04/02 21:06:55 | 004,980,736 | -H-- | C] () -- C:\Users\Judy Forester\NTUSER (1).DAT
[2003/04/02 21:06:55 | 000,000,178 | -HS- | C] () -- C:\Users\Judy Forester\ntuser (1).ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 19:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 18:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2010/08/11 03:37:10 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\InterTrust
[2010/08/11 03:37:10 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\InterTrust
[2010/08/11 00:54:02 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\Amazon
[2010/08/11 00:54:02 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\Angel Backup Systems
[2011/04/24 20:57:13 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\GARMIN
[2011/02/21 08:06:09 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\GoodSync
[2010/08/11 00:54:04 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\InterTrust
[2010/08/11 00:54:04 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\InterVideo
[2010/08/11 00:54:43 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\PACE Anti-Piracy
[2011/02/21 07:59:46 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\RoboForm
[2010/10/12 09:12:42 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\Toshiba
[2010/08/11 00:54:44 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\VersionTracker Pro
[2010/10/16 14:13:15 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\Vso
[2010/10/19 23:49:43 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\WinBatch
[2010/08/28 09:31:45 | 000,000,000 | ---D | M] -- C:\Users\Doug Forester\AppData\Roaming\Windows Home Server
[2013/11/28 22:37:50 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\27243
[2010/08/11 01:47:15 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Angel Backup Systems
[2012/04/07 14:34:02 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Barnes & Noble
[2010/08/11 01:47:16 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Drag'n Drop CD
[2013/09/28 13:44:22 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\DVDFab9
[2013/09/28 14:09:16 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Garmin
[2013/05/14 21:08:03 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\GoodSync
[2012/06/02 12:11:02 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Hobbyist Software
[2010/08/11 01:47:17 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\IDS_COMPANY
[2010/08/11 01:47:18 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\ImgBurn
[2010/08/11 01:47:18 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\InterTrust
[2010/08/11 01:47:18 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\InterVideo
[2013/12/06 09:10:45 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Oracle
[2012/04/28 13:25:43 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\OverDrive
[2013/08/03 09:46:29 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\RoboForm
[2010/08/11 01:49:03 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Template
[2010/10/12 10:50:11 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Toshiba
[2013/08/03 15:55:30 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Vso
[2010/12/30 14:57:51 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\WinBatch
[2010/08/11 01:49:04 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Windows Home Server
[2010/11/28 23:41:02 | 000,000,000 | ---D | M] -- C:\Users\Judy Forester\AppData\Roaming\Windows Live Writer
[2010/08/11 02:46:56 | 000,000,000 | ---D | M] -- C:\Users\Nancy\AppData\Roaming\InterTrust
[2010/08/12 15:40:03 | 000,000,000 | ---D | M] -- C:\Users\Nancy\AppData\Roaming\Toshiba
[2010/08/10 20:44:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Toshiba
[2010/07/03 20:23:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinBatch

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 716 bytes -> C:\Users\Judy Forester\Documents\yada yada yada.eml:OECustomProperty
@Alternate Data Stream - 632 bytes -> C:\Users\Judy Forester\Documents\paula.eml:OECustomProperty
@Alternate Data Stream - 3313 bytes -> C:\Users\Judy Forester\Documents\My son's product--DNA sequencer!.eml:OECustomProperty

============= OTL 30-day-old files log END =================
12.b. OTL Extra log
============= OTL Extra log START =================
OTL Extras logfile created on: 2/9/2014 2:43:17 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Infected
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.93 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 40.92% Memory free
9.83 Gb Paging File | 6.82 Gb Available in Paging File | 69.40% Paging File free
Paging file location(s): c:\pagefile.sys 6039 6039 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.24 Gb Total Space | 58.90 Gb Free Space | 10.08% Space Free | Partition Type: NTFS
Drive F: | 7.49 Gb Total Space | 7.46 Gb Free Space | 99.66% Space Free | Partition Type: FAT32

Computer Name: BLACKDIAMOND | User Name: Judy Forester | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
reply to dougfccn
[color=#E56717]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Judy Forester\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Judy Forester\AppData\Roaming\File Scout\filescout.exe" /open "%1"
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

[color=#E56717]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[color=#E56717]========== Authorized Applications List ==========[/color]

[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{046AD47E-2F61-4D0B-8AD3-F53A3B0E1363}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0DC62E56-D398-446C-8956-67524BCF2829}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{11426ED8-A650-44A6-8FAB-0562F8B544DD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{11DC5E65-CE00-4CDC-B7DB-43D1DBF525AB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14276DEA-C2E9-4658-83BF-3A4BC3E084EE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{16EDFA63-A8F7-465E-8953-85E8DBDE3E0C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{22E85D3C-B68E-45C3-B4F6-3D9816BB4E79}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2B2A91F7-B382-4E33-A8C0-92715951F5D8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4F1A7B93-21D4-48B8-BE0E-E57325FE6650}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{5546714F-8229-422D-A5D6-74111B1B05E6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{559F11FA-54AA-4838-9B13-234D29AF623C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5BB66268-CD2C-4102-9C70-0E417702F9FC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5F92D40F-FC0F-452A-ABF6-8453E14F662F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62D47AEE-3095-4594-B224-B8F1840E3869}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{76C20017-A0FC-4D9E-9C06-9948225C594B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7B7D2133-0064-4924-88A2-AE8926F4F881}" = lport=445 | protocol=6 | dir=in | app=system |
"{7BCEA2DE-8E1E-4F4E-B737-8E3959A07ECA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{88814F24-9B50-4A9F-85C6-B68A3E7957CA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8C6C1DD1-C009-410B-A5D0-263019083158}" = lport=139 | protocol=6 | dir=in | app=system |
"{93A4EA1A-9B85-4343-B962-D4BB9EB9B6E8}" = rport=139 | protocol=6 | dir=out | app=system |
"{958CE02B-CD26-4A0F-BB99-2011B31DB543}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{98160026-0549-483C-96D2-45AABE42B9DC}" = lport=33333 | protocol=6 | dir=in | name=goodsync server incoming connections |
"{A5A3E569-43BE-49C8-BF3D-70E15FD3C810}" = lport=7000 | protocol=17 | dir=in | name=windows easy transfer udp port |
"{A66BEA91-D45D-4C62-866E-47E846E05663}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7464C27-1BB9-46BD-AEA5-F269CD51EC2E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A7931572-959E-4497-A3E4-F20374F138E4}" = rport=137 | protocol=17 | dir=out | app=system |
"{AC673A52-972B-40A3-A6B9-B5B08037821B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ADE6994C-29C8-4F97-92E3-A3395E5735BC}" = lport=138 | protocol=17 | dir=in | app=system |
"{B6DE23C9-F69F-4918-886B-4F7297C8D27F}" = lport=33338 | protocol=17 | dir=in | name=goodsync server lan discovery |
"{BA7DEA42-C23F-4D47-95EE-2A16B93A1CB9}" = rport=138 | protocol=17 | dir=out | app=system |
"{BD13A938-C4BD-4CD7-AB2D-FD41EF129A29}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C78F9487-1DE7-455A-A615-5FE4FD3A8F20}" = lport=137 | protocol=17 | dir=in | app=system |
"{C7A3FBCC-F440-4D52-9F66-47098EA9EE42}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C8E35877-C129-4883-885A-BEE3D5B2F8EB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D8FB5B75-5FB5-4BE7-A887-4DBA50BC6037}" = rport=445 | protocol=6 | dir=out | app=system |
"{DD3A0A80-C6EF-439B-BCC1-D84AEF4C4559}" = lport=7000 | protocol=6 | dir=in | name=windows easy transfer tcp port |
"{E26FEDF8-79B3-4D69-AAB1-1FD844964970}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E604CFB1-FB21-4758-90A0-64B61E2EDE95}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F1798E92-4097-4DB9-9221-9203CBB435F4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F3E416DF-A1E4-4772-AF5E-942D9F6AA83C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{005584A5-61FE-43CE-98CF-8E28C3CA1246}" = dir=in | app=c:\program files\bonjour\mdnsresponder.exe\bonjour\mdnsresponder.exe |
"{03CCFE79-9585-474C-9B34-B6FD2073FF67}" = protocol=6 | dir=out | app=system |
"{067AEF0E-D9A1-4A7E-AAD4-8EC997790986}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{09D200BA-F2F1-45A8-959E-27BC0F22B3AE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0B4739F0-05A2-4486-AB30-342815228799}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe |
"{0B68C4FD-6A74-4F0C-807A-21D4707646F8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0FC1B92D-0FCD-475B-8BCD-DF4CDD38DA61}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gs-server.exe |
"{15CEB152-A338-425C-8613-8C256A112E09}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |
"{16AA8F75-765D-476E-ACC5-ABF3FC3A84A6}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe |
"{19BE4C0A-36CD-469A-B1B4-6AF4CAC3960F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1ED06582-B4DD-470A-B11D-DE3257206A88}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{22322CA2-4B16-43CC-9080-506CF6F62742}" = dir=in | app=c:\program files (x86)\airport\apagent.exe |
"{253417ED-B91F-43DB-9FE4-84140E11D9E1}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe |
"{257AD9A0-CC8B-4336-AA14-5F32FD8B3623}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{26979687-118B-4108-8E62-66AB6EA61B2E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{28E032EE-DC22-4942-B9FF-69912B64B60F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{44D24E87-6AB0-43E5-82A8-5AFE598FCB4B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{46EDDDBC-D0B4-40BA-B8C1-0DE5C427995B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{56EADBEB-FCAE-4335-A09F-3F2B81999F49}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{646551EF-9A1F-475F-81A2-C0DE4A23A1A5}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{656BE945-5244-46ED-93B8-F4CAAAB95536}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6597F0EE-E9F9-4110-8750-6E8150F8A1AD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{69059994-7F24-45AE-868B-A32084E2EF14}" = protocol=17 | dir=in | app=c:\program files\siber systems\goodsync\gsexplorer.exe |
"{6AA0ED2D-7BCD-43B7-883E-E7AF3AFBEDB0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6E35C72D-3E2B-4329-A196-BC4443C0FCF7}" = dir=in | app=c:\program files (x86)\hobbyist software\vlc streamer\mdnsresponder.exe |
"{6F888AD2-603E-49A0-B8FC-C26F73493FE6}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{755ED80A-2040-4AC0-8033-A4340CDED4D7}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{77317BE8-A118-4C0B-8D02-8547148F6E6F}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{7EE6E453-D34F-4A35-B3D3-0DEE4B0FEF88}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7F10C9B0-B596-4C2F-B6D1-1964E61D4407}" = protocol=17 | dir=in | app=c:\users\judy forester\appdata\local\microsoft\windows\temporary internet files\content.ie5\jqv2f96t\whsconnectorinstall[1].exe |
"{82FA24CF-8553-47D1-9A84-6089E4A0521D}" = dir=in | app=c:\program files (x86)\hobbyist software\vlc streamer\vlc streamer configuration.exe |
"{841C9701-A036-4A87-BC7F-1BDDA4F194FE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8AA7A236-AC36-41C3-A6A1-8AB12390DC2F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{8BAA1566-E629-489C-A097-70E66ED04587}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8D1E9504-49CE-42E6-98CA-F9AA68D1428C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{97C29A24-71E8-493A-AD5A-4159D43A7A20}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |
"{A24E2030-D4B3-4592-A1B9-AB8DC3E66BEE}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{A550F60A-C023-470B-945F-42D1A3A71D16}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A8B8F85D-EF15-4EA9-9728-F5A9E104D6FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AD7AD09D-5CDC-4554-834F-5B804A025273}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B013351E-2A5D-4FF2-9F73-BD2C6B7AC65D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B08A9C55-E8D8-498C-B4D5-A3D5A1233B6D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B6A8E8AF-D151-411D-AA2C-0DC08B2D66E7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BA8C9C87-25EF-4912-9149-94B5A045B2B8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BE03568B-98C8-4ADA-A524-80E878EB632E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{BFF0CF93-0659-42FA-9476-7B7E4823CCDA}" = protocol=6 | dir=in | app=c:\users\judy forester\appdata\local\microsoft\windows\temporary internet files\content.ie5\jqv2f96t\whsconnectorinstall[1].exe |
"{D8802B7D-96ED-482C-BE10-40A6AE6604F2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E1B0D37C-0EDF-45A3-BE03-8F76C9C4A64E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E88AEA0D-CB76-4927-B109-37305395DDB7}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{EBF7BFBD-975D-485B-A77F-06D66F7FC5DB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FAE24ABC-58CC-4072-A418-87A279F66B65}" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe |
"{FAFD8C13-1D49-4A8E-94E2-119EFB80E9CB}" = protocol=6 | dir=in | app=c:\program files\siber systems\goodsync\goodsync.exe |
"{FC9F51D2-90DE-4BC0-88A0-FEE2FD23E7CE}" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe |
"{FCBB4EB7-3AF5-4941-9617-49BA8AA29E79}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{237D687E-9E50-4A30-B810-262764CC491B}" = Garmin Communicator Plugin x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{94A90C69-71C1-470A-88F5-AA47ECC96B40}" = TOSHIBA HDD Protection
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"{B26B00DA-2E5D-4CF2-83C5-911198C0F009}" = GoodSync
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"{C1E4D639-4A33-4314-809E-89BD0EF48522}" = Windows Home Server 2011 Connector
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)
"647D95B844BB6F3D7774FEB6EA0280E4A88F8747" = Windows Driver Package - Digital Blue (marsqx5) Image (04/04/2007 1.0.0.0)
"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{08786A53-D98F-484A-867C-3302BC5AE30D}" = Digital Blue QX5 Microscope
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D795777-9D60-4692-8386-F2B3F2B5E5BF}" = Label@Once 1.0
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 45
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF550B4-BB67-4E7E-82F1-2C4300279050}" = ToshibaRegistration
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{647BB978-2876-487B-9B0E-FDB73F0EA4A2}" = Garmin Communicator Plugin
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{654F7484-88C5-46DC-AB32-C66BCB0E2102}" = TOSHIBA Sleep Utility
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{8BC76277-4A32-4F41-8640-0F42D02945AC}" = HP MediaSmart Server
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{9036983F-42B4-4B4D-98BA-15A2E52F018D}" = OBDwiz
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = TOSHIBA Application Installer
"{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}" = TOSHIBA Media Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D3D8C60-A55F-4fed-B2B9-173001290E16}" = Realtek WLAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA68AAAE-41F0-40B5-8896-5947F5FD6889}" = AirPort
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D07205E7-F6D3-4333-AFCC-782A07685B72}" = OverDrive Media Console
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1D7C392-EAF5-405F-A31D-BBD3B56C0C6A}" = ImageMixer 3 SE for SD
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = TOSHIBA Quality Application
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}" = TOSHIBA Media Controller Plug-in
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AI RoboForm" = RoboForm 7-9-0-0 (All Users)
"AutoHotkey" = AutoHotkey 1.0.48.05.L61
"BN_DesktopReader" = NOOK for PC
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"DVDFab 9_is1" = DVDFab 9.0.6.3 (09/09/2013)
"Fitbit Connect" = Fitbit Connect
"GS Bridge" = GS Bridge
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}" = TOSHIBA ReelTime
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}" = TOSHIBA Bulletin Board
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Mavis Beacon Teaches Typing 17" = Mavis Beacon Teaches Typing 17
"MSC" = McAfee Internet Security
"MyCamera" = Canon Utilities MyCamera
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIA.Updatus" = NVIDIA Updatus
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"SciTE4AutoHotkey" = SciTE4AutoHotkey v3 beta 5
"SystemRequirementsLab" = System Requirements Lab
"VLC media player" = VLC media player 2.0.7
"VLC Streamer_is1" = VLC Streamer 4.23
"WinLiveSuite" = Windows Live Essentials
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-3518411881-486804064-2977211178-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Google Chrome" = Google Chrome

[color=#E56717]========== Last 20 Event Log Errors ==========[/color]

[ Application Events ]
Error - 2/7/2014 12:17:39 PM | Computer Name = BLACKDIAMOND | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8050

Error - 2/7/2014 12:17:39 PM | Computer Name = BLACKDIAMOND | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8050

Error - 2/7/2014 12:17:40 PM | Computer Name = BLACKDIAMOND | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2/7/2014 12:17:40 PM | Computer Name = BLACKDIAMOND | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9048

Error - 2/7/2014 12:17:40 PM | Computer Name = BLACKDIAMOND | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9048

Error - 2/9/2014 1:22:46 PM | Computer Name = BLACKDIAMOND | Source = Bonjour Service | ID = 100
Description = Client application registered 2 identical instances of service Black\032Diamond._hs-vlcstream._tcp.local.
port 54343.

Error - 2/9/2014 1:26:22 PM | Computer Name = BlackDiamond | Source = Application Error | ID = 1000
Description = Faulting application name: McSvHost.exe, version: 3.8.703.0, time
stamp: 0x51f7deae Faulting module name: HOMENE~3.DLL, version: 6.8.714.0, time stamp:
0x524485a4 Exception code: 0xc0000005 Fault offset: 0x0000000000021270 Faulting process
id: 0x6bc Faulting application start time: 0x01cf1affe6786a67 Faulting application
path: C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe Faulting
module path: c:\PROGRA~1\COMMON~1\mcafee\mhn\HOMENE~3.DLL Report Id: 4af20a40-91af-11e3-a9f0-b0f534311a5f

Error - 2/9/2014 2:00:25 PM | Computer Name = BlackDiamond | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.5.20.0, time stamp:
0x4e991cc9 Faulting module name: daemonu.exe, version: 1.5.20.0, time stamp: 0x4e991cc9
Exception
code: 0xc000000d Fault offset: 0x0005f315 Faulting process id: 0x19d4 Faulting application
start time: 0x01cf25c0cd1eaeec Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: 0c9f9b21-91b4-11e3-b824-00264d8b96f4

Error - 2/9/2014 3:36:28 PM | Computer Name = BlackDiamond | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.5.20.0, time stamp:
0x4e991cc9 Faulting module name: daemonu.exe, version: 1.5.20.0, time stamp: 0x4e991cc9
Exception
code: 0xc000000d Fault offset: 0x0005f315 Faulting process id: 0x1970 Faulting application
start time: 0x01cf25ce336944a4 Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: 77a1d727-91c1-11e3-b5f7-00264d8b96f4

Error - 2/9/2014 3:48:31 PM | Computer Name = BlackDiamond | Source = Application Error | ID = 1000
Description = Faulting application name: daemonu.exe, version: 1.5.20.0, time stamp:
0x4e991cc9 Faulting module name: daemonu.exe, version: 1.5.20.0, time stamp: 0x4e991cc9
Exception
code: 0xc000000d Fault offset: 0x0005f315 Faulting process id: 0x1888 Faulting application
start time: 0x01cf25cfe0701fc6 Faulting application path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Faulting module path: C:\Program Files (x86)\NVIDIA
Corporation\NVIDIA Updatus\daemonu.exe Report Id: 26ef7682-91c3-11e3-8c2e-00264d8b96f4

[ System Events ]
Error - 2/9/2014 1:32:09 PM | Computer Name = BlackDiamond | Source = Service Control Manager | ID = 7031
Description = The McAfee Anti-Spam Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.

Error - 2/9/2014 1:33:09 PM | Computer Name = BlackDiamond | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the McAfee Platform Services service,
but this action failed with the following error: %%1056

Error - 2/9/2014 1:33:09 PM | Computer Name = BlackDiamond | Source = Service Control Manager | ID = 7032
Description = The Service Control Manager tried to take a corrective action (Restart
the service) after the unexpected termination of the McAfee VirusScan Announcer
service, but this action failed with the following error: %%1056

Error - 2/9/2014 1:46:51 PM | Computer Name = BlackDiamond | Source = Service Control Manager | ID = 7034
Description = The Adobe Acrobat Update Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/9/2014 1:57:38 PM | Computer Name = BlackDiamond | Source = DCOM | ID = 10016
Description =

Error - 2/9/2014 2:00:27 PM | Computer Name = BlackDiamond | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Update Service Daemon service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/9/2014 3:34:02 PM | Computer Name = BlackDiamond | Source = DCOM | ID = 10016
Description =

Error - 2/9/2014 3:36:29 PM | Computer Name = BlackDiamond | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Update Service Daemon service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/9/2014 3:46:18 PM | Computer Name = BlackDiamond | Source = DCOM | ID = 10016
Description =

Error - 2/9/2014 3:48:33 PM | Computer Name = BlackDiamond | Source = Service Control Manager | ID = 7034
Description = The NVIDIA Update Service Daemon service terminated unexpectedly.
It has done this 1 time(s).

[ WSSG Events ]
Error - 1/21/2014 7:06:35 AM | Computer Name = BlackDiamond | Source = Windows Server | ID = 268370434
Description = Backup job 0 on HPSERVER did not succeed. Reason: NotConfigured, System.String[]

Error - 1/21/2014 7:11:36 AM | Computer Name = BlackDiamond | Source = Windows Server | ID = 268370434
Description = Backup job 0 on HPSERVER did not succeed. Reason: NotConfigured, System.String[]

Error - 1/21/2014 7:16:37 AM | Computer Name = BlackDiamond | Source = Windows Server | ID = 268370434
Description = Backup job 0 on HPSERVER did not succeed. Reason: NotConfigured, System.String[]

Error - 1/21/2014 7:21:38 AM | Computer Name = BlackDiamond | Source = Windows Server | ID = 268370434
Description = Backup job 0 on HPSERVER did not succeed. Reason: NotConfigured, System.String[]

Error - 1/21/2014 7:26:39 AM | Computer Name = BlackDiamond | Source = Windows Server | ID = 268370434
Description = Backup job 0 on HPSERVER did not succeed. Reason: NotConfigured, System.String[]

Error - 1/21/2014 7:31:40 AM | Computer Name = BlackDiamond | Source = Windows Server | ID = 268370434
Description = Backup job 0 on HPSERVER did not succeed. Reason: NotConfigured, System.String[]

Error - 1/21/2014 7:36:41 AM | Computer Name = BlackDiamond | Source = Windows Server | ID = 268370434
Description = Backup job 0 on HPSERVER did not succeed. Reason: NotConfigured, System.String[]

Error - 1/21/2014 7:41:42 AM | Computer Name = BlackDiamond | Source = Windows Server | ID = 268370434
Description = Backup job 0 on HPSERVER did not succeed. Reason: NotConfigured, System.String[]

Error - 1/21/2014 7:46:43 AM | Computer Name = BlackDiamond | Source = Windows Server | ID = 268370434
Description = Backup job 0 on HPSERVER did not succeed. Reason: NotConfigured, System.String[]

Error - 1/21/2014 7:51:43 AM | Computer Name = BlackDiamond | Source = Windows Server | ID = 268370434
Description = Backup job 0 on HPSERVER did not succeed. Reason: NotConfigured, System.String[]

============= OTL Extra log END =================

13. Ran Security.Check. Log below:
============= Security.Check log START =================
Results of screen317's Security Check version 0.99.79
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
[u]``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
McAfee Anti-Virus and Anti-Spyware
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
[u]`````````Anti-malware/Other Utilities Check:`````````[/u]
Malwarebytes Anti-Malware version 1.75.0.1300
Java(TM) 6 Update 17
Java 7 Update 45
[color=red]Java version out of Date![/color]
Adobe Reader XI
Google Chrome 32.0.1700.102
Google Chrome 32.0.1700.107
[u]````````Process Check: objlist.exe by Laurent````````[/u]
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
[u]`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 0%
[u]````````````````````End of Log``````````````````````[/u]
============= Security.Check log END=================

14. Ran ESET Online Scan. Took forever to scan my huge .iso movie files.
============= ESET Online Scan log START =================
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=611b0e96f75d2745bee3886753b99e6a
# engine=17006
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-10 09:11:15
# local_time=2014-02-10 02:11:15 (-0700, US Mountain Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5122 16777214 66 65 6789754 153879653 0 0
# compatibility_mode=5893 16776574 100 94 11008244 143566925 0 0
# scanned=237871
# found=0
# cleaned=0
# scan_time=37944
============= ESET Online Scan log END =================

So there's the data. I'd be pleased to learn whatever you can tell me about my laptop.
Thanks.
Doug
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~
Expand your moderator at work


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5
reply to dougfccn

Re: My Toshiba laptop is infected and I can't get it clean

Hi dougfccn

I don't see much left to have to deal with.

Please run OTL.exe.

- Copy the text in the code box below to the clipboard by highlighting all the text inside the box and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

quote:
:OTL
@Alternate Data Stream - 716 bytes -> C:\Users\Judy Forester\Documents\yada yada yada.eml:OECustomProperty
@Alternate Data Stream - 632 bytes -> C:\Users\Judy Forester\Documents\paula.eml:OECustomProperty
@Alternate Data Stream - 3313 bytes -> C:\Users\Judy Forester\Documents\My son's product--DNA sequencer!.eml:OECustomProperty
:Commands
[EmptyTemp]
[EMPTYJAVA]
[EMPTYFLASH]
[CREATERESTOREPOINT]
- Return to OTL.exe, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.
- Click the red Run Fix button.
- A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
- Close OTL.exe

Please post the log from OTL in your next reply.

Please download Junkware Removal Tool and save to your Desktop:
»www.bleepingcomputer.com/downloa···al-tool/

- Disconnect from the Internet (unplug your connection to your router or modem).
- Please close your security software to avoid potential conflicts.
- Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
- Restart your security software and reconnect to the Internet.
- Please post the contents of JRT.txt into your reply.

Please post the lot from OTL, the log from Junkware Removal Tool, and note any errors encountered.

How is the system running now?
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010


dougfccn

@comcast.net
downloadOTL_fix_log.···0459.log 7,352 bytesdownloadJRT.txt 56,743 bytesdownloadOTL_fix_log.···0459.log 7,352 bytes
OTL log
downloadJRT.txt 56,743 bytes
JRT log
downloadOTL_fix_log.···0459.log 7,352 bytes
OTL log
downloadJRT.txt 56,743 bytes
JRT log
I ran OTL.exe as instructed. The log is attached. It required a reboot to finish before producing its log file (which is attached).
I downloaded the bleeping junk removal tool and ran it. The log is attached as well.
No errors were noted.
How is running now, you asked? Haven't had much chance to use it because I was waiting til I got your final instructions.
One thing that has been a problem that I thought be a virus was after a reboot, the hard disk working light is on solid for 5-6 minutes. This really locks up the computer until it decides to stop thrashing. It looks like it's still happening. Does it on a "restart" and on a start from hibernate. That was one of the problems that I hoped would go away if I cleaned up my machine. Any ideas how to get a handle on that.
I turned my McAfee AV back on and connected to the internet. Things seem fine.
Thanks for your attention.
Best, Doug
============ OTL Log START ===================
All processes killed
========== OTL ==========
ADS C:\Users\Judy Forester\Documents\yada yada yada.eml:OECustomProperty deleted successfully.
ADS C:\Users\Judy Forester\Documents\paula.eml:OECustomProperty deleted successfully.
ADS C:\Users\Judy Forester\Documents\My son's product--DNA sequencer!.eml:OECustomProperty deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Doug Forester
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Judy Forester
->Temp folder emptied: 2845556 bytes
->Temporary Internet Files folder emptied: 14296840 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 492 bytes

User: LocalService

User: Nancy
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService

User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1391580 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 18.00 mb

[EMPTYJAVA]

User: Administrator

User: All Users

User: Default

User: Default User

User: Doug Forester
->Java cache emptied: 0 bytes

User: Judy Forester
->Java cache emptied: 0 bytes

User: LocalService

User: Nancy

User: NetworkService

User: Owner

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Doug Forester
->Flash cache emptied: 0 bytes

User: Judy Forester
->Flash cache emptied: 0 bytes

User: LocalService

User: Nancy
->Flash cache emptied: 0 bytes

User: NetworkService

User: Owner

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 02112014_230459

Files\Folders moved on Reboot...
File move failed. C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoEJCD.exe scheduled to be moved on reboot.
File move failed. C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoInstallEJCDSvc.exe scheduled to be moved on reboot.
File move failed. C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\MSVCP60.DLL scheduled to be moved on reboot.
C:\Users\Judy Forester\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Judy Forester\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
=========== OTL Log END =================

=========== JRT log START ================
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Professional x64
Ran by Judy Forester on Tue 02/11/2014 at 23:24:11.31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3518411881-486804064-2977211178-1004\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120921_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120921_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120921_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120921_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASMANCS

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{011452A4-0427-4FBC-85F1-89980589CDDD}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0129CCAC-7C8C-42B6-8487-687A3761DA5F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{01836AAF-1459-4475-9033-7308DBFD9914}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{022FF730-7ADC-47AF-89EC-F7CB50AB7B00}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{053DB2CF-2C1D-4034-A6EC-316606BCB7D5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{05929588-DDEA-4C25-A9ED-FECEE8471A88}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{05EDDA97-CA8C-442D-B645-4FA4286F4A1F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{06628D6A-713D-446C-AB3A-DC3B4CE9757D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0676F5A7-4F70-4F45-99EC-513DF5A63568}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{068C9AC3-A6CB-44E5-9FDB-EDCC1A374AC6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{078ED7B2-BC8A-4A4E-BDA1-2770D3430302}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{081E95A3-316D-4F1B-92B9-485D7CE5FE4B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{082EF5AD-B702-41A4-9E48-7563E6521417}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0849D4F3-E1D2-4DF8-BF5B-088705FDDFB7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0861E470-D86E-4FC1-8D9D-9788B332D3A2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{08FF52D4-A619-44B5-BBBA-B43F0D3D7C54}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{093F04DD-9010-4243-8970-298E079C999B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{09A7D884-03C7-417F-84F1-DF0800BD40BA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0A46900E-1D26-4E9E-B3B2-0371D8651859}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0ADF4983-7889-4BA2-BAD8-0DF4962D88F5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0B09DE52-BF32-4082-AF45-61E80E6AFEE8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0B19309F-EC9C-4702-9DE9-A42EB70D52E8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0B7AC63C-BC54-4724-B756-77CE303512B8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0BBA323C-0166-441C-B0F2-DE7CAFB81968}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0BBA8823-B368-4149-94D7-BA98FC550319}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0BD3B196-7C32-4177-BBCC-5B451F4205F2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0C47A90F-A72C-4A86-8DE7-FD37971121C3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0D529CCE-1CBD-430A-8408-8009C5C2531B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0FB44227-6A09-45CB-90C0-2DE2BD62EE82}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0FEC5A5A-8F5C-4319-9E1F-A29DBB9A05FB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{10109DF1-0E52-49BA-84B8-92C5361A8CCD}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{127133A3-16ED-400F-9B72-F516B00609CF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{130C20CD-9292-4D45-B1D4-2304BD88C3E6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{13386CC5-BF4C-4D50-8139-BB250B29DA78}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{13F8EB80-FB9D-4915-A1E5-A38C28DB7039}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1551E77D-7986-4F0D-98AF-8AB8B2F1C7A2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1603F30C-0BF4-40E6-ABF3-14DE8842392E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{165982B6-5896-462C-BED2-FE900EAAC386}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{168246CF-E0AB-4EAD-925A-3A090C69570D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{16BDC84C-F30D-4FA7-9219-DA4693C6A2EF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1796687F-71F5-4298-9F45-62BE89CC46D5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{18B5463F-35B0-4C5A-A0C2-88CE9D91FCE4}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{18C87591-2A9E-4882-B5E7-41BA34A59513}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{18F4C9BF-E4C7-410D-8F75-8860A3BBDC0E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1912B05F-1931-42F9-8B94-310742F811E3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{198A659B-EFAF-4F89-BC74-291D25799D5B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{19AA29DB-7F54-46D4-9748-3DEBC6D6B390}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1AE80194-E528-4FBE-A984-A1FD94B1658C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1C6DB810-9AEF-4623-B888-0AF1A1FF5C4D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1D8EECC4-92A0-4A84-B590-4163B56A48A8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1DD25930-C6E2-4F92-8CE7-E3C7F97F78C7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1EAE4ECD-9A2F-4C95-B440-A1F1D6C0A3F8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1F81D407-09B0-4D92-87AF-FA5613F3691F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1FA0222E-C993-4E33-A5A4-C75E622F286A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{223B5773-23A3-44C9-B8EB-2A54105C8450}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2257EF2A-1486-47BB-B837-24F5AD28E760}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{22E04317-48C6-4EE6-9E5A-DA85123BB67E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{238C344C-8610-4F56-882E-A278B661EB9C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{239C7E36-D441-4490-91CD-0788A97DABE1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{23AB617E-D648-4C8B-A21E-1E6E29AF5707}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{23D30E31-7FAE-4FEA-A93F-39ACBE3C1892}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{24C44C43-F84C-4F09-BC6E-293F0F22CC4F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{256C8CEE-E030-4868-84BB-5F3286CABE11}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2570C829-933C-4663-B5D7-4F59421CDAF1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{26303A3F-C407-4F29-9FE2-D5F590D7D531}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{27F33FBA-46FF-4CA6-A196-2A8245ACA6CC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{294718CF-68C3-40BC-8A72-2C1B6E987D3E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2ADA2872-7DEC-4555-A107-B9C3E3194CD6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2ADF50F5-C8CE-4A92-9CEF-31C5B372ADA3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2B827724-45DF-4121-A273-FCEE4CB19B70}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2BE0665F-18C6-4733-9394-5B840DAA1574}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2C16C706-A223-4C38-814F-755EE32B0CD0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2C7B5841-2863-4F46-99A7-3C7628FB4EA2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2CC940FB-AFAD-4CDE-9301-4349D1A65304}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2D209191-3207-467B-913F-78CFA819EF6B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2E3FFC80-D4CF-45FB-B358-7B097167E8A5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2F400716-D959-42D6-9BD1-3729BBAE9CE2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2F96AAA6-5D2B-4E3B-A9DA-2FE60131863E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2FB1DBA4-6E78-4343-B5A3-E4355C7DF490}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{303A098A-60D3-4024-99C4-3A61873CE638}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{312EFF2D-0186-4120-B0B4-D46708F7465E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3174D54F-BB6E-4C08-B49B-35CA7CD93D3F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{319565B0-B2BC-4C64-9B14-C5BEEE63FCB0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{31996B04-FDB0-493E-966B-E738D56120B7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{31A48597-C51F-421F-B527-B23717B7E71B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3251222E-873A-4293-8066-3B06451E3E24}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{32DB2C2B-854D-4D46-9D06-39E09A758E89}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{330DD21C-6F3C-4324-957E-9FA13341E12C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{331C4CB3-265C-41FB-94CD-BE893D4C20C9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{33A08B80-62CD-4FA7-824D-89AFBCDBFD93}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{33E0384C-1BA1-49B9-9CF6-2B3A13592E4D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3480227D-2B07-43D4-996D-DEDBAA136760}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{34B7FFBE-CA06-4A89-A33F-B4080F51F79A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3543512B-02DA-44AB-89F4-AFF3C1CB8CE2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3659924E-E2E3-4C5C-8960-DC9022B0FABF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3674AC5D-38DA-4BFE-88CE-6BD8550DCFB7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3675780F-C661-4CE6-BD70-21C9201F672C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{36B47468-CD14-41A5-9D36-B72D3020945B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3788A7B6-47C7-4A2A-9C42-2F25F40E8205}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3802AB4B-A7AE-4AE9-BEFB-655B34556DCA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{387AF965-12A9-42C9-A007-46B8D6ECCF13}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{389CCEB9-18EC-41E0-ACE5-ECC7C2A29E44}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{391D86FB-120F-49A0-83CD-2A42FF5BC50B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{39CC326B-2B97-4524-927B-5ABE0F99EDBB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3A0AC5CB-1AA8-49F1-A5A1-7A01E0D8E59B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3A487F4E-BA81-45E1-8DDA-D5AA220710F3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3A4DEEF6-6249-4F74-B251-6799E240DF71}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3C0CB16B-10F0-4E1E-B2B2-4F2D838491C2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3C3E2C7D-3B1D-4C99-BFA7-E43611920A2A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3F338C82-957E-447C-AC6C-27BD47C4058F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3F4CD2E9-F5B6-4C54-8A5E-B87491E42F2C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3F8EDA98-4C37-4F9C-84AB-365DDAA121E9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3FE62706-0992-462B-8994-1E297764E946}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{41058B89-A71A-4334-8F6D-993DA5301F03}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{41FDC5D5-DD05-4165-B394-6FB41DD1A1D1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{421FDBA6-7FA7-4687-B7BB-2FF239E42168}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{42791505-2B6A-4A38-A814-02B0B35A0F5E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{42BB60F2-49D4-423A-A51E-371A7C59D0D2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{43DCE02D-75F9-4B52-B545-44F2903FA314}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{443CEE5C-D087-496A-9C05-A1EF83BE4C4F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{459A85DB-EACA-4687-B126-70F94F65024C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{45B63F96-1A52-4EDD-99F4-34C51EE418BE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{45BD7584-6672-4B37-A59E-EFDCC6B49D41}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{46241604-760B-4F0A-B708-8322AF4A97A2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4628AC83-EDD5-4010-8125-42F730C2C7D6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{466EF17B-B5F5-409B-8D0B-C2F9388E6205}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4795190C-78C0-4332-87D2-20C32D15CBA2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{47999AA4-8B87-4BAF-8AE4-09AC6130057E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{47CBC79C-E3D0-471A-A333-B1540E78C6CB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{48811CC0-F017-44CF-BC8F-278D6F272989}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{48B9E188-3506-4899-9797-CFE7BF03E73B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{48D016F7-E2D7-4CBA-B954-29A5007CD449}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{491C8C2A-4760-4827-90A4-850E0C1CE910}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4947DFA3-DFF2-4103-A4C9-24ABD6B4BF3B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{49BE5FAF-CF02-430F-8D3D-F7E8A2B404EC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{49DDE86C-E77C-4E64-963F-E8176AB61344}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4A46F691-E5FB-486B-938F-48F52301CC3B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4A7BD325-B9A7-4D6B-9621-7281B448445F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4B0AFCF7-129C-47CA-92E1-6EB8242E806A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4B1B456A-B7FC-42A9-B17A-447D607D543A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4B2ED78A-BC57-4B1B-9E6B-E48E381195B5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4B8F5922-118F-4D84-B772-3D0A96BC6E65}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4C3143F8-5390-46F3-B52F-EBAE5D194D01}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4CA5F998-4E54-4AAD-A8A1-5F953B3F7C02}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4E3D8427-3D39-4EE4-AFAB-B766EB28784F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4E48D055-94C5-481C-927F-E15C73701F43}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4F6A50EB-A980-47D8-894C-1CAA269A2BC2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4FC5D9C7-F696-4489-A62B-3E48C20228F1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4FD9F1B2-D654-475E-860B-EDC81732DCF9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{503C3F5D-8E39-4199-8F10-629D0594A325}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5130C41D-4C26-4F54-AD0F-ED5EF37FCD5A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5134188B-E9E1-47EA-AFDE-9381F4BDFB1B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5169001F-B475-43CD-9A66-6AD07ECA35EF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{51C6C10A-0491-4538-B6E4-7B510E819961}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{51CAD9C9-A76C-46D0-91AF-8A27FD277A2E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{52067099-F980-4A6B-8D51-B817179B90E5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{52E85339-B1A6-4E15-A4A1-3C4BC7517710}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{53627FD6-D9A4-4C14-96CC-53EBD36DB50E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{544B0EA1-6D27-44D8-A90C-E5A9DC6B589F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5471C2F0-CE78-4E13-A907-501F9195F13C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{548C6CFC-9BC4-4B8E-B4D1-4E3392094805}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{548F507C-3D0A-4758-8817-E702D7BB4217}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{549CC068-F743-43A9-A7F0-5B546FB3B990}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{550D6315-685E-4623-BC84-7F5A2E254A18}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5537EC39-6CEC-4127-BC9F-BFF3DA635631}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{554E17CF-16B5-40CB-8F99-2E0DC5E19D2B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{55A86BDB-D1E5-4EAD-8952-2D0306CFA99B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{56006038-1999-4B18-9BBC-A15663E30B28}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{57F07457-E53B-4BB3-9532-0B3101F80EFC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{57FC7598-9A4F-4FF4-9ED4-EEF443B5BA1C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{584EB310-3E29-4284-B8F8-57292E51D291}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{58B7A388-31ED-43ED-9B00-2B8F3F2C1207}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{58F62301-2D4C-4B79-BDF1-AFA3B429DDE1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{58F7800A-1CFE-40A4-906F-4C88FF54A888}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5A709700-79C5-4839-9FBC-0E040EED5946}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5A8F4214-E127-4848-A659-9CB3AB15DFCB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5AA88C35-E31A-4827-BF72-023E45EE1C71}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5CC9FD7F-8BA8-440A-BBD9-FFFEF331CF68}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5D95AA65-C15B-422A-8714-3AB018B32F62}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5E0C837E-1DCF-4A5F-855B-5E12915400FA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5E4341EB-0105-43E9-AE8A-B157CFCB47CA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5E4673CC-9EB3-4EE5-8F96-0DE263D09E44}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5EADC015-1112-4417-A721-37F0229502C7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5EB8ED63-8766-45A1-B6E6-0DBC513575E5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5ED10AA0-818A-4433-86E8-DD694DCE8C3D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5F1D3A96-40ED-47B6-9D9F-1AA4EC9FC711}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5F260569-78AF-409D-BFF9-8C982ACB229D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5F95EDF5-CF9F-4E35-BB2A-2D71418218C3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5F9B87A0-F78A-4D22-BB56-38B95556F273}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{60AB6166-C297-4C1F-ACCB-88E9E071553C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{60C3482F-B0DC-4248-B6F4-1D8899890D96}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{60E4C3C2-3300-4EEC-BFAD-369AA76430F9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{630DBE24-2E64-4783-9552-0E855F08B414}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{63BA44F7-D332-498C-8356-085306038BDC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{642AD3D6-5426-4A2A-9583-6D66394A5AD6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{643296A3-4093-4F4C-BB00-CCCAE870B75A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{64590858-458E-4738-A2BD-5CAF6D7DDAB7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{64642ABE-BD6A-4892-890A-F81824FD9AD0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6477B3AE-5962-4DF2-BA0C-F862B304A8CB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{65195A08-10B4-4AE5-953D-28F0CC3DBDFC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{651FBA8B-5E0D-4D83-B54D-5DEAD1A2F999}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{65AA32E9-FC37-4D42-B79C-1D4F9545B61A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{66924C42-09E6-4486-9063-32D893770C65}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{66E6C385-5F22-40A8-9F74-107D655D119A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6759887B-20A1-43C8-B555-F1602BDE5C40}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6778861C-C246-4AE6-977B-86F6A508B68B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6879E632-6D5C-4F91-8B9A-A39B04E9D965}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{68BE74A4-41B8-4993-BF1B-B178B5A94713}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{697072B0-D041-4A81-8091-89DCF9C01CF9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{69AA9254-DC3F-401E-AEE0-5F824D77E6DA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{69C4144E-D4A4-40D4-89F6-A7769CB6EE33}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{69D2B36C-6E11-43FA-8007-D52BB6E40EA8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{69E64A8F-A440-4B7A-93D3-83F8555F22FB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6A448EF8-2DF1-46E2-BE7A-C25C6DDD067C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6A506411-0C08-4A04-A67B-41521920D56A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6BBFA2FA-1759-4778-A863-9EF8993BD706}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6C0DB5EB-3B62-4063-98B5-B41FB5B78F6D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6C381BA9-00A5-47BC-A25E-14A36C716BA6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6DBDE7B4-47B2-4523-B8AD-2C23343A5BE1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6DC94B0A-A2B9-4C01-AC4F-75146FBAB39C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6E04649F-58CF-47CC-A4BF-A0E0365834C3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6EAA773F-3425-433C-81F6-671C2E506442}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6FD96E56-60A3-423A-9239-DA2D609401EB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6FE450C5-5089-402D-B0D4-3AFA8F1504E1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{700CDD28-98BB-4415-80BD-9351EE1B4D44}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{701D5A70-5292-43F6-A494-EE828EF8486A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{70596ED5-D2BB-4CB1-AAA7-7F59E25FD6BC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{707FBCB2-E444-4DA8-8D0C-CB3CE91E21FA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{708F4CE3-E77F-4750-970F-AEC1489438EA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{714A5A16-DDEE-4724-BC91-7480E1E31019}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7199AF4C-1665-42EA-BD8A-721E9CB3DCD3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{71E5A650-6EAC-400D-A49E-36D7BF3C42F5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7221C3DA-61F4-43B0-8AF3-2F39D8F88291}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7306B4EA-6C7C-4ED0-9927-870E9AF843C1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{73E015C4-ADA3-41A1-ACBF-FFAC2A88C82C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{75686543-F8AE-43F5-98FD-0DECB36587FE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{75993986-E92E-41E4-B6B2-34FF424A4CBA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{75ABCA71-D733-4C3A-B4D5-418897DCA219}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7678B14F-84A4-4C96-A382-8EFC4683DEAC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{76BCD14C-05AA-4682-AA83-BED7255D3B00}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{772701CD-DAFB-40DA-BC72-40DC3F7E9B5B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{78205872-E0F7-4B49-9473-4D02ED067F3A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{78AF8F74-594A-4269-B5E9-87B256D2F672}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{78E2112A-2E7F-4062-833B-F7397672B768}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{796B14E9-D894-477A-987F-E2D9C9C203C0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7A2E2F9F-260C-4F3E-8321-A22CBFEFCDDC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7B087F35-26B3-4BE4-A4D5-617311E0B56E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7BA36882-D6BA-43B5-AEE0-D074D5634409}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7BD259BA-4AB9-4725-9E2C-029D4F1984C5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7DB6AEF0-2D23-46E1-AE2D-F5D027D09A73}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7E3F08F6-5A85-4F48-9403-C5AF69C7F377}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7EBD8818-BDC5-4A6F-B30B-355B2C303EFF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7FB4E2FB-DF80-481D-B388-F15A993F6634}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{803DCCA9-190C-40EE-8EDA-C8F7D2110BBE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{80D54F88-8FCA-4F14-B0A8-1C3A08EFDD3C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{81BDE393-066C-4E71-9613-A7CB84C336FC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{82CE4998-7467-456B-A2C0-C5AA251E7D06}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{84BEA8B7-C5FD-437C-B6F8-38FA044F00B3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{855F5B32-812D-45BC-B7BD-AE527D83D614}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{86305068-9D90-49AD-B854-515EF20D6BA9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{86376F8E-EE31-417B-8C5C-097A95B0B593}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{86ABF887-3003-4DE9-9852-66B2D4297BD1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{87457956-5D36-4F6E-B138-BA45036905A6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{876408F0-3576-4B25-81BE-96E0FEA607C2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{87C0C3F5-9C30-49EC-9DCB-F8F8E04D88EE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{87F5867D-9C8E-4034-8E74-52FA7C775B94}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{886897E0-EB57-45AC-A6CC-55F676258279}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{887F8BAD-F651-471D-B3F4-176950932E06}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8ABB8422-9656-41AD-90E6-5DF1DB2931EF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8BDA8ACE-0DA0-4D6B-A5E7-54026973305D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8C02F9E5-5CF5-4385-8F6D-D6A4007800B4}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8C5D9CA8-F8FF-4251-958A-CBE486DFF6C7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8CAB406A-3B14-4643-864A-24060A6352BA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8CD83130-CD2E-464E-8FB9-759FEB845C6E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8D5B2965-12B7-470D-AE5A-224502FFECC8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8DDBC94C-6067-4871-8E3A-2812227862B2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8DECBF25-0904-416A-A6CA-D7A5E4CDFCDC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8E5012F1-89A3-4851-8CA6-58538320EB3F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8E9E217B-AF74-4415-BCDB-3167E7B4C0D6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8EE4FA96-6714-472F-B739-1555358724E0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{900E77F2-4D79-408E-834D-CA1CD28FEE32}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{90E78E72-61A8-4D8F-9A30-66C6D70E6FBB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{91242825-8607-43EE-B01C-F4E99D564E5E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{91608A2A-B1C3-4B29-8CB3-714EBB2487F0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{92335C41-4C10-46A8-972E-4516CECDA57F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{928E775B-D572-4A87-BF11-FA812F37E575}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{933A6FB7-2552-4AE3-B3A0-76154094CAC7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{94067461-8E2F-4DFF-A044-004D4A8A0418}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{95F1234E-8254-4A93-9483-D816F306497B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{968EB259-FA07-4F98-9399-C17CD9C33178}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{97BEF723-F7BB-4431-9740-9142577175B3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{98012536-CD57-420F-BCBB-5597A5BBA2AE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{99ADA8C7-6BB8-4D10-9DC1-C351A9E764D7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{99EB88B2-9D31-4418-9DFB-7860BDB10467}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9C00D449-69FF-4CE8-9E10-201CB9F83F31}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9C1C66E7-72BB-4D62-B4D7-2C2054FE4B86}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9CC2E3B7-2EFD-4CC9-9ECD-90AD4A24E1C2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9D685838-8CC8-484B-8DD7-AF7A26DB240D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9DA38DD6-C023-4BAA-806C-4D07437ABC9E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9ED1E5EE-C6FD-4F5F-8E94-20D821F3D0EC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A0ED4EAA-E1B7-40B8-A522-31800AE598BE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A22BBC07-704C-4ECE-B4F3-7E46608942B6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A2AABCE5-018F-4B23-A6FE-7AB8C9A7FD8E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A2BAD9C6-F81D-43E1-B04E-4E674CB6D040}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A2C7D13F-0AEA-4ACE-AD71-302CE8ECE98F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A30BBBE6-AF61-4BD6-9B89-A7FA1B38BCBD}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A458A68E-1292-40C3-B0F1-B2781AE1BDD1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A4B2B763-4C95-4B5C-BB63-107FC1866AE4}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A510183A-6E82-4477-AFA6-F569723E3AE9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A52EF68C-352A-42A4-AD04-CFC5DB1AC751}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A53E783B-9156-4F31-B06E-5C225539303C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A6449362-2DA8-4EFD-88B9-6B0F57EE63D0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A6833D4D-A2D5-4743-BFA0-AECB3EFC8333}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A6C60380-3C77-49B9-AE4D-61798A4B7707}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A80717BC-DA3D-466C-9BB1-BDD4DDFB40D8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A91B2F8C-0422-44C2-8286-116CE7692957}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A927D414-C185-4481-9E63-F300A6AC626C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A9847A19-B005-4B15-A22B-73DC14972232}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A9FADA27-97B4-4BC8-AB82-7B0B5A75FB29}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AA172438-1A5B-4C40-89A3-7886A3271795}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AA469849-23BA-4B1C-855F-3917EF9B3477}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AAA61D26-213C-4B69-8412-A641C1C01246}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AC8CD639-E0E7-4645-AC49-7104A9EC3883}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{ACD266AB-E72B-47A9-A45D-067BC9157EAD}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AD0146D5-5E0D-4E56-97EB-2F9248D89636}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AD585C6B-A7BD-495D-875E-FD7044D71033}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AD66C0D0-CD2F-4A07-8606-AA6B692345D8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{ADBB4E8D-A8FD-4646-B7CC-D25584690981}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AE19EDF9-5FDE-4051-8292-92166B3A4DD9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AF07BFE7-371F-4727-960D-29BD99A9CCA1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AF4A3F7F-B97F-4EEA-9BAC-40D4DDC19355}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B051E517-D9C0-4B92-B4A1-C34F7FD5F8BE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B0906D67-D214-4073-87F9-C86C0C13FCC8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B0D135EB-2F24-4768-A8BC-4A5425C6F9A7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B0FEB515-F2D8-4386-BE34-9C69DC273F85}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B1153719-7A98-4BB6-8821-57FDB40AA2A5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B323F898-443D-4DF9-A5FD-4DA4F6012618}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B3310BE0-5CBD-41FF-928F-9694643048E5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B3A08AA4-9EE7-418F-8871-EE11411BEF1F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B3FF8F35-43C4-43DB-AE1C-7A73C4989990}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B4176DBA-511F-46A7-B650-A94542415C12}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B428753E-B1E7-46A1-BAF0-F9B62D503ABC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B4634516-168A-4780-8774-490DECE35955}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B4AE109A-65E6-4D90-B8D7-DC4493E0DDBC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B4C8674F-8EF7-4EFB-8C18-D32CAA73CF97}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B600CDF9-BB11-4308-B959-A569499F725F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B64495BF-59BB-486A-83EA-EB0EE9A66A1F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B694654D-B10D-409C-B87D-CE8A5CA71F2B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B6C1BDB4-7465-4110-A120-CD91C58F2045}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B6EF0C3C-825D-46E1-8E07-F5E6B5F09A64}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B8007BE3-8780-4CB1-A2EC-2ED8C3796431}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B8CB3E99-40A1-441A-B227-F3F9C3382673}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B8F5612E-7128-4D70-8A6C-371369E2DD88}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B948F352-1784-409E-8823-23057C9FF29D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B9908B43-4879-40A5-AEB3-53338CC0B557}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B9AD155D-4AB1-47C3-9CF8-3AA3E64BF8D7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B9B1335F-66EE-4416-920F-D76EE2600AB2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BA5C83AC-39D4-4FB7-AA33-AD8726F6EF26}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BB08C77F-84C2-46B5-A000-170F1952C665}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BB31430D-3476-413B-81E5-A269FD5B084B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BB80BDCD-E916-4A97-B10E-2BA74F4D96AB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BC9250A8-07EE-4DAE-BFD0-6ED9282C66F0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BCD42264-4A0B-46E4-B980-D5CC50AC04EE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BD139916-C2EA-4FAE-BBCC-CA2736B05746}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BD368594-1528-414A-953D-CA21C4216C68}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BFA98A65-02E7-456E-BBB3-576C4B662F4F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C04B4E7D-2330-48FC-8033-B610EB05C3A1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C0979C6B-F71B-4C85-9E42-4B96C80C67F3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C0D171EE-1EF4-4412-B2B1-13B628558CCC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C219238E-B5AC-43BD-9778-6E9FC5C7250D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C450C980-FE3A-446C-A0A2-4991FE5A3129}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C51194D2-C41D-4EDE-83B5-EBC4D6547B8A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C60982C3-A9DD-4D5D-B43E-9AE7C44FD504}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C6B50ABC-BE27-4B53-ABBB-65030F34BEC5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C7C9B579-9B05-49EB-A994-2813D2EA5187}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C84DDA09-F2FA-4ABC-838A-531BFF7FC382}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C9BB089B-2063-4B0F-80FB-9F714443B6F5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CA81B288-465B-4A92-8F44-63BF8F01675D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CB113A8D-1E50-4703-A616-F1CA2960A61A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CB57D2FD-FAFC-48BF-9F16-00A4F960AA10}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CB9DC41C-E0B9-4724-A542-F9B6F9F63A7C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CBED343C-E1C5-45B9-9099-ED06EEC95762}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CDB03026-302A-446F-B2D4-CCDDEE0F3049}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CE247CEE-E1AA-4FF1-98DD-47D611D6FBB7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CE29FDD2-3DCC-423B-ACAA-0A5FDF5A6D3A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CEDF97DD-394D-4772-BEDF-24E374D917AF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CFF77296-CCA6-4984-9DA1-81D562D4665C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D0819EA7-1BDF-4750-B18D-EF7BC3533391}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D0C0033F-1DB0-4986-B77B-5A1184E874DF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D0FB9896-DF36-4FFF-938F-A8E6214054B2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D19039F3-9C10-48CB-94D9-214DA0B65DA9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D270E580-D09C-4780-BDF9-175CE065C1C6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D2CD8FC1-11C9-41D1-8D0B-1487B1ED71D9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D2D04C5E-6D96-4CD4-BC5D-3D8AC7B68768}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D31DB4A2-B8EC-42BB-A28C-8A0D5516BB33}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D346BE73-5D7D-439B-A4D1-31E330D9448B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D39B790C-50E5-4B8E-937B-FD4A8B2BA49C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D3F13167-66D9-4892-A9D9-CA2128E37C9D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D45C2458-2641-420F-9880-D7BE5ADF6E63}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D4FEFE29-3FE9-4EFA-BED4-78A2DAC8FBB9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D614989C-2D0F-41C2-BB7F-0F81810FF2E8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D62999BB-D1D9-4531-B322-8AEF96C3DE9C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D662D013-D067-48A4-96D0-13534507836B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D730C0F9-88DB-47B9-88F6-A9C4F1B9E1C0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D84C2E9C-F4E1-465B-8B13-07DA7E14E272}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D864FF7F-7749-4DAF-AF8B-D77C91D72660}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D8A4DE85-11CC-4F10-94A1-F938A353A52D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D966AD1F-0E9D-455F-849E-4C43C88A3091}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D981A5BB-F0A2-49A3-8E4F-1CF30A48A016}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D9D34836-121C-4692-94D7-6E8E78C19206}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DA423377-92D0-474E-8442-8B3577991F30}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DB28C72F-A2D5-4BF9-864E-3DF8D319C478}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DBB2EC81-78A9-48E8-ACF3-CF4F959C7A9F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DC1E8F3E-24B2-47F2-B0C2-DF990A5C4DD2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DD8510E7-F290-4668-BDDC-B8990FD8FC17}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DD8BEFB0-2331-40F3-89EA-F756832846EB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DDF8B4F0-F843-4F1A-8524-AAF7C54B4B9E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DE9C6BA9-32E5-4E92-826B-7E32552C2C44}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DEDC5619-61D4-458F-8B6E-6363B0412E54}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DF1F0135-CD96-4822-AA63-162013B63B45}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DF2DFA5E-E8F9-438C-B160-A68DEB91FA28}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DF472194-6ECF-4715-B45E-75D16F6FF969}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E0212CC2-608D-415D-8DA6-E62F8D5B79FA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E03BE6E5-3DF6-427F-8306-B176A6AA1D3C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E0E1305A-0CD9-487E-8699-BA85BE26DD30}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E19B2E48-C1BD-4D06-8D48-8CC1297DE549}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E2330FE4-D8A8-448A-A61F-292AA8C4CE17}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E24DF0C0-7450-452C-B678-A237E5776674}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E2CC931E-63B6-4677-A521-545F0175FA73}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E4594FA6-E15A-4BE3-8C3E-C19293ECC10F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E45BFE52-6995-449A-B975-403D4D77001E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E4CB71A0-D809-42E4-9FC6-9B95962DB9E9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E54578C5-BB34-405F-855D-F142C661C07A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E62E88C1-F828-4501-9E92-674E82416953}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E65F03F7-1511-4C32-B33C-C2AEB40BB665}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E716E3F6-8545-439A-A0B5-8D56EED98D72}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E7B87A25-26CC-48D3-9BC6-62D0E4764E9C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E7E871F8-7E1F-4BAD-9AD8-C266B30ACBF9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E82A6831-8189-4E1E-A894-30417280E544}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E83FA69F-C2C6-4AD5-BF31-0EEB6E811F69}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EA0423EE-9C60-488E-B73F-DB92A7E2A7D4}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EB1015EB-E875-41CB-8E82-08080FA7CF76}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EC6E7F5A-32B3-4C80-86A2-BD8DE95E343D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EDB17C14-847C-4B60-A0DE-9346A641667E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EE82E96D-5368-4383-81F0-764705151B8B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EEAA41C7-6052-4EC4-8C82-ED57419A27BA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EEF4F4CD-1D2C-41F0-B3E2-2837EDF44216}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EF29BB5E-3881-4849-B7A9-54CB73EB579D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EF7E363E-5688-4F3D-A0F9-D2D4835F3982}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F05BA58A-E703-48BB-8EC7-9D2AD7A774FD}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F07470F3-6B91-4EEC-8F47-22926DE01C31}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F09A9708-E7DE-4A72-8327-95E5E07C6AC5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F0A9FA60-2B46-4BA5-9614-75706CD8A1F0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F1C68BBE-22B0-4003-A833-37F5F491B83C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F2CFAC69-E064-40A8-8E74-4C11567F9A02}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F3DB8C0E-BFC6-4873-9A9E-F95E1B56D764}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F46435E1-6150-497D-9309-5E8BEB9FF0D1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F49A927B-9D42-485B-8448-ED1828C1E336}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F514FBA6-F197-4FCF-88AF-C54EE4184345}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F59DF014-CC46-4C34-8967-921A0FA4A4E8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F681D0E3-B461-4548-8B41-1EE9FC9FF74C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F68CDF96-57F5-4DC5-8554-40B748F2C125}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F7859A68-C81A-47A4-936C-1FC14FC1BD11}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F7D5F993-D49F-42C9-B82E-C92B91205759}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F8451E26-81C3-4BCC-8F88-4CF6034DEC37}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F85C440D-1E9F-47ED-A4AC-E3D4AF350733}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F9B88E3B-84A7-46FD-A738-17E47E61EC47}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FA78EF7A-A5A3-4293-BB44-690506B644B0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FAA5143F-426C-48D8-B47D-29E8FF825748}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FB63EC81-3493-4E5E-8460-289741E25E02}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FBC726CA-2C2E-4963-8375-048BAB42B7EB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FCCAEC81-3BDF-448A-B271-6711D00871E0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FD190F60-4245-48FA-9885-FBAFDCB5CF46}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FDBF4747-65EC-4433-A405-D59AF7BE074E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FE8DD56F-9B59-46DF-8B23-9653DC4B3DB7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FF0268AE-D3BE-4942-BC6E-BA3020B3D259}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FF6D8C15-0382-4721-A35F-C0947A731CF6}

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Judy Forester\appdata\local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/11/2014 at 23:34:36.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
========== JRT log END ===============


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
All processes killed
========== OTL ==========
ADS C:\Users\Judy Forester\Documents\yada yada yada.eml:OECustomProperty deleted successfully.
ADS C:\Users\Judy Forester\Documents\paula.eml:OECustomProperty deleted successfully.
ADS C:\Users\Judy Forester\Documents\My son's product--DNA sequencer!.eml:OECustomProperty deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Doug Forester
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Judy Forester
->Temp folder emptied: 2845556 bytes
->Temporary Internet Files folder emptied: 14296840 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 492 bytes

User: LocalService

User: Nancy
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: NetworkService

User: Owner
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1391580 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 18.00 mb

[EMPTYJAVA]

User: Administrator

User: All Users

User: Default

User: Default User

User: Doug Forester
->Java cache emptied: 0 bytes

User: Judy Forester
->Java cache emptied: 0 bytes

User: LocalService

User: Nancy

User: NetworkService

User: Owner

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb

[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Doug Forester
->Flash cache emptied: 0 bytes

User: Judy Forester
->Flash cache emptied: 0 bytes

User: LocalService

User: Nancy
->Flash cache emptied: 0 bytes

User: NetworkService

User: Owner

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 02112014_230459

Files\Folders moved on Reboot...
File move failed. C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoEJCD.exe scheduled to be moved on reboot.
File move failed. C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\AutoInstallEJCDSvc.exe scheduled to be moved on reboot.
File move failed. C:\Users\Judy Forester\AppData\Local\Temp\RarSFX0\MSVCP60.DLL scheduled to be moved on reboot.
C:\Users\Judy Forester\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Judy Forester\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Reviews:
·Comcast
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Professional x64
Ran by Judy Forester on Tue 02/11/2014 at 23:24:11.31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3518411881-486804064-2977211178-1004\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\robotaskbaricon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120921_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120921_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\robotaskbaricon_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120921_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120921_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASMANCS

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{011452A4-0427-4FBC-85F1-89980589CDDD}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0129CCAC-7C8C-42B6-8487-687A3761DA5F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{01836AAF-1459-4475-9033-7308DBFD9914}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{022FF730-7ADC-47AF-89EC-F7CB50AB7B00}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{053DB2CF-2C1D-4034-A6EC-316606BCB7D5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{05929588-DDEA-4C25-A9ED-FECEE8471A88}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{05EDDA97-CA8C-442D-B645-4FA4286F4A1F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{06628D6A-713D-446C-AB3A-DC3B4CE9757D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0676F5A7-4F70-4F45-99EC-513DF5A63568}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{068C9AC3-A6CB-44E5-9FDB-EDCC1A374AC6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{078ED7B2-BC8A-4A4E-BDA1-2770D3430302}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{081E95A3-316D-4F1B-92B9-485D7CE5FE4B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{082EF5AD-B702-41A4-9E48-7563E6521417}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0849D4F3-E1D2-4DF8-BF5B-088705FDDFB7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0861E470-D86E-4FC1-8D9D-9788B332D3A2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{08FF52D4-A619-44B5-BBBA-B43F0D3D7C54}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{093F04DD-9010-4243-8970-298E079C999B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{09A7D884-03C7-417F-84F1-DF0800BD40BA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0A46900E-1D26-4E9E-B3B2-0371D8651859}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0ADF4983-7889-4BA2-BAD8-0DF4962D88F5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0B09DE52-BF32-4082-AF45-61E80E6AFEE8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0B19309F-EC9C-4702-9DE9-A42EB70D52E8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0B7AC63C-BC54-4724-B756-77CE303512B8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0BBA323C-0166-441C-B0F2-DE7CAFB81968}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0BBA8823-B368-4149-94D7-BA98FC550319}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0BD3B196-7C32-4177-BBCC-5B451F4205F2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0C47A90F-A72C-4A86-8DE7-FD37971121C3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0D529CCE-1CBD-430A-8408-8009C5C2531B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0FB44227-6A09-45CB-90C0-2DE2BD62EE82}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{0FEC5A5A-8F5C-4319-9E1F-A29DBB9A05FB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{10109DF1-0E52-49BA-84B8-92C5361A8CCD}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{127133A3-16ED-400F-9B72-F516B00609CF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{130C20CD-9292-4D45-B1D4-2304BD88C3E6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{13386CC5-BF4C-4D50-8139-BB250B29DA78}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{13F8EB80-FB9D-4915-A1E5-A38C28DB7039}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1551E77D-7986-4F0D-98AF-8AB8B2F1C7A2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1603F30C-0BF4-40E6-ABF3-14DE8842392E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{165982B6-5896-462C-BED2-FE900EAAC386}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{168246CF-E0AB-4EAD-925A-3A090C69570D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{16BDC84C-F30D-4FA7-9219-DA4693C6A2EF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1796687F-71F5-4298-9F45-62BE89CC46D5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{18B5463F-35B0-4C5A-A0C2-88CE9D91FCE4}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{18C87591-2A9E-4882-B5E7-41BA34A59513}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{18F4C9BF-E4C7-410D-8F75-8860A3BBDC0E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1912B05F-1931-42F9-8B94-310742F811E3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{198A659B-EFAF-4F89-BC74-291D25799D5B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{19AA29DB-7F54-46D4-9748-3DEBC6D6B390}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1AE80194-E528-4FBE-A984-A1FD94B1658C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1C6DB810-9AEF-4623-B888-0AF1A1FF5C4D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1D8EECC4-92A0-4A84-B590-4163B56A48A8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1DD25930-C6E2-4F92-8CE7-E3C7F97F78C7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1EAE4ECD-9A2F-4C95-B440-A1F1D6C0A3F8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1F81D407-09B0-4D92-87AF-FA5613F3691F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{1FA0222E-C993-4E33-A5A4-C75E622F286A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{223B5773-23A3-44C9-B8EB-2A54105C8450}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2257EF2A-1486-47BB-B837-24F5AD28E760}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{22E04317-48C6-4EE6-9E5A-DA85123BB67E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{238C344C-8610-4F56-882E-A278B661EB9C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{239C7E36-D441-4490-91CD-0788A97DABE1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{23AB617E-D648-4C8B-A21E-1E6E29AF5707}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{23D30E31-7FAE-4FEA-A93F-39ACBE3C1892}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{24C44C43-F84C-4F09-BC6E-293F0F22CC4F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{256C8CEE-E030-4868-84BB-5F3286CABE11}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2570C829-933C-4663-B5D7-4F59421CDAF1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{26303A3F-C407-4F29-9FE2-D5F590D7D531}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{27F33FBA-46FF-4CA6-A196-2A8245ACA6CC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{294718CF-68C3-40BC-8A72-2C1B6E987D3E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2ADA2872-7DEC-4555-A107-B9C3E3194CD6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2ADF50F5-C8CE-4A92-9CEF-31C5B372ADA3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2B827724-45DF-4121-A273-FCEE4CB19B70}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2BE0665F-18C6-4733-9394-5B840DAA1574}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2C16C706-A223-4C38-814F-755EE32B0CD0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2C7B5841-2863-4F46-99A7-3C7628FB4EA2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2CC940FB-AFAD-4CDE-9301-4349D1A65304}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2D209191-3207-467B-913F-78CFA819EF6B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2E3FFC80-D4CF-45FB-B358-7B097167E8A5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2F400716-D959-42D6-9BD1-3729BBAE9CE2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2F96AAA6-5D2B-4E3B-A9DA-2FE60131863E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{2FB1DBA4-6E78-4343-B5A3-E4355C7DF490}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{303A098A-60D3-4024-99C4-3A61873CE638}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{312EFF2D-0186-4120-B0B4-D46708F7465E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3174D54F-BB6E-4C08-B49B-35CA7CD93D3F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{319565B0-B2BC-4C64-9B14-C5BEEE63FCB0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{31996B04-FDB0-493E-966B-E738D56120B7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{31A48597-C51F-421F-B527-B23717B7E71B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3251222E-873A-4293-8066-3B06451E3E24}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{32DB2C2B-854D-4D46-9D06-39E09A758E89}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{330DD21C-6F3C-4324-957E-9FA13341E12C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{331C4CB3-265C-41FB-94CD-BE893D4C20C9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{33A08B80-62CD-4FA7-824D-89AFBCDBFD93}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{33E0384C-1BA1-49B9-9CF6-2B3A13592E4D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3480227D-2B07-43D4-996D-DEDBAA136760}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{34B7FFBE-CA06-4A89-A33F-B4080F51F79A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3543512B-02DA-44AB-89F4-AFF3C1CB8CE2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3659924E-E2E3-4C5C-8960-DC9022B0FABF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3674AC5D-38DA-4BFE-88CE-6BD8550DCFB7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3675780F-C661-4CE6-BD70-21C9201F672C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{36B47468-CD14-41A5-9D36-B72D3020945B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3788A7B6-47C7-4A2A-9C42-2F25F40E8205}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3802AB4B-A7AE-4AE9-BEFB-655B34556DCA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{387AF965-12A9-42C9-A007-46B8D6ECCF13}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{389CCEB9-18EC-41E0-ACE5-ECC7C2A29E44}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{391D86FB-120F-49A0-83CD-2A42FF5BC50B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{39CC326B-2B97-4524-927B-5ABE0F99EDBB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3A0AC5CB-1AA8-49F1-A5A1-7A01E0D8E59B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3A487F4E-BA81-45E1-8DDA-D5AA220710F3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3A4DEEF6-6249-4F74-B251-6799E240DF71}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3C0CB16B-10F0-4E1E-B2B2-4F2D838491C2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3C3E2C7D-3B1D-4C99-BFA7-E43611920A2A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3F338C82-957E-447C-AC6C-27BD47C4058F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3F4CD2E9-F5B6-4C54-8A5E-B87491E42F2C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3F8EDA98-4C37-4F9C-84AB-365DDAA121E9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{3FE62706-0992-462B-8994-1E297764E946}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{41058B89-A71A-4334-8F6D-993DA5301F03}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{41FDC5D5-DD05-4165-B394-6FB41DD1A1D1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{421FDBA6-7FA7-4687-B7BB-2FF239E42168}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{42791505-2B6A-4A38-A814-02B0B35A0F5E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{42BB60F2-49D4-423A-A51E-371A7C59D0D2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{43DCE02D-75F9-4B52-B545-44F2903FA314}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{443CEE5C-D087-496A-9C05-A1EF83BE4C4F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{459A85DB-EACA-4687-B126-70F94F65024C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{45B63F96-1A52-4EDD-99F4-34C51EE418BE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{45BD7584-6672-4B37-A59E-EFDCC6B49D41}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{46241604-760B-4F0A-B708-8322AF4A97A2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4628AC83-EDD5-4010-8125-42F730C2C7D6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{466EF17B-B5F5-409B-8D0B-C2F9388E6205}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4795190C-78C0-4332-87D2-20C32D15CBA2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{47999AA4-8B87-4BAF-8AE4-09AC6130057E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{47CBC79C-E3D0-471A-A333-B1540E78C6CB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{48811CC0-F017-44CF-BC8F-278D6F272989}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{48B9E188-3506-4899-9797-CFE7BF03E73B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{48D016F7-E2D7-4CBA-B954-29A5007CD449}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{491C8C2A-4760-4827-90A4-850E0C1CE910}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4947DFA3-DFF2-4103-A4C9-24ABD6B4BF3B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{49BE5FAF-CF02-430F-8D3D-F7E8A2B404EC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{49DDE86C-E77C-4E64-963F-E8176AB61344}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4A46F691-E5FB-486B-938F-48F52301CC3B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4A7BD325-B9A7-4D6B-9621-7281B448445F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4B0AFCF7-129C-47CA-92E1-6EB8242E806A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4B1B456A-B7FC-42A9-B17A-447D607D543A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4B2ED78A-BC57-4B1B-9E6B-E48E381195B5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4B8F5922-118F-4D84-B772-3D0A96BC6E65}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4C3143F8-5390-46F3-B52F-EBAE5D194D01}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4CA5F998-4E54-4AAD-A8A1-5F953B3F7C02}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4E3D8427-3D39-4EE4-AFAB-B766EB28784F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4E48D055-94C5-481C-927F-E15C73701F43}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4F6A50EB-A980-47D8-894C-1CAA269A2BC2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4FC5D9C7-F696-4489-A62B-3E48C20228F1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{4FD9F1B2-D654-475E-860B-EDC81732DCF9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{503C3F5D-8E39-4199-8F10-629D0594A325}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5130C41D-4C26-4F54-AD0F-ED5EF37FCD5A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5134188B-E9E1-47EA-AFDE-9381F4BDFB1B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5169001F-B475-43CD-9A66-6AD07ECA35EF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{51C6C10A-0491-4538-B6E4-7B510E819961}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{51CAD9C9-A76C-46D0-91AF-8A27FD277A2E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{52067099-F980-4A6B-8D51-B817179B90E5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{52E85339-B1A6-4E15-A4A1-3C4BC7517710}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{53627FD6-D9A4-4C14-96CC-53EBD36DB50E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{544B0EA1-6D27-44D8-A90C-E5A9DC6B589F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5471C2F0-CE78-4E13-A907-501F9195F13C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{548C6CFC-9BC4-4B8E-B4D1-4E3392094805}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{548F507C-3D0A-4758-8817-E702D7BB4217}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{549CC068-F743-43A9-A7F0-5B546FB3B990}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{550D6315-685E-4623-BC84-7F5A2E254A18}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5537EC39-6CEC-4127-BC9F-BFF3DA635631}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{554E17CF-16B5-40CB-8F99-2E0DC5E19D2B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{55A86BDB-D1E5-4EAD-8952-2D0306CFA99B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{56006038-1999-4B18-9BBC-A15663E30B28}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{57F07457-E53B-4BB3-9532-0B3101F80EFC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{57FC7598-9A4F-4FF4-9ED4-EEF443B5BA1C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{584EB310-3E29-4284-B8F8-57292E51D291}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{58B7A388-31ED-43ED-9B00-2B8F3F2C1207}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{58F62301-2D4C-4B79-BDF1-AFA3B429DDE1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{58F7800A-1CFE-40A4-906F-4C88FF54A888}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5A709700-79C5-4839-9FBC-0E040EED5946}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5A8F4214-E127-4848-A659-9CB3AB15DFCB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5AA88C35-E31A-4827-BF72-023E45EE1C71}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5CC9FD7F-8BA8-440A-BBD9-FFFEF331CF68}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5D95AA65-C15B-422A-8714-3AB018B32F62}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5E0C837E-1DCF-4A5F-855B-5E12915400FA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5E4341EB-0105-43E9-AE8A-B157CFCB47CA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5E4673CC-9EB3-4EE5-8F96-0DE263D09E44}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5EADC015-1112-4417-A721-37F0229502C7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5EB8ED63-8766-45A1-B6E6-0DBC513575E5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5ED10AA0-818A-4433-86E8-DD694DCE8C3D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5F1D3A96-40ED-47B6-9D9F-1AA4EC9FC711}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5F260569-78AF-409D-BFF9-8C982ACB229D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5F95EDF5-CF9F-4E35-BB2A-2D71418218C3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{5F9B87A0-F78A-4D22-BB56-38B95556F273}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{60AB6166-C297-4C1F-ACCB-88E9E071553C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{60C3482F-B0DC-4248-B6F4-1D8899890D96}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{60E4C3C2-3300-4EEC-BFAD-369AA76430F9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{630DBE24-2E64-4783-9552-0E855F08B414}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{63BA44F7-D332-498C-8356-085306038BDC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{642AD3D6-5426-4A2A-9583-6D66394A5AD6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{643296A3-4093-4F4C-BB00-CCCAE870B75A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{64590858-458E-4738-A2BD-5CAF6D7DDAB7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{64642ABE-BD6A-4892-890A-F81824FD9AD0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6477B3AE-5962-4DF2-BA0C-F862B304A8CB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{65195A08-10B4-4AE5-953D-28F0CC3DBDFC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{651FBA8B-5E0D-4D83-B54D-5DEAD1A2F999}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{65AA32E9-FC37-4D42-B79C-1D4F9545B61A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{66924C42-09E6-4486-9063-32D893770C65}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{66E6C385-5F22-40A8-9F74-107D655D119A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6759887B-20A1-43C8-B555-F1602BDE5C40}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6778861C-C246-4AE6-977B-86F6A508B68B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6879E632-6D5C-4F91-8B9A-A39B04E9D965}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{68BE74A4-41B8-4993-BF1B-B178B5A94713}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{697072B0-D041-4A81-8091-89DCF9C01CF9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{69AA9254-DC3F-401E-AEE0-5F824D77E6DA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{69C4144E-D4A4-40D4-89F6-A7769CB6EE33}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{69D2B36C-6E11-43FA-8007-D52BB6E40EA8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{69E64A8F-A440-4B7A-93D3-83F8555F22FB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6A448EF8-2DF1-46E2-BE7A-C25C6DDD067C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6A506411-0C08-4A04-A67B-41521920D56A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6BBFA2FA-1759-4778-A863-9EF8993BD706}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6C0DB5EB-3B62-4063-98B5-B41FB5B78F6D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6C381BA9-00A5-47BC-A25E-14A36C716BA6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6DBDE7B4-47B2-4523-B8AD-2C23343A5BE1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6DC94B0A-A2B9-4C01-AC4F-75146FBAB39C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6E04649F-58CF-47CC-A4BF-A0E0365834C3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6EAA773F-3425-433C-81F6-671C2E506442}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6FD96E56-60A3-423A-9239-DA2D609401EB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{6FE450C5-5089-402D-B0D4-3AFA8F1504E1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{700CDD28-98BB-4415-80BD-9351EE1B4D44}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{701D5A70-5292-43F6-A494-EE828EF8486A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{70596ED5-D2BB-4CB1-AAA7-7F59E25FD6BC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{707FBCB2-E444-4DA8-8D0C-CB3CE91E21FA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{708F4CE3-E77F-4750-970F-AEC1489438EA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{714A5A16-DDEE-4724-BC91-7480E1E31019}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7199AF4C-1665-42EA-BD8A-721E9CB3DCD3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{71E5A650-6EAC-400D-A49E-36D7BF3C42F5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7221C3DA-61F4-43B0-8AF3-2F39D8F88291}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7306B4EA-6C7C-4ED0-9927-870E9AF843C1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{73E015C4-ADA3-41A1-ACBF-FFAC2A88C82C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{75686543-F8AE-43F5-98FD-0DECB36587FE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{75993986-E92E-41E4-B6B2-34FF424A4CBA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{75ABCA71-D733-4C3A-B4D5-418897DCA219}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7678B14F-84A4-4C96-A382-8EFC4683DEAC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{76BCD14C-05AA-4682-AA83-BED7255D3B00}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{772701CD-DAFB-40DA-BC72-40DC3F7E9B5B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{78205872-E0F7-4B49-9473-4D02ED067F3A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{78AF8F74-594A-4269-B5E9-87B256D2F672}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{78E2112A-2E7F-4062-833B-F7397672B768}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{796B14E9-D894-477A-987F-E2D9C9C203C0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7A2E2F9F-260C-4F3E-8321-A22CBFEFCDDC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7B087F35-26B3-4BE4-A4D5-617311E0B56E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7BA36882-D6BA-43B5-AEE0-D074D5634409}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7BD259BA-4AB9-4725-9E2C-029D4F1984C5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7DB6AEF0-2D23-46E1-AE2D-F5D027D09A73}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7E3F08F6-5A85-4F48-9403-C5AF69C7F377}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7EBD8818-BDC5-4A6F-B30B-355B2C303EFF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{7FB4E2FB-DF80-481D-B388-F15A993F6634}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{803DCCA9-190C-40EE-8EDA-C8F7D2110BBE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{80D54F88-8FCA-4F14-B0A8-1C3A08EFDD3C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{81BDE393-066C-4E71-9613-A7CB84C336FC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{82CE4998-7467-456B-A2C0-C5AA251E7D06}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{84BEA8B7-C5FD-437C-B6F8-38FA044F00B3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{855F5B32-812D-45BC-B7BD-AE527D83D614}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{86305068-9D90-49AD-B854-515EF20D6BA9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{86376F8E-EE31-417B-8C5C-097A95B0B593}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{86ABF887-3003-4DE9-9852-66B2D4297BD1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{87457956-5D36-4F6E-B138-BA45036905A6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{876408F0-3576-4B25-81BE-96E0FEA607C2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{87C0C3F5-9C30-49EC-9DCB-F8F8E04D88EE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{87F5867D-9C8E-4034-8E74-52FA7C775B94}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{886897E0-EB57-45AC-A6CC-55F676258279}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{887F8BAD-F651-471D-B3F4-176950932E06}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8ABB8422-9656-41AD-90E6-5DF1DB2931EF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8BDA8ACE-0DA0-4D6B-A5E7-54026973305D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8C02F9E5-5CF5-4385-8F6D-D6A4007800B4}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8C5D9CA8-F8FF-4251-958A-CBE486DFF6C7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8CAB406A-3B14-4643-864A-24060A6352BA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8CD83130-CD2E-464E-8FB9-759FEB845C6E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8D5B2965-12B7-470D-AE5A-224502FFECC8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8DDBC94C-6067-4871-8E3A-2812227862B2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8DECBF25-0904-416A-A6CA-D7A5E4CDFCDC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8E5012F1-89A3-4851-8CA6-58538320EB3F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8E9E217B-AF74-4415-BCDB-3167E7B4C0D6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{8EE4FA96-6714-472F-B739-1555358724E0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{900E77F2-4D79-408E-834D-CA1CD28FEE32}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{90E78E72-61A8-4D8F-9A30-66C6D70E6FBB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{91242825-8607-43EE-B01C-F4E99D564E5E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{91608A2A-B1C3-4B29-8CB3-714EBB2487F0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{92335C41-4C10-46A8-972E-4516CECDA57F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{928E775B-D572-4A87-BF11-FA812F37E575}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{933A6FB7-2552-4AE3-B3A0-76154094CAC7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{94067461-8E2F-4DFF-A044-004D4A8A0418}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{95F1234E-8254-4A93-9483-D816F306497B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{968EB259-FA07-4F98-9399-C17CD9C33178}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{97BEF723-F7BB-4431-9740-9142577175B3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{98012536-CD57-420F-BCBB-5597A5BBA2AE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{99ADA8C7-6BB8-4D10-9DC1-C351A9E764D7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{99EB88B2-9D31-4418-9DFB-7860BDB10467}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9C00D449-69FF-4CE8-9E10-201CB9F83F31}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9C1C66E7-72BB-4D62-B4D7-2C2054FE4B86}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9CC2E3B7-2EFD-4CC9-9ECD-90AD4A24E1C2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9D685838-8CC8-484B-8DD7-AF7A26DB240D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9DA38DD6-C023-4BAA-806C-4D07437ABC9E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{9ED1E5EE-C6FD-4F5F-8E94-20D821F3D0EC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A0ED4EAA-E1B7-40B8-A522-31800AE598BE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A22BBC07-704C-4ECE-B4F3-7E46608942B6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A2AABCE5-018F-4B23-A6FE-7AB8C9A7FD8E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A2BAD9C6-F81D-43E1-B04E-4E674CB6D040}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A2C7D13F-0AEA-4ACE-AD71-302CE8ECE98F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A30BBBE6-AF61-4BD6-9B89-A7FA1B38BCBD}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A458A68E-1292-40C3-B0F1-B2781AE1BDD1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A4B2B763-4C95-4B5C-BB63-107FC1866AE4}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A510183A-6E82-4477-AFA6-F569723E3AE9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A52EF68C-352A-42A4-AD04-CFC5DB1AC751}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A53E783B-9156-4F31-B06E-5C225539303C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A6449362-2DA8-4EFD-88B9-6B0F57EE63D0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A6833D4D-A2D5-4743-BFA0-AECB3EFC8333}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A6C60380-3C77-49B9-AE4D-61798A4B7707}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A80717BC-DA3D-466C-9BB1-BDD4DDFB40D8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A91B2F8C-0422-44C2-8286-116CE7692957}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A927D414-C185-4481-9E63-F300A6AC626C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A9847A19-B005-4B15-A22B-73DC14972232}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{A9FADA27-97B4-4BC8-AB82-7B0B5A75FB29}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AA172438-1A5B-4C40-89A3-7886A3271795}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AA469849-23BA-4B1C-855F-3917EF9B3477}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AAA61D26-213C-4B69-8412-A641C1C01246}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AC8CD639-E0E7-4645-AC49-7104A9EC3883}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{ACD266AB-E72B-47A9-A45D-067BC9157EAD}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AD0146D5-5E0D-4E56-97EB-2F9248D89636}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AD585C6B-A7BD-495D-875E-FD7044D71033}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AD66C0D0-CD2F-4A07-8606-AA6B692345D8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{ADBB4E8D-A8FD-4646-B7CC-D25584690981}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AE19EDF9-5FDE-4051-8292-92166B3A4DD9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AF07BFE7-371F-4727-960D-29BD99A9CCA1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{AF4A3F7F-B97F-4EEA-9BAC-40D4DDC19355}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B051E517-D9C0-4B92-B4A1-C34F7FD5F8BE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B0906D67-D214-4073-87F9-C86C0C13FCC8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B0D135EB-2F24-4768-A8BC-4A5425C6F9A7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B0FEB515-F2D8-4386-BE34-9C69DC273F85}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B1153719-7A98-4BB6-8821-57FDB40AA2A5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B323F898-443D-4DF9-A5FD-4DA4F6012618}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B3310BE0-5CBD-41FF-928F-9694643048E5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B3A08AA4-9EE7-418F-8871-EE11411BEF1F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B3FF8F35-43C4-43DB-AE1C-7A73C4989990}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B4176DBA-511F-46A7-B650-A94542415C12}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B428753E-B1E7-46A1-BAF0-F9B62D503ABC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B4634516-168A-4780-8774-490DECE35955}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B4AE109A-65E6-4D90-B8D7-DC4493E0DDBC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B4C8674F-8EF7-4EFB-8C18-D32CAA73CF97}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B600CDF9-BB11-4308-B959-A569499F725F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B64495BF-59BB-486A-83EA-EB0EE9A66A1F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B694654D-B10D-409C-B87D-CE8A5CA71F2B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B6C1BDB4-7465-4110-A120-CD91C58F2045}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B6EF0C3C-825D-46E1-8E07-F5E6B5F09A64}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B8007BE3-8780-4CB1-A2EC-2ED8C3796431}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B8CB3E99-40A1-441A-B227-F3F9C3382673}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B8F5612E-7128-4D70-8A6C-371369E2DD88}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B948F352-1784-409E-8823-23057C9FF29D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B9908B43-4879-40A5-AEB3-53338CC0B557}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B9AD155D-4AB1-47C3-9CF8-3AA3E64BF8D7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{B9B1335F-66EE-4416-920F-D76EE2600AB2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BA5C83AC-39D4-4FB7-AA33-AD8726F6EF26}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BB08C77F-84C2-46B5-A000-170F1952C665}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BB31430D-3476-413B-81E5-A269FD5B084B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BB80BDCD-E916-4A97-B10E-2BA74F4D96AB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BC9250A8-07EE-4DAE-BFD0-6ED9282C66F0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BCD42264-4A0B-46E4-B980-D5CC50AC04EE}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BD139916-C2EA-4FAE-BBCC-CA2736B05746}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BD368594-1528-414A-953D-CA21C4216C68}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{BFA98A65-02E7-456E-BBB3-576C4B662F4F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C04B4E7D-2330-48FC-8033-B610EB05C3A1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C0979C6B-F71B-4C85-9E42-4B96C80C67F3}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C0D171EE-1EF4-4412-B2B1-13B628558CCC}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C219238E-B5AC-43BD-9778-6E9FC5C7250D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C450C980-FE3A-446C-A0A2-4991FE5A3129}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C51194D2-C41D-4EDE-83B5-EBC4D6547B8A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C60982C3-A9DD-4D5D-B43E-9AE7C44FD504}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C6B50ABC-BE27-4B53-ABBB-65030F34BEC5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C7C9B579-9B05-49EB-A994-2813D2EA5187}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C84DDA09-F2FA-4ABC-838A-531BFF7FC382}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{C9BB089B-2063-4B0F-80FB-9F714443B6F5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CA81B288-465B-4A92-8F44-63BF8F01675D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CB113A8D-1E50-4703-A616-F1CA2960A61A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CB57D2FD-FAFC-48BF-9F16-00A4F960AA10}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CB9DC41C-E0B9-4724-A542-F9B6F9F63A7C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CBED343C-E1C5-45B9-9099-ED06EEC95762}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CDB03026-302A-446F-B2D4-CCDDEE0F3049}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CE247CEE-E1AA-4FF1-98DD-47D611D6FBB7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CE29FDD2-3DCC-423B-ACAA-0A5FDF5A6D3A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CEDF97DD-394D-4772-BEDF-24E374D917AF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{CFF77296-CCA6-4984-9DA1-81D562D4665C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D0819EA7-1BDF-4750-B18D-EF7BC3533391}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D0C0033F-1DB0-4986-B77B-5A1184E874DF}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D0FB9896-DF36-4FFF-938F-A8E6214054B2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D19039F3-9C10-48CB-94D9-214DA0B65DA9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D270E580-D09C-4780-BDF9-175CE065C1C6}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D2CD8FC1-11C9-41D1-8D0B-1487B1ED71D9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D2D04C5E-6D96-4CD4-BC5D-3D8AC7B68768}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D31DB4A2-B8EC-42BB-A28C-8A0D5516BB33}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D346BE73-5D7D-439B-A4D1-31E330D9448B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D39B790C-50E5-4B8E-937B-FD4A8B2BA49C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D3F13167-66D9-4892-A9D9-CA2128E37C9D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D45C2458-2641-420F-9880-D7BE5ADF6E63}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D4FEFE29-3FE9-4EFA-BED4-78A2DAC8FBB9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D614989C-2D0F-41C2-BB7F-0F81810FF2E8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D62999BB-D1D9-4531-B322-8AEF96C3DE9C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D662D013-D067-48A4-96D0-13534507836B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D730C0F9-88DB-47B9-88F6-A9C4F1B9E1C0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D84C2E9C-F4E1-465B-8B13-07DA7E14E272}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D864FF7F-7749-4DAF-AF8B-D77C91D72660}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D8A4DE85-11CC-4F10-94A1-F938A353A52D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D966AD1F-0E9D-455F-849E-4C43C88A3091}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D981A5BB-F0A2-49A3-8E4F-1CF30A48A016}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{D9D34836-121C-4692-94D7-6E8E78C19206}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DA423377-92D0-474E-8442-8B3577991F30}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DB28C72F-A2D5-4BF9-864E-3DF8D319C478}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DBB2EC81-78A9-48E8-ACF3-CF4F959C7A9F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DC1E8F3E-24B2-47F2-B0C2-DF990A5C4DD2}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DD8510E7-F290-4668-BDDC-B8990FD8FC17}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DD8BEFB0-2331-40F3-89EA-F756832846EB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DDF8B4F0-F843-4F1A-8524-AAF7C54B4B9E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DE9C6BA9-32E5-4E92-826B-7E32552C2C44}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DEDC5619-61D4-458F-8B6E-6363B0412E54}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DF1F0135-CD96-4822-AA63-162013B63B45}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DF2DFA5E-E8F9-438C-B160-A68DEB91FA28}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{DF472194-6ECF-4715-B45E-75D16F6FF969}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E0212CC2-608D-415D-8DA6-E62F8D5B79FA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E03BE6E5-3DF6-427F-8306-B176A6AA1D3C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E0E1305A-0CD9-487E-8699-BA85BE26DD30}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E19B2E48-C1BD-4D06-8D48-8CC1297DE549}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E2330FE4-D8A8-448A-A61F-292AA8C4CE17}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E24DF0C0-7450-452C-B678-A237E5776674}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E2CC931E-63B6-4677-A521-545F0175FA73}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E4594FA6-E15A-4BE3-8C3E-C19293ECC10F}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E45BFE52-6995-449A-B975-403D4D77001E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E4CB71A0-D809-42E4-9FC6-9B95962DB9E9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E54578C5-BB34-405F-855D-F142C661C07A}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E62E88C1-F828-4501-9E92-674E82416953}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E65F03F7-1511-4C32-B33C-C2AEB40BB665}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E716E3F6-8545-439A-A0B5-8D56EED98D72}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E7B87A25-26CC-48D3-9BC6-62D0E4764E9C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E7E871F8-7E1F-4BAD-9AD8-C266B30ACBF9}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E82A6831-8189-4E1E-A894-30417280E544}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{E83FA69F-C2C6-4AD5-BF31-0EEB6E811F69}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EA0423EE-9C60-488E-B73F-DB92A7E2A7D4}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EB1015EB-E875-41CB-8E82-08080FA7CF76}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EC6E7F5A-32B3-4C80-86A2-BD8DE95E343D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EDB17C14-847C-4B60-A0DE-9346A641667E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EE82E96D-5368-4383-81F0-764705151B8B}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EEAA41C7-6052-4EC4-8C82-ED57419A27BA}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EEF4F4CD-1D2C-41F0-B3E2-2837EDF44216}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EF29BB5E-3881-4849-B7A9-54CB73EB579D}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{EF7E363E-5688-4F3D-A0F9-D2D4835F3982}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F05BA58A-E703-48BB-8EC7-9D2AD7A774FD}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F07470F3-6B91-4EEC-8F47-22926DE01C31}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F09A9708-E7DE-4A72-8327-95E5E07C6AC5}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F0A9FA60-2B46-4BA5-9614-75706CD8A1F0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F1C68BBE-22B0-4003-A833-37F5F491B83C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F2CFAC69-E064-40A8-8E74-4C11567F9A02}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F3DB8C0E-BFC6-4873-9A9E-F95E1B56D764}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F46435E1-6150-497D-9309-5E8BEB9FF0D1}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F49A927B-9D42-485B-8448-ED1828C1E336}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F514FBA6-F197-4FCF-88AF-C54EE4184345}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F59DF014-CC46-4C34-8967-921A0FA4A4E8}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F681D0E3-B461-4548-8B41-1EE9FC9FF74C}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F68CDF96-57F5-4DC5-8554-40B748F2C125}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F7859A68-C81A-47A4-936C-1FC14FC1BD11}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F7D5F993-D49F-42C9-B82E-C92B91205759}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F8451E26-81C3-4BCC-8F88-4CF6034DEC37}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F85C440D-1E9F-47ED-A4AC-E3D4AF350733}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{F9B88E3B-84A7-46FD-A738-17E47E61EC47}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FA78EF7A-A5A3-4293-BB44-690506B644B0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FAA5143F-426C-48D8-B47D-29E8FF825748}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FB63EC81-3493-4E5E-8460-289741E25E02}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FBC726CA-2C2E-4963-8375-048BAB42B7EB}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FCCAEC81-3BDF-448A-B271-6711D00871E0}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FD190F60-4245-48FA-9885-FBAFDCB5CF46}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FDBF4747-65EC-4433-A405-D59AF7BE074E}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FE8DD56F-9B59-46DF-8B23-9653DC4B3DB7}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FF0268AE-D3BE-4942-BC6E-BA3020B3D259}
Successfully deleted: [Empty Folder] C:\Users\Judy Forester\appdata\local\{FF6D8C15-0382-4721-A35F-C0947A731CF6}

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Judy Forester\appdata\local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/11/2014 at 23:34:36.33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--
~Safe Hex~ Team Discovery ~ Project Hope ~ Like A Hurricane~


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5

1 edit
reply to dougfccn
I don't see anything else, but we can check further.

Download and save to your Desktop RogueKillerX64.exe (by tigzy)

http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe

- Quit all programs- Please disconnect any USB or external drives from the computer before you run this scan!
- For Vista or Windows 7, right-click and select "Run as Administrator to start"
-Start RogueKiller.exe
- Wait until Prescan has finished
- Click on Scan
- Click on Report and copy/paste the content of the notepad in your next reply.

Please also follow the direction here to run the Sophos Virus Removal Tool and post the results:
»Security Cleanup FAQ »Rootkit Detection Applications
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010


dougfccn

@comcast.net
Here are the results for gmer:

GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-02-12 09:09:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 TOSHIBA_ rev.GJ00 596.17GB
Running: j1xnp0w2.exe; Driver: C:\Users\JUDYFO~1\AppData\Local\Temp\pwtyrpog.sys

---- Kernel code sections - GMER 2.1 ----

INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80003bf0000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80003bf002f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe[2012] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077211465 2 bytes [21, 77]
.text C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe[2012] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000772114bb 2 bytes [21, 77]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6760] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077211465 2 bytes [21, 77]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[6760] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000772114bb 2 bytes [21, 77]
.text ... * 2
.text C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[3896] C:\windows\system32\kernel32.dll!LoadLibraryW 0000000077846f80 5 bytes JMP 000000017001f140
.text C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[3896] C:\windows\system32\kernel32.dll!LoadLibraryA 0000000077847070 5 bytes JMP 000000017001f020

---- User IAT/EAT - GMER 2.1 ----

IAT C:\windows\system32\mfevtps.exe[2188] @ C:\windows\system32\CRYPT32.dll[KERNEL32.dll!LoadLibraryA] [13f30ba40] C:\windows\system32\mfevtps.exe
IAT C:\Program Files\Windows Server\Bin\SharedServiceHost.exe[3804] @ C:\Program Files\Windows Server\Bin\TaskScheduler.Interop.dll[mscoree.dll!_CorDllMain] [a530]

---- EOF - GMER 2.1 ----

Thanks.
Doug


dougfccn

@comcast.net
reply to TheJoker
Joker,
I cannot run RootRepeal because it doesn't run on 64-bit Windows.
Working on running Sophos...
Doug


dougfccn

@comcast.net
reply to TheJoker
Joker,
I ran Sophos and it detected no issues.
I ran TDSSKiller and it detected no issues.
So the only thing hanging out is the RogueKiller results. I think I need to run it again and tell it to clean up the things it found, but I will await your direction.
Best, Doug


lilhurricane
Crunchin' For Cures
Premium,Mod
join:2003-01-11
Purple Zone
kudos:57
Please attach the logs, Doug - of the apps that you did run - even if it's not found anything.
Thanks!


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5
reply to dougfccn
quote:
So the only thing hanging out is the RogueKiller results. I think I need to run it again and tell it to clean up the things it found, but I will await your direction.
I need to see the log from RogueKiller before I can tell you anything about it. It could be that there is nothing wrong with what it listed.

Please also post the other logs as lilhurricane mentioned
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010


dougfccn

@comcast.net
Question: should I uninstall the tools which you directed me to install and run (MBAM, Sophos, Online scanner). I have McAfee AV installed (but currently disabled). And I mostly have the hardware connection to my LAN disabled (except when running things like the online scan). I use my desktop computer to talk to you and download stuff, and a flash drive to get it to my laptop.
Thanks.
Doug


TheJoker
Premium,VIP,MVM
join:2001-04-26
Charlottesville, VA
kudos:5

1 recommendation

reply to dougfccn
I would not uninstall yet, we are not done. Still need to see those logs to see if anything else needs to be taken care of. Your antivirus should not be disabled. Did you do that, or did malware disable it? If you did, it should be immediately re-enabled. If malware disabled it, we need to check further.

FYI, if a system is infected, it's not safe to transfer files via flash drive. There is the potential to infect the drive as soon as it's plugged in, and then it could infect other systems once it's plugged in to them. If you have a suspect system, the safest way to transfer a file to the suspect system is to burn a CD and finalize it, and use that to transfer the file to the suspect system.
--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010