BullGuard
 HomeLog InRegisterCommunity CalendarSearch the ForumView The Member ListHelp
EXTREMELY slow laptop
   
BullGuard Antivirus Forum > Virus Removal > Removal Help > EXTREMELY slow laptop  
Forum Quick Jump
 
New Topic Locked Topic Printable version of : EXTREMELY slow laptop
[ << Previous Thread | Next Thread >> ]

Mr.Quint
New Member


Date Joined Apr 2013
Total Posts : 4
 
   Posted 4/13/2013 9:46 AM (GMT +3)    Quote: EXTREMELY slow laptopAlert an admin about: EXTREMELY slow laptop
I'm experiencing a sudden decline in the performance of my laptop. Launching programs takes up to 1 minute, but once they're running the lag isn't that bad.
Specs:

Acer Aspire 5742G
Intel Core i3 M370 @ 2,4 GHz
3 GB RAM
Windows 7 Home premium 64-bit service pack 1
Panda cloud Antivirus

I tried attaching a zipped version of the dds-log "attach.txt", but it didn't seem to work, so I posted it as well.
Logs:
- hijackthis.log
- mbam-log-2013-04-12 (20-53-59).txt
- dds.txt
- attach.txt

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:09:55, on 2013-04-13
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\ProgramData\TVersity\Media Server\berkelium.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\kHaoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kHaoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kHaoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\kHaoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://se.msn.com/?ocid=OIE9HP
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.privitize.com/?aff=7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer erhållet från MSN and Bing
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\kHaoS\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Lokal tjänst')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Lokal tjänst')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Nätverkstjänst')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Nätverkstjänst')
O4 - HKUS\S-1-5-21-1122791300-930408480-3392818547-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-21-1122791300-930408480-3392818547-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NeroMediaHomeUser.4')
O4 - HKUS\S-1-5-18\..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\kHaoS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Tjänsten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16303 bytes

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Databasversion: v2013.04.12.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
kHaoS :: ACER [administratör]

2013-04-12 20:53:59
mbam-log-2013-04-12 (20-53-59).txt

Skanningstyp: Fullständig skanning (C:\|Q:\|)
Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM
Inaktiverade skanningsalternativ: P2P
Antal skannade objekt: 417135
Förfluten tid: 9 timme(ar), 15 minut(er), 47 sekund(er)

Upptäckta minnesprocesser: 0
(Inga skadliga poster hittades)

Upptäckta minnesmoduler: 0
(Inga skadliga poster hittades)

Upptäckta registernycklar: 0
(Inga skadliga poster hittades)

Upptäckta registervärden: 0
(Inga skadliga poster hittades)

Upptäckta registerdataposter: 0
(Inga skadliga poster hittades)

Upptäckta mappar: 0
(Inga skadliga poster hittades)

Upptäckta filer: 0
(Inga skadliga poster hittades)

(klar)

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.17.2
Run by kHaoS at 7:34:55 on 2013-04-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.2999.934 [GMT 2:00]
.
AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\TVersity\Media Server\MediaServer.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\ProgramData\TVersity\Media Server\berkelium.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\kHaoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kHaoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kHaoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\taskhost.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Users\kHaoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kHaoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\kHaoS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.privitize.com/?aff=7
uWindow Title = Windows Internet Explorer erhållet från MSN and Bing
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mWinlogon: Userinit = C:\Windows\SysWOW64\userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: Nero Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: Nero Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
TB: Nero Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [Akamai NetSession Interface] "C:\Users\kHaoS\AppData\Local\Akamai\netsession_win.exe"
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -update plugin
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe"
mRun: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
dRunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f
dRunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f
dRunOnce: [panda4_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda4_0dn" /f
dRunOnce: [panda4_0dn_XP] reg.exe delete "HKCU\Software\panda4_0dn" /f
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Free YouTube to MP3 Converter - C:\Users\kHaoS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
Trusted Zone: forsakringskassan.se
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 83.255.245.11 193.150.193.150
TCP: Interfaces\{0A3F6927-2BB9-4D05-B799-E7385DF919BF} : DHCPNameServer = 83.255.245.11 193.150.193.150
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-mWinlogon: Userinit = C:\Windows\SysWOW64\userinit.exe,
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\kHaoS\AppData\Roaming\Mozilla\Firefox\Profiles\br1d7yhk.default\
user_pref(security.default_personal_cert, Ask Every Time);FF - prefs.js: browser.search.selectedEngine - Panda Safe Search
FF - prefs.js: browser.startup.homepage - hxxp://search.privitize.com/?aff=7
FF - prefs.js: browser.search.selectedEngine - Privitize VPN
FF - prefs.js: keyword.URL - hxxp://search.privitize.com/?aff=7&q=);user_pref(dom.ipc.plugins.enabled.np_prsnl.dll, false
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\kHaoS\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-1-31 283200]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-3 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-3 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-3 60464]
R1 NNSALPC;NNSALPC;C:\Windows\System32\drivers\NNSAlpc.sys [2012-11-26 89640]
R1 NNSHTTP;NNSHTTP;C:\Windows\System32\drivers\NNSHttp.sys [2012-11-26 114728]
R1 NNSHTTPS;NNSHTTPS;C:\Windows\System32\drivers\NNSHttps.sys [2013-1-9 95712]
R1 NNSIDS;NNSIDS;C:\Windows\System32\drivers\NNSIds.sys [2012-11-26 114216]
R1 NNSPICC;NNSPICC;C:\Windows\System32\drivers\NNSpicc.sys [2012-11-26 94248]
R1 NNSPOP3;NNSPOP3;C:\Windows\System32\drivers\NNSPop3.sys [2012-11-26 118312]
R1 NNSPROT;NNSPROT;C:\Windows\System32\drivers\NNSProt.sys [2012-11-26 306216]
R1 NNSPRV;NNSPRV;C:\Windows\System32\drivers\NNSPrv.sys [2012-11-26 116776]
R1 NNSSMTP;NNSSMTP;C:\Windows\System32\drivers\NNSSmtp.sys [2012-11-26 114216]
R1 NNSSTRM;NNSSTRM;C:\Windows\System32\drivers\NNSStrm.sys [2012-11-28 232488]
R1 NNSTLSC;NNSTLSC;C:\Windows\System32\drivers\NNStlsc.sys [2012-11-26 105000]
R1 PSINKNC;PSINKNC;C:\Windows\System32\drivers\PSINKNC.sys [2012-11-9 204328]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-7-13 203264]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-25 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-9-12 868896]
R2 PSINAflt;PSINAflt;C:\Windows\System32\drivers\PSINAflt.sys [2012-11-9 167976]
R2 PSINFile;PSINFile;C:\Windows\System32\drivers\PSINFile.sys [2012-11-9 119848]
R2 PSINProc;PSINProc;C:\Windows\System32\drivers\PSINProc.sys [2012-11-9 123944]
R2 PSINProt;PSINProt;C:\Windows\System32\drivers\PSINProt.sys [2012-11-9 133160]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2010-7-13 135560]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-7-13 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-5-15 384040]
R3 PSKMAD;PSKMAD;C:\Windows\System32\drivers\PSKMAD.sys [2013-4-4 58360]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
S1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;C:\Windows\System32\drivers\NNSNAHSL.sys [2012-10-22 33320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-15 48488]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-5-10 22528]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-7-13 246376]
S3 TdsNordecr;Nordea NCR1 SmartCard Reader;C:\Windows\System32\drivers\nordecr.sys [2007-10-30 28672]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-17 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S4 NNSPIHSW;NNSPIHSW;C:\Windows\System32\drivers\NNSPihsw.sys [2012-11-28 69160]
.
=============== Created Last 30 ================
.
2013-04-13 05:25:20 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-04-13 05:23:18 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-12 21:57:37 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D07544A1-03F2-4750-A859-38E79B8CD807}\offreg.dll
2013-04-12 18:42:17 -------- d-----w- C:\Users\kHaoS\AppData\Roaming\Malwarebytes
2013-04-12 18:38:27 -------- d-----w- C:\ProgramData\Malwarebytes
2013-04-12 18:37:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-12 18:37:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-12 18:36:37 -------- d-----w- C:\Users\kHaoS\AppData\Local\Programs
2013-04-12 15:35:04 -------- d-----w- C:\Program Files\CCleaner
2013-04-12 15:19:03 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D07544A1-03F2-4750-A859-38E79B8CD807}\mpengine.dll
2013-04-10 15:31:00 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-04-10 15:31:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-04-10 12:38:15 3717632 ----a-w- C:\Windows\System32\mstscax.dll
2013-04-10 12:38:14 3217408 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-04-10 12:38:12 44032 ----a-w- C:\Windows\System32\tsgqec.dll
2013-04-10 12:38:12 36864 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2013-04-10 12:38:12 158720 ----a-w- C:\Windows\System32\aaclient.dll
2013-04-10 12:38:12 131584 ----a-w- C:\Windows\SysWow64\aaclient.dll
2013-04-10 12:38:09 3153408 ----a-w- C:\Windows\System32\win32k.sys
2013-04-10 12:38:08 1655656 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2013-04-10 12:38:06 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-04-10 12:38:01 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-10 12:38:00 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-04-10 12:37:59 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-10 12:37:58 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2013-04-10 12:37:58 112640 ----a-w- C:\Windows\System32\smss.exe
2013-04-10 12:37:57 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-04-04 17:00:59 58360 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys
2013-03-28 10:59:28 -------- d-----w- C:\Users\kHaoS\AppData\Roaming\tiger-k
2013-03-28 10:59:24 -------- d-----w- C:\Users\kHaoS\AppData\Roaming\Leawo
2013-03-28 10:59:24 -------- d-----w- C:\ProgramData\Leawo
2013-03-28 10:53:47 606208 ----a-w- C:\Windows\SysWow64\xvidcore.dll
2013-03-28 10:53:47 139264 ----a-w- C:\Windows\SysWow64\xvid.ax
2013-03-25 20:39:46 4546560 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2013-03-20 20:42:20 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys
.
==================== Find3M ====================
.
2013-04-13 05:19:42 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-04-04 17:00:06 6080 ----a-w- C:\ProgramData\NanoRepository.bin
2013-03-14 15:31:06 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-14 15:31:06 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-11 23:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe
2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll
2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-02-21 10:14:05 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-02-19 11:10:53 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-02-19 10:51:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
.
============= FINISH: 7:36:14,79 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 2010-11-19 15:38:52
System Uptime: 2013-04-10 17:43:57 (62 hours ago)
.
Motherboard: Acer | | Aspire 5742G
Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz | CPU | 2399/1066mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 285 GiB total, 42,905 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP344: 2013-04-12 00:02:06 - Schemalagd kontrollpunkt
RP345: 2013-04-12 23:53:10 - Removed Java(TM) 6 Update 26
RP346: 2013-04-13 07:15:27 - Installed Java 7 Update 17
.
==== Installed Programs ======================
.
Acer Backup Manager
Acer Crystal Eye webcam
Acer ePower Management
Acer eRecovery Management
Acer GameZone Console
Acer Registration
Acer ScreenSaver
Acer Updater
Acrobat.com
ActiveX-kontroll för fjärran!!!!ningar för Windows Live Mesh
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Lightroom 4.4 64-bit
Adobe Reader X (10.1.0) - Svenska
Adobe Shockwave Player 11.5
Advertising Center
Akamai NetSession Interface
Apple-programstöd
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
ATI Catalyst Install Manager
µTorrent
Backup Manager Basic
BankID säkerhetsprogram
Be!!!eled 3
Bonjour
Broadcom Gigabit NetLink Controller
Bubble Bobble Nostalgie
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Conduit Engine
CyberLink PowerDVD 9
D3DX10
DAEMON Tools Lite
DVD Shrink 3.2
ETDWare PS/2-x64 7.0.6.5_WHQL
Free YouTube to MP3 Converter version 3.10.11.923
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
iCloud
Identity Card
ImgBurn
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
iTunes
Java 7 Update 17
Java Auto Updater
Junk Mail filter update
Launch Manager
Malwarebytes Anti-Malware version 1.75.0.1300
Master of Olympus - Zeus
McAfee SiteAdvisor
McPixel version 1.0.4
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile Language Pack - SVE
Microsoft .NET Framework 4 Client Profile SVE Language Pack
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Klicka-och-kör 2010
Microsoft Office Starter 2010 - svenska
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MobileMe Control Panel
Morphyre
Mozilla Firefox 7.0.1 (x86 sv-SE)
Mp3tag v2.52
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyWinLocker
MyWinLocker Suite
Nero BurnLite 10
Nero Control Center 10
Nero ControlCenter
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Installer
Nero MediaHome 4
Nero MediaHome 4 Essentials
Nero MediaHome 4 Help
Nero Online Upgrade
Nero Update
Net iD 5.3 (32-bit Edition)
Norton Online Backup
NTI Media Maker 9
Opera 11.50
Panda Cloud Antivirus
Panda Security Toolbar
Panda Security URL Filtering
PandoraRecovery (Remove Only)
Picasa 3
PX Profile Update
QuickTime
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2518870)
Shredder
Spotify
Tar endast bort CopyTrans-Suite
TVersity Codec Pack 1.7
TVersity Media Server Pro 1.9.7
TwonkyMedia
Uniblue SpeedUpMyPC
Unlocker 1.9.1-x64
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
uTorrentBar Toolbar
Welcome Center
Winamp
Winamp Detector Plug-in
Winamp Toolbar
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
Wisdom-soft Set up ScreenHunter 5.1 Plus
VLC
VLC media player 1.1.6
VobSub v2.23 (Remove Only)
XBMC
Xiph.Org Open Codecs 0.85.17777
.
==== End Of File ===========================

Post Edited (Mr.Quint) : 4/13/2013 6:48:04 AM GMT



File Attachment :
attach.rar   3KB (application/octet-stream)
This file has been downloaded 85 time(s).
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 4/13/2013 6:12 PM (GMT +3)    Quote: EXTREMELY slow laptopAlert an admin about: EXTREMELY slow laptop
Welcome  Mr.Quint     smile
 
 
 
Please download Adwcleaner:
 
 
 
  • Double click on AdwCleaner.exe to run the tool. 
    ***Note: Windows Vista and Windows 7 users: 
    Right click in the adwCleaner.exe and select – Run as admin 
  • Click Delete. 
  • Everything that was found will be deleted. 
  • Save any open files and approve the reboot. A text file will open after the restart. 
 

Please download 
 
 
 
to your desktop.
Shutdown your antivirus to avoid any conflicts.
Right-mouse click JRT.exe and select Run as administrator
The tool will open and start scanning your system.
Please be patient as this can take a while to complete.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
 
Post the contents of JRT.txt into your next message, along with Adwcleaner and combofix log
 
Please download Combofix from:
 And save to the desktop.
 
After the download is complete, perform the following tasks before using the ComboFix tool to scan your PC:
Exit all windows that are currently open on your computer.
To prevent interference, temporarily disable your antivirus, antispyware, firewall and other security tools that may be running on your computer.
 
 
Double-click on the combofix icon found on your desktop.
 
Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall.
In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

 When finished, it will produce a logfile located at C:\combofix.txt.
 

Post the contents of that log in your next reply
 
The logs will be reasonably large so you may have to divide them into sections and make several posts to post them.

<!--[if !supportLineBreakNewLine]-->
<!--[endif]-->
 
NB. If you are using any P2P (file sharing) programs, please remove them before we clean your computer..
We do not clean logs that have P2P applications installed as this can cause reinfection during
 
 
 


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Mr.Quint
New Member


Date Joined Apr 2013
Total Posts : 4
 
   Posted 4/13/2013 9:33 PM (GMT +3)    Quote: EXTREMELY slow laptopAlert an admin about: EXTREMELY slow laptop
Thank you for the fast reply, sorry for my late one but as you know my laptop is very slow.
On the plus side, I noticed a significant performance improval after running the JRT.

Logs:
- AdwCleaner[S1].txt
- JRT.txt
- combofix.txt


# AdwCleaner v2.200 - Logfile created 04/13/2013 at 19:13:29
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : kHaoS - ACER
# Boot Mode : Normal
# Running from : C:\Users\kHaoS\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\uTorrentBar
Folder Deleted : C:\Program Files (x86)\Winamp Toolbar
Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Winamp Toolbar
Folder Deleted : C:\Users\kHaoS\AppData\Local\AskToolbar
Folder Deleted : C:\Users\kHaoS\AppData\Local\iWin
Folder Deleted : C:\Users\kHaoS\AppData\Local\Winamp Toolbar
Folder Deleted : C:\Users\kHaoS\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\kHaoS\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\kHaoS\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\kHaoS\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\kHaoS\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\kHaoS\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\kHaoS\AppData\Roaming\Mozilla\Firefox\Profiles\br1d7yhk.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
Folder Deleted : C:\Users\kHaoS\AppData\Roaming\Mozilla\Firefox\Profiles\br1d7yhk.default\WinampToolbarData
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{791A0A64-42CA-4C6D-9920-7C920EC023CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{507591C2-2F4E-46A7-92D6-E6CFF82E5F26}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{791A0A64-42CA-4C6D-9920-7C920EC023CD}
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKLM\Software\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{791A0A64-42CA-4C6D-9920-7C920EC023CD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3769B7F3-3A4F-4049-8336-3C136EBF7A60}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F83CE079-89C1-4EDA-B696-3694A07533D9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66DD22B9-6521-4B05-97DB-0EBC00B1DA5D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v7.0.1 (sv-SE)

File : C:\Users\kHaoS\AppData\Roaming\Mozilla\Firefox\Profiles\br1d7yhk.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\kHaoS\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.50.1074.0

File : C:\Users\kHaoS\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [13935 octets] - [13/04/2013 19:02:30]
AdwCleaner[S1].txt - [13136 octets] - [13/04/2013 19:13:29]

########## EOF - C:\AdwCleaner[S1].txt - [13197 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by kHaoS on 2013-04-13 at 19:32:03,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1122791300-930408480-3392818547-1001\software\microsoft\internet explorer\main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0115906C-CC82-4E5A-B1D9-DAD3E6CE2735}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0206818D-0438-4AE9-B78B-E2833AE3FDFF}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0241C393-EE7A-4CA9-8620-7DCD5B957F49}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{029F9235-7A33-4EAB-99FD-1836E781EDC4}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{03A4A816-B68C-4122-8D3F-49EB0742C380}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{03F296FC-EB5E-43AE-918D-32B9C0E2AF19}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{058ED0D1-D1E0-41AE-A419-2EFCA3A51AAB}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{069D3C77-D76B-4BC2-986E-45030CA7C009}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{079C2E7A-0C2C-488F-A00E-127356083F0E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{07D8A602-9988-484D-812C-A76BD1D68B1B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{08649788-222F-4042-B549-B36702505780}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{08D68AB5-0D57-469A-9393-E59F4EA14BB8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{08D70D87-F744-4B41-AF1E-5B317C95C2B3}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{08DC24DA-DCFB-4002-97DA-EDEECD23C84C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{09D2BC80-C69B-468C-84EA-C563BF1E5EB7}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{09D76B91-B682-4E03-BD17-BE293A5A0384}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0A9DCB6F-3BAB-4BBB-870D-FF77830F747B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0B4EE542-C0F4-4AB9-85A2-3EBA758E3393}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0B98D8CB-FAE4-44EC-89A0-F9B0EBAD34D4}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0C9834AE-FA7F-4380-96A2-C0C3D3ACC169}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0D8E1144-49C8-4DC1-B24B-CFEFF0C014C1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0D918376-7128-4BDD-A973-A7403A270A81}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0E3C00D7-6B06-453A-93AB-DFBF26E0FC6B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{0F757DCB-3464-4B84-915B-0F4DAFCA67E0}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{125A160F-04A8-45B2-931A-76A1A2F7C954}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{1293F46C-3DD4-4F6F-A5C8-59E65AFDEE96}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{129AAF4D-7B16-4C90-8C47-70AECA798CAA}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{129DF0A5-A5B2-47C9-A104-28AB6FE44032}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{12DA3081-8DBB-46F0-B775-D97798012ADD}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{138699D4-82A6-447B-B237-284947863E5A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{13BFE77D-2041-4846-8B85-11ABDEC0BC86}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{14AEDBA6-0CDC-45AF-ACED-CA8C8CF7DBB6}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{14FD3AEC-7611-406C-B2D4-291060C2F387}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{15CCFFD1-24E0-4BBF-B799-2640E6E66651}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{16C07E60-9D7B-4AD7-A548-EB3C1CF4698B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{183BF5B5-6C0E-42E7-95F5-091C37EE426A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{19226D5E-D343-4F82-9F95-104C278CA7C2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{1AC51E62-D6B0-404F-A3AB-3BA5C82D00BF}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{1EBE9333-9D3A-4F26-8EDD-EDE4DA0EC9F8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{1F4E6834-4167-4C31-9DA1-277049F9849A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{1F9FACE2-1511-4955-8670-ED56EDEC9915}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{225E84C4-EECF-421E-ABC7-A4D812D86CF2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{22726033-76D6-4698-9E3E-E97A621BE9C8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{22A37DA0-F835-48CD-A395-C1CB4B87E4DC}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{22A764AE-D28D-40FB-9470-AC5219F82C52}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{23608E5B-175F-4C76-A9C0-D9822E030124}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2395E92C-CDC7-4412-BE79-53CFC5CC6AB3}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{23BA7FCD-7B7A-4970-8753-0BD9C3EF0DA1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2459BCD3-7C9D-472C-8366-504A0676E847}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{249ADDCE-4E2E-47E5-B61D-71B6EE745779}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{24FBE0C7-ADA0-4BED-90AD-561CF321F918}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{256BE86A-CE44-4A0C-B458-2A934E6E636A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2575B3A1-D262-453A-AE20-930EBC1556FB}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{26012D1F-11AC-44C8-A0E3-A850B1E787E4}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2627E46F-EDCF-4402-8C51-806E1BF87056}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{26972E16-DCDE-482A-9D3E-4256FC2BD444}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{270B51B1-5654-4397-B3A4-926FF1D412D7}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{274D7E89-66CD-474B-8996-CF2B0C7DAAD8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2756D602-84D2-4958-A7B8-F4A35B2B2A83}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{27A93BDA-95C5-41C8-A01A-02BEC8374567}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{28FCB036-2497-4573-89B9-644C7CE6A086}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{293C1C63-1817-46EB-A608-3F55D05C8DDE}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2994F617-96E2-4C42-8E0D-32D56A5A1BE4}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{29A163F8-B222-43FD-B285-372F9E614094}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{29A2B1A8-B609-46F3-BFC8-55391BF460A3}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2A392B51-74F5-4490-975E-C5905BDDA0E1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2A94ABCF-F440-4C54-8397-2A95EA2756F7}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2B880AAA-54CD-4EBD-96A6-F2F59F7D7256}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2C709C17-C7CE-4B8E-AD9E-C52254654A67}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2D2F0352-C9D9-4F36-A76C-B21406AC7D61}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2E58185C-3F3C-4342-9AE2-6643B367B0E2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2F2A3F46-E795-4257-B2E9-264A45E6267A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{2FA3D328-EA8E-46B3-8F66-5906FE0826A0}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{308C1162-8EB2-499C-806A-D48A1E7AFB5F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{30C08002-A286-4C18-98C2-51772F354F68}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{30C0A618-F767-42E1-9B78-C2927464A087}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{3299D967-8A35-4BDE-8CFD-572DC2453B26}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{351FEBB1-67A2-4338-9FB3-0C140EACFF83}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{35572258-4FBF-4FC2-B676-FC854202B1D1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{35E23466-0997-4728-8F76-51EE586A1578}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{35F31971-5043-466D-8119-05CFEA998831}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{364E49F4-0C63-450C-B9F5-09F95DAD9F15}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{36C066A4-242D-4AD6-B09D-0A13877C9798}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{37045310-05BE-479A-86CE-8355473283EA}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{385404F3-1CE4-48E9-B86D-7CF2681643B8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{3BDBA45A-F77F-488A-9102-5CF3143AEFC9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{3CB18F59-BAE9-40FF-AEA4-1FC2031C482E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{3D623741-019B-48F5-82D8-BEFC49BB981D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{3D8BC054-902B-46B6-A17C-F883ADA110A3}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{3D933198-3CBB-4290-8396-449855578975}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{3ED6C38B-EF78-423A-B8C6-294C3616FF9B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{3F65501D-D1A4-4C76-8D5C-BD3C3407F51E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{41184DAE-D8D7-418D-B92B-943F741FD45C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{41F626A4-98EB-4262-88A0-0A9513DC5B08}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{42145740-7D2C-42AD-BF27-25AA75E35FEC}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{423336EA-2EAE-4813-8CC5-4D5251F58A18}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{429D868A-74B0-43F8-9D61-9B6AA4AE6913}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{431D543F-335F-449F-A1EA-2343469D970C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{45455312-2FD2-41D4-AAA7-1540E49D367F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{48F7A684-887C-430B-AD38-DB9E9BBFDE99}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{491A68E2-2E03-44F1-98BE-596A666AD43A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{49705D66-917B-4D0F-ACFB-A843FC751610}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{498E5A35-105A-447B-8C63-E87D17A3428B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4A213AED-0651-4B2C-8956-53CBC7B8BC13}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4A2E9C3E-F149-414F-925B-67B5250B1B2D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4A3DE2D0-51C7-432C-99BE-029BE2631B93}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4A5B8E20-C89F-41D1-83E1-41AB8D053049}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4B84F09E-21C3-4067-967C-4406A7F9A113}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4D35BCA9-57EE-4FC2-BE28-2EF5989373A0}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4E30FBFA-42CD-4620-B0F3-54277D103D1A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4E86E499-E8E1-49F3-9F47-6ED36CD41024}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4E90AE6C-50C7-44CB-A066-70F123C21EB2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4F05BDF5-2329-46F8-956C-2AF202D7017F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4F4B0EAD-7C33-4B3A-982F-F49514E454DF}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4F697A99-7DD9-4A99-9DE1-6F8063985124}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{4FBD57BE-7D26-48B8-BBD0-FBF9DEFF54F2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{509BAC11-EF66-417E-ABDD-4A7F9F4F10D7}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{52034623-6296-42F4-95B2-8407214A77E6}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{530CB613-EF79-47F6-A781-A7EBFF6A8FEC}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{53F1E44D-2EB0-41CF-9065-5FDDB461CAD2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{55284284-7CE0-40F4-907B-131684AE6234}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5566D7A2-A70C-4396-866F-1EA019D07A58}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{56039749-2626-444C-936E-E93C231FDB22}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5642257E-D73E-400F-AF63-75B86CB0BC81}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5670C87A-8C8F-4F39-81F0-AD47EF8D9DE9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{56722938-7F4C-409B-85E5-541710A0C1F6}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{572914A5-CAE7-45E2-91D0-9F87B84BA8D8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5868546A-09BA-4DA7-A7C4-3AF63CC395F8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{58FF89E3-B31D-4F60-88D6-D14139E42837}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5A7862A2-EA04-4031-82A1-3C05768A8B08}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5AE43109-6919-4748-8FA7-CE7AC93349CD}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5AE8BD66-A85F-4BB3-BCBE-A84710680A3E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5B842B38-4FCE-45BB-BE86-43AC53D342E8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5BB56CB8-1805-4F18-8DA5-F0D113E4ED17}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5C7233AE-409C-4F52-BCC9-F26A5261F3F2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5D175AD5-3C69-4D9D-AD3F-0D31C6A9A85D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5E834965-0757-4E93-BCBB-D27249B80AA0}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5EF76CA0-04A1-4535-AFA7-EF81B770DB36}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{5FD8474E-94ED-4F88-A7E5-7508C09DCF3B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{608DAFDA-162B-420B-8587-C103DA2B0B7F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{60E47995-1CC3-4450-A6D6-93FDEF18BFE9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{61C0910A-4680-4E4A-BA6B-A718BCD3FBD9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{629BFF4A-5FEA-4D3C-AEA0-AC35004D701F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{63E54AFE-2B37-4A3B-8223-8922C3631396}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{64303774-A9D4-482C-9C57-BE5CD4F7982C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{64D5535C-FB79-41D0-AC04-991722A6862F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{64E263CF-058B-40B1-B225-9F2233D95D2E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{66175D8B-816F-4AEF-A51F-6945283280A0}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{66599E83-0FE1-43E0-93D0-F2662E909B5B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{668485A6-6B7D-4D81-8DEF-1A463CDA16A1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{669D93C6-E550-4576-A1A8-6C6B51C0F400}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{6777A027-27B3-426B-82D6-A6FFA5913FC6}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{67E851B3-5B6B-432D-A969-87C9D5A3D965}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{68F877E7-C8D1-4DDE-9DA3-B2141620B7F6}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{6A356236-FF13-473C-A3C5-0C60771FB3A9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{6AB509D9-B70E-4987-A09C-4584C42CAD2D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{6B281FFB-F681-4E29-BADE-A744B48392A1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{6CC0C0A8-F6F3-4D33-B078-7C31DEAE0A54}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{6D13018E-63A6-42CD-B21F-29EE1E74B6CF}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{6D9554FD-48EE-4586-8347-EA542292117E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{6E974004-F3B1-4BD5-8F8C-BAFDCC38ECDB}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{6E9B5DBD-A8E6-468B-BE3A-B753653D5F13}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{6F6BEFD1-4CE4-41CD-B4E2-0A3435D3F1DD}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{70DB44B8-7C51-4007-80EC-3C29E57EE1A8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{71494D05-B2D2-4847-8B24-43AB73A3C732}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{730A34AF-08BC-4541-982F-91E5413CE67E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{7318BCCA-A194-4E99-ABF8-3DB1FE9FDC61}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{755FA18E-9C49-47C3-A6D7-93DD8767DC51}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{757FB2AE-971B-4225-8AC9-901FEC2A5673}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{7599D5A2-C35A-44DD-9106-ED87D0479216}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{778E83EB-4C12-4347-9430-AE1D4D0FC33B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{77B3AE28-B2FC-4A2A-A439-C75A984C27AB}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{784E3D1C-08A1-4040-A7C0-BF830AEF2392}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{7911BD7F-1B7B-4AD9-8EAE-F6A10BE3B008}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{799A1F1A-3B89-4F7A-B52C-094704350752}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{79A690F6-9077-4A4E-9D58-2D13DF12D0C5}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{7A8247DC-D1A1-4C67-96DF-E7DB02CADC0B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{7BB4FBAF-EFB7-4D6B-8756-8FCEB58FACE9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{7CDDDC79-65F2-4A42-8B91-F0F81F0A80C6}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{7DA4CC03-993B-4112-96B5-4A9AB30810AA}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{7F64F117-0FA6-49D6-BEA7-D31F9D18F4C5}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{811F70F4-224F-44EF-A430-52FAFA38F350}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{83192055-5D1A-463F-90BB-A27483EA5564}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8368F74B-F0CE-4C5C-B91A-D39B36238E44}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{83DD2B4C-A3B2-4B3E-86BE-BB7F95C0DA5F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{84DC40A4-31FE-404C-A3A4-F448E8A09BA9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{84F021BC-2D4F-4C00-9707-BDCD14AECF3B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{85A89E50-7562-4E17-8E54-432877B877F7}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{860C4189-20E2-4475-9650-E16CAC4833D1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{86366071-0C9F-4E48-91D4-EFF86C0A27CE}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{86602722-6CF9-4F3A-B994-F78D5C90322E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{86BF167A-E15A-4DC0-8AC2-88A6742DC5CA}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{87BFAB58-A750-4D5B-A773-DBE37140F963}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8822AA02-EA7B-4592-9385-26BCC9C49134}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8883C687-0468-4EF0-9FF2-2AFC4B8BF086}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8A0235CA-4F21-42D7-A108-A7DD47116BD2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8A45E580-E1D2-400C-8F64-F20F094CCF60}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8B075CA1-0F10-4B98-915D-C983093B702C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8B6F3FD6-169A-4BC1-8D43-FE7F1C858628}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8BD10FBD-FC6D-43B3-81E1-CFC160A6A9A2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8D5E9A1C-E1E9-4090-9514-02CA0B94268D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8D7BB0D6-CBAD-4CFD-85D7-888D21D716A5}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{8E507DAB-9FF1-4420-B3C3-43F8236AAC8F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{9045758A-80E0-4634-986A-AB19DBC4025B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{90791FE5-2283-49C2-BF6C-1874720E7E5A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{91479CD6-6DEC-4C61-87D7-8E8342EFE644}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{91C1A7B3-1B8D-415D-B3EB-3F0DE1CCD28D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{921FFB35-47E7-4971-9BFB-B1AD56A0ADE5}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{92849B3F-F233-403B-AF44-9D418F97365A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{9315635C-60DE-407B-9BFD-CE7FCBF733C2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{93406D11-56E4-4277-A498-E7B4D3570B73}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{943B8D89-51F0-45F2-B7B8-681981D84B39}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{9514D90E-F2F0-45FF-BC2A-35667E04D507}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{9544FF77-471A-4FE0-84FD-2167CA0FF9F1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{959B7336-84C5-43D2-B1E4-67755192B696}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{96248C53-B70D-4722-868A-2DDFE45FE789}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{962C4A85-2ACB-4DD5-85CF-D7C7FA1A6105}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{97D191D4-47D0-4EB8-8121-DCAADE811160}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{998CA5FF-EFF3-46C6-951F-E4C155923A1B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{99C57E9E-E27D-4EE7-B380-7E80E7AEE0E2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{9B032600-A0D5-4DE0-BE35-3FC105F2E895}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{9D1D3BBF-FC44-40C1-8F6E-EEB0F0B248B8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{9DE284CA-2005-4E01-A9C7-95B9707D7DEC}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{9ED1B78B-D00A-4176-A35B-324B1C1D649F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{9FC0BBF0-B9D9-442A-A215-A96ED389122B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A0727C01-6101-4319-9D9B-D8947D2DA33F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A0902893-03E8-4CC1-B248-43BA981595A3}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A18E4037-5425-4544-A642-3E9443DDF832}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A2284E43-958F-4BC3-8D4E-3F07C9098257}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A2D3F251-BB32-4A71-9DB5-408624A450EF}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A2E484DE-ACE5-4109-85E1-ADBCE663BB82}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A32FDC93-B4B3-47A7-844C-D7B8AB74BA20}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A33DC0C7-3649-449C-87D5-9E30C2B5442F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A570B2DD-7C38-41F6-87A2-F7BEC01F3E77}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A583BE12-6556-4F75-BC50-82944D9B3B0F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A602752C-5E27-4AE0-906D-2DAA9027E569}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A62FAEA4-4768-48FB-8CF4-B3ECC52597F0}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A6FCE893-82AD-4579-BA40-44C7E792E49C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A7FB32C6-48ED-406E-A97E-A84786386F36}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A83CDA4B-EAFC-401D-AE3F-D507D59643E4}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A86FD191-CCD5-4B00-8D3C-12C87AF17B03}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A972CB51-07F7-435F-BB2A-C0D7A6DDD3F2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{A98FC6AE-8E1B-4EC3-9657-3E07A6B87337}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AA0401E5-739E-44FB-8320-6B6738D76E87}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AB721E3D-C01A-4C3B-82E3-D9A512214806}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AB7549CE-E336-4450-A070-B3C6F661EE37}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AB81FA14-C8AD-41C7-8540-2EA56708487D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AB9AE3AB-0EB5-4447-A861-6D5BFEAECB3D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{ABB5A4B8-26B9-4D18-872D-A975488811D1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AC4B3AF8-6E38-485F-88CC-BFC96BD99AD8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{ACA34AC7-EDFD-4A9D-8E5C-A530A672C0DF}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AEA34B87-BF49-4D1A-8414-C9C641D76CEB}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AF37158D-9F2C-4E92-8B8E-4948116A4B2B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AF6F21FA-37D3-45B4-B1EA-5C4320456F2A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AF80F97C-1763-4C5B-B5F6-1CBBF0ED8834}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{AFE9A570-C45F-4821-B230-B8BF43362DD5}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B0129C1D-E2A8-4F31-89D8-E9E0884E890E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B08BE328-5AE5-4269-B392-79636FE18EDE}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B0DC98F6-2060-45BA-A3FB-650B28A51979}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B1CE8F82-E731-4FEB-9BC7-E8F1F2BBA2B8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B21EB720-60E7-4316-ABF3-2098133DF03B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B2C58E69-E406-4270-A90E-671F5AD41020}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B3A43056-A24C-4154-8DD0-5D9CB78E95C8}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B3D63595-4294-478E-B0DF-26FA32A2CDEF}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B3F5DB80-319B-453F-A003-D6D95CB0DD23}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B45D6FFD-C7BA-4549-AEAD-3BFD028C2D87}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B4CE523B-EF98-4BDF-9C39-809A3B4FFE7D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B61064B9-0F20-4B67-8422-F661FDCB5B95}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B64B9B01-7235-4815-95B9-32C0866FBFB2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B68AA97C-6367-4D49-ADB2-2D5C41495135}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B7B5D82C-0602-4955-88AB-E1D406F4546A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B84CEE5D-2668-454C-B67F-2E1C5FA604C6}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B853333D-3D32-47FC-B104-655C7D1F3AD9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B8635A9D-FED5-4E4A-8B4A-25837C88C03D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B8D0C60B-0ACB-486C-BB5D-22737DCE3A40}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{B9F96DDF-C795-47D8-8673-9F212EADCE4F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BA83B26D-057D-4B26-9CFC-5CB2EB036945}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BABC9BA6-62F6-47F9-8577-277EC08F857C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BAE58FBF-FB58-4495-84D9-00D3366A0686}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BB8F41B1-1801-43F9-881F-0F257EAE6D50}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BC2EEFBD-C459-4112-83D3-6D98C60F2C0A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BC5BD9C3-AB04-47D3-A35D-567426800A99}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BC6D55B0-7650-4723-AC12-527E5EFF062C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BC7DDFB3-222F-401F-BE5B-409E2603BC43}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BCF41FDB-B321-495B-8A52-55A6174BA800}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BDAB920A-C9FC-4118-B110-C96C4B206316}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BDBFF4EE-6385-49C6-9CF9-CC648C568402}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BE20289F-1BD6-4802-9943-046B75B66157}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BE65BEC7-17D0-4177-A174-0B94CCB8713D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BF15B8C4-62F2-413D-B92F-5072C2E7B9FE}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{BF6A1DEC-EE8B-4DDC-A6C4-A8E26E471A44}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C0333A62-E452-40B7-93C0-807B354A870D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C211E12E-B176-4727-A245-65464F0F98A0}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C28DB539-F7FD-4BCD-8FDC-36E887C35A71}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C295E5AD-C52D-46FB-BEF2-A3BC8BCF5DDB}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C3FC55AC-2EDC-4D87-BF96-5482A00B8AE3}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C4617A72-B1EC-480D-82C9-DBBC12B121B7}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C530AAC2-F498-4150-97E3-FF903812CF78}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C60DEE7A-DAD8-4113-8D96-A3CB800C20A9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C7632E7E-A2FD-491F-A3CB-FE62752B5A3F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C8022CCE-64C8-4B74-802C-D98ED2DFBA8D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C87CC700-6BE3-49B1-974C-1E805DDADB8F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C8D2D095-0A8D-41E8-BCE8-FB8180A862DE}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C90DD0FB-734D-46CC-AD38-92D24F955046}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C970945A-1925-4014-93F7-691D663AD195}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{C9921D17-72DF-46DD-B71D-2E81DA0E9A59}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{CA6340F5-051B-4380-8C91-10C0F3D5852C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{CB24FF93-8E0E-4F4B-A80F-F16E00D7C59F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{CC7246DC-61FC-4B16-B243-5B9198B69CE4}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{CC88093E-042D-4067-8935-BC7898D3756C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{CC9FFB40-C023-48FC-9281-D39BA49F5D3E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{CD73070E-DA71-496E-A63F-AAC0EBA048BB}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D034026D-8266-4342-93C7-292202A056F7}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D0793AD4-B317-4052-AE09-1BAC7737E587}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D08A9C44-9C8F-439C-A9C0-9F628B948215}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D1AE0EED-F2A0-41AE-A338-EBD2C4521F3E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D1B16024-1C33-4458-BD98-6314B04E9D59}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D208A5E0-3809-4023-A7B4-8F3CEABC7A82}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D41D3A16-3227-4D30-8CB7-0CCAA5A6E973}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D4726190-B843-40FC-99F3-BDDFC12679F9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D4CEA6EB-13C1-4834-8D48-509409775805}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D5A5F380-7AC9-4E30-A691-BEE81150FCC3}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D5EE92AE-5300-42DE-8A86-39B8578540D0}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D76C6A1A-24C7-4425-9FDC-4046B4FFACBE}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D7751468-6D85-452F-A754-9574BE0EC8F3}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D7C83269-343D-487D-8274-97060F110140}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D7DEE957-CE7C-48C3-83C3-BD5B2CF8BD1D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D811E257-EA00-47BF-978F-C543C3A12B5E}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D8B59A20-B110-479D-B778-FA40AACD380B}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D923138A-AD66-4D3C-81BE-17254E8A361C}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D9730E40-BDB7-4BD4-A5AB-4194D0FEE498}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{D9B43C1D-1912-4EC1-B2B2-7C5CB9685885}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{DA7B2535-45A4-443D-BD2B-945E206D5FA2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{DAD22833-291C-407A-B72E-D4A4EDA0C6F7}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{DB60EE9E-FD3A-4DEE-81C2-1B39CDF308A2}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{DBD9EA66-009D-406A-A6A6-ACBC93D2C421}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{DC310B38-5112-4B8C-B869-8157C605C40F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{DCF1A834-1D57-4218-B642-60C7D738D238}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{DE0C5520-F08F-45AD-8D51-35B46EA10BCB}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{DE1CE5A6-A4BE-49B1-8978-3AC35BD34832}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{DF926425-F30F-4741-9EA6-C597C1E616D4}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E06B38C5-9BBA-4CA2-B258-14D74C2434AB}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E0AA486F-7864-4320-B97B-95E07B47E1C6}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E1194909-43DB-4DCE-88AE-AEA1413E7B8F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E2B46BA6-E70B-436C-B7FF-658AB40EEC05}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E33BE817-8047-47DC-90DA-44E4F3DA3827}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E3565754-1048-419A-80D5-DF10753711A1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E4788B87-0EE3-4F3F-B3C7-D612C02079D4}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E582AB8E-D1DE-412F-A4E4-5147C3C38977}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E585E39D-AEB9-4A0A-AE81-73469F0070F1}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E59C93CF-9AE5-4699-B525-BC35D4871E87}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E7017E44-A3AE-48CE-98DE-35411ECF1601}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E70F9387-7816-4C80-871B-23F557C27D62}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E732A90D-97D8-46AD-8EE1-FC8B5AAC9FC7}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E8B37CB4-07FA-4021-8D4E-1F9B8925A105}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E8C73788-8080-4A09-8483-D76E191529FF}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E97252D4-CA26-4C45-A541-1FD5A6567ABD}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{E972E249-93BC-47A5-90FB-792D559E9D52}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{EA93F411-E585-4660-8F45-2D2136CFE752}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{EBEFA56B-0388-4B2F-8241-56186E03E7F9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{EC5362B7-777B-47D9-AF26-BD8E341F7FA0}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{ED433EA5-3EB5-443B-BB67-B5F523440151}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{ED53A8E4-BD14-483F-A12A-7F5A405AAFDA}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{ED6B6D26-2949-435E-96D2-584D7DBC36B9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{ED8CC925-EBB2-46C7-9159-3B284A284DAE}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{EE347336-E3A6-45E7-A659-1AF844D8C47F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{EF83711C-7161-489B-9BE0-0BEB317C0C41}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F085C3C4-B361-4DF8-A576-EA597EB93728}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F149DA50-F89B-4EE6-B8C5-35660D4975EB}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F1D97A91-4904-4E3A-9A9E-4089C7CCCD67}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F22F17C2-D3D0-4D39-96DA-5364657F9A5A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F2532EE3-A8AF-408A-9E73-C1E61710C465}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F2818C36-8CFE-4883-B422-BE95B99F7C37}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F317068C-6C84-4233-82D5-7E5E95641DFD}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F318D228-1E00-4B64-B4DA-A15B061C65CF}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F3C6059E-7246-43F7-95C9-38F35114ED92}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F637AC16-9F08-4037-AEC3-960602B0E9EA}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F6714799-7CBA-4392-A151-79F09384FC46}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F68DF312-B80C-43CB-8F71-8E777284DD8F}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F93F5861-99A0-4B19-9469-E0E558D31C9A}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{F9CCAF5D-48E3-43BE-AF06-F12F4D44FBF9}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{FA735A7C-030B-46F2-AB43-CB95314460AC}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{FB79CAA1-B5B2-4446-AC95-E553E65C868D}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{FB88BE0F-FE08-42F8-B920-8548FDC09394}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{FBD44AB1-3813-4215-981E-1AC92A517D30}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{FC2AAB70-A518-4AC7-B098-9F6E89262835}
Successfully deleted: [Empty Folder] C:\Users\kHaoS\appdata\local\{FFCE109E-FAB4-4BA1-B4F1-5D8A4EAAA2FF}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\kHaoS\AppData\Roaming\mozilla\firefox\profiles\br1d7yhk.default\extensions\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted the following from C:\Users\kHaoS\AppData\Roaming\mozilla\firefox\profiles\br1d7yhk.default\prefs.js

user_pref("browser.startup.homepage", "hxxp://search.privitize.com/?aff=7");
user_pref("browser.search.defaultenginename", "Privitize VPN");
user_pref("browser.search.defaultengine", "Privitize VPN");
user_pref("browser.search.order.1", "Privitize VPN");
user_pref("browser.search.selectedEngine", "Privitize VPN");
user_pref("keyword.URL", "hxxp://search.privitize.com/?aff=7&q=");user_pref("dom.ipc.plugins.enabled.np_prsnl.dll", false);



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2013-04-13 at 19:45:34,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ComboFix 13-04-12.02 - kHaoS 2013-04-13 19:50:19.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.2999.1627 [GMT 2:00]
Körs från: c:\users\kHaoS\Downloads\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
c:\programdata\Acer\Acer Updater\fubdlr.sent
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_ori.xml
c:\programdata\Acer\Install\install.log
c:\programdata\FullRemove.exe
c:\users\kHaoS\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
c:\users\kHaoS\vlc-1.1.8-win32.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((( Filer skapade från 2013-03-13 till 2013-04-13 ))))))))))))))))))))))))))))))
.
.
2013-04-13 18:03 . 2013-04-13 18:03 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2013-04-13 18:03 . 2013-04-13 18:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-13 17:31 . 2013-04-13 17:31 -------- d-----w- c:\windows\ERUNT
2013-04-13 17:31 . 2013-04-13 17:31 -------- d-----w- C:\JRT
2013-04-13 05:49 . 2013-04-13 05:49 388096 ----a-r- c:\users\kHaoS\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-04-13 05:49 . 2013-04-13 05:49 -------- d-----w- c:\program files (x86)\Trend Micro
2013-04-13 05:34 . 2013-04-13 05:34 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-04-13 05:25 . 2013-04-13 05:19 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-13 05:23 . 2013-04-13 05:20 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-12 21:57 . 2013-04-13 17:43 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D07544A1-03F2-4750-A859-38E79B8CD807}\offreg.dll
2013-04-12 18:42 . 2013-04-12 18:42 -------- d-----w- c:\users\kHaoS\AppData\Roaming\Malwarebytes
2013-04-12 18:38 . 2013-04-12 18:38 -------- d-----w- c:\programdata\Malwarebytes
2013-04-12 18:37 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-12 18:37 . 2013-04-12 18:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-12 18:36 . 2013-04-12 18:36 -------- d-----w- c:\users\kHaoS\AppData\Local\Programs
2013-04-12 15:35 . 2013-04-12 15:36 -------- d-----w- c:\program files\CCleaner
2013-04-12 15:19 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D07544A1-03F2-4750-A859-38E79B8CD807}\mpengine.dll
2013-04-10 15:31 . 2013-02-19 12:01 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-04-10 15:31 . 2013-02-19 11:42 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-04-10 12:38 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 12:38 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-10 12:38 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 12:38 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 12:38 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-10 12:38 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-10 12:38 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 12:38 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 12:38 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 12:38 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 12:38 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 12:37 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 12:37 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 12:37 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 12:37 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-04 17:00 . 2012-11-07 08:00 58360 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2013-04-04 15:25 . 2013-04-04 15:25 -------- d-----w- c:\program files\Common Files\Adobe
2013-04-04 15:23 . 2013-04-04 15:50 -------- d-----w- c:\program files\Adobe
2013-03-28 10:59 . 2013-03-28 11:00 -------- d-----w- c:\users\kHaoS\AppData\Roaming\tiger-k
2013-03-28 10:59 . 2013-03-28 10:59 -------- d-----w- c:\users\kHaoS\AppData\Roaming\Leawo
2013-03-28 10:59 . 2013-03-28 10:59 -------- d-----w- c:\programdata\Leawo
2013-03-28 10:53 . 2012-05-10 08:24 606208 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-03-28 10:53 . 2012-05-10 08:24 139264 ----a-w- c:\windows\SysWow64\xvid.ax
2013-03-25 20:39 . 2013-03-25 20:39 4546560 ----a-w- c:\windows\SysWow64\GPhotos.scr
2013-03-20 20:42 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-13 05:19 . 2011-06-04 12:41 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-10 15:33 . 2010-11-23 17:20 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-04 17:00 . 2012-11-05 16:19 6080 ----a-w- c:\programdata\NanoRepository.bin
2013-03-14 15:31 . 2012-04-01 16:25 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-14 15:31 . 2011-08-23 17:29 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-11 23:10 . 2010-12-04 16:31 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-02-12 05:45 . 2013-03-13 03:23 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 03:23 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 03:23 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 03:23 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 03:23 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 03:23 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-13 21:17 . 2013-02-28 02:00 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-28 02:00 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-28 02:00 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-28 02:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-28 02:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 02:00 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 02:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 02:00 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-28 02:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-28 02:00 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-28 02:00 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-28 02:00 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-28 02:00 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:00 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 02:00 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-28 02:00 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-28 02:00 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-28 02:00 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-28 02:00 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-28 02:00 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-28 02:00 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-28 02:00 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-28 02:00 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-28 02:00 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-28 02:00 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-28 02:00 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-28 02:00 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-28 02:00 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-28 02:00 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-28 02:00 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-28 02:00 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-28 02:00 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-28 02:00 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-28 02:00 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-28 02:00 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-28 02:00 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-28 02:00 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-28 02:00 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-28 02:00 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-28 02:00 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-28 02:00 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-28 02:00 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-28 02:00 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-28 02:00 465920 ----a-w- c:\windows\system32\WMPhoto.dll
.
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* tomma poster & legitima standardposter visas inte.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2013-01-08 15:56 87768 ----a-w- c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll" [2013-01-08 87768]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\kHaoS\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-28 328056]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-13 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2013-01-04 222424]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2013-01-27 32480]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn" [X]
"panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn" [X]
"panda4_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn" [X]
"panda4_0dn_XP"="reg.exe delete HKCU\Software\panda4_0dn" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [2012-10-22 33320]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\DRIVERS\nordecr.sys [2007-10-30 28672]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-21 1255736]
R4 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys [2012-11-28 69160]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-31 283200]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys [2012-11-26 89640]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys [2012-11-26 114728]
S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys [2013-01-09 95712]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys [2012-11-26 114216]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys [2012-11-26 94248]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys [2012-11-26 118312]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys [2012-11-26 306216]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys [2012-11-26 116776]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys [2012-11-26 114216]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys [2012-11-28 232488]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys [2012-11-26 105000]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2012-11-09 204328]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\McSACore.exe [2012-12-04 103472]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2013-01-27 140512]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2012-11-09 167976]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2012-11-09 119848]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2012-11-09 123944]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2012-11-09 133160]
S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2013-01-27 37088]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys [2012-11-07 58360]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
Innehåll i mappen 'Schemalagda aktiviteter':
.
2013-04-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 15:31]
.
2013-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-19 15:50]
.
2013-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-19 15:50]
.
2013-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1122791300-930408480-3392818547-1001Core.job
- c:\users\kHaoS\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-14 03:27]
.
2013-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1122791300-930408480-3392818547-1001UA.job
- c:\users\kHaoS\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-14 03:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Extra genomsökning -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Free YouTube to MP3 Converter - c:\users\kHaoS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
Trusted Zone: forsakringskassan.se
TCP: DhcpNameServer = 83.255.245.11 193.150.193.150
FF - ProfilePath - c:\users\kHaoS\AppData\Roaming\Mozilla\Firefox\Profiles\br1d7yhk.default\
user_pref(security.default_personal_cert, Ask Every Time);FF - prefs.js: browser.search.selectedEngine - Panda Safe Search
.
- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6} - c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL
ShellIconOverlayIdentifiers-{9AE343CB-BA45-4618-AF6A-0230EE6FC793} - c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*È<*J\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*E*m*p*i*r*e*Hj™8\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*s*0*RA=\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*s*[À7\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X*v*i*D*-*ð€5\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X*v*i*D*-*¸ñ€5\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*x*fÄS]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*x*fÄS\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
!!!!tid: 2013-04-13 20:22:42
ComboFix-quarantined-files.txt 2013-04-13 18:22
.
Före genomsökningen: 44 961 030 144 byte ledigt
Efter genomsökningen: 44 587 786 240 byte ledigt
.
- - End Of File - - 6129C7F1A6420C3EAB2AC7D8E2B376CC
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 4/14/2013 8:30 AM (GMT +3)    Quote: EXTREMELY slow laptopAlert an admin about: EXTREMELY slow laptop
Glad to hear there are improvement.......
 
 
 
Uninstall:
McAfee SiteAdvisor
uTorrent
 
 
 
 
Open notepad and copy/paste the text in bold in  below into it:
 
Snapshot::
ClearJavaCache::
 
 
Save this as:CFScript
 
 
Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.
 
Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt,
 
please post it to your next reply, and tell how things are running now  ?
 


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Mr.Quint
New Member


Date Joined Apr 2013
Total Posts : 4
 
   Posted 4/14/2013 11:40 AM (GMT +3)    Quote: EXTREMELY slow laptopAlert an admin about: EXTREMELY slow laptop
Seem to be running as it did before "infection", million thanks to you!

Is the Panda Cloud Antivirus any good, or should I switch to another one?

Log:
- combofix.txt

ComboFix 13-04-12.02 - kHaoS 2013-04-14 9:57.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.2999.1446 [GMT 2:00]
Körs från: c:\users\kHaoS\Desktop\bullguard\ComboFix.exe
Kommandoväxlar som använts :: c:\users\kHaoS\Desktop\bullguard\CFScript.txt
AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Skapade en ny återställningspunkt
.
.
((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Acer
c:\programdata\Acer\Acer Updater\_UpdaterService_CFG.ini
c:\programdata\Acer\Acer Updater\_UpdaterService_LOG.txt
c:\programdata\Acer\Acer Updater\fubdlr.sent
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_debug.xml
c:\programdata\Acer\Acer Updater\ServerInfo_Local.xml_ori.xml
.
.
(((((((((((((((((((((((( Filer skapade från 2013-03-14 till 2013-04-14 ))))))))))))))))))))))))))))))
.
.
2013-04-14 08:09 . 2013-04-14 08:09 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2013-04-14 08:09 . 2013-04-14 08:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-14 00:07 . 2013-04-14 00:07 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D07544A1-03F2-4750-A859-38E79B8CD807}\offreg.dll
2013-04-13 17:31 . 2013-04-13 17:31 -------- d-----w- c:\windows\ERUNT
2013-04-13 17:31 . 2013-04-13 17:31 -------- d-----w- C:\JRT
2013-04-13 05:49 . 2013-04-13 05:49 388096 ----a-r- c:\users\kHaoS\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-04-13 05:49 . 2013-04-13 05:49 -------- d-----w- c:\program files (x86)\Trend Micro
2013-04-13 05:34 . 2013-04-13 05:34 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-04-13 05:25 . 2013-04-13 05:19 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-13 05:23 . 2013-04-13 05:20 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-12 18:42 . 2013-04-12 18:42 -------- d-----w- c:\users\kHaoS\AppData\Roaming\Malwarebytes
2013-04-12 18:38 . 2013-04-12 18:38 -------- d-----w- c:\programdata\Malwarebytes
2013-04-12 18:37 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-12 18:37 . 2013-04-12 18:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-04-12 18:36 . 2013-04-12 18:36 -------- d-----w- c:\users\kHaoS\AppData\Local\Programs
2013-04-12 15:35 . 2013-04-12 15:36 -------- d-----w- c:\program files\CCleaner
2013-04-12 15:19 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D07544A1-03F2-4750-A859-38E79B8CD807}\mpengine.dll
2013-04-10 15:31 . 2013-02-19 12:01 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-04-10 15:31 . 2013-02-19 11:42 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-04-10 12:38 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 12:38 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-10 12:38 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 12:38 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 12:38 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-10 12:38 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-10 12:38 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 12:38 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 12:38 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 12:38 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 12:38 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 12:37 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 12:37 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 12:37 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 12:37 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-04 17:00 . 2012-11-07 08:00 58360 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2013-04-04 15:25 . 2013-04-04 15:25 -------- d-----w- c:\program files\Common Files\Adobe
2013-04-04 15:23 . 2013-04-04 15:50 -------- d-----w- c:\program files\Adobe
2013-03-28 10:59 . 2013-03-28 11:00 -------- d-----w- c:\users\kHaoS\AppData\Roaming\tiger-k
2013-03-28 10:59 . 2013-03-28 10:59 -------- d-----w- c:\users\kHaoS\AppData\Roaming\Leawo
2013-03-28 10:59 . 2013-03-28 10:59 -------- d-----w- c:\programdata\Leawo
2013-03-28 10:53 . 2012-05-10 08:24 606208 ----a-w- c:\windows\SysWow64\xvidcore.dll
2013-03-28 10:53 . 2012-05-10 08:24 139264 ----a-w- c:\windows\SysWow64\xvid.ax
2013-03-25 20:39 . 2013-03-25 20:39 4546560 ----a-w- c:\windows\SysWow64\GPhotos.scr
2013-03-20 20:42 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-13 05:19 . 2011-06-04 12:41 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-10 15:33 . 2010-11-23 17:20 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-04 17:00 . 2012-11-05 16:19 6080 ----a-w- c:\programdata\NanoRepository.bin
2013-03-14 15:31 . 2012-04-01 16:25 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-14 15:31 . 2011-08-23 17:29 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-11 23:10 . 2010-12-04 16:31 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-02-12 05:45 . 2013-03-13 03:23 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 03:23 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 03:23 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 03:23 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 03:23 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 03:23 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
.
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* tomma poster & legitima standardposter visas inte.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2013-01-08 15:56 87768 ----a-w- c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll" [2013-01-08 87768]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\kHaoS\AppData\Local\Akamai\netsession_win.exe" [2013-01-26 4480768]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-13 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
"Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2013-01-04 222424]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2013-01-27 32480]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"panda2_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda2_0dn" [X]
"panda2_0dn_XP"="reg.exe delete HKCU\Software\panda2_0dn" [X]
"panda4_0dn"="reg.exe delete HKCU\Software\AppDataLow\Software\panda4_0dn" [X]
"panda4_0dn_XP"="reg.exe delete HKCU\Software\panda4_0dn" [X]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
$McRebootA5E6DEAA56$.lnk - [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [2012-10-22 33320]
R2 0281341365925927mcinstcleanup;McAfee Application Installer Cleanup (0281341365925927);c:\users\kHaoS\AppData\Local\Temp\028134~1.EXE [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 KMService;KMService;c:\windows\system32\srvany.exe [x]
R3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\DRIVERS\nordecr.sys [2007-10-30 28672]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-21 1255736]
R4 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys [2012-11-28 69160]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-31 283200]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys [2012-11-26 89640]
S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys [2012-11-26 114728]
S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys [2013-01-09 95712]
S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys [2012-11-26 114216]
S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys [2012-11-26 94248]
S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys [2012-11-26 118312]
S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys [2012-11-26 306216]
S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys [2012-11-26 116776]
S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys [2012-11-26 114216]
S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys [2012-11-28 232488]
S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys [2012-11-26 105000]
S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2012-11-09 204328]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2013-01-27 140512]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2012-11-09 167976]
S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2012-11-09 119848]
S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2012-11-09 123944]
S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2012-11-09 133160]
S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2013-01-27 37088]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys [2012-11-07 58360]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Övriga tjänster/drivrutiner i minnet ---
.
*NewlyCreated* - WS2IFSL
.
Innehåll i mappen 'Schemalagda aktiviteter':
.
2013-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 15:31]
.
2013-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-19 15:50]
.
2013-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-19 15:50]
.
2013-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1122791300-930408480-3392818547-1001Core.job
- c:\users\kHaoS\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-14 03:27]
.
2013-04-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1122791300-930408480-3392818547-1001UA.job
- c:\users\kHaoS\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-14 03:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL [BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Extra genomsökning -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Free YouTube to MP3 Converter - c:\users\kHaoS\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
Trusted Zone: forsakringskassan.se
TCP: DhcpNameServer = 83.255.245.11 193.150.193.150
FF - ProfilePath - c:\users\kHaoS\AppData\Roaming\Mozilla\Firefox\Profiles\br1d7yhk.default\
user_pref(security.default_personal_cert, Ask Every Time);FF - prefs.js: browser.search.selectedEngine - Panda Safe Search
.
- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -
.
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*È<*J\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*E*m*p*i*r*e*Hj™8\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*s*0*RA=\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*w*s*[À7\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X*v*i*D*-*ð€5\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*X*v*i*D*-*¸ñ€5\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*x*fÄS]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1122791300-930408480-3392818547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*x*fÄS\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
!!!!tid: 2013-04-14 10:28:45
ComboFix-quarantined-files.txt 2013-04-14 08:28
ComboFix2.txt 2013-04-13 18:22
.
Före genomsökningen: 46 845 431 808 byte ledigt
Efter genomsökningen: 46 673 022 976 byte ledigt
.
- - End Of File - - 03A59717339068DAB0D799178DFB9DF0
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 4/14/2013 6:34 PM (GMT +3)    Quote: EXTREMELY slow laptopAlert an admin about: EXTREMELY slow laptop
"Seem to be running as it did before "infection"
 
 
 
 
 
Great, and the log looks clean to me                   smile
 
 
With the hosts file, you can block all the mysterious toolbars, and PUP (Potencially unwanted programs) being installed  you are "offered" when installing  programs.
Open Adwcleaner.
Click the question mark and select HOSTS Anti-PUP/Adware. After some time the program will have added the necessary lines to the hosts file. It looks like this:


 
 
 
Download OTL by OldTimer, saving it to your desktop: http://oldtimer.geekstogo.com/OTL.exe

Click on the CleanUp! button.
You'll be asked if you want to Begin cleanup process? Select Yes. 
This step removes some of  the files, folders, and shortcuts created by the tools I had you download and run.

When done, you will be prompted to restart your computer.
Please restart your computer.
 
 


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 

Mr.Quint
New Member


Date Joined Apr 2013
Total Posts : 4
 
   Posted 4/14/2013 9:25 PM (GMT +3)    Quote: EXTREMELY slow laptopAlert an admin about: EXTREMELY slow laptop
Done and done!
Again thanks for all the help.
Back to Top
 

Touch
Forum Moderator




Date Joined Jun 2004
Total Posts : 12975
 
   Posted 4/15/2013 11:31 AM (GMT +3)    Quote: EXTREMELY slow laptopAlert an admin about: EXTREMELY slow laptop
My pleasure                      smile
 
 
 
 
 
I lock this topic to prevent others from posting logs


Please read:  Forum Rules
Click here:   Before-posting-a-log
 
Do not PM me with logfiles. They will be deleted. 

 

Back to Top
 
New Topic Locked Topic Printable version of : EXTREMELY slow laptop
 
Forum Information
Currently it is Wednesday, September 17, 2014 2:30 AM (GMT +3)
There are a total of 60,601 posts in 13,318 threads.
In the last 3 days there were 2 new threads and 6 reply posts. View Active Threads
Who's Online
This forum has 36360 registered members. Please welcome our newest member, LovelyOne.
4 Guest(s), 0 Registered Member(s) are currently online.  Details
5 Latest Threads
Kitchen Cheap Cheshire (0)9/16/2014 3:44:38 PM (LovelyOne)
Unable to access Hotmail or other email providers (0)9/16/2014 2:20:27 PM (Robert Mateescu)
Bullguard 2014 Firewall and high DPC latency (19)9/16/2014 5:21:49 AM (klimek69)
Slow Performance Since Installing Bullguard (3)9/15/2014 12:41:35 PM (Robert Mateescu)