Computer moving extremely slow...Logs included. Thanks! [Archive]

View Full Version : Computer moving extremely slow...Logs included. Thanks!

jlbado

2015-01-08, 00:11

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by default (administrator) on OFFICE01 on 07-01-2015 15:34:16
Running from C:\Users\default.default-PC\Desktop
Loaded Profile: default (Available profiles: default)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco WebEx LLC) C:\Windows\System32\atashost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\AMT\lms.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgnsx.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgchsvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgcsrvx.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Broadcom Corporation) C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Microsoft) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgtray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-06-22] (Analog Devices, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [picon] => C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe [104960 2009-10-15] ()
HKLM\...\Run: [WavXMgr] => C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [147328 2010-01-05] (Wave Systems Corp.)
HKLM\...\Run: [DellControlPoint] => C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [657920 2009-11-02] (Dell Inc.)
HKLM\...\Run: [USCService] => C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [34232 2010-01-05] (Broadcom Corporation)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)
HKLM\...\Run: [DBRMTray] => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [203776 2009-11-12] (Microsoft)
HKLM\...\Run: [AVG9_TRAY] => C:\Program Files\AVG\AVG9\avgtray.exe [2079792 2014-12-10] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [DBRMTray] => C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2009-10-18] (Microsoft)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\...\Run: [Facebook Update] => "C:\Users\default.default-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-19] (Google Inc.)
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [761064 2014-12-03] (Adobe Systems Incorporated)
AppInit_DLLs: C:\Windows\System32\avgrsstx.dll => C:\Windows\System32\avgrsstx.dll [12536 2010-07-15] (AVG Technologies CZ, s.r.o.)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TdmNotify.lnk
ShortcutTarget: TdmNotify.lnk -> C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [S-1-5-21-311597906-3463414758-3913683715-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-311597906-3463414758-3913683715-1000] => localhost:21320
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://navinet.navimedix.com/sign-in?ReturnUrl=/Main.aspx
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {1D74A164-9F18-49B7-87F0-9AEEF495486D} URL = http://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> {1D74A164-9F18-49B7-87F0-9AEEF495486D} URL =
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Inbox Toolbar -> {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -> C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1

FireFox:
========
FF ProfilePath: C:\Users\default.default-PC\AppData\Roaming\Mozilla\Firefox\Profiles\g0sveptx.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://www.eyefinity.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-311597906-3463414758-3913683715-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\default.default-PC\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\default.default-PC\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atashost; C:\Windows\system32\atashost.exe [118568 2014-12-30] (Cisco WebEx LLC)
R2 avg9wd; C:\Program Files\AVG\AVG9\avgwdsvc.exe [308136 2010-07-15] (AVG Technologies CZ, s.r.o.)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MSSQL$SQLVUE; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1032192 2009-11-18] (Wave Systems Corp.) [File not signed]
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] () [File not signed]
R2 TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [1148264 2009-11-24] (Wave Systems Corp.)
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2066968 2009-10-15] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AvgLdx86; C:\Windows\System32\Drivers\avgldx86.sys [226016 2013-01-15] (AVG Technologies CZ, s.r.o.)
R1 AvgMfx86; C:\Windows\System32\Drivers\avgmfx86.sys [29712 2011-09-13] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\Windows\System32\Drivers\avgtdix.sys [243152 2011-05-05] (AVG Technologies CZ, s.r.o.)
S3 NAL; C:\Windows\system32\Drivers\iqvw32.sys [30880 2009-10-14] (Intel Corporation )
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [16768 2011-04-08] (Microsoft Corporation)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
R2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [211328 2010-01-05] (Wave Systems Corp.)
S3 catchme; \??\C:\Users\DEFAUL~1.DEF\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 15:34 - 2015-01-07 15:34 - 00017892 _____ () C:\Users\default.default-PC\Desktop\FRST.txt
2015-01-07 13:28 - 2015-01-07 13:28 - 00002133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-07 13:28 - 2015-01-07 13:28 - 00002121 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-07 13:28 - 2015-01-07 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-07 13:28 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2015-01-07 13:22 - 2015-01-07 13:24 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\default.default-PC\Desktop\spybot-2.4.exe
2015-01-07 10:28 - 2015-01-07 10:28 - 05198336 _____ (AVAST Software) C:\Users\default.default-PC\Desktop\aswMBR.exe
2015-01-07 10:24 - 2015-01-07 15:34 - 00000000 ____D () C:\FRST
2015-01-07 10:24 - 2015-01-07 10:24 - 01115648 _____ (Farbar) C:\Users\default.default-PC\Desktop\FRST.exe
2015-01-07 10:23 - 2015-01-07 10:23 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-OFFICE01-Microsoft-Windows-7-Professional-(32-bit).dat
2015-01-07 10:22 - 2015-01-07 10:22 - 00002183 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-07 10:22 - 2015-01-07 10:22 - 00000000 ____D () C:\RegBackup
2015-01-07 10:22 - 2015-01-07 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-07 10:22 - 2015-01-07 10:22 - 00000000 ____D () C:\Program Files\Tweaking.com
2015-01-07 10:20 - 2015-01-07 10:20 - 04215584 _____ () C:\Users\default.default-PC\Desktop\tweaking.com_registry_backup_setup.exe
2015-01-05 11:52 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-05 11:52 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-05 11:52 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-05 11:52 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-05 11:51 - 2015-01-05 11:52 - 00004613 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log
2014-12-30 10:10 - 2014-12-30 10:10 - 00000000 ____D () C:\Users\default.default-PC\AppData\Local\WebEx
2014-12-17 19:23 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 03:21 - 2014-12-10 03:21 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:05 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 03:01 - 2014-12-10 03:04 - 00000000 ____D () C:\57587319f2c7f557c4d0721a20b8eec5
2014-12-09 23:49 - 2014-12-03 22:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 23:49 - 2014-12-03 22:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 23:49 - 2014-12-03 22:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 23:49 - 2014-12-03 22:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 23:49 - 2014-12-03 22:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 23:49 - 2014-12-03 22:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 23:49 - 2014-12-03 22:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 23:49 - 2014-12-01 17:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 23:49 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 23:49 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 23:49 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 23:49 - 2014-11-21 20:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 23:49 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 23:49 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 23:49 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 23:49 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 23:49 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 23:49 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 23:49 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 23:49 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 23:49 - 2014-11-21 19:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 23:49 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 23:49 - 2014-11-21 19:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 23:49 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 23:49 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 23:49 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 23:49 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 23:49 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 23:49 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 23:49 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 23:49 - 2014-11-21 19:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 23:49 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 23:49 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 23:49 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 23:49 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 23:49 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 23:49 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 23:49 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 23:49 - 2014-11-10 19:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 23:48 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 23:48 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 23:48 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 23:48 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 23:48 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 23:48 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 23:48 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 09:46 - 2014-12-09 09:46 - 00111836 _____ () C:\Users\default.default-PC\Desktop\Rehabilitation
2014-12-08 23:18 - 2014-12-08 23:18 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 15:09 - 2013-02-14 09:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-07 14:39 - 2010-03-19 10:51 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-07 14:04 - 2013-01-24 13:59 - 00000958 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-311597906-3463414758-3913683715-1000UA.job
2015-01-07 14:04 - 2013-01-24 13:59 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-311597906-3463414758-3913683715-1000Core.job
2015-01-07 13:33 - 2014-04-15 09:42 - 00021968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 13:33 - 2014-04-15 09:42 - 00021968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 13:30 - 2010-03-04 09:37 - 00862922 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-07 13:30 - 2009-07-13 22:55 - 01296053 _____ () C:\Windows\WindowsUpdate.log
2015-01-07 13:28 - 2013-10-15 14:54 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-07 13:28 - 2013-10-15 14:53 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-07 13:26 - 2010-03-19 10:51 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-07 13:26 - 2010-03-08 14:40 - 00000000 _____ () C:\Users\default.default-PC\AppData\Local\WavXMapDrive.bat
2015-01-07 13:26 - 2010-03-04 12:25 - 00181680 _____ () C:\Windows\PFRO.log
2015-01-07 13:26 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-07 13:26 - 2009-07-13 22:39 - 00096166 _____ () C:\Windows\setupact.log
2015-01-07 13:25 - 2014-09-19 10:46 - 00000350 _____ () C:\Windows\wininit.ini
2015-01-07 08:26 - 2010-03-17 08:12 - 00000000 ____D () C:\Windows\system32\Drivers\Avg
2015-01-06 10:33 - 2014-07-24 10:02 - 00000000 ____D () C:\OptoVue
2015-01-05 15:34 - 2010-06-23 09:09 - 00000000 ____D () C:\ProgramData\webex
2015-01-05 11:53 - 2013-12-26 09:11 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-05 11:52 - 2010-08-17 08:58 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-05 11:52 - 2010-03-04 09:31 - 00000000 ____D () C:\Program Files\Java
2014-12-30 16:05 - 2010-12-21 11:03 - 00000000 __SHD () C:\Users\default.default-PC\Documents\cache
2014-12-30 14:56 - 2010-12-21 11:03 - 00000000 ____D () C:\Users\default.default-PC\AppData\Roaming\webex
2014-12-30 10:10 - 2010-06-23 09:32 - 00208168 _____ (Cisco WebEx LLC) C:\Windows\system32\atsckernel.exe
2014-12-30 10:10 - 2010-06-23 09:32 - 00118568 _____ (Cisco WebEx LLC) C:\Windows\system32\atashost.exe
2014-12-16 10:45 - 2013-11-27 08:19 - 00000000 ____D () C:\Users\default.default-PC\Desktop\Schambo
2014-12-15 18:17 - 2013-08-27 14:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-15 18:17 - 2013-08-27 14:38 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-12-15 10:09 - 2013-03-21 13:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-10 13:09 - 2013-02-14 09:55 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 13:09 - 2011-09-14 15:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 08:38 - 2014-10-01 08:24 - 00000000 ____D () C:\Poly Prior Authorization Letters
2014-12-10 03:59 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\rescache
2014-12-10 03:21 - 2014-05-06 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 03:21 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:05 - 2010-03-08 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:04 - 2013-08-15 02:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:01 - 2010-03-08 14:58 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-05 12:47

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015
Ran by default at 2015-01-07 15:34:53
Running from C:\Users\default.default-PC\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Anti-Virus Free (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - )
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
AmbirScanV1.1.2708 (HKLM\...\{B5DD1AEA-69EA-491C-A803-98BEAAFAE472}_is1) (Version: - Ambir Technology)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG Free 9.0 (HKLM\...\AVG9Uninstall) (Version: - AVG Technologies)
Bing Bar (HKLM\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brother Software Suite (HKLM\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Bullzip PDF Printer 4.0.0.463 (HKLM\...\Bullzip PDF Printer_is1) (Version: - Bullzip)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated)
Crystal Reports Runtime (HKLM\...\{6DD3F923-BD72-4784-8722-5440A7E9EE83}) (Version: 1.00.0000 - Compulink)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DCP32MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Dell Backup and Recovery Manager (HKLM\...\{8DD67529-BA26-4D12-97A8-3853D0C4B67D}) (Version: 1.2.1 - Dell Inc.)
Dell Control Point (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Dell ControlPoint Security Manager (HKLM\...\{F4487649-7368-4217-AEA3-1E04DB3E2C5C}) (Version: 1.6.453.66 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Embassy Trust Suite by Wave Systems (Version: 03.05.00.079 - Wave Systems Corp) Hidden
Dell Security Device Driver Pack (HKLM\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.4.050 - Dell Inc.)
Document Manager Lite (Version: 06.09.00.147 - Wave Systems Corp.) Hidden
DVI Remote Rx Entry (HKLM\...\{1E0A64C0-7071-11D4-B2F8-00105AF63544}) (Version: - )
EMBASSY Security Center (Version: 04.00.00.071 - Wave Systems Corp) Hidden
EMBASSY Security Setup (Version: 04.00.00.058 - Wave Systems Corp) Hidden
ESC Home Page Plugin (Version: 04.00.00.010 - Wave Systems Corp) Hidden
EZ Calendar (HKLM\...\{a71b2005-36ef-4ee5-8059-02deb367cb98}) (Version: 1.0.0 - W3i, LLC)
Facebook Messenger 2.1.4814.0 (HKLM\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Plug-In (HKU\S-1-5-21-311597906-3463414758-3913683715-1000\...\Facebook Plug-In) (Version: - Facebook, Inc.)
Gemalto (Version: 01.01.00.0000 - Wave Systems Corp) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 5.4.0.1082 (HKU\S-1-5-21-311597906-3463414758-3913683715-1000\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
GPL Ghostscript Lite 9.10.16 (HKLM\...\GPL Ghostscript Lite_is1) (Version: - Free Distribution)
Inbox Toolbar (HKLM\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 1.0.0 - Inbox.com, Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1872 - Intel Corporation)
Intel(R) Network Connections 14.8.43.0 (HKLM\...\PROSetDX) (Version: 14.8.43.0 - Dell)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Intel® Active Management Technology (HKLM\...\MESOL) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
J2SE Runtime Environment 5.0 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150060}) (Version: 1.5.0.60 - Sun Microsystems, Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Medicare Remit EasyPrint (HKLM\...\{7EAEA40A-A6CA-4BA1-99C3-0782648E0F6B}) (Version: 3.3 - ViPS Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network Recording Player (HKLM\...\{D12CD09C-BFEE-4B6F-A7F7-054AEA2E369C}) (Version: 2.3.1109 - WebEx Communications Inc.)
NTRU TCG Software Stack (Version: 2.1.29 - NTRU Cryptosystems) Hidden
OpenOffice 4.0.0 (HKLM\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
PowerDVD DX (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
Preboot Manager (Version: 03.00.00.085 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 06.04.00.057 - Wave Systems Corp.) Hidden
PS467 (HKLM\...\{A12B5CE0-B331-4303-AD32-FDE876AED875}) (Version: 1.2.1001 - Ambir Technology)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Roxio Creator DE 10.3 (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Safari (HKLM\...\{5E453519-60F6-4A4D-A0BF-16663F9B3536}) (Version: 5.34.51.22 - Apple Inc.)
Security Wizards (Version: 01.07.00.023 - Your Company Name) Hidden
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
SO32MMWrapper (Version: 1.6.453.66 - Broadcom Corporation) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Trusted Drive Manager (Version: 3.3.0.396 - Wave Systems Corp.) Hidden
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UPEK TouchChip Fingerprint Reader (Version: 1.2.0 - Dell Inc.) Hidden
Wave Infrastructure Installer (Version: 07.01.19.0000 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.10.00.062 - Wave Systems Corp) Hidden
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-311597906-3463414758-3913683715-1000_Classes\CLSID\{32C3FEAE-0877-4767-8C20-62A5829A0945}\InprocServer32 -> C:\Users\default.default-PC\AppData\Roaming\Facebook\axfbootloader.dll ( )
CustomCLSID: HKU\S-1-5-21-311597906-3463414758-3913683715-1000_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\ProgramData\webex\WebEx\1326\atucfobj.dll (Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-311597906-3463414758-3913683715-1000_Classes\CLSID\{68324E93-8981-4DF6-8548-9AC98C46E176}\InprocServer32 -> C:\Users\default.default-PC\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\DynamicWebTwainCtrl.dll (Dynamsoft)
CustomCLSID: HKU\S-1-5-21-311597906-3463414758-3913683715-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1082\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-311597906-3463414758-3913683715-1000_Classes\CLSID\{C98FE784-B96E-41e1-8399-1337AE3E539F}\InprocServer32 -> C:\Users\default.default-PC\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
CustomCLSID: HKU\S-1-5-21-311597906-3463414758-3913683715-1000_Classes\CLSID\{E7DA7F8D-27AB-4EE9-8FC0-3FEC9ECFE758}\InprocServer32 -> C:\Users\default.default-PC\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\DynamicWebTwainCtrl.dll (Dynamsoft)

==================== Restore Points =========================

10-12-2014 03:00:34 Windows Update
10-12-2014 08:20:07 Avg Update
10-12-2014 08:20:56 Avg Update
10-12-2014 08:21:44 Avg Update
15-12-2014 10:12:51 Windows Update
18-12-2014 03:00:18 Windows Update
26-12-2014 00:00:05 Scheduled Checkpoint
29-12-2014 09:15:36 Avg Update
05-01-2015 11:51:13 Installed Java 7 Update 71
06-01-2015 18:00:02 Avg Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:04 - 2013-03-14 14:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {4C2832EF-0FED-4C7B-B938-83CAD00A0CEE} - System32\Tasks\{107460B0-C4F6-4137-A893-6C33C0E1B696} => Firefox.exe http://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsWLM
Task: {548FF2EE-3D36-4870-89E5-72D27CBC7233} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {5ADBB663-1CC0-440E-97DB-702B07DFB373} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {5C4E5818-4790-4D0A-A6A3-C5A57DFDAFEA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {7424D3E5-5C27-4E3B-B4AC-98BFE39409F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)
Task: {7988EB42-AF59-432E-A763-CBC4C31A699E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-311597906-3463414758-3913683715-1000UA => C:\Users\default.default-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {80311304-8691-42D8-A26D-5FEB34AE92F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9AF9D504-36A0-4A76-8443-2D7D1EB2CCD1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-311597906-3463414758-3913683715-1000Core => C:\Users\default.default-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {C68BDB96-7533-4BCB-B7BA-30EF57CA1D7C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {CB358341-FFD0-492B-9755-A799C7D05C8F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-311597906-3463414758-3913683715-1000Core.job => C:\Users\default.default-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-311597906-3463414758-3913683715-1000UA.job => C:\Users\default.default-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-04 09:33 - 2009-10-15 10:57 - 00077824 _____ () C:\Program Files\Common Files\Intel\Privacy Icon\UNS\DTMessageLib.dll
2015-01-07 13:28 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-07 13:28 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2009-11-19 14:47 - 2009-11-19 14:47 - 00249856 _____ () C:\Windows\system32\wxvault.dll
2009-11-13 07:17 - 2009-11-13 07:17 - 00010752 _____ () C:\Windows\system32\Wavx_ESC_Logging.dll
2008-11-12 12:24 - 2008-11-12 12:24 - 00004608 _____ () C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
2013-05-09 13:17 - 2012-05-25 03:25 - 00921600 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll
2013-05-09 13:17 - 2012-05-25 03:25 - 00078336 _____ () C:\Program Files\Yahoo!\Messenger\pcre.dll
2015-01-07 13:28 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-07 13:28 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-07 13:28 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-311597906-3463414758-3913683715-500 - Administrator - Disabled)
ASPNET (S-1-5-21-311597906-3463414758-3913683715-1003 - Limited - Enabled)
default (S-1-5-21-311597906-3463414758-3913683715-1000 - Administrator - Enabled) => C:\Users\default.default-PC
Guest (S-1-5-21-311597906-3463414758-3913683715-501 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2015 01:26:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Office01.local already in use; will try Office01-2.local instead

Error: (01/07/2015 01:26:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 4 Office01.local. Addr 192.168.10.113

Error: (01/07/2015 01:26:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.10.138:5353 4 OFFICE01.local. Addr 192.168.10.138

Error: (01/07/2015 00:31:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Office01.local already in use; will try Office01-2.local instead

Error: (01/07/2015 00:31:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Office01.local. Addr 192.168.10.113

Error: (01/07/2015 00:31:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.10.138:5353 4 OFFICE01.local. Addr 192.168.10.138

Error: (01/06/2015 06:00:01 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {6a6f0041-e10d-42b5-ac81-f153a43a108d}

Error: (01/06/2015 07:52:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EYECARE.EXE version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1698

Start Time: 01d029b75a5c48b7

Termination Time: 7

Application Path: X:\EYECARE\EYECARE.EXE

Report Id: 39059275-95ab-11e4-b473-a4badbe86116

Error: (01/06/2015 07:46:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Office01.local already in use; will try Office01-2.local instead

Error: (01/06/2015 07:46:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Office01.local. Addr 192.168.10.113

System errors:
=============
Error: (01/07/2015 01:26:18 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OFFICE01 :20" could not be registered on the interface with IP address 192.168.10.113.
The computer with the IP address 192.168.10.138 did not allow the name to be claimed by
this computer.

Error: (01/07/2015 01:26:18 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{3E71AE58-F755-43E6-B187-E3BD19DF11DC} because another computer on the network has the same name. The server could not start.

Error: (01/07/2015 01:26:11 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OFFICE01 :0" could not be registered on the interface with IP address 192.168.10.113.
The computer with the IP address 192.168.10.138 did not allow the name to be claimed by
this computer.

Error: (01/07/2015 01:26:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The NTRU TSS v1.2.1.29 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (01/07/2015 01:25:06 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OFFICE01 :0" could not be registered on the interface with IP address 192.168.10.113.
The computer with the IP address 192.168.10.138 did not allow the name to be claimed by
this computer.

Error: (01/07/2015 01:25:06 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OFFICE01 :0" could not be registered on the interface with IP address 192.168.10.113.
The computer with the IP address 192.168.10.138 did not allow the name to be claimed by
this computer.

Error: (01/07/2015 01:22:36 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OFFICE01 :0" could not be registered on the interface with IP address 192.168.10.113.
The computer with the IP address 192.168.10.138 did not allow the name to be claimed by
this computer.

Error: (01/07/2015 01:22:36 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OFFICE01 :0" could not be registered on the interface with IP address 192.168.10.113.
The computer with the IP address 192.168.10.138 did not allow the name to be claimed by
this computer.

Error: (01/07/2015 00:32:12 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "OFFICE01 :20" could not be registered on the interface with IP address 192.168.10.113.
The computer with the IP address 192.168.10.138 did not allow the name to be claimed by
this computer.

Error: (01/07/2015 00:32:12 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{3E71AE58-F755-43E6-B187-E3BD19DF11DC} because another computer on the network has the same name. The server could not start.

Microsoft Office Sessions:
=========================
Error: (08/19/2014 01:44:14 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 1465 seconds with 540 seconds of active time. This session ended with a crash.

Error: (03/15/2013 03:22:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21825 seconds with 420 seconds of active time. This session ended with a crash.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E7600 @ 3.06GHz
Percentage of memory in use: 35%
Total physical RAM: 3291.59 MB
Available physical RAM: 2113.93 MB
Total Pagefile: 6581.48 MB
Available Pagefile: 5088.34 MB
Total Virtual: 2047.88 MB
Available Virtual: 1919.32 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:290.08 GB) (Free:229.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 40000000)
Partition 1: (Not Active) - (Size=86 MB) - (Type=DE)
Partition 2: (Active) - (Size=7.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=290.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-07 15:37:51
-----------------------------
15:37:51.814 OS Version: Windows 6.1.7601 Service Pack 1
15:37:51.814 Number of processors: 2 586 0x170A
15:37:51.815 ComputerName: OFFICE01 UserName: default
15:37:59.114 Initialize success
15:37:59.337 VM: initialized successfully
15:37:59.338 VM: Intel CPU supported
15:38:03.770 VM: supported disk I/O iaStor.sys
15:42:18.542 AVAST engine defs: 15010701
15:58:36.108 The log file has been saved successfully to "C:\Users\default.default-PC\Desktop\aswMBR.txt"

aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-01-07 15:59:47
-----------------------------
15:59:47.274 OS Version: Windows 6.1.7601 Service Pack 1
15:59:47.274 Number of processors: 2 586 0x170A
15:59:47.275 ComputerName: OFFICE01 UserName: default
15:59:48.548 Initialize success
15:59:48.575 VM: initialized successfully
15:59:48.577 VM: Intel CPU supported
15:59:53.696 VM: supported disk I/O iaStor.sys
16:00:13.810 AVAST engine defs: 15010701
16:00:22.972 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:00:22.976 Disk 0 Vendor: ST332041 CC45 Size: 305245MB BusType: 8
16:00:23.063 VM: Disk 0 MBR read successfully
16:00:23.068 Disk 0 MBR scan
16:00:23.074 Disk 0 Windows 7 default MBR code
16:00:23.079 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 86 MB offset 63
16:00:23.095 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 8118 MB offset 178176
16:00:23.102 Disk 0 default boot code
16:00:23.113 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 297039 MB offset 16803840
16:00:23.119 Disk 0 scanning sectors +625139712
16:00:23.180 Disk 0 scanning C:\Windows\system32\drivers
16:00:33.974 Service scanning
16:00:54.138 Modules scanning
16:00:54.146 Disk 0 trace - called modules:
16:00:54.180 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
16:00:54.187 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86c5c030]
16:00:54.194 3 CLASSPNP.SYS[8bdad59e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85e3b028]
16:01:00.014 AVAST engine scan C:\Windows
16:01:02.592 AVAST engine scan C:\Windows\system32
16:05:04.410 AVAST engine scan C:\Windows\system32\drivers
16:05:17.288 AVAST engine scan C:\Users\default.default-PC
16:13:40.963 AVAST engine scan C:\ProgramData
16:16:32.797 Disk 0 statistics 4066130/0/278 @ 3.33 MB/s
16:16:32.819 Scan finished successfully
17:07:18.705 Disk 0 MBR has been saved successfully to "C:\Users\default.default-PC\Desktop\MBR.dat"
17:07:18.709 The log file has been saved successfully to "C:\Users\default.default-PC\Desktop\aswMBR.txt"

OCD

2015-01-08, 03:45

Hi jlbado,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Security Check

Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).
Save it to your Desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) AdwCleaner v3: Scan & Clean (http://www.bleepingcomputer.com/download/adwcleaner/)

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Junkware Removal Tool

Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

checkup.txt
JRT.txt
new FRST.txt
Describe what symptoms you are experiencing?

jlbado

2015-01-08, 15:28

Here is the results from the checkup.txt but I am confused regarding the AdwCleaner...Should I have that already or something new I need to download? Thanks!

Results of screen317's Security Check version 0.99.93
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.70.0.1100
MBAM out of Date!
Java 7 Update 71
Adobe Flash Player 15.0.0.246 Flash Player out of Date!
Adobe Reader XI
Mozilla Firefox (34.0.5)
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

jlbado

2015-01-08, 15:59

Ok, I think I figured out my previous question. Here are the remaining scan results you requested:

# AdwCleaner v4.107 - Report created 08/01/2015 at 08:44:25
# Updated 07/01/2015 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : default - OFFICE01
# Running from : C:\Users\default.default-PC\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\Program Files\Inbox Toolbar

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\CLASSES\Inbox.WS.com IE Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C1B9042-3D32-49A1-916B-0AA3A9CDDFD6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Key Deleted : HKCU\Software\Inbox Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\DailyBibleGuideEI
Key Deleted : HKLM\SOFTWARE\Inbox Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.3

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v34.0.5 (x86 en-US)

*************************

AdwCleaner[R0].txt - [4763 octets] - [08/01/2015 08:32:02]
AdwCleaner[S0].txt - [4770 octets] - [08/01/2015 08:44:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4830 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x86
Ran by default on Thu 01/08/2015 at 8:49:21.39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] "C:\Windows\couponprinter.ocx"
Successfully deleted: [File] "C:\Windows\wininit.ini"

~~~ Folders

Successfully deleted: [Folder] "C:\Users\default.default-PC\appdata\locallow\dailybibleguide"
Successfully deleted: [Folder] "C:\Users\default.default-PC\appdata\locallow\dailybibleguideei"
Successfully deleted: [Folder] "C:\Users\default.default-PC\appdata\locallow\inbox toolbar"
Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0025C672-626F-473E-8120-AFA5899BBCFB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{002B1D5C-F0AC-4956-8E85-024D2B897606}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0146BE55-C95D-4D78-BD23-91ECD6513974}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{016223A2-CC9E-4817-851E-E513B36F0265}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{01CABE5A-B4CD-4AC1-88DC-F0BC09C18BE8}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{01FF20B0-DCC6-4482-8AA1-F110A91FF3B3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{03B70423-A8D6-432A-8DDF-4A7893F975CF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{04E25D77-6774-479A-9706-569A5B5ADBBB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{04FC8248-D441-4FC3-9875-6F04E227558F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{06CACE1C-84E4-4135-8C0F-3A485ED74FF0}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{06EBFA96-66E8-4CB3-86D9-BC7A20B361A5}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{07052B54-BD81-4514-AED0-CFD06713A178}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{070C0A71-44C5-406F-8952-404DF4DEC48B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0832F6D3-798B-4C2B-80DA-81C2B1F5BEB3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0834B7F6-F14D-4CAF-AA8F-2E9B80D5F9B1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0B52D42B-A497-444C-8B46-35BF5CB83383}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0C7005A3-38E2-405A-9D3B-E28056B5F027}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0CE1D8C7-07F8-4789-A30F-EC509D55048D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0E329157-E674-433A-8C61-A5E2D40E54D4}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0E42B81C-6361-4CAD-B5EA-EDDEA19B7092}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0EB01172-0516-4D91-BC97-A32F97E5F291}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0EB06EC4-ADFB-4BCC-9797-FA6029974D57}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0F6953AD-B8A1-43C7-BBD4-038E531BE174}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{0FC04EA8-08E7-4F25-8089-A8821B361E03}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{10A1FBD8-E4FC-4221-A5BF-0E5F902D994D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{10D6DDAD-0F3E-41D2-82E4-76D87FCAF9D1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{121F5946-BBAD-4964-B168-74A0FB8B0DF1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{13528238-126C-4101-BAF3-5D6D9BDB4A57}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{143F3FE9-ED57-4A92-91C1-7FDA12A9A130}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{14D4EC49-7C7B-4341-8702-8805A83945D3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{15CE31C8-F263-431C-B7D5-4D4107060F1C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{15DB0B67-EBF0-467B-B53B-8DC046D078EA}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{1609B84E-2A9C-4F5C-802E-0A4CC6D4AECC}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{161AC412-F18C-43A0-A562-896AEE24B431}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{168006DA-B43D-4FA9-8284-C5050DC7509E}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{172AC94F-5192-44CC-9444-7562DE4F766E}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{17A79166-9B57-43DA-921E-69BA17C29552}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{17ACB210-B38B-47B2-BED4-01EE0BF27612}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{196C38B0-5E8C-4A2D-88D8-03B4316AD8E6}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{19842198-D0FD-47BB-A885-4BC31107EA9D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{1A92131A-43DE-434D-92DF-F14A9E6AF481}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{1BB9EFBC-2460-4EE1-93E6-1B45043B29EE}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{1BCA9476-A1E9-4827-B51F-0718EA2D49D9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{1BD1F298-83A8-4B0E-8C59-EDF1B9A992FF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{1CD21CF7-B9F6-459C-BF24-3A5B64563EDC}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{1DB8563D-B6DB-4F1F-AF07-779735C32DC3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{1DEC9DF8-68C4-4709-A7A7-F758118D5134}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{1E718E89-9C68-46D8-AEA2-525CFD83CA75}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{1F1EFF3F-2AFA-448B-A182-787A291AAEB3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{200393A9-6EB1-4EF3-9C73-D72FF80388E3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2027C612-BD8D-4204-91DB-4D7E50AB43BF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{20394B2E-BAA5-421B-9507-8FA3AB637314}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2107C513-BEA8-4791-895B-36DB99ADA0E7}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2120FF75-072A-4C31-9B13-CEE830B0B901}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{214AB9D3-0A1D-429C-ADE9-691B49485AE8}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2409FE3E-6D7D-4845-A7ED-60B20ABADA00}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2542B6F5-F87D-48EB-AF9C-8E5980844B13}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{254FBFF3-D7CF-4137-AFC8-B61E8C243EB1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{25A0C39B-6FE6-4174-A30E-23AC0714EB8F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2604B1B9-C2FE-46BA-9CDE-93151C678A2A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{269CF79E-E16A-4467-A946-DD1F15D220A0}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2885C60A-A730-4B11-9EAF-902883A26E20}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2985D94D-72C7-4F67-B238-26F5CCACDA3D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{29B98C47-5C6F-4215-BE52-BF6ACE96FBCD}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2A05901B-500B-4C92-8822-8A54AB260D0D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2A3382F5-E505-4083-8CB7-B8777D8DBB4D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2A82DA14-08F5-4F21-967A-7ACDABC622A0}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2C005E9E-7626-4AA2-8D06-F74671E7FEAF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2C1ABB1E-34EE-4DE8-9744-9099E8C26FE3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2C88B831-6717-43E4-AF43-D666298EDD00}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2D0CB709-7A39-4505-B708-DADC09594F72}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2D654ECF-8396-40D6-BFA6-20F088ADC233}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2D6B196A-4D8F-43BB-A916-022E80CD0339}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2E57A30B-2BFE-4A01-B49E-78620C5A53BF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{2ED03C68-10D7-4A53-9C0C-E2D7C2F23CFE}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{31006A32-1A82-4573-8260-E957F02DA969}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{31176A71-439E-4385-96FA-992DAAF68B02}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{311D0B8C-59B6-46B6-BB11-77947B6372C5}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{31E230A7-E7EA-4EF2-A7B5-F015CB5D8901}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{32931656-0EC1-49A5-94B3-D3FDAFD64349}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{32EB76F4-8DD1-4741-BB4D-D256E97A97DB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{330B5F87-54C0-4ABF-A687-865513DF5990}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{333B7ED1-277A-42DD-A45B-A3B6A128A2F9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{339F45CD-77C0-44E5-AF19-27A043130D34}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{340E5BB2-A50C-4930-B535-0C332DADFE09}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{34A713B9-7B9C-4C6D-A614-210CCC1E40DA}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{34B89C27-402E-417E-A10F-323328CC265C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{34E1B8CB-00D3-4F97-9162-247EFD0755B5}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{34F040F8-BB62-4E58-9475-524C13C520D9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{351963D2-F97E-475D-9D47-80CC57234181}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{35C37AFC-6B57-4298-B1BE-B45CBE58C461}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{35EBEB41-777F-4BCF-A5E3-3A4C86D1F7A9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{365CF2E2-BA30-44AC-8A02-3E28FD3D5C30}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{37A485D0-E90D-4B70-A099-7045C13E9147}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{383865A5-E7EF-48F7-8A9E-7E5CD361923D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{38CE2756-FA29-423E-9EC3-EBEBB6BBF698}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{397B41F0-94EF-43B5-AC24-0F7D939FBEAF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{3AF75829-A9EB-4087-A7F0-0C3F0A7280B6}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{3B6DEB4B-55F5-4484-A0A0-4BA6171CCF91}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{3D292947-7062-477F-A560-50D82A4D6E67}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{3D5B6BD6-266E-4F14-A69D-CE35D2677D5E}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{3D760670-42C4-462F-A44F-7C7796AB4777}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{3DAE5396-9558-47E6-A6A2-026B20483A9D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{3DD3D785-53A5-4663-8118-2E45CAFBA626}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{3EACD7AF-008F-4702-83EF-BA24DDAE7F1C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{3F3984EC-CB1D-456A-8AC3-E4C9AC7EB218}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{3FABEECA-6A27-4BC1-B80C-6D69F58864C6}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{4089ECEA-1B44-4AD6-A2F7-84F6B0967366}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{40D3F682-961E-49AC-BB91-903EE268C79C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{424C3C10-5541-42CD-AE3B-036123C4DBF6}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{4336BA83-E513-41C1-8DDF-D6194F9EE330}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{43D075CD-99F3-4749-A8FE-EECDEE6699A5}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{44D7E064-62BF-48F1-A623-2200A7770508}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{450C0241-26F5-4824-84B7-53D25F1FB062}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{465A74C5-2D11-413C-BB2A-7009E9F04C77}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{467DE99A-1E06-40C5-B314-801B36034CB9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{47A81EEE-0517-4622-B06E-DD3DBDE0EFCC}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{49CF0F25-D57C-4895-861F-1682A6C9CDBF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{49D334FF-8FE6-443A-B32E-67BE14EC715D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{4AA54C48-5F79-4CB8-954C-83FD1167089F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{4E423B83-85C3-47E8-9EEE-B39C9C7C7435}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{4E5520D3-5230-4088-8C1A-9DC491543EFD}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{4FB2173E-A2E7-4075-92A6-6EB1CF13261D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{504308EC-9960-4B63-A544-099150AD81B9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{507E2F11-8BD9-45C0-BCB3-ECD94BECDD14}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{51E25A38-6E52-462E-9457-A77AAC726A96}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{52779241-69F5-43F4-8A09-0BDAD717789A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5399A121-FF60-4A4A-B313-0635699709C3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{53B05EF1-769F-4DA1-9515-05216A71E217}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{53E528E1-77F7-44F6-A2CE-B89F6C8BA6D7}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{53E52A9F-1506-44F1-A4AC-F07822D1D763}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{54290980-5151-4F43-8D2B-0CF726477298}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{544DAD84-4BC6-4A53-9911-81A2DDDB11EF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{54B99523-24DC-45AB-8789-9C99A38A36F0}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{556B0B60-7E5C-4936-A6EC-3D0C7ABA6169}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{55FCCE49-08FE-44E8-9541-C14BD8568BD2}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{569B4507-46C9-4A5F-9BB5-514495A5BB32}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{56AA21E2-FCF6-4C58-B880-A3ED9A6F4297}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{57F4A27E-F2B6-40CE-B8F2-5C452DD71513}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{584820C6-8D8B-4BC0-96BA-C74C0827D08C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{595C036B-39A0-45AE-965C-A10F70DD950D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{59BA5A9A-A8DF-4F97-B897-C52A1281A3CC}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5ABF5F59-0AE3-4066-9F60-39697D621ACF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5B1DA433-955B-4EF5-BFAF-6F70DF649F01}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5B2C7DCF-E9DE-4302-8A03-07F1F9520F65}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5D1914D4-F893-420F-A0EA-1101D07D7499}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5D3EC3CA-27B3-49D4-BF67-59E304680075}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5D6220FC-0BD0-4B85-8FF6-8673F0989E21}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5E1E6518-3041-417A-876B-7BA88A6C0C7F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5E6073BD-385D-4959-873A-428934453657}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5E7B749E-8D6E-4887-87DF-60DB5F8F8DB1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5F209487-B41D-411E-AF36-883EDF91B525}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5F224B82-93E9-42DF-9BA1-EFFC88BC550C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{5FDE6F76-072D-4DDE-9CB8-C40A73943580}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{6169E982-8A63-4699-B7F9-D9A449255805}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{61925B63-1D76-40D9-8A1D-88BC8B24C00B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{62058451-9263-4BD1-A73E-53FE2CE78671}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{62CFA130-F1B9-496C-92AA-1DB3106433EB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{632E0414-06AA-4AB9-A6E8-8E1FCC92E1E6}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{636FCB05-4FAB-4984-8195-B0D2B7688FB7}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{64E80AD1-DC16-435E-8E15-F7ACE30993D9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{65958C80-DCB9-4516-9FF7-FA843596D48D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{65F8B5A2-2860-4B26-B44E-B075A7C76C7B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{6691C9D1-90F9-45C0-A6A4-EFCF497370FA}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{66CDA89C-0BA6-4623-995B-A6615D6315E2}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{672F7EF1-2A75-4AD8-B90E-53B54B3CF41C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{68152C89-19BA-4EA7-8D54-8E7EBFF0A78A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{68E2330C-71B5-4579-82F0-96A3F63394DB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{69E4F187-5BB1-44D8-AEE8-D293B394A01F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{6B2DA10C-F519-4405-9234-F7826DD7A65A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{6B90D050-739F-4DD9-81B6-282C0DE2597B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{6D0566DF-A204-4EA2-8A50-62634A80F6C8}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{6D86A4E8-D359-478C-88F4-D4BCE8556DF8}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{6EFE7C76-1E37-4B58-B197-4CB693689AA3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{6FEB4886-5433-43D2-961C-7352EE85DD4B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{70AD9908-41D2-49BD-9ED9-E0ADF13A7F13}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{70DDA271-699C-47B6-B94F-93A3E9A568C1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{71034B02-23DF-4661-8AC5-0A413B92A7B1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{716B0FB1-F211-42FF-A64C-2D845202835D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{71B3AC28-B75C-448C-BA40-802EE3340CD5}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7253D121-D368-414F-86AD-7BD55CBD7480}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{72D19952-69CE-4E00-83CC-CE658A66A52C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{73F60430-66DD-479B-891B-0B922749BBF5}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{747C2DD1-F3A9-489A-82A3-6B8DE7E515FE}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{75289754-6686-41E0-AE70-3E21A284196E}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7545272C-DA74-4744-9C80-C41A4DFC2200}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{75AC5294-C7CB-4637-80AA-66FCDC4CDC55}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{75C8F20F-108B-4BA4-B539-3E5633B20FB3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{762E9D25-BDF0-470E-9DF8-366646C79CF0}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{76B4C2D8-796D-4C9D-8CC9-A229974182D1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{76BDCAD1-1EB3-438B-967D-5A857385A003}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{782C05B1-F9F7-40BE-9C4A-0A4FD1398123}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{785A4CDA-EC3D-4303-87DA-6BF9BA2DD923}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7A327C79-0659-41D5-B8E3-0B49EE4E6157}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7B090919-8E04-4D4E-ABB5-DC2D3994A845}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7C4E44C1-08C4-4E21-B142-DFAA04E14BC0}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7C61EA2D-4029-49AE-966A-B086F26E382C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7C89E9C8-3A7B-4D67-B6F2-49D1D0D32E0B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7CDF6000-BE37-4B9A-B955-FE491B930F00}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7D8FAD53-FB0B-4F98-85B2-1C061E9B66A0}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7DA4C155-FD4E-41D7-936F-560A4221D65F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7DD9D04B-53E2-4BD4-981A-5A561B5E93EB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7E707901-D9A6-4277-93DC-B4D5818DC006}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7E7EFCCF-2E8C-4631-935E-BD4B3BBBB4BE}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{7F23DB61-D442-40F8-8270-DF79E94DB75F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8009A36C-3BBD-4296-9F80-1A618D04E91D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8058EA68-7E27-4718-8F9E-561130007A82}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{80859D04-02F5-4233-991F-7AF0E0A0A49C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{81199386-03E3-45B6-8764-93CE3D043CD6}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{81AB711A-A999-4A49-BBEF-0EF80B312FF3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{82BEDE81-E07B-43E0-B564-43D781A8FD3A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8338B813-6C36-4651-BDDD-CF66CEFD910A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8498BAC6-F115-4F10-8402-54C1BF0B7AA7}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8616A0D5-3795-4938-A707-8FF440E3FF76}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{86737765-5736-47A7-8699-BE270E7B20D1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{86751CDD-1B02-4517-BF17-65FFD8CABE5B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{88C201C8-A39D-477F-B7FD-D4C31D63475A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{893D6EBE-A417-4666-9F18-69512D44CDBB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{89CD996A-C5F1-4718-8AD5-B8F8CB96AA79}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8B3E19F7-6526-4985-8787-C0FFE3FA876A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8B54B2D1-E376-4042-A2DE-E75093941A38}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8BBA0B6C-AAA8-441B-BECD-9A7DFD9225C2}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8BBCA9B1-1BEB-4422-B5F4-253329870B17}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8BC1D5A4-1E50-4C9D-B277-43AEE2B62444}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8C171C51-DEB1-44E3-8E1A-3715BFB60A32}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8D4A1503-E031-41A0-9AA5-2075BC20266B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8DBD290F-2B59-4A3D-8C12-AA1B04134AC2}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8E57D233-9822-41E8-A5A6-CC2A718102FE}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8E86C455-6790-4E7F-A12C-57BE1518F21F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8ECE4421-9E5D-4E38-B9BC-96E50AB7EFD8}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8F639C4F-DC0C-4616-84F5-0F0BA0743CF1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{8FE4C78D-6D0C-442F-B714-F47BCEC12A71}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9060C6EA-7A50-427A-902D-FBA9F3F05061}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{91388702-57A7-4CD3-B4BB-924CBF786FFA}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{91D93C32-C2E3-45D0-8B02-E925E788A5F7}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{92211156-4C03-41D1-9235-40D3754BC156}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{937298DD-1795-443E-8BAE-3CC139428FE8}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9402379B-7B9E-459D-BBE6-B0487A6F1B19}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{941C2D07-470A-4575-A185-E31AAF6C6261}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{94ACF5B0-414F-4E01-B7A7-3948B6690E87}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{94C796D3-DFC6-42CF-83E0-1E014B826CFE}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{95226A31-3047-431F-81F4-2EAEE70CD083}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{96310642-A0F5-4D77-BF70-5C6B7567E956}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9637D35F-F4EE-4624-BA3D-F1BC1903114E}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{96A8C3BE-CD04-4003-9640-A74628B6FBB8}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{971C7414-D1DA-431B-8D06-F61E22C1127C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{973F8097-CF99-4738-A592-E044BE48D16C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{987B8F84-2824-43B4-B038-525E4222BA9F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{99275BB0-3CC4-4F3B-8377-F164FDE84176}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9A2E32D4-9A45-483D-A20B-1157FE86CE97}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9A3599B8-D730-41E1-AE56-5CBDA293F9C2}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9AE7036C-3034-4985-8A79-7EBA070F3F70}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9BA74CF5-FB72-4AC7-A5BD-F0D4E729CDB4}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9BD91B59-A1E7-459E-B188-284E492412DD}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9C1A2D98-C320-4F21-829F-772392D143A0}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9CD288B7-5654-4F96-8BA8-AB623A39AC0D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9ECE1977-898E-4391-B8C1-27C5AE6E68FB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9F44309E-E316-45C2-8D56-9B54D9733432}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{9F92AF05-3CE1-42C1-BE63-C611E5FBAC46}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A02A240C-4266-43B3-9C25-A4DAACB21645}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A1C57FE5-6502-4845-BB0C-AD22BFFC57AA}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A2779DFA-157F-46BB-9E73-69D60CE2DF68}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A30BA5D4-9377-484F-99A0-A745C07D0FC6}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A351C48D-456A-4827-A23E-28D1EE650213}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A41CA6C0-C10D-4A82-A80C-101236713272}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A569B183-B2F0-44D0-83FA-AB5E1FB2CF4F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A5F3AB8F-5BDE-4DCF-9917-77CFB7A44BE7}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A5F6C30B-99EE-4348-B184-4A66C72EF1C7}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A66D6A49-EA6D-4494-965E-AFE080C298C5}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A72BCD08-92A0-4718-9B78-16E128A93D9B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A961BAAC-BA00-488D-BCF1-AB86D69C1D2F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{A980EECC-8E53-4D47-BEC2-6B2BDEB761FC}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{AAB3E823-AF74-4EA7-B7C1-60FFBEA94ECB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{AB2BD9BA-7C0F-42C6-BC52-FA7984AAFA30}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{AB34A0DB-CB13-4E9C-8C68-3BD70890C4F1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{ABB66B66-EEEF-4238-9DC0-36855701B252}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{ABC4099D-472D-4106-981D-466A8DF99E36}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{AC3A3309-D94D-4D03-830C-278F43711E56}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{AD0F29D8-0FE8-4ACC-8C2E-FA7E26097E53}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{AD756017-0C18-4B03-9511-67E00FCB6FBB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B05A4D55-AA5C-4C7C-AF95-D03B3105AF9C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B151DA66-563B-4210-8DFE-AD2B1F5F4C2E}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B164FD3B-ABD6-4493-8489-25F874EB4D29}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B20B500F-17B8-4576-86B0-BF4F43B1CD7A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B26C8E1B-69B6-4BB6-8E24-5EA8DDF90FA4}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B3893F6B-D271-4755-93F1-A624EB69DFD7}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B3D21760-2036-4EBF-A7EB-644D4ACE7803}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B44B8C12-25FB-413E-A046-2E63F86A584F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B4688192-CB20-4E20-A2DA-90E64C2CC1E2}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B57E43CE-FB3C-49C0-85B9-60A8ED3E42F5}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B5D42E5A-721F-4C6B-ADF9-2F3480DCA5B9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B6B06A12-E083-4D09-99B4-EBBD0F2AE288}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B6D25D73-AC73-4441-85B4-848477E3233C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B878423D-9A06-4A31-A8FA-FA94A2086808}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B8A69437-2943-46A4-B348-73B62D677539}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B8B14CB9-9231-4754-B40E-982795B145CF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B8EDE356-6240-4C4C-B398-710D10743422}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{B91ADEA6-61AF-4083-9064-71544B5D7D1D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{BAFA9AFB-CDD3-4CE5-8B60-42F1E13B59F9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{BBBEF22B-D2EC-4B14-8E4F-38EBCFFE4C47}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{BBE44BB3-D64A-4D6C-87A9-035E73F78A0C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{BC74A54D-F3E6-4D8D-B539-15479E4ED6AE}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{BC8F6088-F948-4713-864F-8B96162594AC}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{BCC55FCD-0EE4-47BE-B4B5-BCB8E4B8CB93}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{BE2407C5-7A45-4CB8-95C9-CA93AFF35745}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{BE3CD2DC-61D0-4762-A658-29CEB4A4398D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{BEB5E26C-8758-446C-A98E-26CA95676556}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C145B7A2-8D77-42CF-AE8F-C8A9A48278F4}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C1647A6C-6ED7-42C3-82AE-E496E2C5D946}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C165002B-61F4-4AF1-8B46-3FA26DF2AF50}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C2AE59CD-DABA-46D6-8897-1791C4545148}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C4F7B43E-71C9-4157-8DB3-F7E6D54D2C21}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C54893CB-0C83-4FFE-A651-12F2D37976A1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C6284549-3FE1-40E5-A65C-0C8D3359FFA8}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C6D987D6-FECD-436A-A618-FCBED21C8DB3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C7526E8D-F85D-40FE-BB4D-22C8AF5EF759}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C82E74F5-26BB-414D-A282-A804108FFCDB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C85EF46C-3B38-42BE-AC51-18C7F0772793}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C9847AAD-87FB-463F-9421-83EBC6556D78}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{C9E6CAB2-FDA3-4D2E-8246-0084091E6FBE}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{CC5E319A-0C61-45A9-800C-3592F4979ED5}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{CC89443D-9A43-4EDF-86B5-A129B7373647}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{CD5AC75B-5F81-47B0-A186-81AFE88D2230}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{CE707207-7C2A-461D-9A30-17351430F5DD}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{CE8FE0AF-B076-4D6E-9713-C33016E3C56D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{CE9B5678-5406-40A4-B845-132F07108630}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{CFAC3A88-2D76-4FB1-9591-31B359AF45E3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{CFCA1EAC-E0CB-409F-88C6-22812324BE68}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D021C89A-5DA9-4BE9-9DE9-32D32BC40EF4}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D059CE17-6437-4674-8A8C-FC237D04D30C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D0B73821-316F-437C-A7C2-E6C5C439ED36}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D0E880EE-1708-4E0E-8A21-88C292B265A0}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D1788C75-6E37-4A95-86F1-C814CCD242A7}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D1832022-A7F4-49AD-A677-C85D3B6983C3}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D1B42A53-7D66-4C4C-8A70-FACF0D1DBDF4}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D1C8FE7A-ADF3-4732-AC37-1D1203ACD461}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D32A3EB8-4FCD-419D-9D13-FE93A09FAF24}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D3E75DD6-E16B-4F07-9DFD-F5F0C9B6F1F9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D53DFAD5-0403-41B5-A06B-C7E622645898}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D7D529E1-1C34-4920-8078-A435E1688F37}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D7D60949-E45B-4A56-9CEF-FC3231180984}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D8CEEDB1-7303-4943-AE8E-A1FB8E0AE4F1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{D9DC02E3-C4A4-4740-90C4-B3648EA70132}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{DB131C3C-874D-41F4-9E36-F5B6274BB73F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{DB64B3D7-CCA6-4F7B-B4B9-3B01D4A91245}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{DC217916-33AC-4279-8152-F4D77C0B6609}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{DC3C07C5-0EA3-42D8-A926-5CA165FC5E03}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{DE266F42-CDFD-4607-8EF4-62E1D45203A1}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{E060E504-A9F8-4668-93CF-830F9D9A7E4B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{E06EF4D8-E86F-4D72-AEE5-E4729E5CE357}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{E13F78C2-6F66-4E2B-8762-D9F59F5C34B0}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{E1758A85-3C38-4A41-B17C-5D534A45D8EF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{E4C3DAC2-3F06-4856-91E8-DC620A766B86}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{E64A3C7E-F2DB-4C96-AFC1-5D5AB1330E03}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{E6DB89AE-5C80-4373-AD69-66B8E7231957}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{E727A9DC-2DA7-46FC-B323-3BF2E287278C}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{E8C44A19-73A0-4D4D-9611-52AD17F170AB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{E8DCC569-6F43-43FA-A226-B39FBC558A81}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EA668829-047B-484D-BBB0-D4C7D9E75DEE}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EAC1A56C-0133-4CC0-B755-3EA74D7EE28B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EB076C7D-CBA0-4599-9503-7D4A2F1C1057}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EB38EBD4-A58C-4BA6-A91F-EF528096E779}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EB41AA11-171A-43D8-BA9C-5348CE73EADC}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EBB50D4C-B59C-4E5B-8A5B-0784B6B74E80}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EBEF8539-A8A3-43F6-8347-854D62946128}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{ECBB8B12-1D1B-4A35-8F1E-7CF551AF809B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{ECBDFF3C-7CF0-420F-BAA4-C536DAA711E8}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{ECC189F0-0D04-4340-8660-7DA8FBC67C4E}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{ED5474E1-3253-4B0B-9077-1E01175AB59A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EDCA3ED3-7E54-484E-BBE2-E8819E62FD78}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EE0653AD-7552-4D6F-A131-FB19D2016382}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EEFE3F45-04CA-4682-9DFF-F3574D9BDF46}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EF0BBC4B-AEFA-4F02-9F6D-A79CBB9044EA}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EF405CB0-3360-4436-97A5-FC0A2FD1307D}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{EF5186AE-1B65-4126-BADA-A528D0724F58}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F06EB506-BCC7-4DDF-8E9D-3DD5D3A0B5EB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F0B41F79-15FA-4CDE-9E53-E8D12676DAE7}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F294B1EF-86CE-43BA-9368-1BF67F398968}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F2FD1E98-659D-4EAE-9E53-FA80DF750FB5}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F313FC16-D9DA-453B-8DE9-96BFC85A3138}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F3FF28D6-8543-499D-A26C-E183E78578B4}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F40185FF-1985-4488-823B-432BB9DB92D4}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F4164749-F6A2-4ED2-B7E9-0E513FD5747F}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F492F8A9-AF02-48DC-BECD-853414F984FD}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F6A664CC-A7A1-484F-AB1B-D4571DB4FDDC}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F7040F44-15A1-416C-ABF5-DB3E09B8F101}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F755934B-7181-4DDF-A09C-988D47534B3B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F77AABF9-0995-4EB6-8118-081D2F42C74E}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F8D251AE-EF22-408B-919D-90E8FAE7565B}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F90BC2E2-7870-42FC-9B42-468C305074AE}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F942F6B0-BF50-466C-B3D9-1FD74876DDE9}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F979BDD6-CA44-4709-B792-D82ADE6C0BAF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F97BF776-3414-466A-896F-D358CD5107BF}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F9D36698-E3F6-4B24-96B3-75A7893CCE39}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{F9FC861B-DB11-492F-9B7E-A3A5D0A8B21A}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{FB1088BA-F57B-47C7-A6C8-81AFB7CA9FB2}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{FBDD7961-5B65-4334-94A6-9EBEE579F1D8}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{FC1A4DA8-00E1-4CDF-BA92-B6A23183264E}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{FC3720B7-988E-468F-B685-F1C63E1C37D6}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{FE4150AD-3D5A-4678-B6CD-48B2AD7DEAFB}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{FEA04451-CF8F-43CC-B891-63856CB2CB35}
Successfully deleted: [Empty Folder] C:\Users\default.default-PC\appdata\local\{FF623373-97DB-49CB-A5BB-467FD9F8D814}

~~~ FireFox

Emptied folder: C:\Users\default.default-PC\AppData\Roaming\mozilla\firefox\profiles\g0sveptx.default\minidumps [68 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/08/2015 at 8:50:46.76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by default (administrator) on OFFICE01 on 08-01-2015 08:51:52
Running from C:\Users\default.default-PC\Desktop
Loaded Profile: default (Available profiles: default)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco WebEx LLC) C:\Windows\System32\atashost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgwdsvc.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\AMT\lms.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgnsx.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgchsvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgcsrvx.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Broadcom Corporation) C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Microsoft) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgtray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-06-22] (Analog Devices, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [picon] => C:\Program Files\Common Files\Intel\Privacy Icon\PIconStartup.exe [104960 2009-10-15] ()
HKLM\...\Run: [WavXMgr] => C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [147328 2010-01-05] (Wave Systems Corp.)
HKLM\...\Run: [DellControlPoint] => C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [657920 2009-11-02] (Dell Inc.)
HKLM\...\Run: [USCService] => C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [34232 2010-01-05] (Broadcom Corporation)
HKLM\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-24] (CyberLink Corp.)
HKLM\...\Run: [DBRMTray] => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [203776 2009-11-12] (Microsoft)
HKLM\...\Run: [AVG9_TRAY] => C:\Program Files\AVG\AVG9\avgtray.exe [2079792 2014-12-10] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [DBRMTray] => C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2009-10-18] (Microsoft)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\...\Run: [Facebook Update] => "C:\Users\default.default-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-19] (Google Inc.)
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [761064 2014-12-03] (Adobe Systems Incorporated)
AppInit_DLLs: C:\Windows\System32\avgrsstx.dll => C:\Windows\System32\avgrsstx.dll [12536 2010-07-15] (AVG Technologies CZ, s.r.o.)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TdmNotify.lnk
ShortcutTarget: TdmNotify.lnk -> C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-311597906-3463414758-3913683715-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [S-1-5-21-311597906-3463414758-3913683715-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-311597906-3463414758-3913683715-1000] => localhost:21320
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://navinet.navimedix.com/sign-in?ReturnUrl=/Main.aspx
SearchScopes: HKLM -> {1D74A164-9F18-49B7-87F0-9AEEF495486D} URL = http://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> {1D74A164-9F18-49B7-87F0-9AEEF495486D} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1

FireFox:
========
FF ProfilePath: C:\Users\default.default-PC\AppData\Roaming\Mozilla\Firefox\Profiles\g0sveptx.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://www.eyefinity.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-311597906-3463414758-3913683715-1000: @facebook.com/FBPlugin,version=1.0.3 -> C:\Users\default.default-PC\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\default.default-PC\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atashost; C:\Windows\system32\atashost.exe [118568 2014-12-30] (Cisco WebEx LLC)
R2 avg9wd; C:\Program Files\AVG\AVG9\avgwdsvc.exe [308136 2010-07-15] (AVG Technologies CZ, s.r.o.)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MSSQL$SQLVUE; c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1032192 2009-11-18] (Wave Systems Corp.) [File not signed]
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] () [File not signed]
R2 TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [1148264 2009-11-24] (Wave Systems Corp.)
R2 UNS; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2066968 2009-10-15] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AvgLdx86; C:\Windows\System32\Drivers\avgldx86.sys [226016 2013-01-15] (AVG Technologies CZ, s.r.o.)
R1 AvgMfx86; C:\Windows\System32\Drivers\avgmfx86.sys [29712 2011-09-13] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\Windows\System32\Drivers\avgtdix.sys [243152 2011-05-05] (AVG Technologies CZ, s.r.o.)
S3 NAL; C:\Windows\system32\Drivers\iqvw32.sys [30880 2009-10-14] (Intel Corporation )
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [16768 2011-04-08] (Microsoft Corporation)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
R2 WavxDMgr; C:\Windows\System32\DRIVERS\WavxDMgr.sys [211328 2010-01-05] (Wave Systems Corp.)
S3 catchme; \??\C:\Users\DEFAUL~1.DEF\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 08:52 - 2015-01-08 08:52 - 00000057 _____ () C:\Windows\iltwain.ini
2015-01-08 08:51 - 2015-01-08 08:51 - 00049150 _____ () C:\Users\default.default-PC\Desktop\JRT2.txt
2015-01-08 08:50 - 2015-01-08 08:50 - 00049150 _____ () C:\Users\default.default-PC\Desktop\JRT.txt
2015-01-08 08:49 - 2015-01-08 08:49 - 00000000 ____D () C:\Windows\ERUNT
2015-01-08 08:47 - 2015-01-08 08:47 - 01707939 _____ (Thisisu) C:\Users\default.default-PC\Desktop\JRT.exe
2015-01-08 08:46 - 2015-01-08 08:46 - 00004910 _____ () C:\Users\default.default-PC\Desktop\AdwCleaner[S0].txt
2015-01-08 08:31 - 2015-01-08 08:44 - 00000000 ____D () C:\AdwCleaner
2015-01-08 08:31 - 2015-01-08 08:31 - 02191360 _____ () C:\Users\default.default-PC\Desktop\AdwCleaner.exe
2015-01-08 08:14 - 2015-01-08 08:14 - 00001041 _____ () C:\Users\default.default-PC\Desktop\checkup.txt
2015-01-08 08:12 - 2015-01-08 08:12 - 00852504 _____ () C:\Users\default.default-PC\Desktop\SecurityCheck.exe
2015-01-07 17:07 - 2015-01-07 17:07 - 00000512 _____ () C:\Users\default.default-PC\Desktop\MBR.dat
2015-01-07 15:58 - 2015-01-07 17:07 - 00002843 _____ () C:\Users\default.default-PC\Desktop\aswMBR.txt
2015-01-07 15:34 - 2015-01-08 08:51 - 00016969 _____ () C:\Users\default.default-PC\Desktop\FRST.txt
2015-01-07 15:34 - 2015-01-07 15:35 - 00026355 _____ () C:\Users\default.default-PC\Desktop\Addition.txt
2015-01-07 13:28 - 2015-01-07 13:28 - 00002133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-07 13:28 - 2015-01-07 13:28 - 00002121 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-01-07 13:28 - 2015-01-07 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-07 13:28 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2015-01-07 13:22 - 2015-01-07 13:24 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\default.default-PC\Desktop\spybot-2.4.exe
2015-01-07 10:28 - 2015-01-07 10:28 - 05198336 _____ (AVAST Software) C:\Users\default.default-PC\Desktop\aswMBR.exe
2015-01-07 10:24 - 2015-01-08 08:51 - 00000000 ____D () C:\FRST
2015-01-07 10:24 - 2015-01-07 10:24 - 01115648 _____ (Farbar) C:\Users\default.default-PC\Desktop\FRST.exe
2015-01-07 10:23 - 2015-01-07 10:23 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-OFFICE01-Microsoft-Windows-7-Professional-(32-bit).dat
2015-01-07 10:22 - 2015-01-07 10:22 - 00002183 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-07 10:22 - 2015-01-07 10:22 - 00000000 ____D () C:\RegBackup
2015-01-07 10:22 - 2015-01-07 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-07 10:22 - 2015-01-07 10:22 - 00000000 ____D () C:\Program Files\Tweaking.com
2015-01-07 10:20 - 2015-01-07 10:20 - 04215584 _____ () C:\Users\default.default-PC\Desktop\tweaking.com_registry_backup_setup.exe
2015-01-05 11:52 - 2014-09-26 18:42 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-05 11:52 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-05 11:52 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-05 11:52 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-05 11:51 - 2015-01-05 11:52 - 00004613 _____ () C:\Windows\system32\jupdate-1.7.0_71-b14.log
2014-12-30 10:10 - 2014-12-30 10:10 - 00000000 ____D () C:\Users\default.default-PC\AppData\Local\WebEx
2014-12-17 19:23 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 03:21 - 2014-12-10 03:21 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 03:05 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 03:01 - 2014-12-10 03:04 - 00000000 ____D () C:\57587319f2c7f557c4d0721a20b8eec5
2014-12-09 23:49 - 2014-12-03 22:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 23:49 - 2014-12-03 22:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 23:49 - 2014-12-03 22:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 23:49 - 2014-12-03 22:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 23:49 - 2014-12-03 22:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 23:49 - 2014-12-03 22:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 23:49 - 2014-12-03 22:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 23:49 - 2014-12-01 17:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 23:49 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 23:49 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 23:49 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 23:49 - 2014-11-21 20:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 23:49 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 23:49 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 23:49 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 23:49 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 23:49 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 23:49 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 23:49 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 23:49 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 23:49 - 2014-11-21 19:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 23:49 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 23:49 - 2014-11-21 19:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 23:49 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 23:49 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 23:49 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 23:49 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 23:49 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 23:49 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 23:49 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 23:49 - 2014-11-21 19:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 23:49 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 23:49 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 23:49 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 23:49 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 23:49 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 23:49 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 23:49 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 23:49 - 2014-11-10 19:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 23:48 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 23:48 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 23:48 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 23:48 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 23:48 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 23:48 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 23:48 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 09:46 - 2014-12-09 09:46 - 00111836 _____ () C:\Users\default.default-PC\Desktop\Rehabilitation

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 08:51 - 2010-03-04 09:37 - 00862922 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-08 08:48 - 2010-03-17 08:12 - 00000000 ____D () C:\Windows\system32\Drivers\Avg
2015-01-08 08:48 - 2010-03-17 08:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Free 9.0
2015-01-08 08:48 - 2010-03-17 08:12 - 00000000 ____D () C:\ProgramData\avg9
2015-01-08 08:46 - 2010-03-08 14:40 - 00000000 _____ () C:\Users\default.default-PC\AppData\Local\WavXMapDrive.bat
2015-01-08 08:45 - 2010-03-19 10:51 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 08:45 - 2010-03-04 12:25 - 00181986 _____ () C:\Windows\PFRO.log
2015-01-08 08:45 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-08 08:45 - 2009-07-13 22:39 - 00096278 _____ () C:\Windows\setupact.log
2015-01-08 08:44 - 2009-07-13 22:55 - 01323190 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 08:39 - 2010-03-19 10:51 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 08:09 - 2013-02-14 09:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 08:04 - 2013-01-24 13:59 - 00000958 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-311597906-3463414758-3913683715-1000UA.job
2015-01-07 17:22 - 2014-04-15 09:42 - 00021968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 17:22 - 2014-04-15 09:42 - 00021968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 14:04 - 2013-01-24 13:59 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-311597906-3463414758-3913683715-1000Core.job
2015-01-07 13:28 - 2013-10-15 14:54 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-07 13:28 - 2013-10-15 14:53 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-06 10:33 - 2014-07-24 10:02 - 00000000 ____D () C:\OptoVue
2015-01-05 15:34 - 2010-06-23 09:09 - 00000000 ____D () C:\ProgramData\webex
2015-01-05 11:53 - 2013-12-26 09:11 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-05 11:52 - 2010-08-17 08:58 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-05 11:52 - 2010-03-04 09:31 - 00000000 ____D () C:\Program Files\Java
2014-12-30 16:05 - 2010-12-21 11:03 - 00000000 __SHD () C:\Users\default.default-PC\Documents\cache
2014-12-30 14:56 - 2010-12-21 11:03 - 00000000 ____D () C:\Users\default.default-PC\AppData\Roaming\webex
2014-12-30 10:10 - 2010-06-23 09:32 - 00208168 _____ (Cisco WebEx LLC) C:\Windows\system32\atsckernel.exe
2014-12-30 10:10 - 2010-06-23 09:32 - 00118568 _____ (Cisco WebEx LLC) C:\Windows\system32\atashost.exe
2014-12-16 10:45 - 2013-11-27 08:19 - 00000000 ____D () C:\Users\default.default-PC\Desktop\Schambo
2014-12-15 18:17 - 2013-08-27 14:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-15 18:17 - 2013-08-27 14:38 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-12-15 10:09 - 2013-03-21 13:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-10 13:09 - 2013-02-14 09:55 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-10 13:09 - 2011-09-14 15:07 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-10 08:38 - 2014-10-01 08:24 - 00000000 ____D () C:\Poly Prior Authorization Letters
2014-12-10 03:59 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\rescache
2014-12-10 03:21 - 2014-05-06 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 03:21 - 2009-07-13 20:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 03:05 - 2010-03-08 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:04 - 2013-08-15 02:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:01 - 2010-03-08 14:58 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\default.default-PC\AppData\Local\temp\Quarantine.exe
C:\Users\default.default-PC\AppData\Local\temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-05 12:47

==================== End Of Log ============================

The following are the symptoms I'm experiencing: REALLY slow response time when opening/using any programs, sending a document to print takes longer than normal for the printer to receive the information. Just all around decline in the whole system.

OCD

2015-01-08, 16:33

Hi jlbado,

Did you set this Proxy?
ProxyEnable: [S-1-5-21-311597906-3463414758-3913683715-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-311597906-3463414758-3913683715-1000] => localhost:21320

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt

Start
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> {1D74A164-9F18-49B7-87F0-9AEEF495486D} URL =
Toolbar: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EmptyTemp:
CMD: ipconfig /flushdns
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

In your next post please provide the following:

Fixlog.txt
Any change in performance?
Answer about Proxy setting.

jlbado

2015-01-08, 16:49

Hi OCD;

The proxy is supposed to be there as I am connected through a server computer. The system seems to be responding a little better, as I type this.

Here is the log requested:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-01-2015
Ran by default at 2015-01-08 09:39:20 Run:1
Running from C:\Users\default.default-PC\Desktop
Loaded Profile: default (Available profiles: default)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> {1D74A164-9F18-49B7-87F0-9AEEF495486D} URL =
Toolbar: HKU\S-1-5-21-311597906-3463414758-3913683715-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EmptyTemp:
CMD: ipconfig /flushdns
End
*****************

"HKU\S-1-5-21-311597906-3463414758-3913683715-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-311597906-3463414758-3913683715-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1D74A164-9F18-49B7-87F0-9AEEF495486D}" => Key deleted successfully.
HKCR\CLSID\{1D74A164-9F18-49B7-87F0-9AEEF495486D} => Key not found.
HKU\S-1-5-21-311597906-3463414758-3913683715-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => Removed 673.9 MB temporary data.

The system needed a reboot.

==== End of Fixlog 09:39:45 ====

jlbado

2015-01-08, 17:03

And, I'm not sure this means anything but I figured I would mention it just in case...My hard drive is constantly making noise (like it would be processing information) even when the computer is idle and no programs are open.

jlbado

2015-01-08, 19:17

The computer is back to responding slowly; it was good while it lasted :-)

OCD

2015-01-09, 03:42

Hi jlbado,

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re- run AdwCleaner

It should be on your desktop

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
This time, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S1].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) RogueKiller

Download to your desktop RogueKiller (http://www.bleepingcomputer.com/download/roguekiller/) (by tigzy)

http://i1269.photobucket.com/albums/jj590/OCD-WTT/RogueKiller_zps5799200f.gif (http://s1269.photobucket.com/user/OCD-WTT/media/RogueKiller_zps5799200f.gif.html)

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Quit all programs
Wait until Prescan has finished ...
Click on Scan, Do Not Fix Anything at this point.
Click the Report button, save the report to your desktop

=========================

Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) to your desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMDashboard_zpsddef9b5f.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMDashboard_zpsddef9b5f.gif.html)

On the Dashboard click on Update Now
Go to the Setting Tab
Under Setting go to Detection and Protection
Under PUP and PUM make sure both are set to show Treat Detections as Malware
Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
Then on the Dashboard click on Scan
Make sure to select THREAT SCAN
Then click on Scan
When the scan is finished and the log pops up...select Copy to Clipboard
Please paste the log back into this thread for review
Exit Malwarebytes

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

AdwCleaner[S1].txt
RogueKiller log
MBAM.txt
new FRST.txt

OCD

2015-01-12, 07:46

Hi jlbado,

Just checking in to see if you still need help?

OCD

2015-01-15, 03:54

This thread has been closed due to inactivity. If it has been three days or more since your last post it will not be re-opened.

If you still require help, please start a new topic and include fresh FRST and aswMBR logs, along with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic.

-----------------------------------------

Admin Edit
Thank you OCD. :)