Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rpcss.dll infected with virus. System randomly broadcasts ads


  • This topic is locked This topic is locked
16 replies to this topic

#1 kbrown1835

kbrown1835

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 11 April 2014 - 09:45 AM

My WIndows 7 system is infected with a virus that has attacted the rpcss.dll file in windows/system32 folder.  AVG has detected it but cannot repair.  Malwarebytes has been ran to no avail.  I cannot afford to have to reinstall Windows...Below is the DDS info::

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.51.2
Run by brownk at 10:40:37 on 2014-04-11
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3241.1385 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Forefront Endpoint Protection *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Forefront Endpoint Protection *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Program Files\IDT\WDM\STacSV.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\ATT\8.3.1.18\ma\bin\MAHostService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\ATT\8.3.1.18\ma\bin\node.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\enstart.exe
C:\Program Files\Fitbit Connect\FitbitConnectService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe
C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
C:\Program Files\Novatel Wireless\Drivers\NWHelper.exe
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Program Files\Common Files\Motive\pcCMService.exe
C:\Windows\system32\ptumlcmsvc.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files\Sprint\Sprint SmartView\SwiCardDetect.exe
C:\Program Files\Knoa\KnoaAgent\tKnoa.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\CCM\CcmExec.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Knoa\KnoaAgent\tKnoa.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Fitbit Connect\Fitbit Connect.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\ATT\8.3.1.18\ma\bin\pcTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Eye-Fi\Helper\EyeFiHelper.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Users\brownk\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
C:\Program Files\Memeo\AutoBackupPro\MemeoBackup.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
c:\program files\sap\frontend\sapgui\saplogon.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://jmconnection.jm.com/irj/portal
uWindow Title = Windows Internet Explorer provided by Johns Manville
uProxyOverride = <local>
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - c:\program files\webex\productivity tools\ptonecli.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - c:\program files\webex\productivity tools\ptonecli.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn2\yt.dll
uRun: [Eye-Fi] "c:\program files\eye-fi\helper\EyeFiHelper.exe"
uRun: [Adobe Acrobat Synchronizer] "c:\program files\adobe\acrobat 10.0\acrobat\AdobeCollabSync.exe"
uRun: [Gadwin PrintScreen] c:\program files\gadwin systems\printscreen\PrintScreen.exe /nosplash
uRun: [Fitbit Connect] "c:\program files\fitbit connect\Fitbit Connect.exe" /autorun
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [NetWrix Password Manager] "c:\program files\logon prompt extension for netwrix password manager\prmmain.exe" /configure
mRun: [MSC] "c:\program files\microsoft security client\antimalware\mssecex.exe" -hide -runkey
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [c:\program files\knoa\knoaagent\] "c:\program files\knoa\knoaagent\tKnoa.exe"
mRun: [Logitech Download Assistant] c:\windows\system32\rundll32.exe c:\windows\system32\LogiLDA.dll,LogiFetch
mRun: [Sprint SmartView] "c:\program files\sprint\sprint smartview\SprintSV.exe" -a
mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "c:\program files\cisco\cisco anyconnect secure mobility client\vpnui.exe" -minimized
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Fitbit Connect] "c:\program files\fitbit connect\Fitbit Connect.exe" /autorun
mRun: [ATT_McciTrayApp] "c:\program files\att\8.3.1.18\ma\bin\pcTrayApp.exe"
mRun: [Memeo Backup Premium] c:\program files\memeo\autobackuppro\MemeoLauncher2.exe --silent --no_ui
mRun: [Memeo AutoSync] c:\program files\memeo\autosync\MemeoLauncher2.exe --silent
mRun: [Seagate Dashboard] c:\program files\seagate\seagate dashboard\MemeoLauncher.exe --silent --no_ui
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue
StartupFolder: c:\users\brownk\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\brownk\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: HideSCAHealth = dword:1
uPolicies-Explorer: DisallowCpl = dword:1
uPolicies-Explorer: ForceStartMenuLogOff = dword:1
uPolicies-Explorer: NoWelcomeScreen = dword:1
uPolicies-System: ConnectHomeDirToRoot = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: ExcludedCredentialProviders = {F347212E-AF6B-4726-92B3-E4DF3388D58C},{6f45dc1e-5384-457a-bc13-2cd81b0d28ed},{C0CE53FC-2AAD-4da8-A8C2-FD77623FC28D}
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
Trusted Zone: 80
Trusted Zone: apd2
Trusted Zone: jm.com
Trusted Zone: mcp-pds
Trusted Zone: pen-pds
Trusted Zone: rivernet
Trusted Zone: whq-rosam1
Trusted Zone: wlw-websrv
Trusted Zone: wnd-pds
Trusted Zone: apd2
Trusted Zone: jm.com
Trusted Zone: mcp-pds
Trusted Zone: pen-pds
Trusted Zone: rivernet
Trusted Zone: whq-rosam1
Trusted Zone: wlw-websrv
Trusted Zone: wnd-pds
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8B4B3E51-6FA9-4DBB-B1FE-2F9E19ED4912} - hxxp://166.92.88.151/webviewer.cab
DPF: {BF776FD3-69B4-4151-AC97-3A2A64753E18} - hxxp://166.92.88.151/GVersionMan.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
TCP: NameServer = 10.10.48.6 10.5.11.56 10.5.11.186
TCP: Interfaces\{629B537C-3C01-4A36-A8BD-5115765ACC97} : DHCPNameServer = 10.10.48.6 10.5.11.56 10.5.11.186
TCP: Interfaces\{970940D5-B276-4080-8923-DFF79A061E07} : DHCPNameServer = 10.10.48.6 10.5.11.56 10.5.11.186
TCP: Interfaces\{970940D5-B276-4080-8923-DFF79A061E07}\2427F677E6755626 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{970940D5-B276-4080-8923-DFF79A061E07}\65562796A7F6E6D2239313C46575D203233423 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{970940D5-B276-4080-8923-DFF79A061E07}\65562796A7F6E6D2239313C46575D254638364 : DHCPNameServer = 192.168.1.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files\sap\frontend\sapgui\SAPHTMLP.DLL
Handler: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files\sap\frontend\sapgui\SAPHTMLP.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
mASetup: SAPGUI720SetupReg1 - reg.exe add HKCU\Software\Microsoft\Windows\Shell\AttachmentExecute\{0002DF01-0000-0000-C000-000000000046} /v SAPGui.Shortcut.File /t REG_NONE /f
mASetup: SAPGUI720SetupReg2 - reg.exe add "HKCU\Software\SAP\SAPGUI Front\SAP Frontend Server\Security" /v SecurityLevel /t REG_DWORD /d 00000000 /f
mASetup: SAPGUI720SetupReg3 - reg.exe add "HKCU\Software\SAP\SAPGUI Front\SAP Frontend Server\Security" /v DefaultAction /t REG_DWORD /d 00000000 /f
mASetup: SAPGUI720SetupReg4 - reg.exe add "HKLM\Software\Wow6432Node\SAP\SAPGUI Front\SAP Frontend Server\Security" /v SecurityLevel /t REG_DWORD /d 00000000 /f
mASetup: SAPGUI720SetupReg5 - reg.exe add "HKLM\Software\Wow6432Node\SAP\SAPGUI Front\SAP Frontend Server\Security" /v DefaultAction /t REG_DWORD /d 00000000 /f
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\34.0.1847.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\brownk\appdata\roaming\mozilla\firefox\profiles\pizc40df.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=113959&tt=3612_8&babsrc=HP_ss&mntrId=58ae1dc9000000000000a078baf03adc
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10008&q=
FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\acrobat 10.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin10171.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2014-03-03 17:43; mcciwbch@motive.com; c:\program files\mozilla firefox\extensions\mcciwbch@motive.com
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=58ae1dc9000000000000a078baf03adc&q=
FF - user.js: extensions.BabylonToolbar.id - 58ae1dc9000000000000a078baf03adc
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15588
FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12
FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.128:56:46
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113959&tt=3612_8
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-11-25 149272]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-10-31 222520]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-10-1 102712]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-9-10 27448]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\drivers\stdcfltn.sys [2012-3-14 17904]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-11-25 120600]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-25 210712]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-1-19 22808]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-10-31 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-8-1 193848]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2011-4-25 65584]
R1 enstart_;enstart_;c:\windows\system32\enstart_.sys [2012-1-5 86656]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2011-11-10 81920]
R2 AT&T Troubleshoot & Resolve;AT&T Troubleshoot & Resolve;c:\program files\att\8.3.1.18\ma\bin\MAHostService.exe [2013-12-2 321024]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-2-23 3782672]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-9-24 348008]
R2 DisplayLinkService;DisplayLinkManager;c:\program files\displaylink core software\DisplayLinkManager.exe [2011-4-10 5240168]
R2 enstart;enstart;c:\windows\system32\enstart.exe [2012-1-5 950272]
R2 Fitbit Connect;Fitbit Connect Service;c:\program files\fitbit connect\FitbitConnectService.exe [2013-10-2 1384992]
R2 MemeoBackgroundService;MemeoBackgroundService;c:\program files\memeo\autobackuppro\MemeoBackgroundService.exe [2012-10-12 26496]
R2 NvtlService;NovaCore SDK Service;c:\program files\novatel wireless\novacore\server\NvtlSrvr.exe [2011-2-7 92504]
R2 NWHelper;Novatel Wireless Device Helper ;c:\program files\novatel wireless\drivers\NWHelper.exe [2011-3-16 215552]
R2 pcCMService;pcCMService;c:\program files\common files\motive\pcCMService.exe [2014-3-3 369152]
R2 ptumlcmsvc;PTUML290 Connection Manager Service;c:\windows\system32\ptumlcmsvc.exe [2012-6-27 143360]
R2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2012-10-15 14752]
R2 SwiCardDetectSvc;Sierra Wireless Card Detection Service;c:\program files\sprint\sprint smartview\SwiCardDetect.exe [2010-9-22 226672]
R2 tKnoa-sm-F14079C0;tKnoa-sm-F14079C0;c:\program files\knoa\knoaagent\tKnoa.exe [2012-6-4 477184]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\cisco\cisco anyconnect secure mobility client\vpnagent.exe [2013-3-26 555408]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\accelern.sys [2011-9-9 44144]
R3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2011-9-9 39656]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2011-9-9 269824]
R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETwNs32.sys [2011-9-9 7434240]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944]
R3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\o2mdfw7.sys [2011-9-9 60904]
R3 O2SDJRDR;O2SDJRDR;c:\windows\system32\drivers\o2sdjw7.sys [2011-9-9 63976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxWatch12OEM.exe [2010-11-25 219632]
S3 acsock;acsock;c:\windows\system32\drivers\acsock.sys [2011-7-20 92112]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 bcm;WiMAX Network Adapter;c:\windows\system32\drivers\drxvi314.sys [2012-3-20 365568]
S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\drivers\BcmBusCtr.sys [2012-3-20 52736]
S3 CASprint;Sprint Con App Svc;c:\program files\sprint\sprint smartview\ConAppsSvc.exe [2012-5-30 124520]
S3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\drivers\DisplayLinkUsbPort_5.6.31854.0.sys [2013-4-4 21888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2011-4-11 62464]
S3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2011-9-9 41088]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2013-7-25 18944]
S3 PTUMLBUS;PTUML USB Composite Device Driver;c:\windows\system32\drivers\PTUMLBUS.sys [2012-6-27 86176]
S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;c:\windows\system32\drivers\PTUMLCVsp.sys [2012-6-27 168864]
S3 PTUMLMBMP;PANTECH UML290 Mobile Broadband;c:\windows\system32\drivers\PTUMLMBMP.sys [2012-6-27 268576]
S3 PTUMLMdm;PANTECH UML290;c:\windows\system32\drivers\PTUMLMdm.sys [2012-6-27 168864]
S3 PTUMLNET61;PANTECH UML290 WWAN (NDIS6.1);c:\windows\system32\drivers\PTUMLNET61.sys [2012-6-27 99616]
S3 PTUMLNVsp;PANTECH UML290 NMEA Port;c:\windows\system32\drivers\PTUMLNVsp.sys [2012-6-27 169632]
S3 PTUMLRMNET;PANTECH UML290 RMNET Service;c:\windows\system32\drivers\PTUMLRMNET.sys [2012-6-27 55072]
S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;c:\windows\system32\drivers\PTUMLVsp.sys [2012-6-27 168864]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-17 14848]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-17 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-11-17 27136]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-11-10 1343400]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADLTScriptFile=c:\windows\system32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-04-11 13:05:19 -------- d-----w- c:\programdata\Avg_Update_0214d
2014-04-10 22:31:57 -------- d-----w- C:\Tyler
2014-04-10 18:52:17 -------- d-----w- c:\programdata\HitmanPro
2014-04-09 17:05:02 -------- d-----w- c:\users\brownk\appdata\roaming\AVG2014
2014-04-09 17:04:52 -------- d-----w- c:\users\brownk\appdata\roaming\TuneUp Software
2014-04-09 17:04:46 -------- d--h--w- C:\$AVG
2014-04-09 17:04:46 -------- d-----w- c:\programdata\AVG2014
2014-04-09 17:04:43 -------- d-----w- c:\program files\AVG
2014-04-09 16:57:47 -------- d--h--w- c:\programdata\Common Files
2014-04-09 16:57:47 -------- d-----w- c:\users\brownk\appdata\local\MFAData
2014-04-09 16:57:47 -------- d-----w- c:\users\brownk\appdata\local\Avg2014
2014-04-09 16:57:47 -------- d-----w- c:\programdata\MFAData
2014-04-05 15:44:42 7969936 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1e584c02-a8e9-421a-a2c7-0bfa74d4375f}\mpengine.dll
2014-04-04 01:15:49 -------- d-----w- C:\Malone
2014-03-31 13:40:37 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-31 13:40:37 -------- d-----w- c:\program files\iTunes
2014-03-31 13:40:37 -------- d-----w- c:\program files\iPod
2014-03-27 03:25:24 -------- d-----r- c:\users\brownk\Dropbox
2014-03-27 03:24:50 -------- d-----w- c:\users\brownk\appdata\roaming\DropboxMaster
2014-03-27 02:32:55 -------- d-----w- c:\users\brownk\appdata\roaming\Dropbox
2014-03-23 00:48:52 -------- d-----w- c:\users\brownk\.WHCCROES
.
==================== Find3M  ====================
.
2014-01-20 01:46:54 22808 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 10:40:52.85 ===============
 



BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:43 AM

Posted 11 April 2014 - 09:55 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
  • Next please re-run FRST again and type the following in the edit box after Search: rpcss.dll
  • Click the Search button
  • It will make a log (Search.txt)- please post the log into your reply to me. (you can use pastebin as well).

 

Regards,

Georgi


cXfZ4wS.png


#3 kbrown1835

kbrown1835
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 11 April 2014 - 10:11 AM

Georgi,

 

Thank you for your help and your prompt reply.  Below is what you have asked for...

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Ran by brownk (administrator) on ETW-D0NHFS1 on 11-04-2014 11:02:14
Running from C:\Users\brownk\Downloads\BleepingComputer\Farbar
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\aestsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Alcatel-Lucent) C:\Program Files\ATT\8.3.1.18\ma\bin\MAHostService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(Joyent, Inc) C:\Program Files\ATT\8.3.1.18\ma\bin\node.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\system32\enstart.exe
(Fitbit, Inc.) C:\Program Files\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Memeo) C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe
() C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
(Novatel Wireless Inc.) C:\Program Files\Novatel Wireless\Drivers\NWHelper.exe
(O2Micro International) C:\Windows\system32\DRIVERS\o2flash.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
(DEVGURU Co., LTD) C:\Windows\system32\ptumlcmsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Sierra Wireless, Inc.) C:\Program Files\Sprint\Sprint SmartView\SwiCardDetect.exe
(Knoa Software Inc.) C:\Program Files\Knoa\KnoaAgent\tKnoa.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Windows\system32\CCM\CcmExec.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Knoa Software Inc.) C:\Program Files\Knoa\KnoaAgent\tKnoa.exe
(Sprint) C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Fitbit, Inc.) C:\Program Files\Fitbit Connect\Fitbit Connect.exe
(Alcatel-Lucent) C:\Program Files\ATT\8.3.1.18\ma\bin\pcTrayApp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Eye-Fi, Inc.) C:\Program Files\Eye-Fi\Helper\EyeFiHelper.exe
(Gadwin Systems, Inc) C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
(Logitech Inc.) C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
(Dropbox, Inc.) C:\Users\brownk\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Memeo) C:\Program Files\Seagate\Seagate Dashboard\MemeoDashboard.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SmithMicro Inc.) C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe
(Memeo Inc.) C:\Program Files\Memeo\AutoBackupPro\MemeoBackup.exe
(Axentra Corporation) C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(SAP, Walldorf) c:\program files\sap\frontend\sapgui\saplogon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [501104 2011-08-10] (Alps Electric Co., Ltd.)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [NetWrix Password Manager] - C:\Program Files\Logon Prompt Extension for NetWrix Password Manager\prmmain.exe [503808 2011-07-30] (NetWrix Corporation)
HKLM\...\Run: [MSC] - "c:\Program Files\Microsoft Security Client\Antimalware\mssecex.exe" -hide -runkey <===== ATTENTION (File name is altered)
HKLM\...\Run: [ConnectionCenter] - C:\Program Files\Citrix\ICA Client\concentr.exe [305088 2011-04-25] (Citrix Systems, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [536668 2011-08-10] (IDT, Inc.)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [39136 2012-12-18] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [825560 2012-12-18] (Adobe Systems Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-09-16] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM\...\Run: [C:\Program Files\Knoa\KnoaAgent\] - C:\Program Files\Knoa\KnoaAgent\tKnoa.exe [477184 2012-06-04] (Knoa Software Inc.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1425208 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Sprint SmartView] - C:\Program Files\Sprint\Sprint SmartView\SprintSV.exe [69632 2012-07-13] (Sprint)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-03-26] (Cisco Systems, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [Fitbit Connect] - C:\Program Files\Fitbit Connect\Fitbit Connect.exe [3264544 2013-10-02] (Fitbit, Inc.)
HKLM\...\Run: [ATT_McciTrayApp] - C:\Program Files\ATT\8.3.1.18\ma\bin\pcTrayApp.exe [1986048 2013-12-02] (Alcatel-Lucent)
HKLM\...\Run: [Memeo Backup Premium] - C:\Program Files\Memeo\AutoBackupPro\MemeoLauncher2.exe [137088 2012-10-12] (Memeo Inc.)
HKLM\...\Run: [Memeo AutoSync] - C:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe [145280 2012-10-11] (Memeo Inc.)
HKLM\...\Run: [Seagate Dashboard] - C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe [79776 2012-10-15] ()
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [NCInstallQueue] - rundll32 netman.dll,ProcessQueue [280576 2009-07-13] (Microsoft Corporation)
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Run: [Eye-Fi] - C:\Program Files\Eye-Fi\Helper\EyeFiHelper.exe [3961464 2011-12-21] (Eye-Fi, Inc.)
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Run: [Adobe Acrobat Synchronizer] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1264360 2012-12-18] (Adobe Systems Incorporated)
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Run: [Gadwin PrintScreen] - C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [495616 2008-12-09] (Gadwin Systems, Inc)
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Run: [Fitbit Connect] - C:\Program Files\Fitbit Connect\Fitbit Connect.exe [3264544 2013-10-02] (Fitbit, Inc.)
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Policies\system: [ConnectHomeDirToRoot] 1
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Policies\Explorer: [Intellimenus] 1
HKU\S-1-5-21-2094157777-493687331-1256410061-120116\...\Policies\Explorer: [NoWelcomeScreen] 1
Startup: C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\brownk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://jmconnection.jm.com/irj/portal
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=EIE9HP&PC=UP50
BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - WebEx Productivity Tools - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll (Cisco WebEx LLC)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {8B4B3E51-6FA9-4DBB-B1FE-2F9E19ED4912} http://166.92.88.151/webviewer.cab
DPF: {BF776FD3-69B4-4151-AC97-3A2A64753E18} http://166.92.88.151/GVersionMan.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
Handler: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.10.48.6 10.5.11.56 10.5.11.186

FireFox:
========
FF ProfilePath: C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default
FF user.js: detected! => C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\user.js
FF NewTab: hxxp://search.babylon.com/?affID=113959&tt=3612_8&babsrc=NT_ss&mntrId=58ae1dc9000000000000a078baf03adc
FF DefaultSearchEngine: Search the web (Babylon)
FF SearchEngineOrder.1: Search the web (Babylon)
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://search.babylon.com/?affID=113959&tt=3612_8&babsrc=HP_ss&mntrId=58ae1dc9000000000000a078baf03adc
FF Keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10008&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @logitech.com/HarmonyRemote,version=1.0.0 - C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 - C:\Program Files\ATT\8.3.1.18\ma\bin\npMotive.dll (Alcatel-Lucent)
FF Plugin: @Motive.com/npMotiveRequest,version=1.0 - C:\Program Files\Common Files\Motive\npMotiveRequest.dll (Alcatel-Lucent)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\searchplugins\sweetim.xml
FF Extension: Babylon - C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\Extensions\ffxtlbr@babylon.com [2013-02-02]
FF Extension: No Name - C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\Extensions\staged [2014-02-08]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-09-24]
FF Extension: Motive Extension - C:\Program Files\Mozilla Firefox\extensions\mcciwbch@motive.com.xpi [2014-03-03]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-03-14]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-27]
FF HKLM\...\Firefox\Extensions: [fbdownloader@KMcore] - C:\Program Files\fbDownloader\_browser_extensions\xpi
FF Extension: fbdownloader - C:\Program Files\fbDownloader\_browser_extensions\xpi [2012-08-09]

Chrome:
=======
CHR DefaultSearchKeyword: babylon.com
CHR DefaultSearchProvider: Search the web (Babylon)
CHR DefaultSearchURL: http://search.babylon.com/?q={searchTerms}&affID=113959&tt=3612_8&babsrc=SP_ss&mntrId=58ae1dc9000000000000a078baf03adc
CHR DefaultNewTabURL:
CHR Extension: (HootSuite Hootlet) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgfdlplhmndoonmofmflcbiohgbkifn [2013-12-31]
CHR Extension: (YouTube) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-27]
CHR Extension: (Google Search) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-27]
CHR Extension: (Motive Extension) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2014-03-03]
CHR Extension: (Cloud Reader) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2012-08-28]
CHR Extension: (SweetIM for Facebook) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2012-10-18]
CHR Extension: (Google Wallet) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-24]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-06-27]
CHR Extension: (MyHarmony Chrome Plugin) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf [2013-12-31]
CHR Extension: (Gmail) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-27]
CHR HKLM\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx [2014-03-03]
CHR HKLM\...\Chrome\Extension: [fjkcaddghdedgbifecmglibhhjijdimi] - C:\Program Files\fbDownloader\_browser_extensions\fbdownloader.crx [2011-09-19]
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-09-24]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-12-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AT&T Troubleshoot & Resolve; C:\Program Files\ATT\8.3.1.18\ma\bin\MAHostService.exe [321024 2013-12-02] (Alcatel-Lucent)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S3 CASprint; C:\Program Files\Sprint\Sprint SmartView\ConAppsSvc.exe [124520 2012-05-30] (SmithMicro Inc.)
R2 CcmExec; C:\Windows\system32\CCM\CcmExec.exe [764768 2009-09-18] (Microsoft Corporation)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [5240168 2011-04-10] (DisplayLink Corp.)
R2 enstart; C:\Windows\system32\enstart.exe [950272 2012-01-05] ()
R2 Fitbit Connect; C:\Program Files\Fitbit Connect\FitbitConnectService.exe [1384992 2013-10-02] (Fitbit, Inc.)
R2 MemeoBackgroundService; C:\Program Files\Memeo\AutoBackupPro\MemeoBackgroundService.exe [26496 2012-10-12] (Memeo)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation)
R2 NvtlService; C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [92504 2011-02-07] ()
R2 NWHelper; C:\Program Files\Novatel Wireless\Drivers\NWHelper.exe [215552 2011-03-16] (Novatel Wireless Inc.)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [72296 2011-04-12] (O2Micro International)
R2 ptumlcmsvc; C:\Windows\system32\ptumlcmsvc.exe [143360 2012-05-22] (DEVGURU Co., LTD)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-11-25] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-11-25] (Sonic Solutions)
R2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14752 2012-10-15] (Memeo)
S3 smstsmgr; C:\Windows\system32\CCM\TSManager.exe [246624 2009-09-18] (Microsoft Corporation)
R3 SprintRcAppSvc; C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe [120424 2012-05-30] (SmithMicro Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [274514 2011-08-10] (IDT, Inc.)
R2 SwiCardDetectSvc; C:\Program Files\Sprint\Sprint SmartView\SwiCardDetect.exe [226672 2010-09-22] (Sierra Wireless, Inc.)
R2 tKnoa-sm-F14079C0; C:\Program Files\Knoa\KnoaAgent\tKnoa.exe [477184 2012-06-04] (Knoa Software Inc.)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [555408 2013-03-26] (Cisco Systems, Inc.)

==================== Drivers (Whitelisted) ====================

R3 Acceler; C:\Windows\System32\DRIVERS\accelern.sys [44144 2011-08-10] (ST Microelectronics)
S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92112 2013-03-26] (Cisco Systems, Inc.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314.sys [365568 2012-03-20] (Beceem Communications Inc.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr.sys [52736 2012-03-20] (Beceem Communications Inc.)
R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [39656 2011-08-10] (Broadcom Corporation)
S3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_5.6.31854.0.sys [21888 2013-04-04] (http://libusb-win32.sourceforge.net)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [268968 2011-07-20] (Intel Corporation)
R1 enstart_; C:\Windows\system32\enstart_.sys [86656 2012-01-05] (Guidance Software Inc.)
S3 MEI; C:\Windows\system32\drivers\HECI.sys [41088 2011-04-12] (Intel Corporation)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
S3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7434240 2011-04-12] (Intel Corporation)
R3 Nmea; C:\Windows\System32\DRIVERS\pctnullport.sys [38680 2010-10-19] (PCTEL Inc.)
R3 O2MDFRDR; C:\Windows\System32\DRIVERS\O2MDFw7.sys [60904 2011-08-10] (O2Micro )
R3 O2SDJRDR; C:\Windows\System32\DRIVERS\o2sdjw7.sys [63976 2011-04-12] (O2Micro )
S3 prepdrvr; C:\Windows\system32\CCM\prepdrv.sys [20848 2009-09-18] (Microsoft Corporation)
S3 PTUMLBUS; C:\Windows\System32\DRIVERS\PTUMLBUS.sys [86176 2012-05-22] (DEVGURU Co., LTD.)
S3 PTUMLCVsp; C:\Windows\System32\DRIVERS\PTUMLCVsp.sys [168864 2012-05-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTUMLMBMP; C:\Windows\System32\DRIVERS\PTUMLMBMP.sys [268576 2012-05-22] (DEVGURU Co., LTD.)
S3 PTUMLMdm; C:\Windows\System32\DRIVERS\PTUMLMdm.sys [168864 2012-05-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTUMLNET61; C:\Windows\System32\DRIVERS\PTUMLNET61.sys [99616 2012-05-22] (DEVGURU Co., LTD.)
S3 PTUMLNVsp; C:\Windows\System32\DRIVERS\PTUMLNVsp.sys [169632 2012-05-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 PTUMLRMNET; C:\Windows\System32\DRIVERS\PTUMLRMNET.sys [55072 2012-05-22] (DEVGURU Co., LTD.)
S3 PTUMLVsp; C:\Windows\System32\DRIVERS\PTUMLVsp.sys [168864 2012-05-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [17904 2011-07-16] (ST Microelectronics)
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
U3 mbr; \??\C:\Users\brownk\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-11 11:01 - 2014-04-11 11:02 - 00000000 ____D () C:\FRST
2014-04-11 10:41 - 2014-04-11 10:41 - 00026835 _____ () C:\Users\brownk\Desktop\attach.txt
2014-04-11 10:41 - 2014-04-11 10:40 - 00029378 _____ () C:\Users\brownk\Desktop\dds.txt
2014-04-11 10:39 - 2014-04-11 11:00 - 00000000 ____D () C:\Users\brownk\Downloads\BleepingComputer
2014-04-11 09:05 - 2014-04-11 09:05 - 00000314 _____ () C:\Windows\Tasks\0214dUpdateInfo.job
2014-04-11 09:05 - 2014-04-11 09:05 - 00000000 ____D () C:\ProgramData\Avg_Update_0214d
2014-04-10 18:31 - 2014-04-10 18:36 - 00000000 ____D () C:\Tyler
2014-04-10 14:59 - 2014-04-10 15:14 - 00000000 ____D () C:\Users\brownk\Desktop\RK_Quarantine
2014-04-10 14:52 - 2014-04-10 15:07 - 00000000 ____D () C:\Users\brownk\Downloads\HitManPro
2014-04-10 14:52 - 2014-04-10 14:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-09 14:44 - 2014-04-10 14:20 - 00023094 _____ () C:\Users\brownk\Desktop\avgrep.txt
2014-04-09 13:05 - 2014-04-09 13:05 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\AVG2014
2014-04-09 13:04 - 2014-04-09 13:04 - 00000935 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-09 13:04 - 2014-04-09 13:04 - 00000000 ___HD () C:\$AVG
2014-04-09 13:04 - 2014-04-09 13:04 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\TuneUp Software
2014-04-09 13:04 - 2014-04-09 13:04 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-09 13:04 - 2014-04-09 13:04 - 00000000 ____D () C:\Program Files\AVG
2014-04-09 12:57 - 2014-04-11 09:56 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-09 12:57 - 2014-04-09 13:27 - 00000000 ____D () C:\Users\brownk\AppData\Local\Avg2014
2014-04-09 12:57 - 2014-04-09 12:57 - 00000000 ____D () C:\Users\brownk\AppData\Local\MFAData
2014-04-07 22:29 - 2014-04-07 22:29 - 00000000 ____S () C:\Windows\system32\gyaf.cfy
2014-04-04 16:05 - 2014-04-04 16:05 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WHCC ROES
2014-04-03 21:15 - 2014-04-04 16:05 - 00000000 ____D () C:\Malone
2014-04-03 21:01 - 2014-04-03 21:01 - 00000000 ____S () C:\Windows\system32\eykj.jlw
2014-03-31 11:21 - 2014-03-31 11:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2014-03-31 09:40 - 2014-03-31 09:40 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-31 09:40 - 2014-03-31 09:40 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-31 09:40 - 2014-03-31 09:40 - 00000000 ____D () C:\Program Files\iTunes
2014-03-31 09:40 - 2014-03-31 09:40 - 00000000 ____D () C:\Program Files\iPod
2014-03-31 09:24 - 2014-03-31 09:36 - 00000000 ____D () C:\Users\brownk\Downloads\Apple
2014-03-30 17:45 - 2014-03-30 17:45 - 00000000 ____S () C:\Windows\system32\esqira.cvt
2014-03-26 23:25 - 2014-04-08 23:08 - 00000000 ___RD () C:\Users\brownk\Dropbox
2014-03-26 23:25 - 2014-03-26 23:25 - 00001002 _____ () C:\Users\brownk\Desktop\Dropbox.lnk
2014-03-26 23:24 - 2014-03-26 23:25 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\DropboxMaster
2014-03-26 23:24 - 2014-03-26 23:24 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-26 22:32 - 2014-04-11 09:01 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\Dropbox
2014-03-23 15:47 - 2014-03-29 09:56 - 00001820 _____ () C:\SeagateAdapter
2014-03-22 20:48 - 2014-04-04 16:25 - 00000000 ____D () C:\Users\brownk\.WHCCROES
2014-03-22 20:48 - 2014-04-04 16:05 - 00002189 _____ () C:\Users\brownk\Desktop\WHCC ROES.lnk
2014-03-22 20:48 - 2014-03-22 20:48 - 00001152 _____ () C:\Users\brownk\Downloads\Launch-WHCC-ROES (1).jnlp
2014-03-22 20:45 - 2014-03-22 20:45 - 00005163 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-03-22 20:43 - 2014-03-22 20:44 - 00001152 _____ () C:\Users\brownk\Downloads\Launch-WHCC-ROES.jnlp

==================== One Month Modified Files and Folders =======

2014-04-11 11:02 - 2014-04-11 11:01 - 00000000 ____D () C:\FRST
2014-04-11 11:00 - 2014-04-11 10:39 - 00000000 ____D () C:\Users\brownk\Downloads\BleepingComputer
2014-04-11 10:57 - 2012-06-27 11:39 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-11 10:45 - 2012-03-14 16:03 - 01104240 _____ () C:\Windows\WindowsUpdate.log
2014-04-11 10:43 - 2012-06-27 09:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-11 10:41 - 2014-04-11 10:41 - 00026835 _____ () C:\Users\brownk\Desktop\attach.txt
2014-04-11 10:40 - 2014-04-11 10:41 - 00029378 _____ () C:\Users\brownk\Desktop\dds.txt
2014-04-11 09:56 - 2014-04-09 12:57 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-11 09:08 - 2010-11-20 17:01 - 00784798 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-11 09:07 - 2009-07-14 00:34 - 00023072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-11 09:07 - 2009-07-14 00:34 - 00023072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-11 09:05 - 2014-04-11 09:05 - 00000314 _____ () C:\Windows\Tasks\0214dUpdateInfo.job
2014-04-11 09:05 - 2014-04-11 09:05 - 00000000 ____D () C:\ProgramData\Avg_Update_0214d
2014-04-11 09:05 - 2012-11-10 12:58 - 00000000 ____D () C:\Users\brownk\Documents\SAP
2014-04-11 09:05 - 2012-11-10 12:58 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\SAP
2014-04-11 09:05 - 2012-11-10 12:58 - 00000000 ____D () C:\Users\brownk\AppData\Local\SAP
2014-04-11 09:03 - 2012-06-26 13:06 - 00001755 _____ () C:\Users\brownk\drvmap.log
2014-04-11 09:02 - 2011-11-10 17:26 - 00000000 ____D () C:\ProgramData\Sonic
2014-04-11 09:01 - 2014-03-26 22:32 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\Dropbox
2014-04-11 09:01 - 2012-06-27 13:07 - 00000000 ____D () C:\Users\brownk\AppData\Local\Eye-Fi
2014-04-11 09:01 - 2012-06-27 11:39 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-11 09:00 - 2014-03-03 18:43 - 00000000 ____D () C:\Program Files\ATT
2014-04-11 09:00 - 2011-11-16 18:28 - 00000463 _____ () C:\Windows\SMSCFG.ini
2014-04-11 09:00 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-11 09:00 - 2009-07-14 00:39 - 00098448 _____ () C:\Windows\setupact.log
2014-04-10 18:36 - 2014-04-10 18:31 - 00000000 ____D () C:\Tyler
2014-04-10 15:14 - 2014-04-10 14:59 - 00000000 ____D () C:\Users\brownk\Desktop\RK_Quarantine
2014-04-10 15:07 - 2014-04-10 14:52 - 00000000 ____D () C:\Users\brownk\Downloads\HitManPro
2014-04-10 14:59 - 2014-04-10 14:52 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-10 14:20 - 2014-04-09 14:44 - 00023094 _____ () C:\Users\brownk\Desktop\avgrep.txt
2014-04-10 13:39 - 2012-06-27 11:59 - 00002048 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-09 13:27 - 2014-04-09 12:57 - 00000000 ____D () C:\Users\brownk\AppData\Local\Avg2014
2014-04-09 13:05 - 2014-04-09 13:05 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\AVG2014
2014-04-09 13:04 - 2014-04-09 13:04 - 00000935 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-09 13:04 - 2014-04-09 13:04 - 00000000 ___HD () C:\$AVG
2014-04-09 13:04 - 2014-04-09 13:04 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\TuneUp Software
2014-04-09 13:04 - 2014-04-09 13:04 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-09 13:04 - 2014-04-09 13:04 - 00000000 ____D () C:\Program Files\AVG
2014-04-09 12:57 - 2014-04-09 12:57 - 00000000 ____D () C:\Users\brownk\AppData\Local\MFAData
2014-04-08 23:08 - 2014-03-26 23:25 - 00000000 ___RD () C:\Users\brownk\Dropbox
2014-04-07 22:29 - 2014-04-07 22:29 - 00000000 ____S () C:\Windows\system32\gyaf.cfy
2014-04-07 22:09 - 2013-12-27 09:50 - 00000000 ____D () C:\Users\brownk\Documents\P90X3
2014-04-07 18:14 - 2014-02-24 12:31 - 00000085 _____ () C:\Windows\system32\onyu.oms
2014-04-07 09:09 - 2012-03-16 09:01 - 00002226 ____H () C:\Users\brownk\Documents\Default.rdp
2014-04-04 16:25 - 2014-03-22 20:48 - 00000000 ____D () C:\Users\brownk\.WHCCROES
2014-04-04 16:05 - 2014-04-04 16:05 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WHCC ROES
2014-04-04 16:05 - 2014-04-03 21:15 - 00000000 ____D () C:\Malone
2014-04-04 16:05 - 2014-03-22 20:48 - 00002189 _____ () C:\Users\brownk\Desktop\WHCC ROES.lnk
2014-04-04 08:34 - 2009-07-14 00:33 - 03911152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-03 22:11 - 2012-06-26 13:05 - 00167176 _____ () C:\Users\brownk\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-03 21:01 - 2014-04-03 21:01 - 00000000 ____S () C:\Windows\system32\eykj.jlw
2014-03-31 11:21 - 2014-03-31 11:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2014-03-31 09:40 - 2014-03-31 09:40 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-31 09:40 - 2014-03-31 09:40 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-03-31 09:40 - 2014-03-31 09:40 - 00000000 ____D () C:\Program Files\iTunes
2014-03-31 09:40 - 2014-03-31 09:40 - 00000000 ____D () C:\Program Files\iPod
2014-03-31 09:40 - 2012-07-22 21:05 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-31 09:39 - 2012-07-22 21:05 - 00000000 ____D () C:\ProgramData\Apple
2014-03-31 09:36 - 2014-03-31 09:24 - 00000000 ____D () C:\Users\brownk\Downloads\Apple
2014-03-30 17:45 - 2014-03-30 17:45 - 00000000 ____S () C:\Windows\system32\esqira.cvt
2014-03-29 09:56 - 2014-03-23 15:47 - 00001820 _____ () C:\SeagateAdapter
2014-03-26 23:44 - 2012-03-12 08:55 - 00000000 ____D () C:\PhotoShare
2014-03-26 23:25 - 2014-03-26 23:25 - 00001002 _____ () C:\Users\brownk\Desktop\Dropbox.lnk
2014-03-26 23:25 - 2014-03-26 23:24 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\DropboxMaster
2014-03-26 23:25 - 2012-06-26 13:05 - 00000000 ____D () C:\Users\brownk
2014-03-26 23:24 - 2014-03-26 23:24 - 00000000 ____D () C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-03-24 11:05 - 2010-11-20 17:48 - 00055912 _____ () C:\Windows\PFRO.log
2014-03-24 11:05 - 2009-07-13 22:37 - 00000000 __RSD () C:\Windows\Media
2014-03-23 16:30 - 2014-02-08 16:33 - 00000000 ____D () C:\Program Files\greatsavaer
2014-03-22 20:57 - 2012-04-17 09:08 - 00000000 ____D () C:\Users\brownk\.roescache
2014-03-22 20:48 - 2014-03-22 20:48 - 00001152 _____ () C:\Users\brownk\Downloads\Launch-WHCC-ROES (1).jnlp
2014-03-22 20:46 - 2013-11-04 05:39 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-22 20:45 - 2014-03-22 20:45 - 00005163 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-03-22 20:45 - 2011-11-10 17:20 - 00000000 ____D () C:\Program Files\Java
2014-03-22 20:44 - 2014-03-22 20:43 - 00001152 _____ () C:\Users\brownk\Downloads\Launch-WHCC-ROES.jnlp
2014-03-17 16:10 - 2013-12-08 22:24 - 00000000 ____D () C:\Corbett
2014-03-12 14:21 - 2013-10-24 08:02 - 00000000 ____D () C:\Users\brownk\Documents\ProForma

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2094157777-493687331-1256410061-120116\$379c3759e53237cf29d968b845e596ed

Files to move or delete:
====================
C:\Users\brownk.000\gotomypc_635.exe

Some content of TEMP:
====================
C:\Users\brownk\AppData\Local\Temp\AcDeltree.exe
C:\Users\brownk\AppData\Local\Temp\AskSLib.dll
C:\Users\brownk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6bnrsy.dll
C:\Users\brownk\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\brownk\AppData\Local\Temp\FreeFontPack.exe
C:\Users\brownk\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\brownk\AppData\Local\Temp\ntdll_dump.dll
C:\Users\brownk\AppData\Local\Temp\pcDesktopAlertNotifierX.dll
C:\Users\brownk\AppData\Local\Temp\setup-pscombined-adk-cb-1.1-x86x64.exe
C:\Users\brownk\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\brownk\AppData\Local\Temp\Tsu2E389B84.dll
C:\Users\brownk\AppData\Local\Temp\unblacklist.exe
C:\Users\brownk\AppData\Local\Temp\unelevate.exe
C:\Users\brownk\AppData\Local\Temp\US_en_Avery_AW40.exe
C:\Users\brownk\AppData\Local\Temp\vcredist_x86.exe
C:\Users\brownk\AppData\Local\Temp\_is889F.exe
C:\Users\brownk\AppData\Local\Temp\_isD9F6.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2010-11-20 17:29] - [2010-11-20 17:29] - 0377344 ____A (Microsoft Corporation) 04B695C58BC727C84D5E443AF93411E8

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-09 10:20

==================== End Of Log ============================

 

ADDITION:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by brownk at 2014-04-11 11:02:33
Running from C:\Users\brownk\Downloads\BleepingComputer\Farbar
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Forefront Endpoint Protection (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Forefront Endpoint Protection (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe Acrobat X Standard - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.1.6 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.1 (HKLM\...\{C1575982-F1CA-46DC-A77D-43FF12F2EFC7}) (Version: 4.1.2 - Adobe)
Adobe Reader X (10.1.1) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Any Video Converter 5.5.5 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASDM on 10.10.57.6 (HKCU\...\ASDM on 10.10.57.6) (Version:  - Cisco Systems, Inc.)
AT&T Troubleshoot & Resolve (HKLM\...\ATT-AT&T Troubleshoot & Resolve) (Version: 8.3.1.18 - AT&T)
att.net Internet Mail (HKLM\...\Yahoo! Mail) (Version:  - )
AutoCAD LT 2010 - English (HKLM\...\AutoCAD LT 2010 - English) (Version: 18.0.59.0 - Autodesk)
AutoCAD LT 2010 - English (Version: 18.0.59.0 - Autodesk) Hidden
AutoCAD LT 2010 Language Pack - English (Version: 18.0.59.0 - Autodesk) Hidden
Avery Wizard 4.0 (HKLM\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4355 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4355 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.03103 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.03103 - Cisco Systems, Inc.) Hidden
Cisco WebEx Meeting Center for Internet Explorer (HKLM\...\{76CB41B1-D1A9-4FC1-BC3E-C5EF15F5CD12}) (Version: 8.29.3000 - Cisco WebEx LLC)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix online plug-in - web (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 12.1.44.1 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Configuration Manager Client (Version: 4.00.6487.2000 - Microsoft Corporation) Hidden
CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3426 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3426 - CyberLink Corp.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.118 - ALPS ELECTRIC CO., LTD.)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DisplayLink Core Software (HKLM\...\{861C4DFA-E691-4BA6-BE6B-D5BA211990B6}) (Version: 5.6.31854.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{70E2B27F-0B7F-41B2-8145-E7377BC9F75A}) (Version: 5.6.31870.0 - DisplayLink Corp.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.27 - Dropbox, Inc.)
DVD Architect Studio 5.0 (HKLM\...\{43BA93F0-B496-11E0-BCDF-005056C00008}) (Version: 5.0.150 - Sony)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDFab 8.1.2.6 (12/10/2011) Qt (HKLM\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.2.0.2 (20/08/2012) Qt Beta (HKLM\...\DVDFab 8 Qt Beta_is1) (Version:  - Fengtao Software Inc.)
DVDx (HKLM\...\DVDx_is1) (Version: 2.10 - labDV®)
Engineering Client Viewer 7.0 (HKLM\...\SAP_Engineering Client Viewer 7.0) (Version:  - SAP AG)
Epson Print CD (HKLM\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.05.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Epson Professional Print Samples (HKLM\...\{E88FA8EC-3D78-4879-8CA5-DCE2F3FF9BC7}) (Version:  - )
Epson Stylus Photo R3000 Printer Uninstall (HKLM\...\Epson Stylus Photo R3000) (Version:  - SEIKO EPSON Corporation)
Eye-Fi Center 3.4 (HKLM\...\{7764F7B0-7225-4145-82B6-2AB4540D33A6}) (Version: 3.4.26 - Eye-Fi, Inc)
fbDownloader 1.0.2 (HKLM\...\fbDownloader) (Version: 1.0.2 - HTTO Group, Inc.)
fbDownloader Browser Plugins 1.0 (HKLM\...\fbDownloader Browser Plugins) (Version: 1.0 - HTTO Group, Inc.)
Fitbit Connect (HKLM\...\{C257E096-67B0-4122-98F3-EE0D8798E03B}) (Version: 1.0.0.4065 - Fitbit Inc.)
Gadwin PrintScreen (HKLM\...\Gadwin PrintScreen) (Version: 4.4 - Gadwin Systems, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Harmony Browser Plug-in (HKLM\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
HP ENVY 110 series Basic Device Software (HKLM\...\{9B167C98-AC9C-418C-A82F-06438E6A4F35}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
InstallVC90Support (Version: 1.01.0000 - Novatel Wireless) Hidden
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
KnoaAgent (Version: 6.0.22700 - Knoa Software, Inc.) Hidden
Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.54.11 - Logitech, Inc.)
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (Version: 7.6.0.8 - Logitech) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Memeo AutoSync (HKLM\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version:  - Memeo Inc.)
Memeo Backup Premium (HKLM\...\{347DA8D7-B858-421e-A154-5F438A36F1A4}) (Version:  - Memeo Inc.)
Memeo LifeAgent Explorer Extension (HKLM\...\{F0DB63F5-0936-41D2-B400-89707218FAAC}) (Version: 4.0.114 - Memeo Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Forefront Endpoint Protection (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Forefront Endpoint Protection 2010 Server Management (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Office 2003 Primary Interop Assemblies (HKLM\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM\...\{8E770F99-CF23-4BF9-BF4E-E3A2924FEB27}) (Version: 8.0.50727.762 - SAP)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft Security Client (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visio Viewer 2010 (HKLM\...\{95140000-0052-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 14.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 14.0.1 (x86 en-US)) (Version: 14.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 14.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4.0 redistributable (HKLM\...\{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}) (Version: 4.0.0.0 - SAP)
NetWrix Password Manager Logon Prompt Extension (HKLM\...\{81A62E40-FC0A-464F-8AAC-9CCB176451CD}) (Version: 6.1.343 - NetWrix Corporation)
PANTECH UML290 (HKLM\...\{F95AC24D-E515-4057-BEB0-FDDFA55F74BB}) (Version: 1.7.107.0523 - PANTECH CO., LTD)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PhotoShowExpress (Version: 2.0.063 - Sonic Solutions) Hidden
Picture Collage Maker 3.1.6 (HKLM\...\{D53599B0-AA76-4CC6-B9EF-CC2F27B56F24}_is1) (Version:  - PearlMountain Soft)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (Version: 1.3.3 - Roxio) Hidden
Roxio Burn (Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
SAFE Servlet (Version: 6.19.1 - Guidance Software) Hidden
SAP Business Explorer (HKLM\...\SAPBI) (Version: 7.20 - SAP AG)
SAP GUI for Windows 7.20 (HKLM\...\SAPGUI710) (Version: 7.20 Compilation 3 - SAP)
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1554 - Memeo Inc.)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Sprint SmartView (HKLM\...\{84E0D40C-ED8E-48B2-83D2-4C11AB246F4A}) (Version: 2.61.0038.0 - Sprint)
SweetIM for Messenger 3.7 (HKLM\...\{7683B745-6060-41FD-AA75-0BBB383FEAD4}) (Version: 3.7.0005 - SweetIM Technologies Ltd.) <==== ATTENTION
Tera Term 4.71 (HKLM\...\Tera Term_is1) (Version:  - )
TTLEditor 1.2.1 (HKLM\...\{A1BFEB7F-3126-4F60-9CFD-8D4FC1B87BEB}_is1) (Version:  - LogMeTT.com)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{14B7142F-D7E2-4FB0-9E3B-7CAA8D7FFC56}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARD_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{F1CBE095-403D-466D-BB13-B185A5F33231}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{6B6DDDCE-B456-4FE1-9A07-DBC1708E4158}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Movie Studio HD Platinum 11.0 (HKLM\...\{81BBE880-5409-11E1-BF7F-F04DA23A5C58}) (Version: 11.0.295 - Sony)
Verizon Wireless UML290 Firmware Updates (HKLM\...\{1A1A198F-405C-4254-A15E-9C44FEB1F6E1}) (Version: 1.0.11 - Smith Micro Software, Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VZAccess Manager (HKLM\...\{C0759E71-7BEC-42AB-BFFF-D53DEC0402F8}) (Version: 7.7.7.0 - Smith Micro Software Inc.)
WebEx Productivity Tools (HKLM\...\{8D705A39-56D9-4039-B225-C70568424D25}) (Version: 2.29 - Cisco WebEx LLC)
WinX HD Video Converter Deluxe 3.12.6 (HKLM\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software,Inc.)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version:  - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

15-03-2014 19:10:22 Windows Update
22-03-2014 19:45:29 Windows Update
23-03-2014 00:45:28 Installed Java 7 Update 51
30-03-2014 14:12:16 Windows Update
31-03-2014 13:39:51 Installed iTunes
03-04-2014 13:10:18 Windows Update
10-04-2014 19:39:29 Scheduled Checkpoint

==================== Hosts content: ==========================

2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00625124-BBFB-4E67-9C00-BE71D019C110} - System32\Tasks\hpUrlLauncher.exe_{D88EFA01-3642-4FBD-A689-9C71646D0419} => C:\Program Files\HP\HP ENVY 110 series\Bin\utils\hpUrlLauncher.exe [2011-09-19] (Hewlett-Packard Co.)
Task: {18FBBE70-FAAD-42E6-BBAA-4666B6D5894C} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {252F1F09-767C-494D-ADB9-175F7CEDE507} - System32\Tasks\ScanToPCActivationApp.exe_{F3E06DE2-BD4A-4D80-A4CF-6E37CAFFA353} => C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe [2011-09-19] (Hewlett-Packard Co.)
Task: {380AA990-10BA-46E7-89B3-97EDE5985DF0} - System32\Tasks\AdobeAAMUpdater-1.0-SCHULLER-brownk => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16] (Adobe Systems Incorporated)
Task: {42D2914A-552A-432B-8831-DC190179F829} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4F7B4E63-FDCE-4FCE-B891-5FDB5B7DC8CE} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe [2014-03-24] ()
Task: {5353B828-DA1C-41AD-9415-8EEA43CD828A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-06] (Adobe Systems Incorporated)
Task: {5E79D047-1C4A-4368-99EE-C11AEB759265} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {860AD3C6-85E6-4368-8CC8-ED69076972CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-27] (Google Inc.)
Task: {D14F213B-A342-442C-989E-31AA000EAEAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-27] (Google Inc.)
Task: {E9130630-AF1D-4B35-9F26-1FF2BA526B27} - System32\Tasks\Toolbox.exe_{C1EE498D-DC6D-4A8B-9EB0-C34F05D03BBB} => C:\Program Files\HP\HP ENVY 110 series\Bin\Toolbox.exe [2011-09-19] (Hewlett-Packard Co.)
Task: {FAAB5DA5-1CC8-47C9-A1A5-21E8672B270F} - System32\Tasks\WOWPrint.exe_{52B89DE3-BD5B-427E-B19F-6D2A177CAA19} => C:\Program Files\HP\HP ENVY 110 series\Bin\WOWPrint.exe [2011-09-19] (Hewlett-Packard Co.)
Task: C:\Windows\Tasks\0214dUpdateInfo.job => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-26 11:44 - 2013-03-26 11:44 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-18 15:08 - 2013-07-18 15:08 - 00241152 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
2013-07-18 15:07 - 2013-07-18 15:07 - 00268288 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
2013-07-18 15:07 - 2013-07-18 15:07 - 00233984 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
2012-07-12 19:37 - 2012-07-12 19:37 - 01380864 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\libxmljs\build\Release\libxmljs.node
2012-06-26 16:40 - 2012-06-26 16:40 - 00068096 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node
2012-01-05 10:01 - 2012-01-05 10:01 - 00950272 _____ () C:\Windows\system32\enstart.exe
2011-02-07 18:25 - 2011-02-07 18:25 - 00092504 _____ () C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
2011-09-09 16:33 - 2011-08-10 13:31 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2011-07-28 19:08 - 2011-07-28 19:08 - 01259376 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2011-07-28 19:09 - 2011-07-28 19:09 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2012-05-30 11:08 - 2012-05-30 11:08 - 00120424 _____ () C:\Program Files\Sprint\Sprint SmartView\RC_Pac.dll
2012-05-30 11:08 - 2012-05-30 11:08 - 00071272 _____ () C:\Program Files\Sprint\Sprint SmartView\RC_Eap.dll
2012-06-27 11:36 - 2009-08-11 21:18 - 00497664 _____ () C:\Windows\system32\ac3filter.acm
2011-12-21 22:59 - 2011-12-21 22:59 - 00133120 _____ () C:\Program Files\Eye-Fi\Helper\libexif.dll
2011-12-21 22:56 - 2011-12-21 22:56 - 00209408 _____ () C:\Program Files\Eye-Fi\Helper\libopenraw.dll
2012-12-24 15:52 - 2012-12-24 15:52 - 00061496 _____ () C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
2014-04-11 09:01 - 2014-04-11 09:01 - 00041984 _____ () c:\users\brownk\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6bnrsy.dll
2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\brownk\AppData\Roaming\Dropbox\bin\libcef.dll
2012-10-15 01:41 - 2012-10-15 01:41 - 00108960 _____ () C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
2012-10-15 01:46 - 2012-10-15 01:46 - 00031648 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
2012-10-01 14:18 - 2012-10-01 14:18 - 00015360 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.TroubleshootingPlugin.dll
2012-10-01 14:18 - 2012-10-01 14:18 - 00014848 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.VideoTutorialsPlugin.dll
2012-10-12 01:42 - 2012-10-12 01:42 - 02897280 _____ () C:\Program Files\Memeo\AutoBackupPro\Memeo.Client.UI.dll
2012-10-12 01:42 - 2012-10-12 01:42 - 00028032 _____ () C:\Program Files\Memeo\AutoBackupPro\Memeo.Client.DriveDetection.dll
2010-03-22 18:59 - 2010-03-22 18:59 - 00504293 _____ () C:\Program Files\Memeo\AutoBackupPro\sqlite3.DLL
2010-04-20 13:22 - 2010-04-20 13:22 - 00241664 _____ () C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
2010-04-20 13:22 - 2010-04-20 13:22 - 00971776 _____ () C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2012-12-18 10:28 - 2012-12-18 10:28 - 02897640 _____ () C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2010-12-21 02:15 - 2010-12-21 02:15 - 01041248 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2014-03-10 22:47 - 2014-03-10 22:47 - 00839680 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/11/2014 09:53:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (04/11/2014 09:53:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=23, authorId=8086, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=21, authorId=8086, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=18, authorId=8086, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

System errors:
=============
Error: (04/11/2014 09:01:23 AM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: Access is denied.
.

Error: (04/11/2014 09:01:21 AM) (Source: NETLOGON) (User: )
Description: This computer could not authenticate with \\etw-nadc1.na.jm.com, a Windows domain controller
for domain SCHULLER, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (04/11/2014 09:00:31 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/11/2014 09:00:29 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

 Feature: %%835

 Error Code: 0x80004005

 Error description: Unspecified error

 Reason: %%842

Error: (04/11/2014 09:00:27 AM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error:
%%4203

Error: (04/11/2014 09:00:24 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain SCHULLER due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.

 

ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (04/10/2014 06:22:58 PM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (04/10/2014 06:22:02 PM) (Source: Microsoft-Windows-GroupPolicy) (User: SCHULLER)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/10/2014 06:21:07 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

 Feature: %%835

 Error Code: 0x80004005

 Error description: Unspecified error

 Reason: %%842

Error: (04/10/2014 06:20:59 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Microsoft Office Sessions:
=========================
Error: (04/11/2014 09:53:57 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/11/2014 09:53:35 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Sprint\Sprint SmartView\OemDriverManager64.exe

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path43900

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path25900

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path17900

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path23808600

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path21808600

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path18808600

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path43900

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path25900

CodeIntegrity Errors:
===================================
  Date: 2013-01-08 08:29:46.611
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ac3filter.acm because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-08 08:29:46.580
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-20 14:51:15.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ac3filter.acm because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-20 14:51:15.258
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 56%
Total physical RAM: 3240.9 MB
Available physical RAM: 1414.5 MB
Total Pagefile: 6480.09 MB
Available Pagefile: 4553.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1878.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.38 GB) (Free:65.53 GB) NTFS
Drive e: (Apr 09 2014) (CDROM) (Total:0.29 GB) (Free:0 GB) UDF
Drive i: () (Network) (Total:320 GB) (Free:6.17 GB) NTFS
Drive k: () (Network) (Total:320 GB) (Free:6.17 GB) NTFS
Drive m: () (Network) (Total:320 GB) (Free:6.17 GB) NTFS
Drive s: () (Network) (Total:320 GB) (Free:6.17 GB) NTFS
Drive t: () (Network) (Total:320 GB) (Free:6.17 GB) NTFS
Drive u: () (Network) (Total:218.72 GB) (Free:74.4 GB) NTFS
Drive y: () (Network) (Total:273.4 GB) (Free:166.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: DE3A92DB)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

SEARCH:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by brownk at 2014-04-11 11:02:33
Running from C:\Users\brownk\Downloads\BleepingComputer\Farbar
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Forefront Endpoint Protection (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Forefront Endpoint Protection (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe Acrobat X Standard - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.1.6 - Adobe Systems)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.1 (HKLM\...\{C1575982-F1CA-46DC-A77D-43FF12F2EFC7}) (Version: 4.1.2 - Adobe)
Adobe Reader X (10.1.1) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3 Downloader 1.0.17 (HKLM\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Any Video Converter 5.5.5 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASDM on 10.10.57.6 (HKCU\...\ASDM on 10.10.57.6) (Version:  - Cisco Systems, Inc.)
AT&T Troubleshoot & Resolve (HKLM\...\ATT-AT&T Troubleshoot & Resolve) (Version: 8.3.1.18 - AT&T)
att.net Internet Mail (HKLM\...\Yahoo! Mail) (Version:  - )
AutoCAD LT 2010 - English (HKLM\...\AutoCAD LT 2010 - English) (Version: 18.0.59.0 - Autodesk)
AutoCAD LT 2010 - English (Version: 18.0.59.0 - Autodesk) Hidden
AutoCAD LT 2010 Language Pack - English (Version: 18.0.59.0 - Autodesk) Hidden
Avery Wizard 4.0 (HKLM\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4355 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4355 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Cisco AnyConnect Secure Mobility Client  (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.03103 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.03103 - Cisco Systems, Inc.) Hidden
Cisco WebEx Meeting Center for Internet Explorer (HKLM\...\{76CB41B1-D1A9-4FC1-BC3E-C5EF15F5CD12}) (Version: 8.29.3000 - Cisco WebEx LLC)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix online plug-in - web (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 12.1.44.1 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (Version: 12.1.44.1 - Citrix Systems, Inc.) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Configuration Manager Client (Version: 4.00.6487.2000 - Microsoft Corporation) Hidden
CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3426 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3426 - CyberLink Corp.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.118 - ALPS ELECTRIC CO., LTD.)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
DisplayLink Core Software (HKLM\...\{861C4DFA-E691-4BA6-BE6B-D5BA211990B6}) (Version: 5.6.31854.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{70E2B27F-0B7F-41B2-8145-E7377BC9F75A}) (Version: 5.6.31870.0 - DisplayLink Corp.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.27 - Dropbox, Inc.)
DVD Architect Studio 5.0 (HKLM\...\{43BA93F0-B496-11E0-BCDF-005056C00008}) (Version: 5.0.150 - Sony)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDFab 8.1.2.6 (12/10/2011) Qt (HKLM\...\DVDFab 8 Qt_is1) (Version:  - Fengtao Software Inc.)
DVDFab 8.2.0.2 (20/08/2012) Qt Beta (HKLM\...\DVDFab 8 Qt Beta_is1) (Version:  - Fengtao Software Inc.)
DVDx (HKLM\...\DVDx_is1) (Version: 2.10 - labDV®)
Engineering Client Viewer 7.0 (HKLM\...\SAP_Engineering Client Viewer 7.0) (Version:  - SAP AG)
Epson Print CD (HKLM\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.05.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Epson Professional Print Samples (HKLM\...\{E88FA8EC-3D78-4879-8CA5-DCE2F3FF9BC7}) (Version:  - )
Epson Stylus Photo R3000 Printer Uninstall (HKLM\...\Epson Stylus Photo R3000) (Version:  - SEIKO EPSON Corporation)
Eye-Fi Center 3.4 (HKLM\...\{7764F7B0-7225-4145-82B6-2AB4540D33A6}) (Version: 3.4.26 - Eye-Fi, Inc)
fbDownloader 1.0.2 (HKLM\...\fbDownloader) (Version: 1.0.2 - HTTO Group, Inc.)
fbDownloader Browser Plugins 1.0 (HKLM\...\fbDownloader Browser Plugins) (Version: 1.0 - HTTO Group, Inc.)
Fitbit Connect (HKLM\...\{C257E096-67B0-4122-98F3-EE0D8798E03B}) (Version: 1.0.0.4065 - Fitbit Inc.)
Gadwin PrintScreen (HKLM\...\Gadwin PrintScreen) (Version: 4.4 - Gadwin Systems, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Harmony Browser Plug-in (HKLM\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
HP ENVY 110 series Basic Device Software (HKLM\...\{9B167C98-AC9C-418C-A82F-06438E6A4F35}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
InstallVC90Support (Version: 1.01.0000 - Novatel Wireless) Hidden
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
KnoaAgent (Version: 6.0.22700 - Knoa Software, Inc.) Hidden
Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.54.11 - Logitech, Inc.)
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (Version: 7.6.0.8 - Logitech) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Memeo AutoSync (HKLM\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version:  - Memeo Inc.)
Memeo Backup Premium (HKLM\...\{347DA8D7-B858-421e-A154-5F438A36F1A4}) (Version:  - Memeo Inc.)
Memeo LifeAgent Explorer Extension (HKLM\...\{F0DB63F5-0936-41D2-B400-89707218FAAC}) (Version: 4.0.114 - Memeo Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Forefront Endpoint Protection (HKLM\...\Microsoft Security Client) (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Forefront Endpoint Protection 2010 Server Management (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Office 2003 Primary Interop Assemblies (HKLM\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Standard 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM\...\{8E770F99-CF23-4BF9-BF4E-E3A2924FEB27}) (Version: 8.0.50727.762 - SAP)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft Security Client (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visio Viewer 2010 (HKLM\...\{95140000-0052-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 14.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 14.0.1 (x86 en-US)) (Version: 14.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 14.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4.0 redistributable (HKLM\...\{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}) (Version: 4.0.0.0 - SAP)
NetWrix Password Manager Logon Prompt Extension (HKLM\...\{81A62E40-FC0A-464F-8AAC-9CCB176451CD}) (Version: 6.1.343 - NetWrix Corporation)
PANTECH UML290 (HKLM\...\{F95AC24D-E515-4057-BEB0-FDDFA55F74BB}) (Version: 1.7.107.0523 - PANTECH CO., LTD)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PhotoShowExpress (Version: 2.0.063 - Sonic Solutions) Hidden
Picture Collage Maker 3.1.6 (HKLM\...\{D53599B0-AA76-4CC6-B9EF-CC2F27B56F24}_is1) (Version:  - PearlMountain Soft)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (Version: 1.3.3 - Roxio) Hidden
Roxio Burn (Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
SAFE Servlet (Version: 6.19.1 - Guidance Software) Hidden
SAP Business Explorer (HKLM\...\SAPBI) (Version: 7.20 - SAP AG)
SAP GUI for Windows 7.20 (HKLM\...\SAPGUI710) (Version: 7.20 Compilation 3 - SAP)
Seagate Dashboard (HKLM\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1554 - Memeo Inc.)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
Sprint SmartView (HKLM\...\{84E0D40C-ED8E-48B2-83D2-4C11AB246F4A}) (Version: 2.61.0038.0 - Sprint)
SweetIM for Messenger 3.7 (HKLM\...\{7683B745-6060-41FD-AA75-0BBB383FEAD4}) (Version: 3.7.0005 - SweetIM Technologies Ltd.) <==== ATTENTION
Tera Term 4.71 (HKLM\...\Tera Term_is1) (Version:  - )
TTLEditor 1.2.1 (HKLM\...\{A1BFEB7F-3126-4F60-9CFD-8D4FC1B87BEB}_is1) (Version:  - LogMeTT.com)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{14B7142F-D7E2-4FB0-9E3B-7CAA8D7FFC56}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARD_{C633216E-FF30-45B6-B2AB-21922A9353EF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{F1CBE095-403D-466D-BB13-B185A5F33231}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{6B6DDDCE-B456-4FE1-9A07-DBC1708E4158}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Movie Studio HD Platinum 11.0 (HKLM\...\{81BBE880-5409-11E1-BF7F-F04DA23A5C58}) (Version: 11.0.295 - Sony)
Verizon Wireless UML290 Firmware Updates (HKLM\...\{1A1A198F-405C-4254-A15E-9C44FEB1F6E1}) (Version: 1.0.11 - Smith Micro Software, Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VZAccess Manager (HKLM\...\{C0759E71-7BEC-42AB-BFFF-D53DEC0402F8}) (Version: 7.7.7.0 - Smith Micro Software Inc.)
WebEx Productivity Tools (HKLM\...\{8D705A39-56D9-4039-B225-C70568424D25}) (Version: 2.29 - Cisco WebEx LLC)
WinX HD Video Converter Deluxe 3.12.6 (HKLM\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software,Inc.)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version:  - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

15-03-2014 19:10:22 Windows Update
22-03-2014 19:45:29 Windows Update
23-03-2014 00:45:28 Installed Java 7 Update 51
30-03-2014 14:12:16 Windows Update
31-03-2014 13:39:51 Installed iTunes
03-04-2014 13:10:18 Windows Update
10-04-2014 19:39:29 Scheduled Checkpoint

==================== Hosts content: ==========================

2009-07-13 22:04 - 2009-06-10 17:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00625124-BBFB-4E67-9C00-BE71D019C110} - System32\Tasks\hpUrlLauncher.exe_{D88EFA01-3642-4FBD-A689-9C71646D0419} => C:\Program Files\HP\HP ENVY 110 series\Bin\utils\hpUrlLauncher.exe [2011-09-19] (Hewlett-Packard Co.)
Task: {18FBBE70-FAAD-42E6-BBAA-4666B6D5894C} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {252F1F09-767C-494D-ADB9-175F7CEDE507} - System32\Tasks\ScanToPCActivationApp.exe_{F3E06DE2-BD4A-4D80-A4CF-6E37CAFFA353} => C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe [2011-09-19] (Hewlett-Packard Co.)
Task: {380AA990-10BA-46E7-89B3-97EDE5985DF0} - System32\Tasks\AdobeAAMUpdater-1.0-SCHULLER-brownk => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16] (Adobe Systems Incorporated)
Task: {42D2914A-552A-432B-8831-DC190179F829} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4F7B4E63-FDCE-4FCE-B891-5FDB5B7DC8CE} - System32\Tasks\0214dUpdateInfo => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe [2014-03-24] ()
Task: {5353B828-DA1C-41AD-9415-8EEA43CD828A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-06] (Adobe Systems Incorporated)
Task: {5E79D047-1C4A-4368-99EE-C11AEB759265} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {860AD3C6-85E6-4368-8CC8-ED69076972CA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-27] (Google Inc.)
Task: {D14F213B-A342-442C-989E-31AA000EAEAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-06-27] (Google Inc.)
Task: {E9130630-AF1D-4B35-9F26-1FF2BA526B27} - System32\Tasks\Toolbox.exe_{C1EE498D-DC6D-4A8B-9EB0-C34F05D03BBB} => C:\Program Files\HP\HP ENVY 110 series\Bin\Toolbox.exe [2011-09-19] (Hewlett-Packard Co.)
Task: {FAAB5DA5-1CC8-47C9-A1A5-21E8672B270F} - System32\Tasks\WOWPrint.exe_{52B89DE3-BD5B-427E-B19F-6D2A177CAA19} => C:\Program Files\HP\HP ENVY 110 series\Bin\WOWPrint.exe [2011-09-19] (Hewlett-Packard Co.)
Task: C:\Windows\Tasks\0214dUpdateInfo.job => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-26 11:44 - 2013-03-26 11:44 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-18 15:08 - 2013-07-18 15:08 - 00241152 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
2013-07-18 15:07 - 2013-07-18 15:07 - 00268288 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
2013-07-18 15:07 - 2013-07-18 15:07 - 00233984 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
2012-07-12 19:37 - 2012-07-12 19:37 - 01380864 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\libxmljs\build\Release\libxmljs.node
2012-06-26 16:40 - 2012-06-26 16:40 - 00068096 _____ () C:\Program Files\ATT\8.3.1.18\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node
2012-01-05 10:01 - 2012-01-05 10:01 - 00950272 _____ () C:\Windows\system32\enstart.exe
2011-02-07 18:25 - 2011-02-07 18:25 - 00092504 _____ () C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
2011-09-09 16:33 - 2011-08-10 13:31 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2011-07-28 19:08 - 2011-07-28 19:08 - 01259376 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2011-07-28 19:09 - 2011-07-28 19:09 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2012-05-30 11:08 - 2012-05-30 11:08 - 00120424 _____ () C:\Program Files\Sprint\Sprint SmartView\RC_Pac.dll
2012-05-30 11:08 - 2012-05-30 11:08 - 00071272 _____ () C:\Program Files\Sprint\Sprint SmartView\RC_Eap.dll
2012-06-27 11:36 - 2009-08-11 21:18 - 00497664 _____ () C:\Windows\system32\ac3filter.acm
2011-12-21 22:59 - 2011-12-21 22:59 - 00133120 _____ () C:\Program Files\Eye-Fi\Helper\libexif.dll
2011-12-21 22:56 - 2011-12-21 22:56 - 00209408 _____ () C:\Program Files\Eye-Fi\Helper\libopenraw.dll
2012-12-24 15:52 - 2012-12-24 15:52 - 00061496 _____ () C:\Program Files\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
2014-04-11 09:01 - 2014-04-11 09:01 - 00041984 _____ () c:\users\brownk\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6bnrsy.dll
2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\brownk\AppData\Roaming\Dropbox\bin\libcef.dll
2012-10-15 01:41 - 2012-10-15 01:41 - 00108960 _____ () C:\Program Files\Seagate\Seagate Dashboard\Memeo.Progress.dll
2012-10-15 01:46 - 2012-10-15 01:46 - 00031648 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
2012-10-01 14:18 - 2012-10-01 14:18 - 00015360 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.TroubleshootingPlugin.dll
2012-10-01 14:18 - 2012-10-01 14:18 - 00014848 _____ () C:\Program Files\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.VideoTutorialsPlugin.dll
2012-10-12 01:42 - 2012-10-12 01:42 - 02897280 _____ () C:\Program Files\Memeo\AutoBackupPro\Memeo.Client.UI.dll
2012-10-12 01:42 - 2012-10-12 01:42 - 00028032 _____ () C:\Program Files\Memeo\AutoBackupPro\Memeo.Client.DriveDetection.dll
2010-03-22 18:59 - 2010-03-22 18:59 - 00504293 _____ () C:\Program Files\Memeo\AutoBackupPro\sqlite3.DLL
2010-04-20 13:22 - 2010-04-20 13:22 - 00241664 _____ () C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
2010-04-20 13:22 - 2010-04-20 13:22 - 00971776 _____ () C:\Program Files\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2012-12-18 10:28 - 2012-12-18 10:28 - 02897640 _____ () C:\Program Files\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2010-12-21 02:15 - 2010-12-21 02:15 - 01041248 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2009-07-13 17:03 - 2009-07-13 21:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2014-03-10 22:47 - 2014-03-10 22:47 - 00839680 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (04/11/2014 09:53:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (04/11/2014 09:53:35 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=23, authorId=8086, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=21, authorId=8086, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=18, authorId=8086, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

System errors:
=============
Error: (04/11/2014 09:01:23 AM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: Access is denied.
.

Error: (04/11/2014 09:01:21 AM) (Source: NETLOGON) (User: )
Description: This computer could not authenticate with \\etw-nadc1.na.jm.com, a Windows domain controller
for domain SCHULLER, and therefore this computer might deny logon requests.
This inability to authenticate might be caused by another computer on the
same network using the same name or the password for this computer account
is not recognized. If this message appears again, contact your system
administrator.

Error: (04/11/2014 09:00:31 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/11/2014 09:00:29 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

 Feature: %%835

 Error Code: 0x80004005

 Error description: Unspecified error

 Reason: %%842

Error: (04/11/2014 09:00:27 AM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error:
%%4203

Error: (04/11/2014 09:00:24 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain SCHULLER due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.

 

ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (04/10/2014 06:22:58 PM) (Source: TermService) (User: )
Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
.

Error: (04/10/2014 06:22:02 PM) (Source: Microsoft-Windows-GroupPolicy) (User: SCHULLER)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/10/2014 06:21:07 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

 Feature: %%835

 Error Code: 0x80004005

 Error description: Unspecified error

 Reason: %%842

Error: (04/10/2014 06:20:59 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Microsoft Office Sessions:
=========================
Error: (04/11/2014 09:53:57 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/11/2014 09:53:35 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Sprint\Sprint SmartView\OemDriverManager64.exe

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path43900

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path25900

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path17900

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path23808600

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path21808600

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path18808600

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path43900

Error: (04/11/2014 09:33:26 AM) (Source: Microsoft-Windows-EapHost)(User: NT AUTHORITY)
Description: Eap method DLL path25900

CodeIntegrity Errors:
===================================
  Date: 2013-01-08 08:29:46.611
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ac3filter.acm because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-08 08:29:46.580
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-20 14:51:15.289
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\ac3filter.acm because the set of per-page image hashes could not be found on the system.

  Date: 2012-09-20 14:51:15.258
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 56%
Total physical RAM: 3240.9 MB
Available physical RAM: 1414.5 MB
Total Pagefile: 6480.09 MB
Available Pagefile: 4553.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1878.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.38 GB) (Free:65.53 GB) NTFS
Drive e: (Apr 09 2014) (CDROM) (Total:0.29 GB) (Free:0 GB) UDF
Drive i: () (Network) (Total:320 GB) (Free:6.17 GB) NTFS
Drive k: () (Network) (Total:320 GB) (Free:6.17 GB) NTFS
Drive m: () (Network) (Total:320 GB) (Free:6.17 GB) NTFS
Drive s: () (Network) (Total:320 GB) (Free:6.17 GB) NTFS
Drive t: () (Network) (Total:320 GB) (Free:6.17 GB) NTFS
Drive u: () (Network) (Total:218.72 GB) (Free:74.4 GB) NTFS
Drive y: () (Network) (Total:273.4 GB) (Free:166.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: DE3A92DB)

Partition: GPT Partition Type.

==================== End Of Log ============================



#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:43 AM

Posted 11 April 2014 - 10:37 AM

Hello,

 

You posted the Addition.txt twice instead of Search.txt! :)

 

 

Regards,

Georgi


cXfZ4wS.png


#5 kbrown1835

kbrown1835
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 11 April 2014 - 10:41 AM

Sorry, here you go..

 

Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by brownk at 2014-04-11 11:10:17
Running from C:\Users\brownk\Downloads\BleepingComputer\Farbar
Boot Mode: Normal

================== Search: "rpcss.dll" ===================

C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll
[2010-11-20 17:29] - [2010-11-20 17:29] - 0376832 ____A (Microsoft Corporation) 7660F01D3B38ACA1747E397D21D790AF

C:\Windows\System32\rpcss.dll
[2010-11-20 17:29] - [2010-11-20 17:29] - 0377344 ____A (Microsoft Corporation) 04B695C58BC727C84D5E443AF93411E8

=== End Of Search ===



#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:43 AM

Posted 11 April 2014 - 10:47 AM

Hi,

 

Please download the following file => [attachment=149206:fixlist.txt] and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#7 kbrown1835

kbrown1835
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 11 April 2014 - 10:56 AM

after an auto reboot, here is the FixList file...

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014  01
Ran by brownk at 2014-04-11 11:51:01 Run:1
Running from C:\Users\brownk\Downloads\BleepingComputer\Farbar
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
HKLM\...\Run: [] - [X]
HKLM\...\Run: [MSC] - "c:\Program Files\Microsoft Security Client\Antimalware\mssecex.exe" -hide -runkey <===== ATTENTION (File name is altered)
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF NewTab: hxxp://search.babylon.com/?affID=113959&tt=3612_8&babsrc=NT_ss&mntrId=58ae1dc9000000000000a078baf03adc
FF DefaultSearchEngine: Search the web (Babylon)
FF SearchEngineOrder.1: Search the web (Babylon)
FF Homepage: hxxp://search.babylon.com/?affID=113959&tt=3612_8&babsrc=HP_ss&mntrId=58ae1dc9000000000000a078baf03adc
FF Keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10008&q=
FF SearchPlugin: C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\searchplugins\sweetim.xml
FF Extension: Babylon - C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\Extensions\ffxtlbr@babylon.com [2013-02-02]
FF Extension: No Name - C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\Extensions\staged [2014-02-08]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-09-24]
FF HKLM\...\Firefox\Extensions: [fbdownloader@KMcore] - C:\Program Files\fbDownloader\_browser_extensions\xpi
FF Extension: fbdownloader - C:\Program Files\fbDownloader\_browser_extensions\xpi [2012-08-09]
CHR Extension: (Motive Extension) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2014-03-03]
CHR Extension: (SweetIM for Facebook) - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2012-10-18]
CHR HKLM\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx [2014-03-03]
CHR HKLM\...\Chrome\Extension: [fjkcaddghdedgbifecmglibhhjijdimi] - C:\Program Files\fbDownloader\_browser_extensions\fbdownloader.crx [2011-09-19]
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-09-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
2014-04-07 22:29 - 2014-04-07 22:29 - 00000000 ____S () C:\Windows\system32\gyaf.cfy
2014-04-03 21:01 - 2014-04-03 21:01 - 00000000 ____S () C:\Windows\system32\eykj.jlw
2014-03-30 17:45 - 2014-03-30 17:45 - 00000000 ____S () C:\Windows\system32\esqira.cvt
2014-04-07 18:14 - 2014-02-24 12:31 - 00000085 _____ () C:\Windows\system32\onyu.oms
C:\$Recycle.Bin\S-1-5-21-2094157777-493687331-1256410061-120116\$379c3759e53237cf29d968b845e596ed
Replace: C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll C:\Windows\System32\rpcss.dll
C:\Users\brownk\AppData\Local\Temp
end
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSC => Value was restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
Firefox newtab deleted successfully.
Firefox DefaultSearchEngine deleted successfully.
Firefox SearchEngineOrder.1 deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\searchplugins\sweetim.xml => Moved successfully.
C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\Extensions\ffxtlbr@babylon.com => Moved successfully.
C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\Extensions\staged => Moved successfully.
C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\fbdownloader@KMcore => Value deleted successfully.
C:\Program Files\fbDownloader\_browser_extensions\xpi => Moved successfully.
C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec => Moved successfully.
C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\edmgmpmklgfbohogafcfobonnkogchec => Key deleted successfully.
C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\fjkcaddghdedgbifecmglibhhjijdimi => Key deleted successfully.
C:\Program Files\fbDownloader\_browser_extensions\fbdownloader.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn => Key deleted successfully.
C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Windows\system32\gyaf.cfy => Moved successfully.
C:\Windows\system32\eykj.jlw => Moved successfully.
C:\Windows\system32\esqira.cvt => Moved successfully.
C:\Windows\system32\onyu.oms => Moved successfully.
C:\$Recycle.Bin\S-1-5-21-2094157777-493687331-1256410061-120116\$379c3759e53237cf29d968b845e596ed => Moved successfully.
C:\Windows\System32\rpcss.dll => Moved successfully.
C:\Windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_6bd245e79c221747\rpcss.dll copied successfully to C:\Windows\System32\rpcss.dll

"C:\Users\brownk\AppData\Local\Temp" directory move:

C:\Users\brownk\AppData\Local\Temp\1797.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\3402.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\5920_7503367_MVM_4.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\5920_7503367_MVM_5.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\5920_7503367_MVM_6.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\6677.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\AcDeltree.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ad2A3C.tmp => Moved successfully.
Could not move "C:\Users\brownk\AppData\Local\Temp\AdobeARM.log" => Scheduled to move on reboot.
C:\Users\brownk\AppData\Local\Temp\AdobeARM_NotLocked.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ads37A5.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\adsA064.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\amt3.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\apmFF7.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ArmUI.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\AskSLib.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Attach.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\au-descriptor-1.7.0_45-b18.xml => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\AutoCAD LT 2010 Install.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\AutoCAD LT 2010 Install_en-us.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\AutoCAD LT 2010 Setup.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\avginfo.id => Moved successfully.
Could not move "C:\Users\brownk\AppData\Local\Temp\AxentraLog.txt" => Scheduled to move on reboot.
C:\Users\brownk\AppData\Local\Temp\BWDump.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\BWInstall.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CAFA.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CFGFD04.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\csxs2-PHSP.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR1516.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR164D.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR16BC.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR16DA.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR1712.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR17B0.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR18FC.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR1954.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR19B7.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR1AAC.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR1AB.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR1D4.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR1E30.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR204D.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR2283.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR22AD.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR23D5.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR241.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR25C8.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR261C.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR2838.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR28C6.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR2965.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR2CA5.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR2DD4.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR2FCF.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR33B5.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR366A.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR3881.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR3933.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR39E4.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR3A9B.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR3AB0.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR3F.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR3F02.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR413A.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR41B5.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR42C9.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR4403.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR4A0A.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR4AC7.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR4E98.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR5051.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR50A0.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR5478.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR55A4.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR5965.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR5C8F.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR5FFA.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR6029.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR604B.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR6077.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR6299.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR63CC.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR66EC.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR66F1.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR68DF.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR6B6F.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR6C5.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR6ED8.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR6F17.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR71F7.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR720A.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR7223.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR7587.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR75EE.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR7650.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR7762.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR778A.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR787B.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR7BB4.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR7E09.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR7E9D.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR8132.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR820E.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR82A3.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR847B.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR84AA.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR84C8.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR84E5.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR85F7.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR8625.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR86D9.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR87E6.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR8EF7.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR901E.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR90AA.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9116.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9149.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9166.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9221.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR92E7.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9482.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR94D.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR979.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9835.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9BCF.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9C.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9DA5.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9DDA.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9E11.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9E98.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVR9F98.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRA423.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRA47A.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRA582.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRAAC5.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRAC2E.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRAD10.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRAE8B.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRAE8B.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRAE90.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRB0EF.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRB2C.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRB376.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRB44B.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRB6FA.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRB9DC.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRBB8C.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRBC70.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRC1B.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRC264.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRC29E.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRC4A0.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRC4D4.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRC580.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRC815.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRC8BA.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRCA70.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRCBDB.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRCBE8.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRCCD1.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRCCFF.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRCDA4.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRCEE2.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRD0E5.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRD0F.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRD113.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRD3ED.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRD641.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRD6D1.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRD77A.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRD90F.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRD92C.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRDB91.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRDECA.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRDECA.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRDFB4.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRDFD4.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRE021.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRE040.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRE05F.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRE5AC.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRE8E3.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVREA.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVREC27.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRED61.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVREE15.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVREF9B.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRF180.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRF3FD.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRF72A.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRFA7A.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRFAB6.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRFBBC.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRFC17.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRFD78.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRFD80.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRFDE4.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRFEAD.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CVRFF43.tmp.cvr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\D8F4.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DDS.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\dd_vcredistUI5B07.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DLCFC37.LOG => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DLP6F24.LOG => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DMI1DAE.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DMI23E4.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DMI304.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DMI3FAE.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DMI8777.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DMIA331.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DMIA708.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DMIAB6E.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DMIC5AE.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DMIC6D7.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\down.2452.assistant_v3.exe.part => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6bnrsy.dll => Moved successfully.
Could not move "C:\Users\brownk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6bnrsy.lck" => Scheduled to move on reboot.
Could not move "C:\Users\brownk\AppData\Local\Temp\ExchangePerflog_8484fa31a17ff563cfcccd43.dat" => Scheduled to move on reboot.
C:\Users\brownk\AppData\Local\Temp\Fitbit_Connect_Update_CAD2B911-3B31-4c46-9C21-269E21FBE541.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\fp_pl_pfs_installer.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\FreeFontPack.exe => Moved successfully.
Could not move "C:\Users\brownk\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\brownk\AppData\Local\Temp\FXSTIFFDebugLogFile.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\GLB53EA.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\GLB8FB2.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\InstallFlashPlayer.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\jar_cache3525108397370594030.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\JAUReg.log => Moved successfully.
Could not move "C:\Users\brownk\AppData\Local\Temp\JavaDeployReg.log" => Scheduled to move on reboot.
C:\Users\brownk\AppData\Local\Temp\java_install.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\java_install_reg.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\java_install_sp.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\JET4B29.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\JET6D5E.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\jinstall.cfg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\LoadedBodyStream-235702019-0.out => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\log3 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\logitech-ldm-postinst-action.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\logitech-ldm-preinst-action.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\manifest.json => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\menc_err2 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_20131204_111029364-MSI_vc_red.msi.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_20131204_111029364.html => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ntdll_dump.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\oobelib.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\OP_RegList.dat => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\OutofProcReport23556721.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\OutofProcReport442779833.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\pcDesktopAlertNotifierX.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\PDApp.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\QTInstallCode.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\qtplugin.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\RD1574.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\RD2E85.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\RD2FB6.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\RD43A.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\RDD384.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\sapdoccd.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\SapStart.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\SCHULLER+brownk.bmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\setup-pscombined-adk-cb-1.1-x86x64.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\SetupAdmin1198.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\SetupAdmin11F4.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\SetupAdmin1E7C.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\SetupAdminA4C.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Silverlight0.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\SilverlightMSI.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\SIMEEIInstaller.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\swtag.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Tsu2E389B84.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\unblacklist.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\unelevate.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\US_en_Avery_AW40.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\vcredist_x86.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\vcredist_x86_2008.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\VGX3771.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\VGX3DEA.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\VGX7BB6.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\VZAM_Uninstaller.LOG => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\wbx510D.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\wbxtra_04292013_105919.wbt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\wbxtra_10032012_133556.wbt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\wecerr.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Wizard400.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\_is889F.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\_isD9F6.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~$FMCustom.dot => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~1094257818723-Warehouse.pst.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF003DB698C8568F20.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF00EBCEFEE338FAC2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF018131E893AE1797.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF022917915735D478.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF023F7E8E10CAABE5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF024221F7ED83A560.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0249830D814C442D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF025C09FE69935CDA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF03C70A151DF7D219.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF03C7BFC094CA8714.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF042F07DC679B1A54.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF043FD6714CF69AE8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0452B4AE304331AF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0591B6FC201CAD4B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF05E53C63C80E454D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0772D0316CF066F2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF07EAB543DD67059B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF086AE62B418B12F2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF08E9BEE359F0F05F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0932A0A069A8CDB5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF09E510F1D4E4556A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0A79243CA1FC9D5E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0AA61D4C3C5B5389.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0ABBA85F6EBAA52F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0B2C2D412363DE79.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0B67B9A3B3D674B0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0BAF1A4BCA5B4E1D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0C7C942E3F05D0F7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0CB3F16204070B4F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0CB570F58FE06426.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0CCB9DFAC6A314E9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0D7F7491FEB9E53E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0D8E463194F5AB66.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF0F48061B077B4F21.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1015705FCF48748C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1038C7BB5FE7FFBF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF106C59F9937DFF3E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF119DAE5005A9CBAA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF12227026846123B5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF124BC1955B44672E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF12CA6DB2F9AB22A0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF12E1DC2CC770D31C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1322BCC22CF837FB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1359951E3A093BA9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF13E3313E2FB4814A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1445C64252DB69AE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF156409A38E65EE4A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF15877EED2998B770.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF162068E099735E8C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF162A66C955560EFD.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF164DD9C3B94DB507.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF170D902C9FE77155.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF171639C754B23E4F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF173195666564FB27.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF17F9BAB8E478EB27.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF187D0EF448200660.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF18F154FF1FBE8628.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1906331459587966.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1977E172B1062DAE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF19E824F2079374B8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1A46384B90DF0DF4.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1B22F54D6534016C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1B4AAFDF7968920C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1B52E8312A797702.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1B7331E656C95B5F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1BCAD423020AF1C5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1C65D9DF0B4C6EBE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1C99FA20F0C18396.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1D1C2DE025D81828.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1D73BEB01D767E77.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1DF23F231E341FCC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1E3FE6FDB6257C9F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1F4A1A5A7EDFABA1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF1FF43C2B6C037CC0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF20D49021AD9E4ED6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF20FFED24BAC12284.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF21A8BD8E1C7F2D34.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF228D648A8C63E8FA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF22D74261462173EC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF22DBFB37C4FA07CE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF22DD98D28ABD26CC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF236CA2F3CA19BA46.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF239086EE4F7D71A9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF23D9532425D6E095.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF25A26E8034AE8FF0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF262F37A6A17D8468.TMP => Moved successfully.
Could not move "C:\Users\brownk\AppData\Local\Temp\~DF263CE0B373EB6CB9.TMP" => Scheduled to move on reboot.
C:\Users\brownk\AppData\Local\Temp\~DF26C11ACA6363525F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF26EBB8E96D7D5221.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF277F988EA4BE477F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF29315D3C4A8DB5E7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF294B952BA15FB5DB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2A9DF1794B7F2E9F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2B3E44A1116664EC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2B7CA41CDE2BB043.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2BDB3F2882E168DC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2C8F5701DAE0EB7D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2CF53E1E51029022.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2D0D6795EAC5BBD9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2D484AD314D8370F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2D5DAEDBA3BB87BC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2E654C336EE20833.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2EB2929E47E6CED0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2F01F0F77F690B27.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2F738058E5BF514B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2F96FFE5D3402349.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2FAD4B8E6FFC6016.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2FC3451CB57B7B3A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF2FCE9DB26B84DE78.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3211C23A32A5A523.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF323EDCDD2A05F7C1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF327070E3FC144CB5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3295E082E08377E6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF32E5E08C1F3370C2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF33541BA564D7F09C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF33668999523E3F0F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3409FE967AC3AA1E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3493D68698B58C93.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF34A3B2FABC5641AA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF34BCB441386C5DCE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF34DFC3D973B8C65D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF353CFF78615657F3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF35729C7D7A85C024.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF357580DA5DF88121.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF35878AEA5447A185.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF366237802CB2137F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF36919B0D9AC3600C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF36EE1D0AC5CD28A4.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF372D1814E966A1AC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF372ED8C442FEAE74.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF375A55973383836C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF377843DEA7446234.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF37AB2E0249D180D8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF37E8092905DAE8D9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3805A1F5D3E733FE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3862BB27941D096B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF387EBC770EEA9756.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF38ABC98EAA1B053F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF38B16FBFE2D43501.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF38BBCC125A41CC96.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF39B9B1AE0ACF6BC8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3A866437FAA4F260.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3B2F3EFE06B73224.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3B69D74BB604A3C3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3BA5423E7799E7B3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3BB9546375D0C555.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3BE535B89DBCBEEA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3C09BB8989174E56.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3CC82367CD9B9D1B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3D4FEEA856CC7B37.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3EA532C9007649EF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF3F060A3D423DBD19.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4169A90FBBB43E24.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF426DE9394D0352EF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF42746C1FE9B56C78.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4300C7BDDD10E61C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF432A2335990D0910.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF433DD93A00A5D725.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF433FAB420209860F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF435D274307CC847F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF43AA30227759CACF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF43D53A25897B04CF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF43DE4A42D3E56CAC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF469858DD63245D80.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF47E63FD980CB2090.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF482229D65EB37D37.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4A2FC36F49C2C74E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4A4F44FD972B9B3C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4AA278428218E993.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4ABE632FA8960C68.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4BA3FB3B655CAAC7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4BC95C33C7CD7802.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4BED1ACAED6B2BE1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4C0CC0AC921BCCEE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4C132610F4B230A4.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4D465E6CD3462DFF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4DD44458B26E676C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4E344B4F87750A4E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4E644336056673B3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4E72C1AC1C3EE06F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4EB803F1D85AB431.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4EF81713BD58082E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4F10EFFF5C6C35CC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4F1A862C7D3F0F89.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF4F42D55865A2F779.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF506B872D773A1C1D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF507095734F671BA6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF511C8F6D3228E177.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF515639521706613F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF51A4260480EB2D39.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF51DB0D7BA9AF3E4B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF52D23A636AA0519F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF536AE614B3A91F13.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF5382BEF13F71BC3C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF53B0DE3749D20DAB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF5400981E2CCB541D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF543321F214E3EC7B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF543C7F75BCCB5294.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF54C26C694771EEF9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF54F377D218019ABF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF556BCD4288F1FAD8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF5632745904FB3DC0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF566A9484A69C7CEB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF569781A5C0EE6469.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF5780827084901DF4.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF58A9DA951B366214.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF58BD5543A45FC236.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF591062BAD7404441.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF5A7633E78B739056.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF5BA205B3AE0CA863.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF5CC915F6631D5CFB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF5D9C04F1FF76B8F7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF5F64F71C625E2F91.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF5F8752D75AB42693.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6021FD6E2B7376D3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF618CBABA883FDF2A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF61AB4F9778EABD1B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF61C94170D2F3FE5A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6236009294084360.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF62D4A89334D3D845.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6323735B557D9B53.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF63B3C01D4C06A179.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF63B3F2E34B17B32D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF63E890763C1D043C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF64442940DB1AD9CE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF64560392367478C5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF659A7F9D469EBA45.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6686F77AB7667D61.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF674823612A38799A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6837759BAAD50F4E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF68C5FD7432E07CF3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6945BC75D8BDC346.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF695AD0B6D9DB1A0B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF69FABBBA91BF3FEC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6A35F8244EFF5206.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6B21E40433419B68.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6BF2A00B961394F7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6C0207C2F85AC854.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6C0ABD4AE4E1272D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6D0CCA352F094753.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6D600000DC3B85A0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6D68E8FC54557113.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6E289505B43FE746.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6E484403FB2E0D05.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6E9DA0852B7FFA49.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6EB030E909EB0B7D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6F182FFDC0BC1CB9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6F289A31ED1716DF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6F3F3BE131991242.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF6F638954553C4BE1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF70BBCA62007A5977.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF710BACB87AE84B05.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF71A980AAE07001B5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF72015537F671AE14.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF72760EED02E83841.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF72A4705E3CC6F715.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF73095845AEA5EDAA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF734B9641F688DE28.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF739D3FFD70BE88AC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF74020B313A000E43.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7455837ABABE64FD.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF749CE79A3E03744A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7605BC89E0CF33A6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7609C97FC60708AF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF768B251B417D11F4.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF77028D2B4697B14B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF770F0D13A79C64B4.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7742D1BF953918F1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7769A6F0EE689E6F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7775F0AEAF4651BF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7907F6BF07452040.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF794094830546C95B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7949C8A161FC5759.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7993A11DAB14E6F1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7A69A751ABD5B4A8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7A7F914B37C00779.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7A8220DBFB5BD45F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7A99C4DE713F5320.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7AF1BD33995BB426.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7B0C04918F5DD3AB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7B34A23020F30832.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7C368F44D36890D5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7C6A8751759C0008.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7C88A64E4E878FDE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7CBEA27891605787.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7D147D5EB317BE86.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7D1B9B618E085BFA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7D1E2B04C42F2E47.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7D44F9A21C15DFE6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7DFE4F7E2E2DFA3D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7EC98AFFB9A4B7C3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7F007847AF9B1E28.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7F41D518DD17698B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7F82395AF780DD3E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF7FC55A3A83B6D344.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF803306A44D4FCFFA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF80F7979D27142909.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8126BBFC350EAB0F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF817526989428988E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF819A14242EDF5114.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF81F06F3DD00C48BE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF82223C0563A7D115.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF82977E5DF21AC437.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF82F1A3275FF6C6ED.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF83645539C073BDEB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF840E481A0EED5F18.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF840F2E0C7CFE5694.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8480C53631E6077A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF84877277E8D68B12.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF84A005A12B8B7D94.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF85DADD709693036D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF85F68BEF75D756A2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF861123B296C623B9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF869C9805BB62300F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF86B47EB75B20EF06.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF86C0178DBF758927.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8720DDE280B10320.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF88234F1895BCD194.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF882726D0C990E09C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF88E2F5FBB793493B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8978870FA76B9D25.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8A0BD03E4B56311F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8A5C0933A100AEDC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8A7F8768B2B78A9F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8A869ACF48510B34.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8AF4133930E9F34D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8BE3BDAF96FF04A5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8C8256E8D8C91473.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8CDE1D900EA05485.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8CF1028E35E4CF6C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8D4E5D39A857F697.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8DCB9E5AE179842F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8DDCE8FC713F6232.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8DDEE5CCF0CDC40F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8ED1E0196D1E25C3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8F8844CD5373A311.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF8F9D74AFAD4DF858.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9043E7C0B5A42F29.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9082B49EE442E09C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF90F49A4BF7104BDF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF914A1A758D637EA9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9272944CC72F157A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF92D92B0DB2FE0D32.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF93A1C81AB92148B1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF93AB5D0A92BEC1AF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF93CF17E8EC3A523B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF941E33674F9D7EF0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9455AADEE546E729.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF94A25C9004A121F0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9516B0E0E439ED50.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF95B7A116AA587A83.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF96054E2056DB9AB8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9752DD5F1EFB7F59.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF979D05F3655A4E0C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF981EF8A511CE6100.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9829321D47C271A6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF984B1F7E0C648639.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9850BD6D4FF1156B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF98F446FB87847E11.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF99C7634233576C9E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9AA6226C6F5E0C51.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9B4A500B7E6AC984.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9B73FDBAD7F32890.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9D18A2BB81BAABC5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9D95C2C1AD3CB81F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9DAEA179D12BAE86.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9E7D0EFC371CC04E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9EAA797E97F864D5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF9FFB7C2B9947DC6C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA054476D2F4BEFC1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA0A070C0D87E9CCB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA0D796D0659FC93C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA0DDAE4449CA566E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA15580C4A79D1E4A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA171309F1E6F1034.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA1B0DA433B8166BD.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA27D4C78FD6D98DF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA291193DC322AFE0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA2A498E1F702495E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA2AE5B1039F27972.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA3DE3E57B68AFB79.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA40F56E336FF1F9A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA44BB7D9BFB3E72D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA55C70B6B2B922F7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA62790CFE135ADD1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA69E7390AA41F7C6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA6B640A68931EEEF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA7B59F7146BB3E25.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA8160997F3417BE5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA8B3F510CE778D3E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA8B626E3D6BF16F2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA8CCA3228233DDBD.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA8CDCA6BB41E541A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFA8EC125C5D55ED2F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFAB2E44D1FB5B7BB3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFAB4A359E67410286.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFAB85F8C53FEB9F56.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFABD9C2F4826EE027.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFACABCDECBCF722A5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFAE4F7BDBC89580CE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFAE844493943C1012.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFAEB51AFD70E298C9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFAEB5E7F90E8A6A90.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFAEB6AA469B4739BF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFAECBFF989B2D83B8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFAEE1FC8FA0674868.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB0A5764C29BB7138.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB1091F83FD859E2E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB1C3EA53CBADD516.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB1D76882AEA1E110.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB24BFC6702C5DAEA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB2725ED8AC4E37D9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB34B94B6D7363EB5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB39E5921E7EFDECB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB3D2BB90BD63773F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB42CE07E5738F03B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB4F82887F48AD1F7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB556056932D38589.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB5895C09427F0C30.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB5EA3C24B89286A9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB6BAA0CC3289EC62.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB71B339277EA4E68.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB7291AEE65BC4939.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB737A26F7CF9F4A9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB75107ABB933945C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB7F56E084045D1BD.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB83D84D6CBD8D684.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB84CD06ABD26C394.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB9654B16EC3C6B40.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB9A9270185DE2BB3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFB9BAFE47E81104D6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFBA1F287EF2ED0055.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFBA26BAFC0B8BB52D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFBA9F840D108F5EF0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFBAB347FC8B520512.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFBAF0EC06237DCD46.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFBC18BD25DF103585.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFBE47FAB2D93B11FC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFBE60DF294E69DE66.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFBEEFB96485D62B95.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC008A9EBC3EA3029.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC0E6B235E16F20DF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC1E4EAD4F8F4FD24.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC210E47080BAA4C8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC260810419155045.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC26A410F1B04D33A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC2A7FF2412B12CEF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC2FF15BA15F315F3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC33B958EC74BFCA5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC35770D06B3503AE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC3EA020DBC6AF051.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC44014380840560A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC487728564C46ACF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC4A8AD8380AF2E13.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC4D2DF00B814563C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC57B5E9708F405D3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC5C81E09FABCA7CC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC644349D5553C672.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC652B8BBFF834371.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC6C8B3162EC778A4.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC6F895D541FA03A3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC785A2D0A431FCCE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC7EB4E00650FBBB0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFC7F944B4587EFEBF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFCB4B1116BE648463.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFCC251603DF029ABC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFCC2B0475CD8288B6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFCCBD55000C38DC14.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFCD21BFDF5F2124E3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFCDD61425664448E7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFCDF03AED4E71A814.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFCEFB20F76EABDDD2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD0896C6C9A7B335A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD1A996C3050F105E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD2BF1480AA3D453B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD3216EAA3A5D22A7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD324DDA3C9A377F2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD34FDC6C0045B86D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD3B5ECF7AD2B30DB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD4725E953B8A69AA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD483FE7160936112.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD4D1EF6AB5AFC1A6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD5C23220082BE4D3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD5E83433CA346FEF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD67609F415F5504E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD681471BE2F5AFB5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD81E0CA550D0FE81.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD86BEEFC179E697F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFD995731176D920BC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDAB7263078D47EF6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDB215E5CF684DE08.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDC3AA740E9BAD314.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDCB0E0B0C9BAD65F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDCDB742CECFB511A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDCEF5C021B541AEE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDD2904A82598AFAD.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDD4C4A96D8BDC40D.TMP => Moved successfully.
Could not move "C:\Users\brownk\AppData\Local\Temp\~DFDD89D1F80917E2ED.TMP" => Scheduled to move on reboot.
C:\Users\brownk\AppData\Local\Temp\~DFDF130F8CFB7B8C01.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDF17A16785B06099.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDF9ACFA9E171BF29.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDFCE41D95D6C8525.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDFCE7E3587BD466F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE0DBB6BCEF8105E6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE0F217EC7D6DBA71.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE1D8085DC56DFC65.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE1F67F1E5D2451C2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE24F00490D6A4EF7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE2C6AFB75F42C3B4.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE3428AF1C6778761.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE385D85078093E10.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE3AAFC529D48668E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE3BF60158729279B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE4111BAC9F2DF327.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE4169B1247CC03DD.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE45EA914138A2D4A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE464B30B819EF6F7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE4858254FBBD0F50.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE4ACBA221BF9241C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE4EE730A6698DDDC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE6801051B9DBC652.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE699E3AB4691266A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE6EF89182DE6F373.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE6F6CFF75AF30A92.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE74F47F1E6A4B01A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE7D482B6DD1F2683.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE81E272841A03878.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE87154FD076102B5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE8B01A6C25967293.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFE9C88891E2D821D6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEA3957B54D95B399.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEA8B7C8E023716A5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEB0E6D63DB0E356C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEB4D7F1438C35632.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEB9B0262EDF93682.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEC06C7818A8CE890.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEC117A3DEE7F80CC.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEC4F4F8C46A0008C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEC699BF8841CB701.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFED50997C89B1EC9E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEF54C467AE31D8B1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFEF6B290C267FA12D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF0001AFB9EC3B244.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF079A07900000A68.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF169C1F9577E3EDB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF1C428D53810039F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF21B3E4666912327.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF283AC28D735CAB7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF2CBFFE5E5CDDB75.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF310AA8EC5637EB8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF3A13892F72E0D01.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF4CFE14EF0C46588.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF4EDE9B29BDD7A2C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF54B5C131313DD05.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF5583994A9E2262B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF5789E9767DAB8E3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF581CA00D9F25E37.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF63B9A7C18F93C31.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF6559673781197BB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF6DA34AEF16FF02E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF7ADDDA04B156524.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF80186192EEE5B2E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF970EC6757B6D73E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFF9D9C97A3E4765C5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFA05F15001071EFD.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFB6F540D6F316FBF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFB96B9926A685F0E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFB9A2EECEE424D59.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFBC9EE4EE1A1ACC5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFCACBF8219951B0B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFD4A7D5A015DE853.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFE58C70D61315764.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFE748396BEB64153.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFF8CBAB4D0946C8C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFFFEFDA3684F8B1C2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~WRD2335.doc => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\~nsu.tmp\Au_.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{F580D5D2-8B98-476B-BFAE-CC77DF03296F}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{F494BA87-AD48-46F7-8F88-847B835025F6}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{F1494901-3ECD-4FBF-8DE4-07ADC65A853E}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{E1866429-98FB-4432-A226-1E077E631F04}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{DAD40CFE-E9AF-4660-862D-D09787C6950C}\_ISMSIDEL.INI => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{D3934CCC-A839-46DC-A8C5-49B0B3BF01A8}\ISBEWI64.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{D3934CCC-A839-46DC-A8C5-49B0B3BF01A8}\ISBEWX64.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{D3934CCC-A839-46DC-A8C5-49B0B3BF01A8}\IsConfig.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{D3934CCC-A839-46DC-A8C5-49B0B3BF01A8}\ISRT.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{D3934CCC-A839-46DC-A8C5-49B0B3BF01A8}\Setup.inx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{D3934CCC-A839-46DC-A8C5-49B0B3BF01A8}\String1033.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{D3934CCC-A839-46DC-A8C5-49B0B3BF01A8}\_isres_0x0409.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{D2CA1E90-64CC-4870-93D6-5604F1F68C1B}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{C84DEA1F-CB04-406E-A285-832613AEC8E9}\general_logo.bmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{C84DEA1F-CB04-406E-A285-832613AEC8E9}\general_logo.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{C84DEA1F-CB04-406E-A285-832613AEC8E9}\Readme.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{C84DEA1F-CB04-406E-A285-832613AEC8E9}\Setup.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{C84DEA1F-CB04-406E-A285-832613AEC8E9}\Setup.ico => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{C84DEA1F-CB04-406E-A285-832613AEC8E9}\v_grey.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{C84DEA1F-CB04-406E-A285-832613AEC8E9}\weatherbug_bar.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{C84DEA1F-CB04-406E-A285-832613AEC8E9}\weatherbug_trust.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{C84DEA1F-CB04-406E-A285-832613AEC8E9}\_Setup.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{BE167EFA-B2F4-41EF-8E1C-FFF3813670C9}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{BC2B4706-668E-4963-8238-9B62C4FB84B6}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{B91EA1EA-1871-4B92-9E68-20F32A35FC26}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{B85F7EC1-4F23-43BC-B9A8-454AEA0A331E}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{B20C1988-6D39-4A7B-916A-2D00B140EA3C}\ISSetup.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{B20C1988-6D39-4A7B-916A-2D00B140EA3C}\_Setup.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{AE6B4975-99B2-4D82-BA52-8A3374F38676}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{A79CF948-4FC5-40A8-809E-CDAFB0194BE4}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{A44A03B7-6607-4B37-A9EE-F19C6BE1D6CD}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{A3C97B9B-14F2-4A69-9181-CF6FB9C5BA42}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{9C24F790-F503-4B26-9FF8-58F4EAAF0C22}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{97A43577-77C2-42AA-8DAB-A870D604A08D}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{94D6F3B7-CFB0-4068-8417-0CDD0EB5D4F1}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{931387ED-6F8B-4D77-85D2-F79789A74917}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{8F8BA8AD-58C7-400D-9A2F-8249AF2138C6}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{8D5147F0-185B-4030-9E9E-7DBADE11AD57}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{89693473-6AB0-48BF-A3ED-1E8CBF50FE58}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\GoogleCrashHandler.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\GoogleCrashHandler64.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\GoogleUpdate.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\GoogleUpdateBroker.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\GoogleUpdateHelper.msi => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\GoogleUpdateOnDemand.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\GoogleUpdateSetup.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdate.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_am.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_ar.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_bg.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_bn.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_ca.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_cs.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_da.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_de.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_el.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_en-GB.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_en.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_es-419.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_es.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_et.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_fa.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_fi.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_fil.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_fr.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_gu.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_hi.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_hr.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_hu.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_id.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_is.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_it.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_iw.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_ja.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_kn.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_ko.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_lt.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_lv.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_ml.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_mr.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_ms.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_nl.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_no.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_pl.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_pt-BR.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_pt-PT.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_ro.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_ru.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_sk.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_sl.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_sr.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_sv.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_sw.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_ta.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_te.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_th.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_tr.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_uk.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_ur.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_vi.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_zh-CN.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\goopdateres_zh-TW.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\npGoogleUpdate3.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\psmachine.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{87052C0F-5F57-485C-BB7D-772310DA86FD}\psuser.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{8692B43A-1C03-442D-B924-BB45DC345673}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{866A933E-D05C-4610-8EA3-5E0546746ADA}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{84E0D40C-ED8E-48B2-83D2-4C11AB246F4A}\svconfig.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{7A0733FF-3208-4034-BBE4-8F0F18249D35}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{78C676C1-B884-4AA6-9AB3-20D17D5736FA}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{77F40E8B-CF0D-4D63-B679-1BF3C6AC0F96}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{72315EA6-7309-4808-BC61-9DAA4B38E297}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5D2AA684-E179-4C1B-983E-D38F8E78B49C}\svconfig.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5CF93E9A-125E-6CC2-5A3B-166358D5CFE7}\general_logo.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5CF93E9A-125E-6CC2-5A3B-166358D5CFE7}\incredibar_toolbar3.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5CF93E9A-125E-6CC2-5A3B-166358D5CFE7}\sweetim_mcaffe.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5CF93E9A-125E-6CC2-5A3B-166358D5CFE7}\sweetim_toolbar.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5CF93E9A-125E-6CC2-5A3B-166358D5CFE7}\sweetim_truste.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5CF93E9A-125E-6CC2-5A3B-166358D5CFE7}\sweetpacks_logo.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5CF93E9A-125E-6CC2-5A3B-166358D5CFE7}\v_grey.jpg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5CF93E9A-125E-6CC2-5A3B-166358D5CFE7}\x86\regsvr32.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5CF93E9A-125E-6CC2-5A3B-166358D5CFE7}\x64\regsvr32.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5B685D8D-D8F7-42DF-82A6-F6553EBB37D5}\ISSetup.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5B685D8D-D8F7-42DF-82A6-F6553EBB37D5}\setup.isn => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{5B685D8D-D8F7-42DF-82A6-F6553EBB37D5}\_Setup.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{4D3C7330-417E-48C3-A8D2-E912097512DB}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{4BE7D07A-25B7-49D9-9A9E-0E967DB14A5F}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{4B76B96B-5C9F-48B5-8DB2-3168078AC40E}\0x0409.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{4B76B96B-5C9F-48B5-8DB2-3168078AC40E}\InstallVC90Support.prq => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{4B76B96B-5C9F-48B5-8DB2-3168078AC40E}\Setup.INI => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{4B76B96B-5C9F-48B5-8DB2-3168078AC40E}\_ISMSIDEL.INI => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{3D556783-4312-4913-B496-622B5AF2A755}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{30FA5BFA-68C3-4323-B05B-0DC44E99C401}\setup.isn => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{2FFE526C-9BD7-40CC-BA1A-19BE78E080CC}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{2FB3C9C5-4BB4-40BD-876B-2233153CCE26}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{2C398D12-5AED-4ED3-99E9-88C3CE4DFD16}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{24E8B120-B587-4678-9BBD-3844D8B193A7}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{235B2AD7-80EE-4866-9DE7-57980A0F2BC7}\{5C6F884D-680C-448B-B4C9-22296EE1B206}\setup.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{1D0E68C2-3BF3-456D-A5E2-7D44FB7E73B6}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{16788FDF-B947-4A4E-A6CE-2AB1C0041E63}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{160A95BA-D291-4C08-95AA-4FCF2546C626}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{0E72E944-CA8D-4D0F-B055-EE1F3E8B68EF}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{0DAED52B-0316-42B7-B9AC-73BBFC375FE3}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{0C4B7A3D-8FAE-49D1-938F-3C9EB9B5236E}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\{01143792-621D-4B2A-A2A5-76BFEF864447}\fpb.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\_ir_tmpfnt_1\Futura Std Medium.TFT => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\_ir_tmpfnt_1\Futura Std Medium_1.TFT => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\_ir_tmpfnt_1\Futura Std Medium_2.TFT => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\WebEx\Wbx_AudioVideoStatisticsData.csv => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\VBE\MSForms.exd => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temporary Internet Files\Content.IE5\desktop.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temporary Internet Files\Content.IE5\R1RS8Y69\desktop.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temporary Internet Files\Content.IE5\QGQ4OTGM\desktop.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temporary Internet Files\Content.IE5\8L7OYOQ7\desktop.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temporary Internet Files\Content.IE5\8L7OYOQ7\manifest[1].cab => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temporary Internet Files\Content.IE5\7169FSIM\desktop.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temporary Internet Files\Content.IE5\7169FSIM\wpad[1].dat => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temp1_WinX_HD_Video_Converter_Deluxe_v3.12.6_PC.zip\WinX HD Video Converter Deluxe v3.12.6 PC\winx-hd-converter-deluxe.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temp1_GoFlex_Slim_ProSW.zip\SeagateDashboard_1554_Best_Setup.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Temp1_Elegance_LR_Brush_Sampler_1.0.zip\1. Brush Use and Tips.pdf => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCDEC5F.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCDCEBC.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCDC007.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCDA7E1.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCDA7B6.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCD9B95.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCD9858.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCD94D5.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCD7C75.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCD75CD.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCD7300.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCD1EAB.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\TCD14B5.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir6004_1478\Cookies => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir6004_1478\Cookies-journal => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir6004_1478\data_0 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir6004_1478\data_1 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir6004_1478\data_2 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir6004_1478\data_3 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir6004_1478\index => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5196_31580\Cookies => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5196_31580\Cookies-journal => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5196_31580\data_0 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5196_31580\data_1 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5196_31580\data_2 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5196_31580\data_3 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5196_31580\index => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5124_2429\Cookies => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5124_2429\Cookies-journal => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5124_2429\data_0 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5124_2429\data_1 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5124_2429\data_2 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5124_2429\data_3 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir5124_2429\index => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir1304_3653\Cookies => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir1304_3653\Cookies-journal => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir1304_3653\data_0 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir1304_3653\data_1 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir1304_3653\data_2 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir1304_3653\data_3 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\scoped_dir1304_3653\index => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\SCAH\Setup.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\outlook logging\firstrun.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\outlook logging\Prof_OUTLOOK_1824_BeforeMove_2012.12.20_14.44.40.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\outlook logging\Prof_OUTLOOK_1824_inForest_2012.12.20_14.44.41.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\outlook logging\Prof_OUTLOOK_1ae4_BeforeMove_2012.12.20_14.44.39.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\outlook logging\Prof_OUTLOOK_1ae4_inForest_2012.12.20_14.44.41.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\outlook logging\Prof_OUTLOOK_1e04_BeforeMove_2012.12.20_14.44.40.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\outlook logging\Prof_OUTLOOK_1e04_inForest_2012.12.20_14.44.41.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\outlook logging\Prof_OUTLOOK_cac_BeforeMoveXp_2012.12.20_14.44.40.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\outlook logging\Prof_OUTLOOK_cac_inForestXp_2012.12.20_14.44.41.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\nssDB44.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\nssDB44.tmp\nsExec.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\nssDB44.tmp\UAC.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\nsr232A.tmp\tbinstimp.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\nsh6549.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\nsh6549.tmp\Inetc.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\nsh6549.tmp\UAC.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\datD608.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\datD628.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\datD629.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX2433.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX280.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX2A8A.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX2AF.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX51BD.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX6DE2.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX6ECD.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX6ECE.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX6F1D.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX933C.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX9456.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGX9FCA.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\VGXB046.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\wbxtra_01302013_150853.wbt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\wbxtra_02142013_092759.wbt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\wbxtra_10032012_132147.wbt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\ycpDBB0.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\ytb_8.4.4.61_2.4.7_mail_bts_pub_us_setup_.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF00918423D501C358.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF049BF656D57C53E1.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF073E434CFF869836.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF07F110E2FA2FD547.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF0C3A805DD8623B07.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF0C6A07BA6BC9F0E0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF0CEBC47C1E83729B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF0F70DEE3A98A5778.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF1BCF700C492DB263.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF1C31EAC705F031C4.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF1F1194FDF4FA2C66.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF1FBDE9DD9785EECB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF23934CF0E83DD377.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF284ECC9D9B43F3B9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF2ADC28217355FABF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF2B12A8ECDC829C04.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF35EBA92E785EDBFA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF377DF27814B6F7DD.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF3B3D3F0FFF6A9BB0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF3FCD20782F04B28E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF402C6C56FBAB5C52.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF4429884EA05B0D9A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF464250F044A8E6C0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF473D557C9277D448.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF494D557F1E49F3F6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF4D78FABD8595A7BB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF4F4C18CCD3C3E507.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF5035447DCEAA47FF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF50EC0905146CE6D2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF557D3EF91BFB662A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF562371AD6FF8A888.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF5A921DE83AFBB991.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF5B22FE2685AF1B1E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF5ED46C805C5103DB.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF60EA8D8874ADE6B6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF6112AC4BA68EF739.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF61D0F957FD672410.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF6273625F66C34417.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF64588A105DCB7EB5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF66B171E9C25B6839.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF6BD9781A387F4275.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF6CD9B71EE3458946.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF729743ECF882E2D3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF770079D7FEF3F482.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF7B5DCAD8ED019F72.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF7FAFB2F9A1B64424.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF81BFBCE3283735EF.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF84600EA485254A99.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF8513FF1436E395F9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF894A316B434B3538.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF89C0BE0295420A6A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF8D6A572F4A29BB09.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF90F1147E44376D8A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF917A000A3B0B4FA2.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF9BC250ADC4690CC0.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DF9EA9FE61ACCA55A3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFA920F5E331F69C8A.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFA9859C4F48D690FA.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFAAFF5F950346A588.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFADC3649C2A4E9035.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFAF38EC414C4CE782.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFB3496E498BE35042.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFB3B873A8FB49D83D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFB5DD9942D07C2893.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFB94D8ED5FCE3404F.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFBAB79AB947A60B52.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFBD58B475C40A7388.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFC0B77AAF89950851.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFC3BD04AA57CCC17B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFC4F96FCBD2A677A3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFC4FD2BC8D7DDDF89.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFC68C0D9901160366.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFC97D8535A730C2E3.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFCA60000D66A4C67C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFCDE5B7A5CD693570.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFCE7AC2BCA921695D.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFD09C6D1C9023E5C7.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFD0C077E74B058942.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFD396D876E7B64551.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFD64CE5FFA8BB3913.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFD71F0AB4E096EFF8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFD77EBC45E200A9F9.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFD82C8D71413B15D6.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFDF85ECDD1161257C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFE13382490032B1B5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFE17EA2450C89351B.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFE8D21E134679C251.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFE9358CADB0122016.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFE988A67345C34133.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFEA8902889B9CC5BE.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFEE4E8AECE4A3B40E.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFEF057315DB084C96.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFF021EA9CBC0EF4B5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFF113E9A70C6F4C2C.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFF165A04DA2EE1363.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFF940CF5FF38CB2D8.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Low\~DFF9C07B67B2667AE5.TMP => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\logs\MemeoSupport.exe.log-2014-3-10.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\logfile\Download_port19.dat => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\logfile\EUTLog_port20.dat => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\al_flash.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\autorun.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\Trulink_PC_logo.ico => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\autorun.cdd => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Images\TruLink_Installer3.png => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Images\TruLink_Installer4.png => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Icons\Trulink_PC_logo.ico => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Buttons\Cancel.btn => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Buttons\Finish.btn => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Buttons\Next.btn => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Audio\Click1.ogg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ir_ext_temp_0\AutoPlay\Audio\High1.ogg => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\HP\AtStatus\hpinkstsa711lm.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\History\History.IE5\desktop.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\History\History.IE5\index.dat => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DPR\DPR.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\divCF03.tmp\divCF13.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\divCF03.tmp\divD0.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\div693D.tmp\div69BB.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\div4451.tmp\div4C6D.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DDMCache\0.ddi => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DDMCache\halo4_home.mp4 => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\DDMCache\halo4_home.mp4.ddr => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Cookies\index.dat => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ATT\windows__eb9d4422-4523-4356-bd65-8da2793607b5__[1].exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\ArcD1E8.tmp\TSROfflineClient.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\Arc891.tmp\attmail_setup.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\AppleMediaCache\CM-4EF9.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\AppleMediaCache\CM-5080.tmp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\AppleMediaCache\diskcacherepository.plist => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\APNLogs\ic.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\APN-Stub\Stba1da9709-b2a8-4d9c-bd26-99a986e3bad2.log => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\8288_25266\crl-set => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\8288_25266\manifest.fingerprint => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\8288_25266\manifest.json => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Autorun.inf => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Full_x86.cab => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP-DQEX5.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HPMACRONAMES.gpd => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\hpnv_d110.gpd => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HPRestStub.INF => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HPRestStubx86.CAT => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\hpvpl06.cat => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\hpvpl06.inf => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\hpvpl06.ini => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\hpvplargb.icc => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HPWia_LS110.INF => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HPWia_LS110x32.CAT => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\locale.gpd => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86.cab => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86.msi => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1025.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1028.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1029.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1030.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1031.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1032.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1034.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1035.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1036.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1037.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1038.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1040.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1041.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1042.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1043.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1044.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1045.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1046.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1049.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1053.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_1055.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\LS110x86_2052.mst => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Setup.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\stdnames.gpd => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\utils\HPInstallLogCollector.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\utils\hpUrlLauncher.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\utils\x86\DIFxAPI.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\utils\x86\RemovePreinstalledDrivers.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\utils\x64\DIFxAPI.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\utils\x64\RemovePreinstalledDrivers.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\zh-TW\8671bca1-6a3d-49bf-99a3-b839d7e546ce.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\zh-CN\be34f967-ad50-427c-b53f-fcbfb7fc5900.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\tr\45c72fa4-c0ae-4c65-a61c-d86b0e4b27ba.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\sv\30b4a9ab-e439-4285-b096-5614aeb4269a.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\ru\ca9d78bb-14bf-4a0d-9a0f-7291d650147d.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\pt\9806ae95-3c3d-4da2-af17-9c4d653a6f78.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\pl\4278dc3d-ee2e-4ad8-b0f9-22196d0214c3.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\nl\52f2f005-9e72-4238-bf67-a2063e276a01.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\nb\002c171b-c44c-48d2-bee8-3fedbecc693f.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\ko\0b9409c9-ee84-45f1-993a-7b553a6d7adb.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\ja\1dca83f9-8e81-4dfd-8212-7af9d556e0b3.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\it\ae7d942d-482d-4f79-98ec-266764c9222f.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\hu\0a27d253-f03c-42f0-a5df-162b7734dac4.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\he\b91397fc-69f2-48a1-ab0e-933940358bb7.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\fr\2f60719f-da3e-4364-9d23-399b9f40e024.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\fi\a8c48c59-e7b1-49b7-b087-e8d55e00d563.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\es\390ee934-dc5f-4f79-8d15-b5d87fe1f9f5.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\en-US\76a29335-af9d-4ebe-8395-44d4bd876f5b.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\en\63a308b7-7fad-446d-8a87-2117d4791cc3.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\el\808561b6-6a24-442a-90de-3ad6efbf630a.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\de\512e0e25-237d-4ad1-a23c-9ed4b875495b.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\da\09b5c9cc-e226-4fb3-9b79-a5524823fe6c.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\cs\31cdf920-c2b1-4db3-8598-060a9dbc6909.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\Microsoft\Windows\DeviceMetadataStore\ar\9b862ec9-279b-4102-8016-df984ab864e1.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\copyright.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\hpfime51.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\hpinkcoiA711.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\hpinkstsA711.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\hpinkstsA711LM.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\hpvpldrv06.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\hpvplres06.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\hpvplui06.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\unidrv.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\unidrv.hlp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\unidrvui.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\i386\unires.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\Setup\hpssres.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\zh-TW\8671bca1-6a3d-49bf-99a3-b839d7e546ce.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\zh-CN\be34f967-ad50-427c-b53f-fcbfb7fc5900.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\tr\45c72fa4-c0ae-4c65-a61c-d86b0e4b27ba.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\sv\30b4a9ab-e439-4285-b096-5614aeb4269a.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\ru\ca9d78bb-14bf-4a0d-9a0f-7291d650147d.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\pt\9806ae95-3c3d-4da2-af17-9c4d653a6f78.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\pl\4278dc3d-ee2e-4ad8-b0f9-22196d0214c3.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\nl\52f2f005-9e72-4238-bf67-a2063e276a01.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\nb\002c171b-c44c-48d2-bee8-3fedbecc693f.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\ko\0b9409c9-ee84-45f1-993a-7b553a6d7adb.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\ja\1dca83f9-8e81-4dfd-8212-7af9d556e0b3.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\it\ae7d942d-482d-4f79-98ec-266764c9222f.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\hu\0a27d253-f03c-42f0-a5df-162b7734dac4.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\he\b91397fc-69f2-48a1-ab0e-933940358bb7.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\fr\2f60719f-da3e-4364-9d23-399b9f40e024.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\fi\a8c48c59-e7b1-49b7-b087-e8d55e00d563.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\es\390ee934-dc5f-4f79-8d15-b5d87fe1f9f5.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\en-US\76a29335-af9d-4ebe-8395-44d4bd876f5b.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\en\63a308b7-7fad-446d-8a87-2117d4791cc3.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\el\808561b6-6a24-442a-90de-3ad6efbf630a.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\de\512e0e25-237d-4ad1-a23c-9ed4b875495b.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\da\09b5c9cc-e226-4fb3-9b79-a5524823fe6c.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\cs\31cdf920-c2b1-4db3-8598-060a9dbc6909.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\HP\HP ENVY 110 series\DeviceMetadataStore\ar\9b862ec9-279b-4102-8016-df984ab864e1.devicemetadata-ms => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\drivers\scanner\x32\HPScanTRDrv_LS110.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\drivers\scanner\x32\HPWia1_LS110.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\drivers\scanner\x32\HPWia2_LS110.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\copyright.txt => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\hpfime51.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\hpinkcoiA711.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\hpinkstsA711.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\hpinkstsA711LM.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\hpvpldrv06.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\hpvplres06.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\hpvplui06.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\unidrv.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\unidrv.hlp => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\unidrvui.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7zS4A60\amd64\unires.dll => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7adf68\VIDEO_TS.IFO => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7adf68\VTS_01_0.IFO => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7adf68\VTS_01_1.VOB => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7adf58\VIDEO_TS.IFO => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7adf58\VTS_01_0.IFO => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\7adf58\VTS_01_1.VOB => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\6711.tmp\vpndownloader.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\6656_32659\crl-set => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\6656_32659\manifest.fingerprint => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\6656_32659\manifest.json => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\5916_22152\crl-set => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\5916_22152\manifest.fingerprint => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\5916_22152\manifest.json => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\5440_32497\crl-set => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\5440_32497\manifest.fingerprint => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\5440_32497\manifest.json => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\4B45.tmp\vpndownloader.exe => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\4614f7\VIDEO_TS.IFO => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\4614f7\VTS_01_0.IFO => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\4614f7\VTS_01_1.VOB => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\4614e8\VIDEO_TS.IFO => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\4614e8\VTS_01_0.IFO => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\4614e8\VTS_01_1.VOB => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\3632_7266\crl-set => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\3632_7266\manifest.fingerprint => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\3632_7266\manifest.json => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\34068_20313\crl-set => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\34068_20313\manifest.fingerprint => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\34068_20313\manifest.json => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\2888_17033\crl-set => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\2888_17033\manifest.fingerprint => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\2888_17033\manifest.json => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\2404_23783\crl-set => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\2404_23783\manifest.fingerprint => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\2404_23783\manifest.json => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\19540_20096\crl-set => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\19540_20096\manifest.fingerprint => Moved successfully.
C:\Users\brownk\AppData\Local\Temp\19540_20096\manifest.json => Moved successfully.
Could not move "C:\Users\brownk\AppData\Local\Temp" directory. => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-11 11:53:51)<=

C:\Users\brownk\AppData\Local\Temp\AdobeARM.log => Is moved successfully.
C:\Users\brownk\AppData\Local\Temp\AxentraLog.txt => Is moved successfully.
C:\Users\brownk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6bnrsy.lck => Is moved successfully.
C:\Users\brownk\AppData\Local\Temp\ExchangePerflog_8484fa31a17ff563cfcccd43.dat => Is moved successfully.
C:\Users\brownk\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\brownk\AppData\Local\Temp\JavaDeployReg.log => Is moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DF263CE0B373EB6CB9.TMP => Is moved successfully.
C:\Users\brownk\AppData\Local\Temp\~DFDD89D1F80917E2ED.TMP => Is moved successfully.
C:\Users\brownk\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====



#8 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:43 AM

Posted 11 April 2014 - 11:09 AM

Hi,

 

Nice work! We managed to clean the infection! :)

 

Also if you don't mind, I want to make sure there is nothing lurking on the system so just in case I want you to go through these steps:

 

The most of them should take no more than 5 minutes each (but the time they take to complete can vary depending on the size of your hard and the speed of your computer).

 

 

STEP 1

 

 

  • Please download RKill by Grinler from the link below and save it to your desktop.

    Rkill
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log.
  • Please post the log in your next reply.

 

 

STEP 2

 

 

  • Please download RogueKiller.exe and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt
  • Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 3
 

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
     
  • Put a checkmark beside loaded modules.
    Sbf88.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
     
  • Click the Start Scan button.
     
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 4

 

 

Please download Malwarebytes Anti-Malware to your desktop.
 

  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may see this message box.
    • 'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

STEP 5

 

 

1.Please download HitmanPro.

  • For 32-bit Operating System - dEMD6.gif.
  • This is the mirror - dEMD6.gif
  • For 64-bit Operating System - dEMD6.gif
  • This is the mirror - dEMD6.gif

2.Launch the program by double clicking on the 5vo5F.jpg icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

Note: If the program won't run please then open the program while holding down the left CTRL key until the program is loaded.

3.Click on the next button. You must agree with the terms of EULA. (if asked)

4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

5.Click on the next button.

6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
 
8.Click on the next button.

9.Click on the "Save Log" button.

10.Save that file to your desktop and post the content of that file in your next reply.
 
Note: if there isn't a dropdown menu when the scan is done then please don't delete anything and close HitmanPro

Navigate to C:\ProgramData\HitmanPro\Logs open the report and copy and paste it to your next reply.

 

 

 

STEP 6

 

 

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

and then if there aren't any issues left I'll give you my final recommendations. :)

 

 

Regards,

Georgi


cXfZ4wS.png


#9 kbrown1835

kbrown1835
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 11 April 2014 - 11:29 AM

Here is RKill:

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/11/2014 12:28:12 PM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\system32\enstart.exe (PID: 3912) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Automatic Updates Disabled

   [HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]
   "NoAutoUpdate" = dword:00000001

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 04/11/2014 12:28:20 PM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)



#10 kbrown1835

kbrown1835
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 11 April 2014 - 11:38 AM

RKReport.txt

 

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : brownk [Admin rights]
Mode : Scan -- Date : 04/11/2014 12:35:00
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Scheduled tasks : 2 ¤¤¤
[V1][SUSP PATH] 0214dUpdateInfo.job : C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe -  /SETINFO /CMPID=0214d /INFORETRY=3 [7] -> FOUND
[V2][SUSP PATH] 0214dUpdateInfo : C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe - /SETINFO /CMPID=0214d /INFORETRY=3 [7] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Address] IAT @explorer.exe (GetProcAddress) : KERNEL32.dll -> HOOKED (C:\Windows\system32\apphelp.dll @ 0x74E5FFF6)
[Address] EAT @explorer.exe (BeginBufferedAnimation) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB09AE)
[Address] EAT @explorer.exe (BeginBufferedPaint) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA49A1)
[Address] EAT @explorer.exe (BeginPanningFeedback) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD0731)
[Address] EAT @explorer.exe (BufferedPaintClear) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA6395)
[Address] EAT @explorer.exe (BufferedPaintInit) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA940E)
[Address] EAT @explorer.exe (BufferedPaintRenderAnimation) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB08ED)
[Address] EAT @explorer.exe (BufferedPaintSetAlpha) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DBE6B3)
[Address] EAT @explorer.exe (BufferedPaintStopAllAnimations) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DBD395)
[Address] EAT @explorer.exe (BufferedPaintUnInit) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA94AB)
[Address] EAT @explorer.exe (CloseThemeData) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA6A18)
[Address] EAT @explorer.exe (DrawThemeBackground) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA3982)
[Address] EAT @explorer.exe (DrawThemeBackgroundEx) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DBD9DA)
[Address] EAT @explorer.exe (DrawThemeEdge) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DC3B52)
[Address] EAT @explorer.exe (DrawThemeIcon) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD35E7)
[Address] EAT @explorer.exe (DrawThemeParentBackground) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA53E5)
[Address] EAT @explorer.exe (DrawThemeParentBackgroundEx) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA51BF)
[Address] EAT @explorer.exe (DrawThemeText) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA4EA1)
[Address] EAT @explorer.exe (DrawThemeTextEx) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA63E6)
[Address] EAT @explorer.exe (EnableThemeDialogTexture) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DAFCAF)
[Address] EAT @explorer.exe (EnableTheming) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD2FEB)
[Address] EAT @explorer.exe (EndBufferedAnimation) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA3F9A)
[Address] EAT @explorer.exe (EndBufferedPaint) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA3F9A)
[Address] EAT @explorer.exe (EndPanningFeedback) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD06CC)
[Address] EAT @explorer.exe (GetBufferedPaintBits) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA4BAF)
[Address] EAT @explorer.exe (GetBufferedPaintDC) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB04BC)
[Address] EAT @explorer.exe (GetBufferedPaintTargetDC) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB0473)
[Address] EAT @explorer.exe (GetBufferedPaintTargetRect) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD2E7F)
[Address] EAT @explorer.exe (GetCurrentThemeName) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB05DD)
[Address] EAT @explorer.exe (GetThemeAppProperties) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB0FB1)
[Address] EAT @explorer.exe (GetThemeBackgroundContentRect) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DACD2E)
[Address] EAT @explorer.exe (GetThemeBackgroundExtent) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DAF8BF)
[Address] EAT @explorer.exe (GetThemeBackgroundRegion) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB165D)
[Address] EAT @explorer.exe (GetThemeBitmap) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DABF93)
[Address] EAT @explorer.exe (GetThemeBool) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA7C1F)
[Address] EAT @explorer.exe (GetThemeColor) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA616C)
[Address] EAT @explorer.exe (GetThemeDocumentationProperty) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD2932)
[Address] EAT @explorer.exe (GetThemeEnumValue) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA616C)
[Address] EAT @explorer.exe (GetThemeFilename) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD2412)
[Address] EAT @explorer.exe (GetThemeFont) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DAFF21)
[Address] EAT @explorer.exe (GetThemeInt) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA616C)
[Address] EAT @explorer.exe (GetThemeIntList) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD23B1)
[Address] EAT @explorer.exe (GetThemeMargins) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA86E9)
[Address] EAT @explorer.exe (GetThemeMetric) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB06E2)
[Address] EAT @explorer.exe (GetThemePartSize) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DACDB1)
[Address] EAT @explorer.exe (GetThemePosition) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD2350)
[Address] EAT @explorer.exe (GetThemePropertyOrigin) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DC3FBB)
[Address] EAT @explorer.exe (GetThemeRect) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB3611)
[Address] EAT @explorer.exe (GetThemeStream) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB39D9)
[Address] EAT @explorer.exe (GetThemeString) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD22E4)
[Address] EAT @explorer.exe (GetThemeSysBool) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD3172)
[Address] EAT @explorer.exe (GetThemeSysColor) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DC3274)
[Address] EAT @explorer.exe (GetThemeSysColorBrush) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD301E)
[Address] EAT @explorer.exe (GetThemeSysFont) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD29C4)
[Address] EAT @explorer.exe (GetThemeSysInt) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD2BD3)
[Address] EAT @explorer.exe (GetThemeSysSize) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD320B)
[Address] EAT @explorer.exe (GetThemeSysString) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD2B3F)
[Address] EAT @explorer.exe (GetThemeTextExtent) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA2D57)
[Address] EAT @explorer.exe (GetThemeTextMetrics) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DAF992)
[Address] EAT @explorer.exe (GetThemeTransitionDuration) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB1081)
[Address] EAT @explorer.exe (GetWindowTheme) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DADF46)
[Address] EAT @explorer.exe (HitTestThemeBackground) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB3CE3)
[Address] EAT @explorer.exe (IsAppThemed) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DAF869)
[Address] EAT @explorer.exe (IsCompositionActive) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA2E9A)
[Address] EAT @explorer.exe (IsThemeActive) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DAF785)
[Address] EAT @explorer.exe (IsThemeBackgroundPartiallyTransparent) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA60AB)
[Address] EAT @explorer.exe (IsThemeDialogTextureEnabled) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD312B)
[Address] EAT @explorer.exe (IsThemePartDefined) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA85B4)
[Address] EAT @explorer.exe (OpenThemeData) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DA73D2)
[Address] EAT @explorer.exe (OpenThemeDataEx) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DC3D43)
[Address] EAT @explorer.exe (SetThemeAppProperties) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD3296)
[Address] EAT @explorer.exe (SetWindowTheme) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DB0134)
[Address] EAT @explorer.exe (SetWindowThemeAttribute) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DBCFE6)
[Address] EAT @explorer.exe (ThemeInitApiHook) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DAB176)
[Address] EAT @explorer.exe (UpdatePanningFeedback) : comctl32.dll -> HOOKED (C:\Windows\system32\UxTheme.dll @ 0x73DD068D)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

 

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) M4-CT256M4SSD2 +++++
--- User ---
[MBR] f97616d7d2e7ded69956b0c572253cea
[BSP] 13b554fe345da5c5912d025e52766a6f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 208896 | Size: 244096 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_04112014_123500.txt >>

 

 



#11 kbrown1835

kbrown1835
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 11 April 2014 - 12:17 PM

Malwarebytes:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/11/2014
Scan Time: 1:13:20 PM
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.11.10
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: brownk

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 436298
Time Elapsed: 6 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-2094157777-493687331-1256410061-120116-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, No Action By User, [b85e8d9c6c0f4ceabb1fd39113ef7a86],

Registry Values: 5
Malware.Trace, HKU\S-1-5-21-2094157777-493687331-1256410061-120116-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWCPL|1, firewall.cpl, Quarantined, [7c9aa1887803ba7cb139af37ac569a66]
Malware.Trace, HKU\S-1-5-21-2094157777-493687331-1256410061-120310-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWCPL|1, firewall.cpl, Quarantined, [a17532f7a9d2c472965426c030d28779]
Malware.Trace, HKU\S-1-5-21-2094157777-493687331-1256410061-154497-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWCPL|1, firewall.cpl, Quarantined, [c15581a837447bbb5496f4f29d657f81]
Malware.Trace, HKU\S-1-5-21-2094157777-493687331-1256410061-154706-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWCPL|1, firewall.cpl, Quarantined, [799d64c5bdbe280ed11901e59969a45c]
Malware.Trace, HKU\S-1-5-21-2094157777-493687331-1256410061-2277-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWCPL|1, firewall.cpl, Quarantined, [2fe72801fd7e9a9c35b54f97a65c57a9]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 34
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.admin", false);), No Action By User,[59bd65c4e79462d4aff691b81de741bf]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.aflt", "babsst");), No Action By User,[b561d15866151323f9ac2c1d83816799]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");), No Action By User,[34e236f390eb61d5aef72b1e72927888]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.autoRvrt", "false");), No Action By User,[42d4bc6dc6b5ab8bdec71930768ee818]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.babExt", "");), No Action By User,[34e280a906750e288c1954f50cf83dc3]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.babTrack", "affID=113959&tt=3612_8");), No Action By User,[bd59c564205b3600376ec584ce36a759]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.bbDpng", "14");), No Action By User,[c74f6abf59226dc95c493b0e13f121df]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.cntry", "US");), No Action By User,[54c2bf6a6e0df64024811435bd478d73]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.dfltLng", "en");), No Action By User,[1303a089394251e59e07ae9bf01430d0]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.excTlbr", false);), No Action By User,[2fe738f1c0bb072fa1042d1c24e0d828]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.hdrMd5", "E97F35ECBCD375F2C11C86426E54F3A7");), No Action By User,[35e16fba7efd67cff3b28cbddb2930d0]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.hmpg", false);), No Action By User,[a472bf6a99e27db90f960d3ced17f50b]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.id", "58ae1dc9000000000000a078baf03adc");), No Action By User,[a0760227473468ce6d3828210ef601ff]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.instlDay", "15588");), No Action By User,[9a7caf7afe7df145a8fd90b9c83c7888]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.instlRef", "sst");), No Action By User,[b4622aff166511257d283b0e0cf8fa06]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.128:56:46");), No Action By User,[4dc980a96a110d29a302ac9dd62e4eb2]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.newTab", false);), No Action By User,[d541b574a0db95a18a1bd3768084956b]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"74\",\"lastVrsn\":\"74\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");), No Action By User,[71a5b178a0db06301590f7529b69a35d]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");), No Action By User,[e3330d1c90eb5cdaf1b4fd4c20e4a35d]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.prtnrId", "babylon");), No Action By User,[fd19b475691243f37e27b29752b2da26]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.sg", "azb");), No Action By User,[5cba69c0f88385b175305beeb450cf31]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.smplGrp", "azb");), No Action By User,[0c0a1e0b92e9c4725451a3a69173c13f]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.srcExt", "ss");), No Action By User,[27ef70b93e3d54e22f7669e09b69659b]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.tlbrId", "base");), No Action By User,[799def3aa5d63303ebbaa6a342c207f9]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=58ae1dc9000000000000a078baf03adc&q=");), No Action By User,[d0464fda007b211504a1e663fb0922de]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");), No Action By User,[c05668c1126961d5d8cd311843c16f91]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.128:56:46");), No Action By User,[e33333f667140b2bfbaa97b25ca86f91]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");), No Action By User,[28ee30f9d7a48fa76a3bea5fc14352ae]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.babExt", "");), No Action By User,[888e7eab91ea56e03b6acc7d798b827e]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113959&tt=3612_8");), No Action By User,[16000524dba045f1e0c5a5a454b0f10f]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.newTab", false);), No Action By User,[a571989182f9de58e3c270d9e123e818]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.smplGrp", "none");), No Action By User,[f32327024c2f25119015f653eb1913ed]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.srcExt", "ss");), No Action By User,[22f445e4fb8075c16d383b0ed92bee12]
PUP.Optional.Babylon.A, C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js, Good: (), Bad: (user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.128:56:46");), No Action By User,[58be73b63a410f27b6efaf9a6f9508f8]

Physical Sectors: 0
(No malicious items detected)

(end)



#12 kbrown1835

kbrown1835
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 11 April 2014 - 12:24 PM

HitMan Pro:

 

HitmanPro 3.7.9.216
www.hitmanpro.com
   Computer name . . . . : ETW-D0NHFS1
   Windows . . . . . . . : 6.1.1.7601.X86/4
   User name . . . . . . : SCHULLER\brownk
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
   Scan date . . . . . . : 2014-04-11 13:20:23
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 18s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 202
   Objects scanned . . . : 1,348,607
   Files scanned . . . . : 68,593
   Remnants scanned  . . : 391,457 files / 888,557 keys
Potential Unwanted Programs _________________________________________________
   C:\Program Files\SweetIM\ (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\ (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\default.xml (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\resources\images\ (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\resources\images\AudibleButton.png (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\resources\images\EmoticonButton.png (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\resources\images\GamesButton.png (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\resources\images\KeyboardButton.png (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\resources\images\NudgeButton.png (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\resources\images\SoundFxButton.png (Sweetpacks)
   C:\Program Files\SweetIM\Messenger\resources\images\WinksButton.png (Sweetpacks)
   C:\ProgramData\Babylon\ (Babylon)
   C:\ProgramData\SweetIM\ (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\conf\ (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\conf\adapter.xml (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\conf\autoupdate.xml (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\conf\contentpackages.xml (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\conf\logger.xml (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\conf\messages.xml (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\conf\sweetim.xml (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\conf\sweetimapp.xml (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\conf\users\ (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\conf\users\main_user_config.xml (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\100\ (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\100\bar.html (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\100\bar.js (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\100\bar.swf (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\200\ (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\200\bar.html (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\200\bar.js (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\200\bar.swf (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\400\ (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\400\bar.html (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\400\bar.js (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\Bars\Default\400\bar.swf (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\contentdb\ (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\contentdb\cache_indx.dat (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog\ (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog\activationFail.htm (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog\close_but.gif (Sweetpacks)
   C:\ProgramData\SweetIM\Messenger\data\packages\FailDialog\failure_dialog_BG.jpg (Sweetpacks)
   ask.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Web Data
   C:\Users\brownk\AppData\LocalLow\BabylonToolbar\ (Babylon)
   C:\Users\brownk\AppData\Roaming\Babylon\ (Babylon)
   C:\Users\brownk\AppData\Roaming\Babylon\log_file.txt (Babylon)
   sweetim.toolbar.dialogs.0.url
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js
   sweetim.toolbar.dialogs.2.url
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js
   sweetim.toolbar.rc.url
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js
   sweetim.toolbar.scripts.0.url
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js
   sweetim.toolbar.scripts.1.url
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\prefs.js
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\SweetPacksToolbarData\ (Sweetpacks)
   HKLM\SOFTWARE\Babylon\ (Babylon)
   HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
   HKLM\SOFTWARE\Classes\Prod.cap\ (Claro)
   HKLM\SOFTWARE\Classes\s\ (Softonic)
   HKU\S-1-5-21-2094157777-493687331-1256410061-120116\Software\Softonic\ (Softonic)
Cookies _____________________________________________________________________
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:247realmedia.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:geeksaresexy.net
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:overture.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:pointroll.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\brownk\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\0J3CHZAY.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\0JQLD45E.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\1A5ITMDX.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\1BWPFNVG.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\1QLWKPUL.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\1WCCEWL4.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\2D5YN4AG.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\38M7MFGE.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\3KYUPUMT.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\4CU93IL1.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\4EIK5X00.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\4KSP3PX9.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\4LDL7A3R.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\51X0A64H.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\5K0ERBZR.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\5XXDFQ00.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\6EVKRBJZ.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\7MNOYJKM.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\9C4FM6V8.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\A12LGUWT.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\A5CHFXD1.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\AD34FO6U.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\ANDI3L80.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\B2DO4ZMA.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\BBPFX8Z8.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\BUQQ2ZE7.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\DHDUTVSN.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\FCXLYNXE.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\FLUD5X4M.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\GU7PK3GX.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\GYJ1VNRB.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\H00ZWJPL.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\HXQW3A0B.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\IKO609JC.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\IYF3KQGU.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\J2DDF85K.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\J953RCD6.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\KBOBFYB3.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\KHHRJ5ZJ.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\KPMU63XL.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\KQLUNPTN.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\KQOIL287.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\L8P1FUP7.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\ML559NQ5.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\MQPCFO96.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\N3Z8F77K.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\N9AEYVGD.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\NWJYDDVW.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\O637VRUF.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\O83F204P.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\ORLA28IH.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\P9AABEGE.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\PIE6O4Z8.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\PW308MAI.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\QEJ1LIQQ.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\QT5ONIJ0.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\RK9DA22C.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\RLEKX2JQ.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\S9CQOYQD.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\SO0LDMWL.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\SZ8QNGFN.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\T07S31NP.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\T7ZUQIGN.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\TVXD3Q91.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\TX5Z5PKI.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\TYQHVKNG.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\U1VUGL4I.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\U3FP7EH2.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\U65FBBV9.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\V26378Q9.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\VGG9GGMW.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\VKJR70F4.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\WBKI4W3J.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\WBSKBF6P.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\XBS6DSH8.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\YDQOAIH0.txt
   C:\Users\brownk\AppData\Roaming\Microsoft\Windows\Cookies\Z1NSC6S3.txt
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:2o7.net
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:adinterax.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:ads.bridgetrack.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:advertising.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:apmebf.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:at.atwola.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:atdmt.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:burstnet.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:c.atdmt.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:casalemedia.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:collective-media.net
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:dmtracker.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:doubleclick.net
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:emjcd.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:fastclick.net
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:invitemedia.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:media6degrees.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:mediaplex.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:microsoftwlcashback.112.2o7.net
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:pcworldcommunication.122.2o7.net
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:questionmarket.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:revsci.net
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:ru4.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:serving-sys.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:specificclick.net
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:stats.paypal.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:tribalfusion.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:www.burstnet.com
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:yadro.ru
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:yieldmanager.net
   C:\Users\brownk\AppData\Roaming\Mozilla\Firefox\Profiles\pizc40df.default\cookies.sqlite:zedo.com


#13 kbrown1835

kbrown1835
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 11 April 2014 - 12:27 PM

Security Check:

 

 Results of screen317's Security Check version 0.99.81 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
AVG AntiVirus Free Edition 2014          
Microsoft Forefront Endpoint Protection  
 Antivirus out of date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java™ 6 Update 26 
 Java 7 Update 51 
  Adobe Flash Player  11.5.502.146 Flash Player out of Date! 
 Adobe Reader 10.1.1 Adobe Reader out of Date! 
 Mozilla Firefox 14.0.1 Firefox out of Date! 
 Google Chrome 33.0.1750.154 
 Google Chrome 34.0.1847.116 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials msseces.exe
 Windows Defender MSMpEng.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 AVG avgwdsvc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

 



#14 kbrown1835

kbrown1835
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:05:43 PM

Posted 11 April 2014 - 12:28 PM

I think that is it....Lemme know if there are any other items I need to take care of...Thanks.



#15 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:12:43 AM

Posted 12 April 2014 - 04:29 AM

Hello,

 

Please run MBAM again but make sure that you remove the entries found.

Next please run a new scan with HitmanPro and post back the results.

 

 

Regards,

Georgi


cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users