Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

constant pop ups, blue screen, Norton forum suggested I ask for help here


  • This topic is locked This topic is locked
15 replies to this topic

#1 Ashwee52

Ashwee52

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:01 AM

Posted 28 May 2014 - 07:57 PM

Hello and thank you to any one taking the time to assist!

 

The computer I am on has constant pop ups, uninstalled the antivirus, and occasionally the blue screen will appear.  I reinstalled Norton, scan found nothing but cookies, recieved error message when attempting to run Norton Power Eraser.  Webroot only has error messages.  Unable to install updates for Windows.  Ran Spybot on recomendation from a friend, and issues were not resolved.

 

I would greatly appreciate any assistance in restoring the computer back to normal working order.



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:01 AM

Posted 29 May 2014 - 06:53 PM

Hello Ashwee52,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.

 

 

1.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool .
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

2.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 Ashwee52

Ashwee52
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:01 AM

Posted 31 May 2014 - 05:16 PM

Hello fireman4it,

 

Thank you very much!

 

AdwCleaner:

 

# AdwCleaner v3.211 - Report created 31/05/2014 at 17:50:29
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : owner - OWNER-PC
# Running from : C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E02WCFSY\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : 70e6ca8c
Service Deleted : BackupStack
[#] Service Deleted : Partner Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\PriceMeterLiveUpdate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\Program Files (x86)\Bench
[#] Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\registry mechanic
Folder Deleted : C:\Program Files (x86)\Settings Manager
Folder Deleted : C:\Users\boys\AppData\LocalLow\CouponAlert_2p
Folder Deleted : C:\Users\owner\AppData\Local\emaze
Folder Deleted : C:\Users\owner\AppData\Local\Freesofttoday
Folder Deleted : C:\Users\owner\AppData\Local\Mobogenie
Folder Deleted : C:\Users\owner\AppData\Local\PackageAware
Folder Deleted : C:\Users\owner\AppData\Local\PriceMeterLiveUpdate
Folder Deleted : C:\Users\owner\AppData\Local\SearchProtect
Folder Deleted : C:\Users\owner\AppData\LocalLow\CouponAlert_2p
Folder Deleted : C:\Users\owner\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\owner\AppData\Roaming\registry mechanic
Folder Deleted : C:\Users\owner\AppData\Roaming\VOPackage
Folder Deleted : C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder Deleted : C:\Users\owner\Documents\Mobogenie
Folder Deleted : C:\Users\owner\Documents\Optimizer Pro
Folder Deleted : C:\Users\owner\Documents\PC Speed Maximizer
File Deleted : C:\Users\owner\daemonprocess.txt
File Deleted : C:\Users\owner\AppData\Local\AnyProtectScannerSetup.exe
File Deleted : C:\Users\owner\AppData\Roaming\aps.uninstall.scan.results
File Deleted : C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\owner\Desktop\MyPC Backup.lnk
File Deleted : C:\Users\owner\Desktop\Optimizer Pro.lnk
File Deleted : C:\Users\owner\Desktop\Sync Folder.lnk
File Deleted : C:\Windows\Tasks\APSnotifierPP1.job
File Deleted : C:\Windows\System32\Tasks\APSnotifierPP1
File Deleted : C:\Windows\Tasks\APSnotifierPP2.job
File Deleted : C:\Windows\System32\Tasks\APSnotifierPP2
File Deleted : C:\Windows\Tasks\APSnotifierPP3.job
File Deleted : C:\Windows\System32\Tasks\APSnotifierPP3

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho
Key Deleted : HKLM\SOFTWARE\Classes\kt_bho.KettleBho.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\TotalRecipeSearch_14Installer.Start
Key Deleted : HKLM\SOFTWARE\Classes\TotalRecipeSearch_14Installer.Start.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BrowseMark_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseMark_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseMark_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseMark_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseMark_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@ei.TotalRecipeSearch_14.com/Plugin
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23B0AE65-17D2-4491-98E5-B1AA6228DDA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B181CF2-878B-4758-8FBD-59D8AC5AB12D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{490A5A0F-1471-47FF-8BB5-719F1F5238AD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E5B29C2-BC6E-40BE-B881-AEE35B1F4035}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23B38049-323F-443D-9732-F454E5B15B72}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8867AC9B-4426-44A2-A693-C95850D3405C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FD79F359-E577-46DB-AA74-D6E6B8B45BA8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{09971CEE-01B8-42BC-9D91-456B1FAAD6BE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09971CEE-01B8-42BC-9D91-456B1FAAD6BE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{004EB151-885B-4A9E-A22D-CA98DD998D75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{041278C7-DF92-486D-AE85-921BDFC75A43}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0F1794F2-900B-4C81-8146-9234E5CC5BE2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1116A14B-F6A3-4FD9-A00E-FF8CF270EE48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{21D9997E-5D2A-4737-BCBA-C958C0590295}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{36A7148B-639E-423C-90BB-30B6E1A40BD7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B181CF2-878B-4758-8FBD-59D8AC5AB12D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{490A5A0F-1471-47FF-8BB5-719F1F5238AD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{56965DCF-718F-4148-BECF-5A2B466F4556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{58E64AEE-516A-4DFC-AC38-31C50E8AF0F1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5F701D7D-C869-41F0-B0E2-8136F02B539C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{61DAB0AD-AD23-4E40-84AC-7C6CE64D4EB3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{65D8E17B-312E-4E12-913B-A841A8631143}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6BDA50D2-5597-4C68-A842-9B857FCCDA49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6CA3D0AB-F807-462C-BA7F-E27F07F91E32}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6F99D2AE-5C90-43C2-A2FE-81DBE512E2FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{860AF5D1-0735-409D-8E5F-E3E99356D7E9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8997561D-CF0B-42C7-AAE6-78801B3ADC7F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{92580E8C-88F5-4551-9D9E-8147E7EE2C32}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0636D37-97D0-4DC4-95A6-93AABA07437F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A786F51D-B3C7-4F52-91EF-E1A892C2A2AE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D244EAC5-A0F5-4859-A1F8-18ABC0AC3A00}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8AF87C1-0B1E-494B-AAF0-CECC3FFEDF99}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC4DAE-7794-4E16-9A98-F6001303DCD0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAB77009-B974-48DF-8229-E70CFAA11C69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EBAA6283-B61F-4DDD-9659-56635433A307}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFB0C189-5077-4340-9838-AF7B8E792A54}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFB4F034-3EB5-48D5-84DD-89BBCF9A182F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9D45087-1CF1-452E-9649-FDFDAC578E03}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FF2EBC1C-6579-41DB-91DD-945A1C8DB2D2}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\FreeSoftToday
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Bench
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Free_soft_today
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\TotalRecipeSearch_14EI
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~2.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~3.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

*************************

AdwCleaner[R0].txt - [16359 octets] - [31/05/2014 17:25:02]
AdwCleaner[S0].txt - [14993 octets] - [31/05/2014 17:50:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15054 octets] ##########

 

Farbar:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by owner (administrator) on OWNER-PC on 31-05-2014 18:00:52
Running from C:\Users\owner\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

 

The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Acer Incorporated) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
(Verizon) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe
() C:\Program Files\pcreg\pcreg.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Acer) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcatel-Lucent) C:\Program Files\Verizon\McciTrayApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
(COLLABERA) C:\Program Files (x86)\Verizon\FiOS\ihs\IHANotify.exe
(AWS Convergence Technologies, Inc.) C:\Program Files (x86)\AWS\WeatherBug\Weather.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
() C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
(IOI) C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Alcatel-Lucent) C:\Program Files (x86)\Verizon\McciBrowser.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciControlHost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [fssui] => C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584 2010-09-23] (Microsoft Corporation)
HKLM\...\Run: [Verizon_McciTrayApp] => C:\Program Files\Verizon\McciTrayApp.exe [3432448 2010-03-17] (Alcatel-Lucent)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-24] (Symantec Corporation)
HKLM-x32\...\Run: [Gateway Photo Frame] => C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe [124416 2009-07-20] (IOI)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [WebrootTrayApp] => C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe [1382984 2011-12-06] (Webroot Software, Inc. )
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-10] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4240760 2010-11-10] (Microsoft Corporation)
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\Run: [ihanotify] => C:\Program Files (x86)\Verizon\FiOS\ihs\IHANotify.exe [237568 2010-12-28] (COLLABERA)
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-27] (Google Inc.)
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\Run: [Weather] => C:\Program Files (x86)\AWS\WeatherBug\Weather.exe [1653760 2012-11-20] (AWS Convergence Technologies, Inc.)
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\Policies\Explorer: [NoLogOff] 0
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1184358007-467837356-3212989126-1000\...\MountPoints2: D - D:\autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FastMediaConverter.lnk
ShortcutTarget: FastMediaConverter.lnk -> C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
ShortcutTarget: Kodak EasyShare software.lnk -> C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1184358007-467837356-3212989126-1003\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4822&r=173601106216p0335v1k5k4771r21o
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12521&tm=324&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12521&tm=324&src=ds&p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACGW_enUS390
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12692&tm=324&src=ds&p={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: No Name - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -  No File
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.3.0.12\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {0067DBFC-A752-458C-AE6E-B9C7E63D4824}
http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Hosts: 54.225.95.126 imfpmncmbojnbdhnogcegojocabhpbnh
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 - C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\owner\AppData\Local\Roblox\Versions\version-3ebe0cca16b6421c\\NPRobloxProxy.dll ( Roblox Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\IPSFF [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.3.0.12\coFFPlgn\ []

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 IHA_MessageCenter; C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [350792 2013-09-13] (Verizon)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 McciCMService64; C:\Program Files\Common Files\Motive\McciCMService.exe [517632 2010-03-17] (Alcatel-Lucent)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe [265040 2014-05-11] (Symantec Corporation)
R2 pcregservice; C:\Program Files\pcreg\pcreg.exe [249024 2014-04-18] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WebrootSpySweeperService; C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe [3997912 2011-08-24] (Webroot Software, Inc. (
www.webroot.com))

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\BASHDefs\20140510.001\BHDrvx64.sys [1530160 2014-05-09] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-05-28] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\IPSDefs\20140530.001\IDSvia64.sys [525016 2014-05-27] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-05-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA))
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140531.004\ENG64.SYS [126040 2014-05-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.3.0.12\Definitions\VirusDefs\20140531.004\EX64.SYS [2099288 2014-05-28] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1503000.00C\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation)
R2 ssfmonm; C:\Windows\System32\DRIVERS\ssfmonm.sys [56920 2011-07-11] (Webroot Software, Inc. (
www.webroot.com))
R0 ssidrv; C:\Windows\System32\DRIVERS\ssidrv.sys [136224 2011-07-11] (Webroot Software, Inc. (
www.webroot.com))
R0 SymDS; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1503000.00C\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-05-28] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1503000.00C\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1503000.00C\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
R1 {b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64; C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}Gw64.sys [61120 2014-04-24] (StdLib)
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-05-31 18:00 - 2014-05-31 18:01 - 00019428 _____ () C:\Users\owner\Desktop\FRST.txt
2014-05-31 18:00 - 2014-05-31 17:59 - 02066944 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe
2014-05-31 17:59 - 2014-05-31 18:00 - 00000000 ____D () C:\FRST
2014-05-31 17:24 - 2014-05-31 17:50 - 00000000 ____D () C:\AdwCleaner
2014-05-30 03:00 - 2014-05-31 17:11 - 00000000 ____D () C:\Users\owner\AppData\Local\{5005C3AE-FD90-491B-9CC4-2557B5211F43}
2014-05-28 20:31 - 2014-05-28 20:32 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-05-28 20:31 - 2014-05-28 20:31 - 00000000 ____D () C:\Users\owner\AppData\Roaming\WeatherBug
2014-05-28 20:31 - 2014-05-28 20:31 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug
2014-05-28 20:31 - 2014-05-28 20:31 - 00000000 ____D () C:\Users\owner\AppData\Local\WeatherBug
2014-05-28 20:31 - 2014-05-28 20:31 - 00000000 ____D () C:\Program Files (x86)\AWS
2014-05-28 20:29 - 2014-05-31 17:50 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-05-28 20:27 - 2014-05-31 17:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 20:27 - 2014-05-28 20:27 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-28 20:27 - 2014-05-28 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-28 20:27 - 2014-05-28 20:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 20:27 - 2014-05-28 20:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-28 20:27 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-28 20:27 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-28 20:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-28 18:45 - 2014-05-28 18:45 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-05-28 18:41 - 2014-05-28 18:41 - 00002398 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-05-28 18:40 - 2014-05-28 18:41 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-05-28 18:40 - 2014-05-28 18:40 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-05-28 18:40 - 2014-05-28 18:40 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-05-28 18:25 - 2014-05-28 18:44 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-05-28 18:25 - 2014-05-28 18:25 - 01021984 _____ (Symantec Corporation) C:\Users\owner\Downloads\NortonN360Downloader.exe
2014-05-28 18:12 - 2014-05-28 18:12 - 00000000 ____D () C:\Users\owner\AppData\Local\{10AC4AF6-F51F-4834-83A8-D70E54306052}
2014-05-28 14:47 - 2014-05-28 14:47 - 00277920 _____ () C:\Windows\Minidump\052814-74708-01.dmp
2014-05-28 05:11 - 2014-05-28 05:11 - 00000000 ____D () C:\Users\owner\AppData\Local\{50BCD8B4-2361-4C9F-A5AD-5F48B4A0A85E}
2014-05-27 17:06 - 2014-05-27 17:06 - 00000000 ____D () C:\Users\owner\AppData\Local\{4D94697B-6BBE-464F-8421-6650B72A64A9}
2014-05-26 15:02 - 2014-05-27 03:04 - 00000000 ____D () C:\Users\owner\AppData\Local\{8231D748-D92F-4005-A213-680B57B59DD0}
2014-05-26 03:00 - 2014-05-26 03:01 - 00000000 ____D () C:\Users\owner\AppData\Local\{4D3E8C3A-AA79-4C96-A15D-5FDFD5020F5E}
2014-05-26 03:00 - 2014-05-26 03:00 - 00000000 ____D () C:\Users\owner\AppData\Local\{7801E6C0-96FB-43AA-8F49-8316AF2F93B2}
2014-05-23 17:57 - 2014-05-25 11:04 - 00000000 ____D () C:\Users\owner\AppData\Local\{BE056411-1354-4CC6-BD88-6B5BD7ABB490}
2014-05-23 03:00 - 2014-05-23 03:00 - 00000000 ____D () C:\Windows\CheckSur
2014-05-22 19:47 - 2014-05-22 19:47 - 00000000 ____D () C:\Users\owner\AppData\Local\{DF7B155A-3D69-4345-B436-A9A3CC2136CF}
2014-05-22 19:47 - 2014-05-22 19:47 - 00000000 ____D () C:\Users\owner\AppData\Local\{C447631B-97F2-4C53-814F-C3D95A53AEBC}
2014-05-22 03:00 - 2014-05-22 03:00 - 00000000 ____D () C:\Users\owner\AppData\Local\{39EF3DAD-93FC-4AFB-BA0C-CBF915FE7DAF}
2014-05-21 15:14 - 2014-05-09 02:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-21 15:14 - 2014-05-09 02:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-21 15:14 - 2014-03-24 22:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-21 15:14 - 2014-03-24 22:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-21 15:13 - 2014-04-11 22:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-21 15:13 - 2014-04-11 22:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-21 15:13 - 2014-04-11 22:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-21 15:13 - 2014-04-11 22:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-21 15:13 - 2014-04-11 22:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-21 15:13 - 2014-04-11 22:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-21 15:13 - 2014-04-11 22:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-21 15:13 - 2014-04-11 22:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-21 15:13 - 2014-04-11 22:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-21 15:13 - 2014-03-04 05:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-21 15:13 - 2014-03-04 05:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-21 15:13 - 2014-03-04 05:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-21 15:13 - 2014-03-04 05:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-21 15:13 - 2014-03-04 05:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-21 15:13 - 2014-03-04 05:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-21 15:13 - 2014-03-04 05:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-21 15:13 - 2014-03-04 05:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-21 15:13 - 2014-03-04 05:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-21 15:13 - 2014-03-04 05:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-21 15:13 - 2014-03-04 05:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-21 15:13 - 2014-03-04 05:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-21 15:13 - 2014-03-04 05:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-21 15:13 - 2014-03-04 05:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-21 15:13 - 2014-03-04 05:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-21 15:13 - 2014-03-04 05:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-21 15:13 - 2014-03-04 05:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-21 15:13 - 2014-03-04 05:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-21 15:13 - 2014-03-04 05:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-21 15:13 - 2014-03-04 05:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-21 15:13 - 2014-03-04 05:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-21 07:05 - 2014-05-21 07:05 - 00000000 ____D () C:\Users\owner\AppData\Local\{0897BF70-88D0-462A-BA2D-4686197E9A5E}
2014-05-21 07:04 - 2014-05-21 07:05 - 00000000 ____D () C:\Users\owner\AppData\Local\{8DC62B8A-B97B-4E2B-B458-45575437B8A5}
2014-05-20 16:20 - 2014-05-20 16:20 - 00000000 ____D () C:\Users\owner\AppData\Local\{C045E658-4824-4F34-870E-4E7FBFFE7DD8}
2014-05-20 16:20 - 2014-05-20 16:20 - 00000000 ____D () C:\Users\owner\AppData\Local\{1B140C19-003D-42E5-AA64-360ED6A6D2FC}
2014-05-20 13:21 - 2014-05-20 13:22 - 00000000 ____D () C:\Users\owner\AppData\Local\{DD52B527-BFD4-48B1-B2F3-1B9E46606EE9}
2014-05-20 13:21 - 2014-05-20 13:21 - 00000000 ____D () C:\Users\owner\AppData\Local\{34910596-B209-4A71-B5D7-CE838614976D}
2014-05-20 10:15 - 2014-05-20 10:16 - 00000000 ____D () C:\Users\owner\AppData\Local\{ECFEAC9D-9D57-42EA-BA5E-CE7AF10A9C76}
2014-05-20 10:15 - 2014-05-20 10:15 - 00000000 ____D () C:\Users\owner\AppData\Local\{9C7AB5E7-41A0-4AD4-82A4-3325B95C04BC}
2014-05-19 06:08 - 2014-05-19 06:09 - 00000000 ____D () C:\Users\owner\AppData\Local\{2D7F026C-9BEA-4507-B991-A9F8072403E3}
2014-05-19 06:05 - 2014-05-19 06:05 - 00000000 ____D () C:\Users\owner\AppData\Local\{690E97D1-AFCB-4C50-A952-5A43BE6F1892}
2014-05-17 15:39 - 2014-05-18 10:20 - 00000000 ____D () C:\Users\owner\AppData\Local\{0BAD0499-15D9-444E-9900-DF2B78E370D6}
2014-05-14 20:58 - 2014-05-16 16:39 - 00000000 ____D () C:\Users\owner\AppData\Local\{3B839426-39BC-4838-9DBC-FB7EB88895F3}
2014-05-14 16:46 - 2014-05-31 17:50 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 16:46 - 2014-05-22 19:47 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 05:39 - 2014-05-14 05:39 - 00000000 ____D () C:\Users\owner\AppData\Local\{8134FA6A-F4C9-474E-A53C-4209F00B19E3}
2014-05-13 18:51 - 2014-05-28 18:13 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-13 18:51 - 2014-05-20 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-13 18:51 - 2014-05-14 05:44 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-13 18:51 - 2014-05-13 18:51 - 00001398 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-13 18:51 - 2014-05-13 18:51 - 00001386 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-13 18:51 - 2014-05-13 18:51 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-13 18:51 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-05-13 17:51 - 2011-08-17 15:15 - 00669072 _____ (MindSpark) C:\Program Files (x86)\2pUninstall Coupon Alert.dll
2014-05-13 17:51 - 2011-08-17 15:15 - 00161720 _____ () C:\Program Files (x86)\2pres.dll
2014-05-12 06:08 - 2014-05-13 15:52 - 00000000 ____D () C:\Users\owner\AppData\Local\{0465FE50-9483-4951-BC58-952696D04C63}
2014-05-11 11:50 - 2014-05-11 11:50 - 00277760 _____ () C:\Windows\Minidump\051114-47533-01.dmp
2014-05-10 21:08 - 2014-05-11 11:41 - 00000000 ____D () C:\Users\owner\AppData\Local\{D8FE5F73-949A-42EF-9307-8406F588959E}
2014-05-10 18:32 - 2014-05-10 18:32 - 00277920 _____ () C:\Windows\Minidump\051014-31855-01.dmp
2014-05-09 10:54 - 2014-05-10 07:43 - 00000000 ____D () C:\Users\owner\AppData\Local\{4A7E3D66-9D64-4665-84CB-A745E04D2ADD}
2014-05-08 16:03 - 2014-05-08 16:03 - 00277920 _____ () C:\Windows\Minidump\050814-31668-01.dmp
2014-05-07 03:01 - 2014-05-22 06:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-04 19:42 - 2014-05-08 05:56 - 00000000 ____D () C:\Users\owner\AppData\Local\{1B826E6F-2875-466E-932E-D7D4D8D83511}
2014-05-04 15:09 - 2014-05-04 15:09 - 00301496 _____ (VuuPC Limited) C:\Users\owner\AppData\Local\nso9370.tmp
2014-05-04 12:42 - 2014-05-04 12:42 - 00000047 _____ () C:\Users\owner\AppData\Roaming\WB.CFG
2014-05-04 11:42 - 2014-05-04 12:01 - 00000000 ____D () C:\Users\owner\AppData\Local\cache
2014-05-04 11:42 - 2014-05-04 11:42 - 00000000 ____D () C:\Users\owner\AppData\Local\IsolatedStorage
2014-05-04 11:42 - 2014-05-04 11:42 - 00000000 ____D () C:\Users\owner\.android
2014-05-04 11:41 - 2014-05-04 14:29 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-05-03 19:41 - 2014-05-04 07:42 - 00000000 ____D () C:\Users\owner\AppData\Local\{25F458F1-473E-46A1-AF63-CD85F3EE19A9}
2014-05-03 07:41 - 2014-05-03 07:41 - 00000000 ____D () C:\Users\owner\AppData\Local\{6F789435-EF5B-4C7A-9C68-3F4E3ABED759}
2014-05-03 03:00 - 2014-04-29 10:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 03:00 - 2014-04-29 09:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 03:00 - 2014-04-29 08:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 03:00 - 2014-04-29 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-01 13:35 - 2014-05-02 19:40 - 00000000 ____D () C:\Users\owner\AppData\Local\{8892CE32-BFEF-42FB-8739-204F056A442E}
2014-05-01 13:35 - 2014-05-02 19:40 - 00000000 ____D () C:\Users\owner\AppData\Local\{7159C372-A786-4191-AC84-C6BEAA5438C1}

==================== One Month Modified Files and Folders =======

2014-05-31 18:01 - 2014-05-31 18:00 - 00019428 _____ () C:\Users\owner\Desktop\FRST.txt
2014-05-31 18:01 - 2010-01-01 13:57 - 00000000 ____D () C:\Users\owner\AppData\Local\Temp
2014-05-31 18:00 - 2014-05-31 17:59 - 00000000 ____D () C:\FRST
2014-05-31 18:00 - 2014-04-21 13:49 - 00000000 ____D () C:\Program Files (x86)\FastMediaConverter
2014-05-31 17:59 - 2014-05-31 18:00 - 02066944 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe
2014-05-31 17:58 - 2009-09-24 01:58 - 01385188 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 17:57 - 2012-04-02 14:37 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EC9DBCB0-5158-4A19-82BA-69AA117CFD2F}
2014-05-31 17:56 - 2014-05-28 20:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-31 17:56 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 17:56 - 2009-07-14 00:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 17:55 - 2010-07-30 09:17 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-31 17:55 - 2010-01-19 16:29 - 00000000 ____D () C:\Users\owner\Tracing
2014-05-31 17:53 - 2010-08-18 11:24 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-05-31 17:53 - 2009-08-27 16:54 - 00776306 _____ () C:\Windows\PFRO.log
2014-05-31 17:53 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-31 17:53 - 2009-07-14 00:51 - 00087208 _____ () C:\Windows\setupact.log
2014-05-31 17:50 - 2014-05-31 17:24 - 00000000 ____D () C:\AdwCleaner
2014-05-31 17:50 - 2014-05-28 20:29 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-05-31 17:50 - 2014-05-14 16:46 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-31 17:50 - 2010-01-01 13:57 - 00000000 ____D () C:\Users\owner
2014-05-31 17:48 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2014-05-31 17:33 - 2010-07-30 09:17 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-31 17:19 - 2013-02-28 08:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-31 17:11 - 2014-05-30 03:00 - 00000000 ____D () C:\Users\owner\AppData\Local\{5005C3AE-FD90-491B-9CC4-2557B5211F43}
2014-05-31 03:01 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-28 21:03 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\addins
2014-05-28 21:00 - 2014-04-24 15:28 - 00000000 ____D () C:\temp
2014-05-28 21:00 - 2014-04-21 13:50 - 00000000 ____D () C:\Program Files\pcreg
2014-05-28 20:59 - 2010-09-24 12:56 - 00000000 ____D () C:\Users\Mcx1-OWNER-PC
2014-05-28 20:59 - 2010-01-04 19:26 - 00000000 ____D () C:\Users\boys
2014-05-28 20:45 - 2012-02-20 15:36 - 00000000 ____D () C:\Users\owner\AppData\Local\CrashDumps
2014-05-28 20:34 - 2010-11-26 13:55 - 00000000 ____D () C:\ProgramData\TEMP
2014-05-28 20:32 - 2014-05-28 20:31 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-05-28 20:31 - 2014-05-28 20:31 - 00000000 ____D () C:\Users\owner\AppData\Roaming\WeatherBug
2014-05-28 20:31 - 2014-05-28 20:31 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug
2014-05-28 20:31 - 2014-05-28 20:31 - 00000000 ____D () C:\Users\owner\AppData\Local\WeatherBug
2014-05-28 20:31 - 2014-05-28 20:31 - 00000000 ____D () C:\Program Files (x86)\AWS
2014-05-28 20:27 - 2014-05-28 20:27 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-28 20:27 - 2014-05-28 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-28 20:27 - 2014-05-28 20:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 20:27 - 2014-05-28 20:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-28 20:27 - 2010-12-17 18:30 - 00000000 ____D () C:\Users\owner\AppData\Local\NPE
2014-05-28 18:45 - 2014-05-28 18:45 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-05-28 18:45 - 2010-07-30 09:08 - 00000000 ____D () C:\Users\owner\Documents\Symantec
2014-05-28 18:44 - 2014-05-28 18:25 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-05-28 18:44 - 2013-07-27 16:31 - 00003206 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-05-28 18:44 - 2009-08-27 16:53 - 00000000 ____D () C:\ProgramData\Norton
2014-05-28 18:43 - 2010-07-30 09:09 - 00000000 ____D () C:\Users\owner\AppData\Local\Google
2014-05-28 18:41 - 2014-05-28 18:41 - 00002398 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-05-28 18:41 - 2014-05-28 18:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-05-28 18:41 - 2011-09-01 17:56 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-05-28 18:41 - 2011-09-01 17:56 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-05-28 18:40 - 2014-05-28 18:40 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-05-28 18:40 - 2014-05-28 18:40 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-05-28 18:39 - 2011-09-01 17:20 - 00001268 _____ () C:\Users\owner\Desktop\Norton Installation Files.lnk
2014-05-28 18:25 - 2014-05-28 18:25 - 01021984 _____ (Symantec Corporation) C:\Users\owner\Downloads\NortonN360Downloader.exe
2014-05-28 18:25 - 2011-09-01 17:20 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-05-28 18:16 - 2009-07-14 01:08 - 00032540 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-28 18:13 - 2014-05-13 18:51 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-28 18:12 - 2014-05-28 18:12 - 00000000 ____D () C:\Users\owner\AppData\Local\{10AC4AF6-F51F-4834-83A8-D70E54306052}
2014-05-28 14:47 - 2014-05-28 14:47 - 00277920 _____ () C:\Windows\Minidump\052814-74708-01.dmp
2014-05-28 14:47 - 2011-12-10 16:20 - 00000000 ____D () C:\Windows\Minidump
2014-05-28 14:46 - 2011-12-10 16:20 - 476065245 _____ () C:\Windows\MEMORY.DMP
2014-05-28 05:11 - 2014-05-28 05:11 - 00000000 ____D () C:\Users\owner\AppData\Local\{50BCD8B4-2361-4C9F-A5AD-5F48B4A0A85E}
2014-05-27 17:06 - 2014-05-27 17:06 - 00000000 ____D () C:\Users\owner\AppData\Local\{4D94697B-6BBE-464F-8421-6650B72A64A9}
2014-05-27 03:04 - 2014-05-26 15:02 - 00000000 ____D () C:\Users\owner\AppData\Local\{8231D748-D92F-4005-A213-680B57B59DD0}
2014-05-26 03:01 - 2014-05-26 03:00 - 00000000 ____D () C:\Users\owner\AppData\Local\{4D3E8C3A-AA79-4C96-A15D-5FDFD5020F5E}
2014-05-26 03:00 - 2014-05-26 03:00 - 00000000 ____D () C:\Users\owner\AppData\Local\{7801E6C0-96FB-43AA-8F49-8316AF2F93B2}
2014-05-25 11:04 - 2014-05-23 17:57 - 00000000 ____D () C:\Users\owner\AppData\Local\{BE056411-1354-4CC6-BD88-6B5BD7ABB490}
2014-05-23 06:59 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-05-23 06:15 - 2009-07-14 01:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-23 03:00 - 2014-05-23 03:00 - 00000000 ____D () C:\Windows\CheckSur
2014-05-22 19:47 - 2014-05-22 19:47 - 00000000 ____D () C:\Users\owner\AppData\Local\{DF7B155A-3D69-4345-B436-A9A3CC2136CF}
2014-05-22 19:47 - 2014-05-22 19:47 - 00000000 ____D () C:\Users\owner\AppData\Local\{C447631B-97F2-4C53-814F-C3D95A53AEBC}
2014-05-22 19:47 - 2014-05-14 16:46 - 00000000 ___RD () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-22 19:47 - 2010-12-17 19:20 - 00000000 ____D () C:\Users\owner\AppData\Local\Windows Live
2014-05-22 06:25 - 2014-05-07 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-22 06:20 - 2010-01-03 16:26 - 00000632 __RSH () C:\Users\owner\ntuser.pol
2014-05-22 03:04 - 2009-08-27 16:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-22 03:03 - 2013-08-15 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-22 03:02 - 2010-01-01 15:14 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-22 03:00 - 2014-05-22 03:00 - 00000000 ____D () C:\Users\owner\AppData\Local\{39EF3DAD-93FC-4AFB-BA0C-CBF915FE7DAF}
2014-05-21 07:05 - 2014-05-21 07:05 - 00000000 ____D () C:\Users\owner\AppData\Local\{0897BF70-88D0-462A-BA2D-4686197E9A5E}
2014-05-21 07:05 - 2014-05-21 07:04 - 00000000 ____D () C:\Users\owner\AppData\Local\{8DC62B8A-B97B-4E2B-B458-45575437B8A5}
2014-05-20 17:33 - 2014-05-13 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-05-20 17:33 - 2011-09-01 17:56 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-05-20 17:33 - 2011-01-25 17:03 - 00000000 ____D () C:\ProgramData\ArcSoft
2014-05-20 17:33 - 2009-08-27 16:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-05-20 17:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-20 17:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-05-20 17:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-05-20 16:20 - 2014-05-20 16:20 - 00000000 ____D () C:\Users\owner\AppData\Local\{C045E658-4824-4F34-870E-4E7FBFFE7DD8}
2014-05-20 16:20 - 2014-05-20 16:20 - 00000000 ____D () C:\Users\owner\AppData\Local\{1B140C19-003D-42E5-AA64-360ED6A6D2FC}
2014-05-20 13:22 - 2014-05-20 13:21 - 00000000 ____D () C:\Users\owner\AppData\Local\{DD52B527-BFD4-48B1-B2F3-1B9E46606EE9}
2014-05-20 13:21 - 2014-05-20 13:21 - 00000000 ____D () C:\Users\owner\AppData\Local\{34910596-B209-4A71-B5D7-CE838614976D}
2014-05-20 10:16 - 2014-05-20 10:15 - 00000000 ____D () C:\Users\owner\AppData\Local\{ECFEAC9D-9D57-42EA-BA5E-CE7AF10A9C76}
2014-05-20 10:15 - 2014-05-20 10:15 - 00000000 ____D () C:\Users\owner\AppData\Local\{9C7AB5E7-41A0-4AD4-82A4-3325B95C04BC}
2014-05-19 06:09 - 2014-05-19 06:08 - 00000000 ____D () C:\Users\owner\AppData\Local\{2D7F026C-9BEA-4507-B991-A9F8072403E3}
2014-05-19 06:05 - 2014-05-19 06:05 - 00000000 ____D () C:\Users\owner\AppData\Local\{690E97D1-AFCB-4C50-A952-5A43BE6F1892}
2014-05-18 10:20 - 2014-05-17 15:39 - 00000000 ____D () C:\Users\owner\AppData\Local\{0BAD0499-15D9-444E-9900-DF2B78E370D6}
2014-05-16 16:39 - 2014-05-14 20:58 - 00000000 ____D () C:\Users\owner\AppData\Local\{3B839426-39BC-4838-9DBC-FB7EB88895F3}
2014-05-14 05:44 - 2014-05-13 18:51 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-14 05:39 - 2014-05-14 05:39 - 00000000 ____D () C:\Users\owner\AppData\Local\{8134FA6A-F4C9-474E-A53C-4209F00B19E3}
2014-05-13 19:32 - 2010-08-02 11:40 - 00000539 _____ () C:\Windows\wininit.ini
2014-05-13 18:51 - 2014-05-13 18:51 - 00001398 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-05-13 18:51 - 2014-05-13 18:51 - 00001386 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-13 18:51 - 2014-05-13 18:51 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-13 17:56 - 2014-04-21 13:51 - 00000000 ____D () C:\Users\owner\AppData\Local\pptaddin
2014-05-13 17:42 - 2012-01-06 22:32 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-13 17:39 - 2009-07-13 22:34 - 00000505 _____ () C:\Windows\win.ini
2014-05-13 17:33 - 2010-09-24 12:56 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-05-13 16:19 - 2013-02-28 08:03 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 16:19 - 2013-02-28 08:03 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 16:19 - 2013-02-28 08:03 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 15:52 - 2014-05-12 06:08 - 00000000 ____D () C:\Users\owner\AppData\Local\{0465FE50-9483-4951-BC58-952696D04C63}
2014-05-12 07:26 - 2014-05-28 20:27 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-28 20:27 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-28 20:27 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 11:50 - 2014-05-11 11:50 - 00277760 _____ () C:\Windows\Minidump\051114-47533-01.dmp
2014-05-11 11:41 - 2014-05-10 21:08 - 00000000 ____D () C:\Users\owner\AppData\Local\{D8FE5F73-949A-42EF-9307-8406F588959E}
2014-05-10 18:32 - 2014-05-10 18:32 - 00277920 _____ () C:\Windows\Minidump\051014-31855-01.dmp
2014-05-10 07:43 - 2014-05-09 10:54 - 00000000 ____D () C:\Users\owner\AppData\Local\{4A7E3D66-9D64-4665-84CB-A745E04D2ADD}
2014-05-09 02:14 - 2014-05-21 15:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 02:11 - 2014-05-21 15:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 16:03 - 2014-05-08 16:03 - 00277920 _____ () C:\Windows\Minidump\050814-31668-01.dmp
2014-05-08 13:28 - 2010-07-30 09:17 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 13:28 - 2010-07-30 09:17 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 05:56 - 2014-05-04 19:42 - 00000000 ____D () C:\Users\owner\AppData\Local\{1B826E6F-2875-466E-932E-D7D4D8D83511}
2014-05-04 15:09 - 2014-05-04 15:09 - 00301496 _____ (VuuPC Limited) C:\Users\owner\AppData\Local\nso9370.tmp
2014-05-04 14:29 - 2014-05-04 11:41 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-05-04 12:42 - 2014-05-04 12:42 - 00000047 _____ () C:\Users\owner\AppData\Roaming\WB.CFG
2014-05-04 12:01 - 2014-05-04 11:42 - 00000000 ____D () C:\Users\owner\AppData\Local\cache
2014-05-04 11:42 - 2014-05-04 11:42 - 00000000 ____D () C:\Users\owner\AppData\Local\IsolatedStorage
2014-05-04 11:42 - 2014-05-04 11:42 - 00000000 ____D () C:\Users\owner\.android
2014-05-04 07:42 - 2014-05-03 19:41 - 00000000 ____D () C:\Users\owner\AppData\Local\{25F458F1-473E-46A1-AF63-CD85F3EE19A9}
2014-05-03 13:10 - 2014-04-07 18:50 - 00012007 _____ () C:\Users\owner\Documents\Brendan's Eagle hour log.xlsx
2014-05-03 07:41 - 2014-05-03 07:41 - 00000000 ____D () C:\Users\owner\AppData\Local\{6F789435-EF5B-4C7A-9C68-3F4E3ABED759}
2014-05-02 19:40 - 2014-05-01 13:35 - 00000000 ____D () C:\Users\owner\AppData\Local\{8892CE32-BFEF-42FB-8739-204F056A442E}
2014-05-02 19:40 - 2014-05-01 13:35 - 00000000 ____D () C:\Users\owner\AppData\Local\{7159C372-A786-4191-AC84-C6BEAA5438C1}

Some content of TEMP:
====================
C:\Users\owner\AppData\Local\Temp\BackupSetup.exe
C:\Users\owner\AppData\Local\Temp\nsaC26A.exe
C:\Users\owner\AppData\Local\Temp\nspE7A7.exe
C:\Users\owner\AppData\Local\Temp\Quarantine.exe
C:\Users\owner\AppData\Local\Temp\vcredist_x64.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-05-23 06:52

==================== End Of Log ============================

 

Farbar Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by owner at 2014-05-31 18:01:37
Running from C:\Users\owner\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 21.3.0.12 - Symantec Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - )
ROBLOX Player for owner (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
WeatherBug (HKLM-x32\...\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}) (Version: 7.0.0.11 - Earth Networks, Inc.)
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

22-05-2014 07:00:37 Windows Update
22-05-2014 10:23:37 Windows Update
22-05-2014 23:48:00 Windows Update
22-05-2014 23:49:54 Windows Update
22-05-2014 23:51:51 Windows Update
22-05-2014 23:53:23 Windows Update
23-05-2014 07:00:27 Windows Update
24-05-2014 07:00:28 Windows Update
25-05-2014 07:00:26 Windows Update
26-05-2014 07:00:30 Windows Update
27-05-2014 07:00:30 Windows Update
28-05-2014 07:00:31 Windows Update
28-05-2014 22:12:28 Windows Update
28-05-2014 23:57:05 Windows Update
29-05-2014 00:04:01 Windows Update
29-05-2014 00:30:37 Installed WeatherBug
29-05-2014 07:00:39 Windows Update
30-05-2014 07:00:59 Windows Update
31-05-2014 07:00:39 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2014-04-25 06:06 - 00000872 ____N C:\Windows\system32\Drivers\etc\hosts
54.225.95.126 imfpmncmbojnbdhnogcegojocabhpbnh

==================== Scheduled Tasks (whitelisted) =============

Task: {08524C35-1B6F-42D4-9466-DAF5B557F998} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {0A4E897C-34B1-4362-BCCC-FF90FD0AD112} - System32\Tasks\SoftUpdateLogon => C:\Users\owner\AppData\Local\SoftUpdate\SoftUpdate.exe [2014-04-21] ()
Task: {0B7714AC-5856-4B1D-B0F0-D7D44328A04E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-30] (Google Inc.)
Task: {153BCF67-729E-43B7-9FC0-821FFB206ED9} - System32\Tasks\SoftUpdateDaily => C:\Users\owner\AppData\Local\SoftUpdate\SoftUpdate.exe [2014-04-21] ()
Task: {4FFDA516-C462-45C2-8582-18D626FC142B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5D55F402-340A-4B17-95C5-977B5D5D628D} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {851EA8C7-67D6-4D54-B7F5-02F021C78F8E} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9C70E721-C70F-43DF-A3E6-F1247AC0C068} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {9F8333EE-83C9-4E31-94A2-8E011295AA31} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {A15743BC-DB89-4BD3-AB51-444733AFAD25} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {CBAA8E57-D895-42C4-85B1-11471A6F856E} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {CCEC8DEE-D625-4318-B596-59A641292815} - \APSnotifierPP1 No Task File <==== ATTENTION
Task: {CD16A27D-0A0E-4655-AC2F-8C1605C1CDFD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)
Task: {D5218384-0664-42EF-9D7A-927D04EDCF94} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {DB4E9BF0-D283-467B-BC3E-EF784E7E1BEF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-30] (Google Inc.)
Task: {EBFFB628-CAC0-4996-AA44-DF5B590737B3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {EE8248CD-7EB6-4EE1-820B-D34E3507D522} - System32\Tasks\pcreg => C:\Program Files\pcreg\service.exe <==== ATTENTION
Task: {EFC7F01C-9A9E-4BB2-B5E8-A21BE6C47AFA} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-OWNER-PC => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-04-18 08:47 - 2014-04-18 08:47 - 00249024 _____ () C:\Program Files\pcreg\pcreg.exe
2014-02-27 13:31 - 2014-02-27 13:31 - 00443384 _____ () C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe
2012-10-11 22:56 - 2012-10-11 22:56 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-10-11 22:56 - 2012-10-11 22:56 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-02-02 20:33 - 2009-02-02 20:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\sqlite3.dll
2008-09-28 20:55 - 2008-09-28 20:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\ACE.dll
2014-05-13 18:51 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-05-13 18:51 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-05-13 18:51 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-05-13 18:51 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-05-13 18:51 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2010-01-27 11:10 - 2011-01-25 17:03 - 00406016 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Kfx.dll
2010-01-27 11:01 - 2011-01-25 17:03 - 00264192 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\AppCore.dll
2010-01-27 10:58 - 2011-01-25 17:03 - 00356352 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Atlas.dll
2010-01-27 10:57 - 2011-01-25 17:03 - 00237568 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
2010-01-27 11:19 - 2011-01-25 17:03 - 00233984 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaControls.esx
2010-01-27 10:51 - 2011-01-25 17:03 - 00090112 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
2010-01-27 11:28 - 2011-01-25 17:03 - 00078848 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
2010-01-27 10:43 - 2011-01-25 17:03 - 00062464 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
2006-03-07 11:05 - 2011-01-25 17:03 - 01564672 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\AreaIFDLL.dll
2010-01-27 11:22 - 2011-01-25 17:03 - 00761856 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
2010-01-27 10:53 - 2011-01-25 17:03 - 00152576 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
2010-01-27 11:50 - 2011-01-25 17:03 - 00684032 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESEmail.esx
2010-01-27 11:05 - 2011-01-25 17:03 - 00084480 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\keml40.dll
2010-01-27 10:57 - 2011-01-25 17:03 - 00129536 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\kpries40.dll
2010-01-27 12:33 - 2011-01-25 17:03 - 11503616 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\ESSkin.esx
2009-09-28 22:19 - 2011-01-25 17:03 - 00782336 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
2009-09-28 22:19 - 2011-01-25 17:03 - 00868352 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
2009-09-28 22:20 - 2011-01-25 17:03 - 00462848 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
2009-09-28 22:19 - 2011-01-25 17:03 - 00155648 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
2009-09-28 22:21 - 2011-01-25 17:03 - 00528384 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
2009-09-28 22:20 - 2011-01-25 17:03 - 02236416 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
2009-09-28 22:21 - 2011-01-25 17:03 - 00847872 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
2009-09-28 22:21 - 2011-01-25 17:03 - 01396736 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
2010-01-27 11:54 - 2011-01-25 17:03 - 00171520 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Pcd.esx
2010-01-27 11:18 - 2011-01-25 17:03 - 00052224 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
2010-01-27 11:17 - 2011-01-25 17:03 - 00143360 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
2010-01-27 10:50 - 2011-01-25 17:03 - 00084480 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
2010-01-27 09:21 - 2011-01-25 17:03 - 00010240 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
2010-01-27 12:41 - 2011-01-25 17:03 - 00339968 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
2010-01-27 11:51 - 2011-01-25 17:03 - 00098304 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
2010-01-27 12:01 - 2011-01-25 17:03 - 00315392 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
2010-01-27 11:39 - 2011-01-25 17:03 - 00688128 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
2010-01-27 12:39 - 2011-01-25 17:03 - 00471040 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\Escom.dll
2010-01-27 10:51 - 2011-01-25 17:03 - 00044544 _____ () C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
2009-06-12 19:37 - 2009-06-12 19:37 - 00032768 _____ () C:\Program Files (x86)\Gateway Photo Frame\IOIUSBLib.dll
2009-06-12 19:37 - 2009-06-12 19:37 - 00025088 _____ () C:\Program Files (x86)\Gateway Photo Frame\IOIHIDLib.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\Users\owner\Desktop\Patraic Way - birth certificate.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\owner\Desktop\Patraic Way - birth certificate.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR161 => ""="Service"

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/28/2014 08:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x15e8
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3

Error: (05/28/2014 06:43:07 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80070005.

Error: (05/28/2014 06:42:44 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80070005.

Error: (05/28/2014 06:39:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000027de
Faulting process id: 0x7ec
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3

Error: (05/28/2014 06:20:54 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80070005.

Error: (05/28/2014 06:20:52 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80070005.

Error: (05/28/2014 06:18:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000027de
Faulting process id: 0x6a4
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3

Error: (05/28/2014 03:50:50 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80070005.

Error: (05/28/2014 03:50:50 PM) (Source: .NET Runtime Optimization Service) (EventID: 1111) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x80070005.

Error: (05/28/2014 03:47:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000027de
Faulting process id: 0x820
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3

System errors:
=============
Error: (05/31/2014 05:56:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (05/31/2014 05:56:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (05/31/2014 05:56:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (05/31/2014 05:56:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (05/31/2014 05:56:10 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (05/31/2014 05:56:09 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (05/31/2014 05:55:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (05/31/2014 05:55:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (05/31/2014 05:55:58 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (05/31/2014 05:52:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 6109.14 MB
Available physical RAM: 3633 MB
Total Pagefile: 12216.46 MB
Available Pagefile: 9562.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:916.41 GB) (Free:848.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 2928213B)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=916 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:01 AM

Posted 01 June 2014 - 03:03 PM

1.

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Attached File  fixlist.txt   1.4KB   2 downloads

 

 

2.

Download and run Junkware Removal Tool. ***Your Anti Virus may see this download as malicious, don't worry continue on. 

Please download Junkware Removal Tool to your desktop.

 

  • shut down your protection software now to avoid potential conflicts.
  • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
    the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
  • post the contents of JRT.txt into your next Reply.

 

3.

 ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go >>HERE<< then click on: ESET1st.jpg

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is  checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)

 

 

 

 

Things to include in your next reply::

Fixlog.txt

JRT.txt

Eset log

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:01 AM

Posted 03 June 2014 - 05:49 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 3-5 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#6 Ashwee52

Ashwee52
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:01 AM

Posted 04 June 2014 - 05:27 PM

Hello!  I'm here!   I apologize, I have been deep in studying for my night classes.  The comupter froze and I had to reboot during the last run, there was an error message "Unexpected error 2002" I beleive because I left it to run overnight.  I was able to rerun today and did not recieve any errors. 

 

I haven't been using this comuter except to follow your directions, but I have noticed a significant decrease in pop ups.  Thank you!!  Again, I apologize for the delay. 

 

FRST

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-06-2014 01
Ran by owner at 2014-06-01 19:14:04 Run:1
Running from C:\Users\owner\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1184358007-467837356-3212989126-1003\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12521&tm=324&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12521&tm=324&src=ds&p={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = http://www.default-search.net/search?sid=492&aid=100&itype=a&ver=12692&tm=324&src=ds&p={searchTerms}
014-05-28 20:29 - 2014-05-31 17:50 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
C:\Users\owner\AppData\Local\Temp\BackupSetup.exe
C:\Users\owner\AppData\Local\Temp\nsaC26A.exe
C:\Users\owner\AppData\Local\Temp\nspE7A7.exe
C:\Users\owner\AppData\Local\Temp\Quarantine.exe
C:\Users\owner\AppData\Local\Temp\vcredist_x64.exe
Task: {5D55F402-340A-4B17-95C5-977B5D5D628D} - \APSnotifierPP2 No Task File <==== ATTENTION
Task: {CBAA8E57-D895-42C4-85B1-11471A6F856E} - \APSnotifierPP3 No Task File <==== ATTENTION
Task: {CCEC8DEE-D625-4318-B596-59A641292815} - \APSnotifierPP1 No Task File <==== ATTENTION
2014-02-27 13:31 - 2014-02-27 13:31 - 00443384 _____ () C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1184358007-467837356-3212989126-1003\User => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} => Key not found.
C:\Users\owner\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
C:\Users\owner\AppData\Local\Temp\nsaC26A.exe => Moved successfully.
C:\Users\owner\AppData\Local\Temp\nspE7A7.exe => Moved successfully.
C:\Users\owner\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\owner\AppData\Local\Temp\vcredist_x64.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D55F402-340A-4B17-95C5-977B5D5D628D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D55F402-340A-4B17-95C5-977B5D5D628D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBAA8E57-D895-42C4-85B1-11471A6F856E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBAA8E57-D895-42C4-85B1-11471A6F856E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCEC8DEE-D625-4318-B596-59A641292815} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCEC8DEE-D625-4318-B596-59A641292815} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1 => Key deleted successfully.
C:\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe => Moved successfully.

The system needed a reboot.

==== End of Fixlog ====

 

Junkwear

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by owner on Sun 06/01/2014 at 19:25:06.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\produtools_manuals_2.1_b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4623A8C4-150D-4983-8982-68C01E7D6541}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\owner\appdata\locallow\couponalert_2pei"
Successfully deleted: [Folder] "C:\Program Files (x86)\mypc backup"
Successfully deleted: [Folder] "C:\Program Files (x86)\produtools_manuals_2.1_b"
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{01BD07E8-D4FE-46B4-B821-B211840F3C3A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{01E13204-D0F1-4787-9E7F-3235099273D2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0245A709-9115-4D7D-B945-F7D4B684C0D5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{02CCA17E-96AD-4B8F-B9A6-084FD530ACD4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{035D243C-1C2F-4272-96D9-A0D440ED16EC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{037DBEDA-6676-48D6-845B-AF7DEADD292D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{03B35534-392E-4AFD-99BF-E3352AA3E4CC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{043BDFE9-603E-4A85-8AE6-3D207AA7842E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0465FE50-9483-4951-BC58-952696D04C63}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{04ED0862-D401-4D35-9857-2A5BB56A8BB8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{05706166-F711-47C4-885C-2EBF61E6A2F9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{05958049-5348-403B-89E4-D8E6A6C01553}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{05CF2844-D0AC-4C19-945C-6281B8BA5442}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{061ECF46-BFE9-4010-9FF4-EDA2CA9BCD72}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{065B5BEE-AE23-4E81-8CCF-40459616E38C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{067DCA46-FF0A-422C-BFFA-87E1DE67F3D3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{06BD94FA-EE62-4B49-8876-73D0CAF61CD7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{06F6A734-EB6B-42FA-8FF0-1C98513854E5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{08318E9A-704E-4AE7-8A66-9CED26E9B2BC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0897BF70-88D0-462A-BA2D-4686197E9A5E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{08B61DB7-2CBB-48EE-A4A9-FFE10F4B8043}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{095D5942-7DCA-4052-97A8-5979E46DDD0A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{09884178-E31C-4F02-B765-EC5844A1297F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0A483884-21E9-4855-A855-1E62AB9BDFDE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0A5451FD-44E7-4E3E-9FDE-30090A3A7DE1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0B663E2F-1335-4B0C-BEE5-91966654D391}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0BAD0499-15D9-444E-9900-DF2B78E370D6}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0DC8F030-6D9B-4091-9B60-6744BB20E63C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0DE15513-9E04-4ED1-81AD-F23F0486547A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0E26552C-92E6-47AC-8F52-27BF2D57EBA3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{0F97B3DC-409D-492E-BC01-E857C61C86D3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1005780D-6939-4398-9396-2710FFE3EF5A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{105A6748-63DC-4141-B3F4-EA11F3424C8E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{10AC4AF6-F51F-4834-83A8-D70E54306052}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{11002DAF-E2C1-4884-9CE7-55509184BFF0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{12B7160B-B0D0-4125-89A3-3E07057689EE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{13685C17-089C-4E3B-81FA-94C7F36BFD12}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{13F77D74-F3B8-414F-86EB-29FEA9F468A0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{14A7F8F9-994F-400B-8C87-3A31E9608983}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{14B8484F-00AB-4995-839B-1471B1319CEE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1519811F-15BD-4BA1-9009-320475218F48}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1589DA8E-F3C3-40B6-8E80-12B9A9B436DF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{15B633E5-4665-451B-BD7F-F577E4883AE1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{15CFF056-D8BF-4FE6-95D9-20D32FB987B2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{170913AC-3CC5-429D-988E-EE47F65D477C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{17902B54-F474-4DA8-B658-0DD69B29F43A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1839365D-BD56-4C9E-A512-8E425105652A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1A20436A-CD96-4364-A120-6D381CCB3799}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1ADC77D2-21B9-4037-997F-F3AA4F0FA90A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1AE6E4E4-1676-47FA-92AF-0656EC9407E7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1B0C45E0-C7AE-411D-A08E-1C61994EB25E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1B140C19-003D-42E5-AA64-360ED6A6D2FC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1B826E6F-2875-466E-932E-D7D4D8D83511}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1C0647EC-18FD-4174-94F6-B6C0AE155AA7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1D6192DC-EEE6-4D26-9AAB-00CFAD01040D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{1EAFD692-61C5-4CAE-8665-FA8763BFEA4F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{20BE840C-BC53-4EE4-98A6-1350C8A0A04F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{20D8F604-D115-4CBA-801E-49BBE0487B9E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{214B77F5-6481-40B5-B91B-F4E6246423AE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{216134F5-DE51-44D2-B23A-75B2B4F60A5C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{22959B46-CF59-4CF8-9602-E5E1EADA74F8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{22CA9ED5-4A68-4B9D-93BB-6D4914DDA014}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{235E2729-951C-46B6-B48F-4BE416536692}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{236E7BEB-4F63-4BF2-8B53-BC9205FCD85D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{238BEFE9-854F-404F-BBF7-736837CC1735}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{24C059C3-009C-45C8-943C-5EB00851ECAD}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{250B5D69-6B5B-4533-A867-1F723F0C4945}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{259C1956-DF34-412E-BAE4-84D4420142C1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{25F458F1-473E-46A1-AF63-CD85F3EE19A9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{269E6953-D9A0-47D8-B52A-FCB93391C7FF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{27326BA9-DA8D-41F0-8136-A37FF039292E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{293B0548-3ACC-4D27-A586-5FB00E13C1A8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2A483C13-2BD1-44ED-9B94-0E8013F8888B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2AA45AB2-BF4D-4493-866C-4B4CFA767840}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2BD170D9-4709-47B3-8421-17DAF34CE16E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2C8A869A-8164-4AE3-92AD-04C55CE17714}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2D0D4684-1E50-4890-BB04-8389DA04FA87}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2D7F026C-9BEA-4507-B991-A9F8072403E3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2DCE974D-3C36-4473-8E68-43837EE58A28}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2E499B30-F95F-4ED1-9E2B-D810E99B11AA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2E8F554D-0E47-4425-BB30-B22A75F08E23}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2E9A62CF-9FCC-45C6-B299-85EBC6D26138}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{2F95765B-A7B6-46A6-A4F4-CCCA29FB3607}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{30DFFE13-70A2-4617-884D-787ADEC9C39B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3103C321-7D38-4CDE-9F32-D2D8B01DD09A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{31F4AF00-E966-4DAB-8994-36C911883E12}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3272A775-7920-4082-9B19-8603A77CF5A4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{32A27511-2291-4A61-84CF-D1EF2E2BF361}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{347AD364-D364-4B7F-B241-E2148B01A5F5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{34910596-B209-4A71-B5D7-CE838614976D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3522A88C-C75B-476A-8A64-8859BED98696}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{35342B58-A2C0-43B6-B30B-64AE036BE72D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{35DF10C0-F1A3-49E6-8BED-F22373852A27}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{368777AF-2F57-464C-A6C3-D82C4702BAEE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3697FC48-F7D8-4B12-AEE8-3D9E17A6465E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{371B78E7-4FF3-4E19-803B-AD15B1A7726D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{38C5F958-59A0-4445-A107-7E113C1D87F5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{39EF3DAD-93FC-4AFB-BA0C-CBF915FE7DAF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{39FC636E-0B5A-4568-864C-0886999AA251}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3A5AC9DE-8007-41FB-961D-583C70764978}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3AA73F86-6843-4671-A0B0-EF77EB065BF2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3AF7A74F-72DD-4EAA-AFAB-9BAA3D6E9FD9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3B44F0C8-28E9-4E30-BA35-E8B8EDBD0132}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3B839426-39BC-4838-9DBC-FB7EB88895F3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3BFE1569-5122-4285-BC4E-01933CA9E14C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3CA19114-D61F-4C47-BEE6-CE6234E556C7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3D7807FA-781A-4DF2-82AD-9CEDD34CF4BB}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3EE70614-ABF6-4A7D-BC4C-8F10BEB027EA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3EEF46BB-C902-41E0-B8E7-6B770DA30877}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3F038E88-93ED-418A-B6FC-B3EE604467B8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{3F16A77E-694C-4786-BE42-A56F291F203F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{40863D52-5BD5-4584-9AE7-0E55289DC82D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{413A8A51-E7D7-468B-B1AB-B899E268A6B7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4312B12A-8939-4C91-8C10-6326F4166D8B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4352A05A-F7FA-4ACF-84ED-FB76D12651D1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4484CD51-177A-40E4-BC1F-4B48575DA6AB}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{448CA0DF-9F19-4DFA-9523-82E00435EB5B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{44955979-9777-4BC1-A040-9538D7AFCE9B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{451EB0BD-408A-4413-8CD5-90F0EA065080}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4696D90D-85A4-4761-877F-9B78AC64BCCA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{46A83AA9-CB63-4594-8872-175EB19AD07C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{46DF124B-72BE-427E-B047-9F358B1AB962}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{470E5E6E-26B1-4505-A69C-0EDC76030E92}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{47A6B4F9-7428-4B0B-9C7E-E2E6C32DEB5F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{486A09E5-1484-42F3-9839-842D05B7F00E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{490B3BF3-D8F5-433D-BBE3-9EE58099276D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4932C78C-B149-4F26-8E8F-F77616698CB7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4985F063-D9BC-429A-B2E6-EDE08FE1B623}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{498B9DB1-D4EB-4126-8FD3-C5CDCB297486}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4A7E3D66-9D64-4665-84CB-A745E04D2ADD}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4B5BB5DA-746C-4D3F-8B2B-5FCE5E617933}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4B986156-A6D3-4A69-9665-34282521B1A9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4B9F0302-DB28-4CC5-AA1D-3C1B3117D8BC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4C249F06-F889-4769-AA87-F206BD6952CE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4C7895D5-049A-4D79-B96E-3ACCF909333B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4D3E8C3A-AA79-4C96-A15D-5FDFD5020F5E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4D94697B-6BBE-464F-8421-6650B72A64A9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4E11448B-E2D5-4D71-8864-ED4E999D44F0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4F0E77C9-5419-4DE2-B46F-1F7C6818221A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4F6FE2E1-0065-4EA2-A2D1-AEC27466FBB2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{4FA6EC1B-74BF-435D-B47C-E5C6B95164FB}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5005C3AE-FD90-491B-9CC4-2557B5211F43}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{50AAEB95-4868-4883-A37F-882AAF9319DE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{50BCD8B4-2361-4C9F-A5AD-5F48B4A0A85E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{516B12C3-302E-4B35-8B27-A6F68F226129}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{536EC962-0617-4A54-BB84-2C3DF945FFBA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{53A8D97E-805D-44D3-9AB9-6B27536BAB43}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{54673E2E-3578-4CE5-A11C-B4607205AEDA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{54CA7EDF-30F3-4A8B-80BB-0490BBBA3064}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{54DE5579-BFCE-4058-82B4-90085B30D31A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5547F3C7-D59E-4E1F-9EFE-F8E69D4F9F44}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{55C524B8-2444-4565-B4C6-BAE639BFE475}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{55DE65EC-9989-4A9E-8DC8-FF5235C24820}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{561099CC-A651-4008-8741-308F8CF159DC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5644CD1F-192B-403C-8D57-BE61CC16337F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{568239E7-896A-4B4C-9A31-15FE8E56953F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{56B31A47-4467-4598-B140-B1D6E812ED3B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5753F9C8-C82E-483E-BFF7-CE67B9B1FBFF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{586671DA-2D4A-46A3-983B-E8115D9F3983}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{58730B40-9152-48B8-9019-E9548D75E789}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{596C4358-7CAE-446B-92AB-95A7B5D31D11}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{59E9417B-10BA-430F-8CD4-DACE5B2EDA26}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5B1FCDAF-2012-46BF-AE34-075BE4EDB438}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5B31773F-D7C9-4536-ABB7-34A6824CF1B6}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5B80A147-CD67-4ECD-A6D2-A1A070CD5C29}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5C0026B0-99C9-4F09-8AE0-5C7E50C89CDA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5E8C2B3D-34E2-4961-BCD5-17514D594E83}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5EA70383-3068-4AEB-9CF1-D1776C7412FC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{5F44801F-61E2-4E03-B30C-A53D7D4CC8D8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6023F0AC-0690-4612-8A5A-34A88616D5F9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6081E579-BE46-4136-86CC-2924D0776150}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{60F5EA33-A51C-4AF5-AD5F-5DE21B8C7963}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{61437E92-4F3C-4E2F-A1B9-22177A234D84}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{62BFBB69-347F-462B-B8C1-BB40CF49BA00}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{62DD23F7-6214-48D2-A8FB-BA0018508BD7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{681D008B-A46F-4060-9B05-82B2473B20AC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{68B059B8-AFEF-44E1-B5EF-AA925A402978}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{690E97D1-AFCB-4C50-A952-5A43BE6F1892}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6B45E2F3-625C-43C1-B045-ED2BC48A1FC9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6B4A2C72-100F-4318-8CF0-AF55000BAAE8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6C01DA13-215C-4EB5-98CD-5ECA12BC4AF5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6C825B71-E856-4B5B-BCE6-9C983F02DE48}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6D56BF47-9D4F-4059-8573-70F91D0F3C51}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6E7A23E5-E6CD-4AD3-8E1B-5072046B4242}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6E8136B7-16BF-44B0-98FD-BF5A64D025C0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6EA18068-C163-4556-8C7E-9105B1A63566}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6F01F7BD-E246-4EA5-8859-3341A3D73B4C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6F5E0208-9162-461D-ACD0-F0655F62E1D8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6F5F3C2E-C5B6-4950-BCD9-3D12EF17451E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6F789435-EF5B-4C7A-9C68-3F4E3ABED759}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6F8FBCC8-9836-4F7F-B073-530DD2DB41CE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{6F9238B8-D3B2-44B2-889C-090D8065C44C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7077B842-D2F9-4FF3-AF79-B64B4B29BAFC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{70C5AA87-F587-4F14-A6FA-7B8A4BBCE8B9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{710CC73E-1BAD-4803-A0AA-FF5C92E0A635}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7159C372-A786-4191-AC84-C6BEAA5438C1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7193A7B9-A6D9-4944-879A-B49FCC13B319}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{729F3A38-491B-4FA0-907F-F12DF3C15656}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{72E9C15D-2DA9-4CC7-9619-95F7800EA656}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7309AB8D-F06C-4F35-AEB4-50D8C6C28C5A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{73C486A5-822B-4E0B-9A53-4492D44480BF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{73CA7303-2653-46AA-A162-01E02E8DA075}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{73D99FA2-DC91-4559-91F7-1E75C99C11F5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{74A8B58F-E74C-4814-B09C-521461883B6D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{75AF558A-A732-49C6-BD51-F1BB86899C79}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{76C1FD37-7273-43ED-B8D9-570492339B42}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7724A29A-AD77-41D5-81F8-B08401FFCCF5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7764DB2F-FB0B-46F0-A337-EF3D0092FBF5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7792D2BE-8364-430F-B7C9-D3E8C2547A24}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{77BCAEFD-0FFF-4937-8FB9-44F5E19019A4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{77BF6E9C-6B01-4CBA-BF3E-A5A6A8734DD8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7801E6C0-96FB-43AA-8F49-8316AF2F93B2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{78E49902-7159-48CD-AA1E-A2290DD947A4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7A7A0CFF-7CB9-4FF5-9993-5116F4A409B7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7AA21FD2-B6E6-48FA-9ECC-43373EFB88A3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7AA25A07-C37A-4CFF-9531-E5AD79D275AC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7AF4D312-1B61-4FA2-9A6D-CC9DE1453EBA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7B031A54-35E0-4537-BEAF-CCD3F76911DA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7B3222CC-3809-4B35-A77F-4A1F2025054C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7B614FB8-E971-4F3D-A562-A1A4EBC4E1CE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7BEFDC6A-9593-428A-9B53-D1ADD716719B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7C45A343-8D8C-486A-B712-4663C1D2E718}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7C4F3304-533D-4EA8-AD49-9DDF0A4FD9D3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7CB2C3B6-5F73-4F74-B5F5-92496745787D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7D707BDC-593D-4B2E-BA75-04C633ECB791}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7EBEA07E-1E59-42E7-9F88-17441E858E43}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{7FF61B44-3C63-4771-9D14-CB4EBE2907F8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{80C65356-D202-413F-A640-D0CE64638E99}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8134FA6A-F4C9-474E-A53C-4209F00B19E3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{81C4F8F0-A797-4A48-8F44-4582CAD0963C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{820296C5-529C-491C-AF00-3C52D78C567D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{82096F54-47F8-482A-8976-8CDBBAF842D7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{822A547C-3FAD-40D8-B7D5-80B74B172047}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8231D748-D92F-4005-A213-680B57B59DD0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{82800246-719C-4ECE-B131-1ABDF7D40F74}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8330179F-E806-4411-A006-9C24AC943F04}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{84B0770A-BAA4-42BB-A134-1D201BEC22F0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8593BE90-2E36-41BF-A13D-1C3A2D08FC35}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{85CE61DD-8A32-4BAE-A0E6-251AD7F4BEA4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{86A716C0-CBA9-4C67-98FB-F7EAB9676879}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{872F99A5-3E2A-44FA-84F4-C533279A31C6}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{88241DB1-9A85-4549-B642-0ABEFC49A00B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8880FB87-AAC4-41DD-BAE5-D5A34E55675A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8892CE32-BFEF-42FB-8739-204F056A442E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{89018469-11D8-4EB8-BF17-3DBAED0F107F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{891A0B0B-9862-4C12-B89C-B6F587697E36}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{89CB258E-6ADE-4120-A421-C73F2C7C6DA6}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8A8185E6-39CC-43F1-966D-7BDE9D12839F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8C3549D5-F249-4E72-AD73-C200895751F1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8C93DA46-DD66-4955-A390-CEADBEB5A58C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8D12B9B8-4B2E-4000-B890-C7C19A1C2795}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8D1B74A6-2A37-498D-8C4C-DF5EF2BCC7D8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8DC62B8A-B97B-4E2B-B458-45575437B8A5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8E707FFD-8083-4943-BC48-CBCFC7ACF5AF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8EA0AA17-EBB3-4DFC-A089-076518604A1F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{8F90716E-485A-4626-A0F3-197BB9E0F806}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9029FCEB-CCFD-4FF6-8F77-DC44B0351910}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{90580493-1E42-4BB8-8248-CFB1B50394C2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{912D59E7-87E0-4A6F-8C59-EB2688CB2A71}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{92B05AB4-0897-4C78-A390-EB99FD90DAE1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{92CAB3CE-CBA8-4E64-8CE0-3E739D7B4E58}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{92EE62DE-9836-4F47-9882-98AA5E363498}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9340287A-AF40-42AF-8F0D-495142E57D6D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{93FF117F-C78F-44D4-8DA8-51FA08D6F1C2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{944D4BD8-E948-4549-8EF2-40B153B39976}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{945F0C7F-55B3-4942-A95F-EC4561076802}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{94D00C48-35EC-438D-8756-A76FA92E24A1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{94F8A9BA-AC0F-4AE4-935F-39FC4B2CAB3F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{95CE5D95-277E-412B-BD89-23A8BF3B0B42}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{961C3A5A-BB4F-4F2F-9B6F-2684E0373A3A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{96516E1E-E650-4F70-9CEC-66522A625181}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{96B8C1EC-1C77-48E6-9EB3-3C9A112E3F9E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9AC485F5-8ED3-4FCA-ABF9-9F0D9E474551}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9AF6A8B2-03AB-400E-87EE-6A8702E8B76A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9B12E8F3-BBF5-4F86-B555-D5CC5E58F0DD}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9BEF0796-F8F6-437C-9331-3472E446BC60}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9BFEE0B2-F425-46DD-98D4-47B0839E303B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9C22B2DD-933D-4E30-BB70-CA1EAF7D1398}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9C7AB5E7-41A0-4AD4-82A4-3325B95C04BC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{9CA7AF2F-44D2-484D-8212-E5E183E74DD1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A0343687-6F21-4B1F-9466-07203420FBA2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A0763F4D-F936-480C-A7EA-FCF36C810DD4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A0B808C4-0467-422B-AA9C-783D8F30429D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A1540F46-7E71-4DC2-A0AB-1F19287172DF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A17A0B0F-CE85-448C-95A0-5CBA40524E32}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A2E15EE3-B942-4008-B9B7-8CCCE55AD1BD}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A322B0C2-9166-4BA0-B36E-401CFE3B9C9F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A3CE7442-BB4F-4D81-BEBD-AC3D45406A46}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A55C0A8A-131B-4500-B36F-5C48E8625742}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A5C0C973-C8F8-4587-913C-65A66963786B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A617FE8D-43FB-4D21-9C13-9514569B8A28}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A6C3A737-80EE-4959-A3C1-A878DE5D2D17}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A7B89F08-7505-4BD7-AF4E-A9840E69D334}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A87EA0DD-D466-4E71-910E-4B96D0A1047E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A8E2D282-4156-4E2C-817D-20DC62980BD8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A8E63A11-A5A0-490D-B6D4-5C6156EFC141}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A930F7BE-3576-42D8-A634-546217009C34}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A9A0565A-EEAF-48A4-A39B-E2CE4A0C171E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A9AE0898-2AE4-490E-AE26-D95BB8513E44}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A9E65651-FC55-463F-B994-474DD17B704A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{A9F07794-747F-40EB-9974-C1E11583A00D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AA2CFCB2-221F-4435-9520-FE0C11571B33}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AA313CC4-2561-4223-AC78-FA557E551E6F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AA7E98A3-0F1C-4BF1-A8C5-C7325BDE0716}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AB35C092-9340-41ED-9D60-2164A5AD5E82}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{ABAD131D-5DE7-4A15-99B6-996F40B88550}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{ACC6B16C-12EB-40A0-8EF7-A7A13D93B49D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AD92884C-3D77-4B9D-8486-25A201B374D1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{ADFEC745-6AAA-4C83-8AB4-CA95D35270C0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AE78227B-BCA6-434A-BD0F-00E437393DBD}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AF64B0B6-077B-435D-BE31-DE6D50512DFB}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{AF8B60AF-9FCA-4707-A7BA-71CD9A63F560}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B09A586C-DF3D-4C2A-B59C-3804043CD457}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B14DDC2F-FFA9-4920-8CC0-A732411F3483}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B1E413AF-16CF-4FD0-9678-8355936960CE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B250A320-FD34-43FC-97B5-715A8ADABAF4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B2755346-ED6A-4421-8723-EE551B8BC518}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B2F8F020-68C1-44C1-A429-9B05575ECF1F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B3F00A98-2EEA-4890-B420-CE73D0B166EF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B3FB8101-2950-437B-84E3-808C9DCC56C6}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B482DEE5-AA6B-465D-BAD2-2B8A9E14DDE8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B4896A10-2D1F-4A7E-A676-BDBF0F875028}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B4DA09CF-21CB-4EEB-BAB2-560C2E174DF9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B51E3743-10D0-452A-BA7D-E53BFA164F32}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B5B6C2C2-3BE2-4C1E-BB01-3866908E7CAE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B65169BD-8912-4750-9D31-55A62C10F3BE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B6B24A95-CCFB-48EA-BBAF-78DBA3E8B633}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B729E47D-F85C-481D-AB17-595C349D2ED4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B7D5BC0B-BDB0-4742-8079-3415C20D1AEE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B7D94990-43BC-4639-B4DA-3B4C3F5D6220}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B8A67F8F-854A-4C1C-88C8-D6515EBC3B2E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B8D48682-07C5-4C50-8694-E23416CEEF07}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B903FF30-DC1A-4494-94D9-5EC50F3A18D8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B9C2101F-15C7-4B5B-880B-2242BA1C5355}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B9CBE0AF-9BB2-4B93-B0A9-9F4490A0DB51}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{B9E8DDEA-367A-4C15-9531-56260286D4C1}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BAE01E5A-2139-4667-B0C3-C68920560329}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BAFCD464-77F0-4450-A468-CA66820DE7AB}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BB21C509-7841-4879-B2F3-51034E2A87BD}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BBBDE1D1-F961-4F89-80F5-62925F53AF8B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BC28A31E-87E7-49DF-95F1-9C7C959BF4EA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BD69EF9C-819B-4C79-8CEA-8722360769B9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BDBBEFDC-47B0-4C23-952B-218E627EFC27}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BDD5398C-CB77-47DE-9094-8363C4F437C0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BDF17F4F-1CF4-413E-B3EF-14FE0F12FC60}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BE056411-1354-4CC6-BD88-6B5BD7ABB490}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BE2EAC69-9DAA-4DE7-845C-7C2B068729CE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{BEB26597-1A80-4149-BCEF-2511D0A2D8B5}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C045E658-4824-4F34-870E-4E7FBFFE7DD8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C1469DAB-51BD-45FE-8F09-E2C8FB78C92A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C1ADE987-0E73-4E93-96A2-4ACB38DD308F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C206ACB6-B8BE-4200-B43F-FADAE2BC947E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C447631B-97F2-4C53-814F-C3D95A53AEBC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C518E615-C259-40B2-BBCB-EF7EA36F4EA7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C55D6261-41EC-4A49-87BE-0FC78758571E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C60F8288-EE80-4EB2-BD07-59432F70C00E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C7769828-F766-4200-A08B-EDB1671D1485}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C7846404-034C-4872-994E-81C0A14D7F65}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C87327DF-DFE6-4A9D-B2EF-7B661667F59F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{C938BAF2-F422-4778-B0E5-7929E645FFDA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{CA0C2D42-D997-4A18-85AF-CCF041D66234}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{CB4FC2A1-DD25-4789-8ABB-BAF06DD29F26}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{CC3D75E7-D6E7-44EB-A3DD-2CD1372FB9C9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{CCB306D7-F50B-460D-88D3-564B750F4642}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{CD8D5D34-B18B-45E9-BC02-738C66A42BDA}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{CE13586E-85B0-409B-AB4A-11F8C067B761}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D0EFA902-3166-47BD-8919-9C0AAE082455}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D0F5D7BA-DB57-4961-8763-BD264F57D124}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D1047525-F8FD-4C84-BB16-2C1C32EE5715}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D1ADAC03-5DAB-471B-9FA7-7BD5CBE9890F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D28E9256-6A08-4D0C-A0B4-2FF87BD4CECF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D33F7643-E238-4F9A-8BE8-A7D986D41D04}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D471376F-7D45-44E2-B6AB-9D6A5499C146}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D54CAB9D-9F1B-458C-BBB3-C5BD0553765C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D61EEA58-E022-46CB-A600-BFDDE0011D90}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D6ACDF63-3F7E-46D3-86D2-02E5B0ED67A2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D727328B-8DEB-4E3C-B02F-2ABD3C0A4E0D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D7BD11AC-AB76-4181-B571-B8CC65CA6A94}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D8FE5F73-949A-42EF-9307-8406F588959E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D92C6529-D8CA-41F9-B7DB-65012154DDCE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{D9FE1B5D-1140-49F8-B956-12382B663692}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DA24EF1B-1181-4A9F-8AF7-9D40A3ABD470}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DAEC52A4-1A64-4735-9AB1-841B773D9704}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DBB5A6FD-EBE9-4FBA-B93C-205F261ACFB4}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DD340B2D-83CA-46BC-AC45-C35F93A6309F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DD52B527-BFD4-48B1-B2F3-1B9E46606EE9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DDE84E7B-6232-467A-B728-8024AC9F39B0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DEE615E9-7AC1-4A5D-8F01-6C6D9CB02CAE}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DF52BB39-484F-43DA-99EA-B6AE587F9BCB}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DF7B155A-3D69-4345-B436-A9A3CC2136CF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{DFBD631B-7DC9-4F13-A539-1391E9A42DC9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E0766A23-3D91-4422-9222-5A7A6DB307EF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E11463E1-214D-48E5-AB78-7ED31BD1B8F8}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E1BBAB81-F8C0-45AC-B74E-4F4D90FB282D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E22FD4D0-F13F-477B-B4D5-913661C71C21}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E2CEB068-2A05-4F7B-8C47-16B70AE1B829}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E3BE9B87-3A52-4D1D-B1F9-506B2917507D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E411EBE3-7C9C-43A0-B0AB-71E1865F5B49}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E430BE7D-1828-45F9-9BF7-FE982FC2BF5B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E4601AF4-EC59-4F70-B366-0AC80B27E255}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E4E01989-9A5C-4C8E-AA18-B6A7D4152CFC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E4FC925C-6287-4A12-A79D-DDE48B0A483B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E5191145-2356-4B5C-9374-2B9BB48FC106}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E5337996-6243-4B00-ADC0-499B81A0437E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E534A125-49EB-408D-8351-9FA7FEC7A88B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E58E1559-9503-4550-AFB1-94A51943DEBF}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E5EAD354-5066-4324-993B-C6FDB2FFBD27}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E6D8CA1B-E6CD-4822-8A5E-97AA11C20612}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E6EC9132-762A-49F1-9765-A1DA92D4FD6C}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E6F61316-3753-4A86-805E-677EEE4F13A0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E74D54B8-203E-40D9-8EDB-3CCC21FA4C86}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E80ABB77-AEDD-4620-96A5-8AB1C2F78CF0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E8AFF921-987A-4710-8CE5-DE36EF3C65A3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E94B7B82-00AA-412B-9B4A-75DAA380ADC6}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E96FC6B5-9971-48B4-8B3A-3E95FEB1E4DB}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{E994774E-9D61-4010-A84B-72538734AC3B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EAA0C55B-BFDE-48EA-84A9-D58D4FB573F7}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EAA9E64C-01B7-413B-A50A-7A1EE6A71984}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EB30ADAB-9183-43FA-AD9B-E08772D36596}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EC0CBBFA-F5F4-4766-9E55-309B59A33F3F}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EC59801F-0FDE-49DA-99B9-CBD706E79B98}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EC5C8785-93F2-4A0B-ACB3-0D0715E1DE61}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{ECE0F05F-A2A6-4740-B97C-E48F0B470435}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{ECFEAC9D-9D57-42EA-BA5E-CE7AF10A9C76}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{ED32774B-B7A1-4B7C-99D4-C324B0B1954B}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{EFE99388-7E92-45D6-9F7C-AAC193B3D32A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F254AA2C-66CE-45D4-A162-3D2B5D2E14EC}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F2E2CDEF-F647-40F2-A38D-47C41B787E9E}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F3ED3646-ADC5-45A5-8ECD-62B2EC8B5C90}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F43D1123-2A81-4642-AF11-A9D08FDF4A17}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F5FEB79A-E9D3-497A-AFB6-282CD6D1F50A}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F6973217-DBBB-418D-80CF-CC7AEF07DC38}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{F87B77DF-FCDE-41B1-878A-5B3B95DE1B65}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FA13AE3B-4E63-41ED-B6C6-AA240A510EB9}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FA88B1EF-8717-4BCF-89D9-A3ECE903A290}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FAC3905D-D9B2-4E94-AF8A-F6B97332E199}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FB788AA3-8234-414F-8AE5-C25584AC841D}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FC6EC575-F19B-40D1-A29F-A677DC369F92}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FC97664B-3EA6-46B7-95AE-6B9DD44F2CB3}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FD2DF24B-8073-4925-A301-A513A25DD1B0}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FE3A763F-D8D0-4EC0-90B7-7B697C9727A2}
Successfully deleted: [Empty Folder] C:\Users\owner\appdata\local\{FEB4EF41-08D5-4687-A065-55DF34464BA1}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 06/01/2014 at 19:33:59.79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

ESET

 

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=1e9b907b127b2b4eb35463ec8d8c131b
# engine=18558
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-04 10:08:23
# local_time=2014-06-04 06:08:23 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton 360'
# compatibility_mode=3598 16777213 100 100 516244 152495799 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 517045 153463153 0 0
# scanned=185916
# found=30
# cleaned=25
# scan_time=5355
sh=204CDEE6005FE10035792F24BF68C276B08022BB ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Users\All Users\{E0A9340B-C01B-42C1-9910-C307D7BE4756}\WeatherBugSetup.res"
sh=68125D2FD7EFE6FC61E4D8A0E04EE5D027865C72 ft=1 fh=65c48dc866448052 vn="multiple threats" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\onredUS100[1].exe"
sh=502CF864E2F99574734AA75648FEBD95FB4ECC93 ft=1 fh=8ad138b77913bf53 vn="Win32/Toolbar.Conduit.R potentially unwanted application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\whiteUS3[1].exe"
sh=849D3A1DCC8F2033D3ED94005933D06E0646C0D3 ft=1 fh=4237235823af9f35 vn="Win32/AdWare.SmartApps.B application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Start Savin\gpedit.exe"
sh=D0D21AE60A9E6906130E9D08E0C306F01F5492F9 ft=1 fh=15f02b2549082a82 vn="a variant of Win32/AdWare.SmartApps.B application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Start Savin\SoftwareDetector.exe"
sh=F6BE881B19E3BBF09E091CA27720D9E18D91F4C9 ft=1 fh=81e2ce5a177b2f24 vn="Win32/Toolbar.MyWebSearch potentially unwanted application (deleted - quarantined)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-1184358007-467837356-3212989126-1000\$RPA5T9T\Installr\1.bin\14EIPlug.dll"
sh=54CB0241B8C60CA3F289D383B74CD48EA869A987 ft=1 fh=3b7a24c3498d6830 vn="Win32/Toolbar.MyWebSearch potentially unwanted application (deleted - quarantined)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-1184358007-467837356-3212989126-1000\$RPA5T9T\Installr\1.bin\14EZSETP.dll"
sh=92AA4DDF468877FFECC280DF96BC79DB4EB57811 ft=1 fh=126c397aa98c50e8 vn="Win32/Toolbar.MyWebSearch potentially unwanted application (deleted - quarantined)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-1184358007-467837356-3212989126-1000\$RPA5T9T\Installr\1.bin\NP14EISb.dll"
sh=FD5DF7D0BDE1C118AA9F0649B3F6CDBD5B9627B6 ft=1 fh=e528869b57ab90df vn="a variant of Win32/SpeedingUpMyPC application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir"
sh=A76DE8085F50CC098C2E9DC7DAC9E0D761DF554F ft=1 fh=f01562e83772e973 vn="a variant of Win32/AdWare.SpeedingUpMyPC.D application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir"
sh=D8C8A345A2EE08A0E283E8EEC7A39E4AEDE1E0A1 ft=1 fh=5b3a9a23dbe51dfc vn="Win32/AnyProtect.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\owner\AppData\Local\AnyProtectScannerSetup.exe.vir"
sh=E176D7F68E9CC6D03E8555B51565423033CDF6A9 ft=0 fh=0000000000000000 vn="a variant of Win32/Mobogenie.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.5.zip.vir"
sh=E45C1D583BDD644F636D8DA387761796CE1D7038 ft=1 fh=fe33acdf835fbfaa vn="a variant of Win32/Mobogenie.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=75773C452146645B80387025120B3AFC1BD7F608 ft=1 fh=f924702fd032a998 vn="a variant of Win32/Mobogenie.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=CD814F8CAC8880831029BCA4568031141FFE8534 ft=0 fh=0000000000000000 vn="a variant of Android/Mobserv.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=D9B3BA161D98EA1AD0E61015B2F11DB47A0A6875 ft=1 fh=8252b73ae811ba6a vn="a variant of Win32/Mobogenie.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=57206C99B5C24F2F7C49DC420BF003E54621DECD ft=1 fh=f389350db124e471 vn="a variant of MSIL/Adware.StrongVault.A application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files (x86)\FastMediaConverter\FastMediaConverterApp.exe.xBAD"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\owner\AppData\Local\Temp\nsaC26A.exe.xBAD"
sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R potentially unwanted application (deleted - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\owner\AppData\Local\Temp\nspE7A7.exe.xBAD"
sh=F73A989D387D314786C495C7B4E6A430B13F335B ft=1 fh=bcb784e64614ea73 vn="a variant of Win32/Conduit.SearchProtect.O potentially unwanted application (deleted (after the next restart) - quarantined)" ac=C fn="C:\Program Files\pcreg\pcreg.exe"
sh=DC14D39A287BCB67D1E22ED039D3A6F3FE065705 ft=1 fh=a703a7a09520adb0 vn="a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\2pUninstall Coupon Alert.dll"
sh=204CDEE6005FE10035792F24BF68C276B08022BB ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}\WeatherBugSetup.res"
sh=1B40367DE78EC1FD11808FE9EE5880722FAF07BC ft=1 fh=dade5429811eae1e vn="Win32/Conduit.SearchProtect.M potentially unwanted application (deleted - quarantined)" ac=C fn="C:\temp\a.exe"
sh=23225E98D7F726E10E10B706F95F3F0A70513315 ft=1 fh=ac938b707f3f3143 vn="Win32/Conduit.SearchProtect.M potentially unwanted application (deleted - quarantined)" ac=C fn="C:\temp\launcher.exe"
sh=C08D035778900D7C47066504CB352CD94A7691D9 ft=1 fh=c7d61388610824c6 vn="Win32/AnyProtect.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\owner\AppData\Local\nsq3CFD.tmp"
sh=C7241007662586F5DE3A9F9927CFBD9D52A52AC9 ft=1 fh=a7692001af61d921 vn="a variant of Win32/Conduit.SearchProtect.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\owner\AppData\Local\Temp\nskA7D7\SpSetup.exe"
sh=68125D2FD7EFE6FC61E4D8A0E04EE5D027865C72 ft=1 fh=65c48dc866448052 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\onredUS100[1].exe"
sh=502CF864E2F99574734AA75648FEBD95FB4ECC93 ft=1 fh=8ad138b77913bf53 vn="Win32/Toolbar.Conduit.R potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\whiteUS3[1].exe"
sh=849D3A1DCC8F2033D3ED94005933D06E0646C0D3 ft=1 fh=4237235823af9f35 vn="Win32/AdWare.SmartApps.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Start Savin\gpedit.exe"
sh=D0D21AE60A9E6906130E9D08E0C306F01F5492F9 ft=1 fh=15f02b2549082a82 vn="a variant of Win32/AdWare.SmartApps.B application (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Start Savin\SoftwareDetector.exe"
 



#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:01 AM

Posted 04 June 2014 - 05:53 PM

Please run the computer and tell me how it is running?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:01 AM

Posted 07 June 2014 - 02:49 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:01 AM

Posted 08 June 2014 - 05:05 PM

This topic has been re-opened at the request of the person who originally posted.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#10 Ashwee52

Ashwee52
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:01 AM

Posted 15 June 2014 - 09:37 AM

Thank you for re-opening the topic.

 

The computer runs and does not have pop ups, I have a program called weather bug that is opening upon start up that was not prevously there. Am I able to delete this program?

 

The computer did freeze again and I recieved a blue screen for a data dump, and had to manually restart the computer.

 

Is it also safe to process the windows updates?



#11 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:01 AM

Posted 15 June 2014 - 07:02 PM

Hello You can delete the weather bug program and do the windows updates.

 

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#12 Ashwee52

Ashwee52
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:01 AM

Posted 18 June 2014 - 06:10 PM

Thank you!  I have updated and removed the weather bug.

I followed the directions above and in the file C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs the only thing the txt file stats is    Running Repair Under Current User Account.  There is a file titled chkdsk_full_Log and chkdsk_log.  Should I repeat the steps above?



#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:01 AM

Posted 18 June 2014 - 09:48 PM

yes repeat the steps and let me know how the machine is running?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 Ashwee52

Ashwee52
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:01 AM

Posted 22 June 2014 - 05:17 PM

It has been running sort of slow.  Opening IE or Word takes a moment or two.  I haven't had a blue screen, but I have been using for light personal usage and news, and not for work or school.

 

 

Windows Repair Log

 

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: OWNER-PC
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\owner
Current Profile SID: S-1-5-21-1184358007-467837356-3212989126-1000
Current Profile Classes: S-1-5-21-1184358007-467837356-3212989126-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\owner\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:19:51

Process Count: 80
Commit Total: 1.87 GB
Commit Limit: 11.93 GB
Commit Peak: 2.62 GB
Handle Count: 27108
Kernel Total: 510.88 MB
Kernel Paged: 398.62 MB
Kernel Non Paged: 112.26 MB
System Cache: 4.34 GB
Thread Count: 959
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 5.97 GB
Memory Used: 1.76 GB(29.487%)
Memory Avail.: 4.21 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 5.97 GB
Memory Used: 1.43 GB(24.0281%)
Memory Avail.: 4.53 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Start (6/22/2014 5:44:09 PM)

01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (6/22/2014 5:44:17 PM)
   Running Repair Under Current User Account
   Done (6/22/2014 5:44:31 PM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (6/22/2014 5:44:31 PM)
   Running Repair Under System Account
   Done (6/22/2014 5:51:54 PM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (6/22/2014 5:51:54 PM)
   Running Repair Under System Account
   Done (6/22/2014 5:53:52 PM)

03 - Reset Service Permissions
   Start (6/22/2014 5:53:52 PM)
   Running Repair Under System Account
   Done (6/22/2014 5:54:07 PM)

04 - Register System Files
   Start (6/22/2014 5:54:07 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 5:54:41 PM)

05 - Repair WMI
   Start (6/22/2014 5:54:41 PM)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   Norton 360 Premier Edition Exported.

   Exporting AntiSpyware Info...
   Norton 360 Premier Edition Exported.
   Windows Defender Exported.
   Spybot - Search and Destroy Exported.

   Exporting 3rd Party Firewall Info...
   Norton 360 Premier Edition Exported.

   Running Repair Under Current User Account
   Done (6/22/2014 5:57:17 PM)

06 - Repair Windows Firewall
   Start (6/22/2014 5:57:17 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 5:58:07 PM)

07 - Repair Internet Explorer
   Start (6/22/2014 5:58:07 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 5:58:50 PM)

08 - Repair MDAC/MS Jet
   Start (6/22/2014 5:58:50 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 5:59:05 PM)

09 - Repair Hosts File
   Start (6/22/2014 5:59:05 PM)
   Running Repair Under System Account
   Done (6/22/2014 5:59:07 PM)

10 - Remove Policies Set By Infections
   Start (6/22/2014 5:59:08 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 5:59:18 PM)

11 - Repair Start Menu Icons Removed By Infections
   Start (6/22/2014 5:59:18 PM)
   Running Repair Under System Account
   Done (6/22/2014 5:59:21 PM)

12 - Repair Icons
   Start (6/22/2014 5:59:21 PM)
   Running Repair Under Current User Account
   Done (6/22/2014 5:59:23 PM)

13 - Repair Winsock & DNS Cache
   Start (6/22/2014 5:59:23 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 5:59:43 PM)

15 - Repair Proxy Settings
   Start (6/22/2014 5:59:43 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 5:59:48 PM)

17 - Repair Windows Updates
   Start (6/22/2014 5:59:48 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:00:23 PM)

18 - Repair CD/DVD Missing/Not Working
   Start (6/22/2014 6:00:23 PM)
   iTunes was found, adding UpperFilters for iTunes Reg Key
   UpperFilters added?: True
   Done (6/22/2014 6:00:23 PM)

19 - Repair Volume Shadow Copy Service
   Start (6/22/2014 6:00:23 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:00:36 PM)

21 - Repair MSI (Windows Installer)
   Start (6/22/2014 6:00:36 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:01:02 PM)

23.01 - Repair bat Association
   Start (6/22/2014 6:01:02 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:01:06 PM)

23.02 - Repair cmd Association
   Start (6/22/2014 6:01:06 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:01:11 PM)

23.03 - Repair com Association
   Start (6/22/2014 6:01:12 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:01:16 PM)

23.04 - Repair Directory Association
   Start (6/22/2014 6:01:16 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:01:21 PM)

23.05 - Repair Drive Association
   Start (6/22/2014 6:01:21 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:01:26 PM)

23.06 - Repair exe Association
   Start (6/22/2014 6:01:26 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:01:39 PM)

23.07 - Repair Folder Association
   Start (6/22/2014 6:01:39 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:01:46 PM)

23.08 - Repair inf Association
   Start (6/22/2014 6:01:46 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:03:06 PM)

23.09 - Repair lnk (Shortcuts) Association
   Start (6/22/2014 6:03:06 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:03:11 PM)

23.10 - Repair msc Association
   Start (6/22/2014 6:03:11 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:03:26 PM)

23.11 - Repair reg Association
   Start (6/22/2014 6:03:26 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:03:31 PM)

23.12 - Repair scr Association
   Start (6/22/2014 6:03:31 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:03:36 PM)

24 - Repair Windows Safe Mode
   Start (6/22/2014 6:03:36 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:03:40 PM)

25 - Repair Print Spooler
   Start (6/22/2014 6:03:40 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:04:02 PM)

26 - Restore Important Windows Services
   Start (6/22/2014 6:04:02 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:04:23 PM)

27 - Set Windows Services To Default Startup
   Start (6/22/2014 6:04:23 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (6/22/2014 6:04:32 PM)

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 6.1

Cleaning up empty logs...

All Selected Repairs Done.
   Done (6/22/2014 6:04:32 PM)
   Total Repair Time: 00:20:25

...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account



#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:06:01 AM

Posted 22 June 2014 - 08:01 PM

Use it as you would normally please


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users