Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ZEROACCESS Backdoor 0access (from "Am I Infected")


  • This topic is locked This topic is locked
105 replies to this topic

#1 Derren

Derren

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:23 PM

Posted 30 November 2014 - 05:44 PM

I was sent here from the "Am I infected" forum:

 

http://www.bleepingcomputer.com/forums/t/556321/closed-fake-pop-up-now-cant-access-mbam-or-avg/

 

Because ZEROACCESS appeared in the RKIll log I was told to start a thread here.

 

My DDS.txt is next:

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16584  BrowserJavaVersion: 10.60.2
Run by Derren at 14:28:34 on 2014-11-30
Microsoft® Windows Vista™ Business   6.0.6002.2.1252.1.1033.18.2012.719 [GMT -8:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Outdated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Outdated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\AEADISRV.EXE
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Windows\system32\ifxspmgt.exe
C:\Windows\system32\ifxtcs.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Intel\AMT\LMS.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
C:\Windows\system32\IfxPsdSv.exe
C:\Program Files\Intel\AMT\UNS.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
C:\Program Files\PhraseExpress\phraseexpress.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\WmiPrvSE.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\System32\svchost.exe -k Cognizance
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.thirdgen.org/techboard/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - 
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: CmjBrowserHelperObject Object: {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - c:\program files\mindjet\mindmanager 8\Mm8InternetExplorer.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: AOL Toolbar BHO: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Credential Manager for HP ProtectTools: {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\program files\hewlett-packard\iam\bin\ItIEAddIn.dll
TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AOL Toolbar: {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Google Update] "c:\users\derren\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
uRun: [WLSync] c:\program files\windows live\mesh\WLSync.exe /background
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [PDF Complete] c:\program files\pdf complete\pdfsty.exe
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\cinefo~1.lnk - c:\program files\cineform\tools\GoProCineFormStatusViewer.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\phrase~1.lnk - c:\program files\phraseexpress\phraseexpress.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &AOL Toolbar Search - c:\programdata\aol\ietoolbar\resources\en-us\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
IE: {2F72393D-2472-4F82-B600-ED77F354B7FF} - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - c:\program files\mindjet\mindmanager 8\Mm8InternetExplorer.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{10B9A43D-86ED-4095-B9C8-5312D48D8CA2} : DHCPNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - 
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\8.0.1\ViProtocol.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - 
LSA: Notification Packages =  SbHpNp scecli ASWLNPkg
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-10-23 39224]
R0 SbAlg;SbAlg;c:\windows\system32\drivers\SbAlg.sys [2006-10-9 44720]
R0 SbFsLock;SbFsLock;c:\windows\system32\drivers\SbFsLock.sys [2007-6-14 13184]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-25 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-10-23 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-4-15 182072]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2007-4-18 39080]
R1 RsvLock;RsvLock;c:\windows\system32\drivers\rsvlock.sys [2007-6-13 5808]
R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2008-1-20 21504]
R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2008-1-20 21504]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-11-20 283136]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\hewlett-packard\drive encryption\HpFkCrypt.exe [2007-7-9 221184]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\pdf complete\pdfsvc.exe [2009-1-14 576024]
R2 PenCommService;Livescribe Pulse Smartpen Service;c:\program files\common files\livescribe\pencomm\PenCommService.exe [2011-10-27 470528]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2013-1-18 383264]
R2 UNS;Intel® Active Management Technology User Notification Service;c:\program files\intel\amt\UNS.exe [2009-1-14 2521880]
R2 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\8.0.1\ToolbarUpdater.exe [2011-12-9 246624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2014-4-3 315008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-1-20 179712]
S3 PulseUsb;Livescribe Smartpen USB Driver;c:\windows\system32\drivers\PulseUsb.sys [2011-10-27 20480]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2014-11-26 08:23:49 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e8d0afa0-a15c-42a9-9395-f640b90d078b}\offreg.dll
2014-11-26 08:04:09 8941456 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e8d0afa0-a15c-42a9-9395-f640b90d078b}\mpengine.dll
2014-11-26 04:27:42 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-11-26 04:27:41 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-26 04:26:25 79576 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-11-10 18:20:49 0 ----a-w- c:\windows\system32\cwyzs.dll
2014-11-10 16:23:43 -------- d-----w- c:\programdata\IoleqUllib
2014-11-10 15:31:21 -------- d-----w- c:\users\derren\appdata\roaming\FrameworkUpdate7
2014-11-10 15:31:07 -------- d-----w- c:\programdata\OidsAzeb
2014-11-10 15:30:59 -------- d-----w- c:\programdata\NugzIcjid
.
==================== Find3M  ====================
.
2014-11-26 15:21:07 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-11-26 15:21:07 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-11-04 22:30:58 229000 ------w- c:\windows\system32\MpSigStub.exe
2014-09-27 23:29:58 2054656 ----a-w- c:\windows\system32\win32k.sys
2014-09-19 22:44:32 1810432 ----a-w- c:\windows\system32\jscript9.dll
2014-09-19 22:38:15 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-09-19 22:37:34 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2014-09-19 22:36:04 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2014-09-19 22:35:46 421376 ----a-w- c:\windows\system32\vbscript.dll
2014-09-19 22:34:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-09-19 22:34:22 11776 ----a-w- c:\windows\system32\mshta.exe
2014-09-16 16:56:02 66560 ----a-w- c:\windows\system32\packager.dll
2014-09-04 23:27:58 143360 ----a-w- c:\windows\system32\drivers\fastfat.sys
.
============= FINISH: 14:30:58.07 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:23 AM

Posted 02 December 2014 - 06:12 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#3 Derren

Derren
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:23 PM

Posted 02 December 2014 - 10:25 PM

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-12-2014 01
Ran by Derren (administrator) on MAINDESKTOP on 02-12-2014 19:18:09
Running from C:\Users\Derren\Desktop
Loaded Profile: Derren (Available profiles: Derren & UpdatusUser)
Platform: Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(NVIDIA Corporation) C:\windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SafeBoot International) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Microsoft Corporation) C:\windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\windows\System32\AEADISRV.EXE
(Intel Corporation) C:\Program Files\Intel\AMT\atchksrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Infineon Technologies AG) C:\windows\System32\IFXSPMGT.exe
(Infineon Technologies AG) C:\windows\System32\IFXTCS.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel) C:\Program Files\Intel\AMT\LMS.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Livescribe) C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
(Infineon Technologies AG) C:\windows\System32\IfxPsdSv.exe
(Intel) C:\Program Files\Intel\AMT\UNS.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(GoPro) C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe
(Bartels Media GmbH) C:\Program Files\PhraseExpress\phraseexpress.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\windows\System32\wuauclt.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Intel Corporation) C:\windows\System32\igfxsrvc.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [318488 2008-04-07] (PDF Complete Inc)
HKLM\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [329824 2011-12-29] (BillP Studios)
HKLM\...\Run: [PTHOSTTR] => C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [145184 2007-01-09] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1310720 2008-07-08] (Analog Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Run: [Google Update] => C:\Users\Derren\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Run: [WLSync] => C:\Program Files\Windows Live\Mesh\WLSync.exe /background
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\MountPoints2: {005a59a4-3812-11e2-b6a1-000ffeeca200} - H:\setup.exe -a
Lsa: [Notification Packages] SbHpNp scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Users\Derren\AppData\Local\Temp\lhc.dll No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thirdgen.org/techboard/
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\S-1-5-21-399089533-3685514525-3991642726-1000 -> {BD6A8C42-5023-49BB-A6ED-05F45024BDEE} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1091&query={searchTerms}&invocationType=tb50hpcmdtie7-en-us
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-399089533-3685514525-3991642726-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKU\S-1-5-21-399089533-3685514525-3991642726-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL No File [ ]
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-399089533-3685514525-3991642726-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Derren\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-399089533-3685514525-3991642726-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-399089533-3685514525-3991642726-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nptgeqplugin.dll (Tamarack Software, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Derren\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-02]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-29]
CHR Extension: (Google Search) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-29]
CHR Extension: (Terminal for Google) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\denbapicipbiplggmfebiogiphopgjca [2012-02-29]
CHR Extension: (*Split Screen*) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\eachfleknamlcepmplpdghagngjfjkin [2012-05-26]
CHR Extension: (Frame two pages) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\eldgpcphflnopbjadiaonofideekgdgm [2012-05-26]
CHR Extension: (feedly) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-04-02]
CHR Extension: (Google Mail Checker) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2012-02-29]
CHR Extension: (Google bookmarks) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfieeekinhmpmgnonkgbmklfdheojoni [2012-02-29]
CHR Extension: (Google Wallet) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole [2013-01-27]
CHR Extension: (Greyscale) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm [2012-10-17]
CHR Extension: (Evernote Web Clipper) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2012-02-29]
CHR Extension: (Gmail) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-29]
CHR Profile: C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (YouTube) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-29]
CHR Extension: (Google Search) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-29]
CHR Extension: (AVG Safe Search) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2012-02-29]
CHR Extension: (Gmail) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-29]
CHR StartMenuInternet: Google Chrome - C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [74240 2007-02-06] (Cognizance Corporation) [File not signed]
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll [131584 2006-06-21] (Cognizance Corporation) [File not signed]
R2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-06-07] (Intel Corporation)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [221184 2007-07-09] (SafeBoot International) [File not signed]
R2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IFXSpMgtSrv; C:\Windows\system32\ifxspmgt.exe [677408 2007-05-23] (Infineon Technologies AG)
R2 IFXTCS; C:\Windows\system32\ifxtcs.exe [853536 2007-05-23] (Infineon Technologies AG)
R2 LMS; C:\Program Files\Intel\AMT\LMS.exe [109336 2007-06-07] (Intel)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [576024 2008-04-07] (PDF Complete Inc)
R2 PenCommService; C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe [470528 2011-10-27] (Livescribe) [File not signed]
R2 PersonalSecureDriveService; C:\Windows\system32\IfxPsdSv.exe [140832 2007-04-18] (Infineon Technologies AG)
R2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2521880 2007-06-07] (Intel)
R2 vToolbarUpdater; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [246624 2011-12-09] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2014-04-15] (AVG Technologies CZ, s.r.o.)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [39080 2007-04-18] (Infineon Technologies AG)
S3 PulseUsb; C:\Windows\System32\DRIVERS\PulseUsb.sys [20480 2011-10-27] (Windows ® Win 7 DDK provider) [File not signed]
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [5808 2007-06-13] (SafeBoot International) [File not signed]
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [101167 2007-06-13] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [44720 2006-10-09] (SafeBoot N.V.) [File not signed]
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13184 2007-06-14] (SafeBoot International)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U3 mbr; \??\C:\Users\Derren\AppData\Local\Temp\mbr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-02 19:18 - 2014-12-02 19:19 - 00024780 _____ () C:\Users\Derren\Desktop\FRST.txt
2014-12-02 19:17 - 2014-12-02 19:18 - 00000000 ____D () C:\FRST
2014-12-02 15:10 - 2014-12-02 15:11 - 01108992 _____ (Farbar) C:\Users\Derren\Desktop\FRST.exe
2014-11-30 14:31 - 2014-11-30 14:31 - 00010298 _____ () C:\Users\Derren\Desktop\attach.txt
2014-11-30 14:31 - 2014-11-30 14:30 - 00015803 _____ () C:\Users\Derren\Desktop\dds.txt
2014-11-30 14:26 - 2014-11-30 14:27 - 00688992 ____R (Swearware) C:\Users\Derren\Desktop\dds.com
2014-11-25 20:27 - 2014-11-26 03:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-25 20:27 - 2014-11-25 20:27 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-25 20:26 - 2014-11-25 20:26 - 00079576 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-25 20:23 - 2014-11-26 03:35 - 00000000 ____D () C:\Users\Derren\Desktop\mbar
2014-11-25 20:18 - 2014-11-25 20:19 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Derren\Desktop\mbar-1.08.2.1001.exe
2014-11-25 19:46 - 2014-11-25 19:46 - 00000600 _____ () C:\Users\Derren\Desktop\FSS.txt
2014-11-25 19:33 - 2014-11-25 19:33 - 00000377 _____ () C:\Users\Derren\Desktop\Result.txt
2014-11-25 19:15 - 2014-11-25 19:17 - 00003566 _____ () C:\Users\Derren\Desktop\Rkill.txt
2014-11-25 19:01 - 2014-11-25 19:02 - 00854414 _____ () C:\Users\Derren\Desktop\SecurityCheck.exe
2014-11-25 18:57 - 2014-11-25 18:58 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Derren\Desktop\rkill.exe
2014-11-10 10:20 - 2014-11-10 10:20 - 00000000 _____ () C:\Windows\system32\cwyzs.dll
2014-11-10 08:23 - 2014-11-26 03:40 - 00000000 ____D () C:\ProgramData\IoleqUllib
2014-11-10 07:31 - 2014-11-26 03:34 - 00000000 ____D () C:\ProgramData\OidsAzeb
2014-11-10 07:31 - 2014-11-10 07:37 - 00000000 ____D () C:\Users\Derren\AppData\Roaming\FrameworkUpdate7
2014-11-10 07:31 - 2014-11-10 07:31 - 00000448 ____H () C:\Users\Derren\AppData\Roaming\麽鎒駓覜
2014-11-10 07:31 - 2014-11-10 07:31 - 00000000 _____ () C:\ProgramData\@system.temp
2014-11-10 07:30 - 2014-11-26 03:34 - 00000000 ____D () C:\ProgramData\NugzIcjid
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-02 19:11 - 2013-03-12 15:38 - 00000000 ____D () C:\Users\Derren\AppData\Roaming\Skype
2014-12-02 19:09 - 2010-02-04 05:51 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-02 19:08 - 2014-05-07 14:38 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-399089533-3685514525-3991642726-1000UA.job
2014-12-02 18:31 - 2009-01-14 00:43 - 01939232 _____ () C:\Windows\WindowsUpdate.log
2014-12-02 18:21 - 2013-12-17 16:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 17:41 - 2006-11-02 04:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-02 17:41 - 2006-11-02 04:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-02 10:08 - 2010-02-04 05:51 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-02 09:46 - 2010-10-30 15:51 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-01 20:17 - 2009-11-04 20:49 - 00002551 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Mindjet MindManager 8.lnk
2014-12-01 20:10 - 2009-06-27 16:53 - 00069120 _____ () C:\Users\Derren\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-01 20:08 - 2014-05-07 14:38 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-399089533-3685514525-3991642726-1000Core.job
2014-11-26 07:21 - 2013-02-20 19:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-26 07:21 - 2012-01-07 21:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-26 03:55 - 2012-05-29 04:05 - 00000000 ___RD () C:\Users\Derren\Google Drive
2014-11-26 03:55 - 2011-02-07 09:16 - 00000000 ____D () C:\Users\Derren\Documents\PhraseExpress
2014-11-26 03:46 - 2006-11-02 02:33 - 00756378 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 03:41 - 2012-01-04 08:34 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-26 03:41 - 2011-10-03 09:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-26 03:41 - 2006-11-02 05:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-26 03:40 - 2006-11-02 05:00 - 00097114 _____ () C:\Windows\PFRO.log
2014-11-26 03:40 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\MSAgent
2014-11-26 03:39 - 2006-11-02 05:01 - 00032592 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-26 03:34 - 2006-11-02 03:18 - 00000000 _SHDC () C:\Windows\$NtUninstallKB62280$
2014-11-25 17:14 - 2012-02-29 12:58 - 00002086 _____ () C:\Users\Derren\Desktop\Google Chrome.lnk
2014-11-22 22:18 - 2011-02-23 08:37 - 00000000 ____D () C:\Users\Derren\AppData\Local\CutePDF Writer
2014-11-20 16:13 - 2006-11-02 03:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-20 14:41 - 2009-01-23 21:33 - 00002032 _____ () C:\Users\Derren\AppData\Local\d3d9caps.dat
2014-11-16 14:57 - 2013-03-17 07:19 - 00163682 _____ () C:\Windows\Minidump\Mini111614-01.dmp
2014-11-16 14:57 - 2011-09-25 07:33 - 00000000 ____D () C:\Windows\Minidump
2014-11-07 18:07 - 2012-06-16 08:22 - 00000000 ____D () C:\Users\Derren\Desktop\aa Waiting Area
2014-11-06 15:50 - 2014-10-18 17:40 - 00000000 ___RD () C:\Program Files\Skype
2014-11-06 15:50 - 2013-03-12 15:37 - 00000000 ____D () C:\ProgramData\Skype
2014-11-05 18:05 - 2012-05-29 04:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-04 14:30 - 2012-01-05 10:00 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
Files to move or delete:
====================
C:\ProgramData\hcSQXgw.dat
 
 
Some content of TEMP:
====================
C:\Users\Derren\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-02 16:45
 
==================== End Of Log ============================

Attached Files



#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:23 AM

Posted 03 December 2014 - 12:46 AM

Hello,

 

 

STEP 1
 

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
     
  • Put a checkmark beside loaded modules.
    Sbf88.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
     
  • Click the Start Scan button.
     
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
     
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 2

 

 

Please download the following file => and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

 

STEP 3

 

 

Please rerun FRST and make sure that Addition.txt is ticked. Now press the SCAN button and wait for the scan to complete. Post both logs - FRST.txt and Addition.txt in your next reply.

 

 

 

Regards,

Georgi


cXfZ4wS.png


#5 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:23 AM

Posted 05 December 2014 - 08:01 AM

Hi,

 

Are you still around?

It's been several days. Do you still need help on this?
This thread will be closed if you don't respond within 48 hours.

Thank you for your understanding.

 

Regards,

Georgi
 


cXfZ4wS.png


#6 Derren

Derren
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:23 PM

Posted 06 December 2014 - 01:51 PM

Yes, I'm here. 

 

I ran the first step, hoping to do the others maybe today.

 

The system we are working on is my home computer and I've been spending at least 12 hours a day, often more, away at work.

 

I will finish the other steps and post back as instructed asap.

 

Thank you for your help.

 

Derren



#7 Derren

Derren
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:23 PM

Posted 07 December 2014 - 08:50 PM

TDSSKiller found nothing.

 

The TDSSKiller log is too large for pastebin. Do I need to signup for pastebin as a "pro" user?

 

Fixlog ran for a long time so I had to leave it running overnight. In the morning it had stalled and I had to use ctrl+alt+delete to stop it.

 

Fixlog.txt is next:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 03-12-2014
Ran by Derren at 2014-12-04 19:17:19 Run:1
Running from C:\Users\Derren\Desktop
Loaded Profile: Derren (Available profiles: Derren & UpdatusUser)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
start
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVG <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
cmd: netsh winsock reset
U3 mbr; \??\C:\Users\Derren\AppData\Local\Temp\mbr.sys [X]
2014-11-10 10:20 - 2014-11-10 10:20 - 00000000 _____ () C:\Windows\system32\cwyzs.dll
2014-11-10 08:23 - 2014-11-26 03:40 - 00000000 ____D () C:\ProgramData\IoleqUllib
2014-11-10 07:31 - 2014-11-26 03:34 - 00000000 ____D () C:\ProgramData\OidsAzeb
2014-11-10 07:31 - 2014-11-10 07:37 - 00000000 ____D () C:\Users\Derren\AppData\Roaming\FrameworkUpdate7
2014-11-10 07:31 - 2014-11-10 07:31 - 00000448 ____H () C:\Users\Derren\AppData\Roaming\麽鎒駓覜
2014-11-10 07:31 - 2014-11-10 07:31 - 00000000 _____ () C:\ProgramData\@system.temp
2014-11-10 07:30 - 2014-11-26 03:34 - 00000000 ____D () C:\ProgramData\NugzIcjid
C:\ProgramData\hcSQXgw.dat
cmd: Dir /s /a:l C:\*
Task: {12D8DC34-49EF-4381-B4DA-727F0FB4650B} - System32\Tasks\At30 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {1D3B553D-D885-489D-B586-1100024873A3} - System32\Tasks\At19 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {1D8432EF-2664-422A-810A-B3813A86CEE4} - System32\Tasks\At7 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {25D8DCD5-CEF5-4444-868F-4D615365D5BA} - System32\Tasks\At6 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {2B61B28F-BA4B-4817-A9A0-31A15DAA3010} - System32\Tasks\At34 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {2FC0A651-A7AA-4960-BD06-F547F149247B} - System32\Tasks\At16 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {305755D1-05C1-4AC0-B418-357E3282D3A4} - System32\Tasks\At1 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {481DDA46-72E0-4A5B-8758-63BE9B171077} - System32\Tasks\At8 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {4EDB4687-42AB-48C3-8311-761E49553E78} - System32\Tasks\At21 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {545F47F2-662F-4853-8ED4-12EFF9DB063C} - System32\Tasks\At41 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {5875857A-6621-403D-95C4-231B6301A5AE} - System32\Tasks\At18 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {6582DC90-1A43-4720-AAB6-060D3A164C83} - System32\Tasks\At12 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {679F4CC9-29EB-4500-9F17-0DACAAF15C71} - System32\Tasks\At45 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {690E62A4-636B-4159-BC14-E9ED8E143425} - System32\Tasks\At15 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {6BA827B0-C0AF-476E-9052-E7DDC6237976} - System32\Tasks\At20 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {6D69CFF6-F407-435D-9968-BE78AF6F162F} - System32\Tasks\At38 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {6E1B4D5B-D89B-4E41-A61E-0F29D6ACD386} - System32\Tasks\At5 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {74E2EF70-7D71-4F60-B14A-7146C5FD0280} - System32\Tasks\At10 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {7503B4D9-F762-4B44-921F-9C8E9E1156F3} - System32\Tasks\At47 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {7A4738AE-48F5-4F8D-AE4C-F14D67F5C4E8} - System32\Tasks\At4 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {806FA36F-3E96-452B-A4BC-E8EFF61ED8FF} - System32\Tasks\At36 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {80EA4C1B-38DB-4D3A-BFC9-17661C3B15BB} - System32\Tasks\At14 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {817B0743-1598-4D60-9E99-743B736A2357} - System32\Tasks\At26 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {869A77A6-A9EA-463C-96C9-244D0B70B852} - System32\Tasks\At35 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {88BE2B1C-D7C4-4423-8868-5526C43E3E27} - System32\Tasks\At43 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {92A098D5-F626-4494-AEB0-4D76B7520889} - System32\Tasks\At31 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {95F5200F-9A83-4BAB-AD35-B18E59F411DF} - System32\Tasks\At32 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {996AF8AE-9A0C-481B-B971-A24F4CC342C6} - System32\Tasks\At42 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {9A89C158-C412-46B6-BF5E-094713EA4F1A} - System32\Tasks\At23 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {9F53F2DB-A94B-4C7E-8C1A-47CDB9BB71DF} - System32\Tasks\At37 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {A98234F4-A93A-4119-82F1-68531657292C} - System32\Tasks\At44 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {AD34EC60-062E-4AD2-976F-15CB8C8E6A21} - System32\Tasks\At46 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {BE1D31B4-BB6B-4B0D-A862-1EBC515E34AA} - System32\Tasks\At33 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {C052C3D0-B913-4B13-A9DE-F0980AC94537} - System32\Tasks\At11 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {C2B1DBBA-7E43-4266-B2AD-A662239EFBD9} - System32\Tasks\At22 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {C48FD466-6B0A-485B-9D2F-22CE20382CC9} - System32\Tasks\At3 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {CA62ED40-8E12-4D99-8AD9-9CE8F0DDFCF5} - System32\Tasks\At25 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {D06D1257-3E35-4CA8-AB17-6BC38AECFA32} - System32\Tasks\At28 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {DB603B2B-70B5-46A7-BDA6-5F6D80FAA2B7} - System32\Tasks\At17 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {E3CC7EA6-C915-41A1-9E37-9EF5B53FCBB8} - System32\Tasks\At39 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {EB545074-F6A3-462E-9E53-D3E6A856C943} - System32\Tasks\At40 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {EBF480CC-6B9B-4ED9-BECF-7491D720B525} - System32\Tasks\At13 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {ED2F16D0-7DDA-4ADD-836F-7DB66EE9C534} - System32\Tasks\At2 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {EFF528C0-6E83-40F5-8CF4-42C4E4CDF207} - System32\Tasks\At27 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {F07B1663-A73B-46B1-9BB0-2C932CDB61E8} - System32\Tasks\At48 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {F8CF165E-E725-4B7E-B203-158D28DE618F} - System32\Tasks\At24 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {FD934627-9508-47A4-804B-B1D4451FC941} - System32\Tasks\At9 => C:\Windows\system32\3284cH8.com <==== ATTENTION
Task: {FF626DA6-126D-480A-A354-559A5C491CF1} - System32\Tasks\At29 => C:\Windows\system32\3284cH8.com <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:054203E4
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
emptytemp:
end
*****************
 
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
Winsock: Catalog5 entry 000000000001\\LibraryPath  was set successfully to %SystemRoot%\system32\NLAapi.dll
Winsock: Catalog5 entry 000000000005\\LibraryPath  was set successfully to %SystemRoot%\System32\mswsock.dll
 
=========  netsh winsock reset =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
mbr => Service not found.
C:\Windows\system32\cwyzs.dll => Moved successfully.
C:\ProgramData\IoleqUllib => Moved successfully.
C:\ProgramData\OidsAzeb => Moved successfully.
C:\Users\Derren\AppData\Roaming\FrameworkUpdate7 => Moved successfully.
C:\Users\Derren\AppData\Roaming\麽鎒駓覜 => Moved successfully.
C:\ProgramData\@system.temp => Moved successfully.
C:\ProgramData\NugzIcjid => Moved successfully.
C:\ProgramData\hcSQXgw.dat => Moved successfully.
 
=========  Dir /s /a:l C:\* =========
 
 Volume in drive C has no label.
 Volume Serial Number is 1CA1-60F2
 
 Directory of C:\
 
11/02/2006  05:02 AM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings
 
11/02/2006  05:02 AM    <SYMLINKD>     All Users [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001} is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\cs-CZ\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\da-DK\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\de-AT\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\de-CH\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\de-DE\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-AU\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-CA\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-GB\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-IE\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-IN\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-NZ\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-US\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\es-ES\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\es-MX\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\fi-FI\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\fr-BE\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\fr-CA\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\fr-CH\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\fr-FR\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\it-IT\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\ja-JP\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\ko-KR\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\nb-NO\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\nl-BE\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\nl-NL\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\pl-PL\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\sv-SE\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\tr-TR\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\zh-CN\buttons is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple\Installer Cache\Apple Software Update 2.1.3.127 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\QuickTime 7.75.80.95 is too long.
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Acrobat\9.0\Replicate is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Reader\9.5\ARM is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001} is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AppData\Local\Microsoft is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple\Installer Cache is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache is too long.
 
 Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [.]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [.]
11/02/2006  05:02 AM    <JUNCTION>     Documents [.]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [.]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [.]
11/02/2006  05:02 AM    <JUNCTION>     Templates [.]
               0 File(s)              0 bytes
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\2DBoy is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\chjw\1050dfc01722fca4 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\IDS\download is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Agent\Agent.2380 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Client\Blizzard Launcher.1949 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Setup\wow_enus is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Blizzard Entertainment is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\IDS\quarantine\95193840-ad9c-47cd-8c88-d146b8084bf3 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Client\Blizzard Launcher.1949 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Blizzard Entertainment\Battle.net\Cache is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600\CN34OBXHJP05KC is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\PlatformKeyData is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{007811BF-E310-4285-BFC6-55DB29B3EDDE} is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointP\Devices\Audio\5000001 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointP\Devices\Display\4000001 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointP\Devices\PointingDevice is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Malwarebytes\Malwarebytes' Anti-Malware is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Malwarebytes' Anti-Malware (portable) is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\IDS\quarantine\95193840-ad9c-47cd-8c88-d146b8084bf3 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600\HPUDC\HP Officejet Pro 8600 (Network) is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{007811BF-E310-4285-BFC6-55DB29B3EDDE}\34923E242BC93274 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\1000086\profiles is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\1000093\profiles is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\100009D\profiles is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\10000AA\profiles is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\10000BF\profiles is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{0A8BE67F-6B35-48E9-A5C8-99DF8BEF9F12} is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Definition Updates\{AF26A54D-0F28-45CB-9AAA-C648BC9140A1} is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Scans\CleanStore\ResourceData is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\PatternFills\Geometric Tiles is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\templates\Paper\Graph Paper is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\templates\Titleblock\Contemporary is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\General is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\CSharp\1033 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\VisualBasic is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Firaxis Games\Sid Meier's Civilization 4 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Definition Updates\{AF26A54D-0F28-45CB-9AAA-C648BC9140A1} is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\PatternFills\Geometric Tiles\Black Linework is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\PatternFills\Tonal Patterns\Sketchy Pen Lines is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726\Users\S-1-5-21-399089533-3685514525-3991642726-1000 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\1033\AppConfigInternal.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Code\1033\CodeFile.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Data\1033\EmptyDatabase.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\General\1033\AppConfig.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Web\1033\StyleSheet.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Windows Forms\1033\AboutBox.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\WPF\1033\WPFCustomControl.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\1033\AppConfigurationInternal.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\Code\1033\Class.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\Data\1033\Dataset.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\General\1033\Text.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\WPF\1033\WPFUserControl.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\CSharp\1033\Architecture Application Add-in.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\VisualBasic\1033\Architecture Application Add-in.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Firaxis Games\Sid Meier's Civilization 4 - Warlords is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726\Users\S-1-5-21-399089533-3685514525-3991642726-1000 is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\SplashScreen.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\CSharp\1033\Architecture Application Add-in.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\VisualBasic\1033\Architecture Application Add-in.zip is too long.
The directory name C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726\Users\S-1-5-21-399089533-3685514525-3991642726-1000 is too long.
 
 Directory of C:\Documents and Settings\Default
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
11/02/2006  05:02 AM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
11/02/2006  05:02 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
11/02/2006  05:02 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
11/02/2006  05:02 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/02/2006  05:02 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/02/2006  05:02 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
11/02/2006  05:02 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\Default\AppData\Local
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
11/02/2006  05:02 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
11/02/2006  05:02 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\Default\Documents
 
11/02/2006  05:02 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
11/02/2006  05:02 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
11/02/2006  05:02 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\Derren
 
01/23/2009  07:27 PM    <JUNCTION>     Application Data [C:\Users\Derren\AppData\Roaming]
01/23/2009  07:27 PM    <JUNCTION>     Cookies [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Cookies]
01/23/2009  07:27 PM    <JUNCTION>     Local Settings [C:\Users\Derren\AppData\Local]
01/23/2009  07:27 PM    <JUNCTION>     My Documents [C:\Users\Derren\Documents]
01/23/2009  07:27 PM    <JUNCTION>     NetHood [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/23/2009  07:27 PM    <JUNCTION>     PrintHood [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/23/2009  07:27 PM    <JUNCTION>     Recent [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Recent]
01/23/2009  07:27 PM    <JUNCTION>     SendTo [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\SendTo]
01/23/2009  07:27 PM    <JUNCTION>     Start Menu [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Start Menu]
01/23/2009  07:27 PM    <JUNCTION>     Templates [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\Derren\AppData\Local
 
01/23/2009  07:27 PM    <JUNCTION>     Application Data [C:\Users\Derren\AppData\Local]
01/23/2009  07:27 PM    <JUNCTION>     History [C:\Users\Derren\AppData\Local\Microsoft\Windows\History]
01/23/2009  07:27 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Derren\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\Derren\Documents
 
01/23/2009  07:27 PM    <JUNCTION>     My Music [C:\Users\Derren\Music]
01/23/2009  07:27 PM    <JUNCTION>     My Pictures [C:\Users\Derren\Pictures]
01/23/2009  07:27 PM    <JUNCTION>     My Videos [C:\Users\Derren\Videos]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\Public\Documents
 
11/02/2006  05:02 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
11/02/2006  05:02 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
11/02/2006  05:02 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\UpdatusUser
 
02/28/2012  06:20 AM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Roaming]
02/28/2012  06:20 AM    <JUNCTION>     Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
02/28/2012  06:20 AM    <JUNCTION>     Local Settings [C:\Users\UpdatusUser\AppData\Local]
02/28/2012  06:20 AM    <JUNCTION>     My Documents [C:\Users\UpdatusUser\Documents]
02/28/2012  06:20 AM    <JUNCTION>     NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/28/2012  06:20 AM    <JUNCTION>     PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/28/2012  06:20 AM    <JUNCTION>     Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
02/28/2012  06:20 AM    <JUNCTION>     SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
02/28/2012  06:20 AM    <JUNCTION>     Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
02/28/2012  06:20 AM    <JUNCTION>     Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\UpdatusUser\AppData\Local
 
02/28/2012  06:20 AM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Local]
02/28/2012  06:20 AM    <JUNCTION>     History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
02/28/2012  06:20 AM    <JUNCTION>     Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\Documents and Settings\UpdatusUser\Documents
 
02/28/2012  06:20 AM    <JUNCTION>     My Music [C:\Users\UpdatusUser\Music]
02/28/2012  06:20 AM    <JUNCTION>     My Pictures [C:\Users\UpdatusUser\Pictures]
02/28/2012  06:20 AM    <JUNCTION>     My Videos [C:\Users\UpdatusUser\Videos]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple\Installer Cache\Apple Software Update 2.1.3.127 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\QuickTime 7.75.80.95 is too long.
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Acrobat\9.0\Replicate is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Reader\9.5\ARM\11881 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple\Installer Cache\Apple Software Update 2.1.3.127 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache is too long.
 
 Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [.]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [.]
11/02/2006  05:02 AM    <JUNCTION>     Documents [.]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [.]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [.]
11/02/2006  05:02 AM    <JUNCTION>     Templates [.]
               0 File(s)              0 bytes
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AppData is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\chjw\1050dfc01722fca4 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\IDS\malwareprofile is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\avg9\update\prepare\temp is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Agent\Agent.2380 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Client\Blizzard Launcher.1949 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Setup\wow_enus is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google SketchUp 7 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{007811BF-E310-4285-BFC6-55DB29B3EDDE} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Livescribe\PenComm\Cache is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointP\Devices is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\Unifying\Firmware is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Malwarebytes\Malwarebytes' Anti-Malware is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Malwarebytes' Anti-Malware (portable) is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\IDS\quarantine\95193840-ad9c-47cd-8c88-d146b8084bf3 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600\Help\graphics\online is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600\HPCustPartic\CN34OBXHJP05KC is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600\HPUDC\HP Officejet Pro 8600 (Network) is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600\XmlFileCache\CN34OBXHJP05KC is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\PlatformKeyData is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{007811BF-E310-4285-BFC6-55DB29B3EDDE} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointP\Devices\Display\4000001 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointP\Devices\Keyboard\200000F is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointP\Devices\PointingDevice is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Event Viewer\Views\ApplicationViewsRootNode is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\SLDL\fb112836-74c9-47a5-97a6-4d1195e35646 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\User Account Pictures\Default Pictures is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{0A8BE67F-6B35-48E9-A5C8-99DF8BEF9F12} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\7-Zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Definition Updates is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows NT\MSFax\Common Coverpages is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\{3b5166fe-8ed2-fc8a-bbb2-c0957c085213} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mindjet\MindManager\8\Outline Print Templates is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\PatternFills is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skype\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\IDS\quarantine\95193840-ad9c-47cd-8c88-d146b8084bf3 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600\HPUDC\HP Officejet Pro 8600 (Network) is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600\XmlFileCache\CN34OBXHJP05KC\Calibration is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{007811BF-E310-4285-BFC6-55DB29B3EDDE}\34923E242BC93274 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\1000086\profiles is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\1000093\profiles is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\100009D\profiles is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\10000AA\profiles is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\10000BF\profiles is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{0A8BE67F-6B35-48E9-A5C8-99DF8BEF9F12} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Definition Updates\{AF26A54D-0F28-45CB-9AAA-C648BC9140A1} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\PatternFills\Geometric Tiles is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\templates\Titleblock\Contemporary is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\1033\AppConfigInternal.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Code\1033 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Data\1033 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Windows Forms is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\1033 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{0A8BE67F-6B35-48E9-A5C8-99DF8BEF9F12}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{21C35C68-A6C5-4A75-8FFD-DB503CE6F67B}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{DAFEFB48-02F1-4EE2-B643-AA32F0191988}\PlayTasks is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Firaxis Games\Sid Meier's Civilization 4 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Definition Updates\{AF26A54D-0F28-45CB-9AAA-C648BC9140A1} is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\PatternFills\Geometric Tiles\Translucent Linework is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\PatternFills\Tonal Patterns\Sketchy Pen Lines is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726\Users\S-1-5-21-399089533-3685514525-3991642726-1000 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\1033\AppConfigInternal.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Data\1033\EmptyDatabase.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\General\1033\AppConfig.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Web\1033\WebCustomControl.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Windows Forms\1033\AboutBox.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\WPF\1033\WPFCustomControl.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\1033\AppConfigurationInternal.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\Data\1033\Dataset.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\General\1033\Text.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\Dialog.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\WPF\1033\WPFUserControl.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\CSharp\1033\Architecture Application Add-in.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\VisualBasic\1033\Architecture Application Add-in.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726\Users\S-1-5-21-399089533-3685514525-3991642726-1000 is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\CSharp\1033\Architecture Application Add-in.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\VisualBasic\1033\Architecture Application Add-in.zip is too long.
The directory name C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726\Users\S-1-5-21-399089533-3685514525-3991642726-1000 is too long.


#8 Derren

Derren
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:23 PM

Posted 07 December 2014 - 08:58 PM

fixlog.txt continued:

 

 Directory of C:\Users
 
11/02/2006  05:02 AM    <SYMLINKD>     All Users [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001} is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\cs-CZ\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\da-DK\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\de-AT\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\de-CH\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\de-DE\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-AU\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-CA\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-GB\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-IE\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-IN\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-NZ\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\en-US\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\es-ES\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\es-MX\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\fi-FI\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\fr-BE\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\fr-CA\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\fr-CH\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\fr-FR\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\it-IT\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\ja-JP\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\ko-KR\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\nb-NO\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\nl-BE\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\nl-NL\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\pl-PL\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\sv-SE\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\tr-TR\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources\zh-CN\buttons is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple\Installer Cache\Apple Software Update 2.1.3.127 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\QuickTime 7.75.80.95 is too long.
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\ProgramData]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
11/02/2006  05:02 AM    <JUNCTION>     Documents [C:\Users\Public\Documents]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Acrobat\9.0\Replicate is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Reader\9.5\ARM is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-A95000000001} is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AOL\ieToolbar\resources is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AppData\Local\Microsoft is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple\Installer Cache is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache is too long.
 
 Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [.]
11/02/2006  05:02 AM    <JUNCTION>     Desktop [.]
11/02/2006  05:02 AM    <JUNCTION>     Documents [.]
11/02/2006  05:02 AM    <JUNCTION>     Favorites [.]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [.]
11/02/2006  05:02 AM    <JUNCTION>     Templates [.]
               0 File(s)              0 bytes
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\2DBoy is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\chjw\1050dfc01722fca4 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\IDS\download is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Agent\Agent.2380 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Client\Blizzard Launcher.1949 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Setup\wow_enus is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Blizzard Entertainment is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\IDS\quarantine\95193840-ad9c-47cd-8c88-d146b8084bf3 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Battle.net\Client\Blizzard Launcher.1949 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Blizzard Entertainment\Battle.net\Cache is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600\CN34OBXHJP05KC is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\PlatformKeyData is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{007811BF-E310-4285-BFC6-55DB29B3EDDE} is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointP\Devices\Audio\5000001 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointP\Devices\Display\4000001 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointP\Devices\PointingDevice is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Malwarebytes\Malwarebytes' Anti-Malware is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Malwarebytes' Anti-Malware (portable) is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG2013\IDS\quarantine\95193840-ad9c-47cd-8c88-d146b8084bf3 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\HP\HP Officejet Pro 8600\HPUDC\HP Officejet Pro 8600 (Network) is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\InstallMate\{007811BF-E310-4285-BFC6-55DB29B3EDDE}\34923E242BC93274 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\1000086\profiles is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\1000093\profiles is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\100009D\profiles is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\10000AA\profiles is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Logishrd\SetPointG\Devices\PointingDevice\10000BF\profiles is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{0A8BE67F-6B35-48E9-A5C8-99DF8BEF9F12} is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Definition Updates\{AF26A54D-0F28-45CB-9AAA-C648BC9140A1} is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Scans\CleanStore\ResourceData is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\PatternFills\Geometric Tiles is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\templates\Paper\Graph Paper is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\templates\Titleblock\Contemporary is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\General is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\CSharp\1033 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\VisualBasic is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Firaxis Games\Sid Meier's Civilization 4 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Definition Updates\{AF26A54D-0F28-45CB-9AAA-C648BC9140A1} is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\PatternFills\Geometric Tiles\Black Linework is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\SketchUp\SketchUp 2014\LayOut\PatternFills\Tonal Patterns\Sketchy Pen Lines is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726\Users\S-1-5-21-399089533-3685514525-3991642726-1000 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\1033\AppConfigInternal.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Code\1033\CodeFile.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Data\1033\EmptyDatabase.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\General\1033\AppConfig.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Web\1033\StyleSheet.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\Windows Forms\1033\AboutBox.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\CSharp\WPF\1033\WPFCustomControl.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\1033\AppConfigurationInternal.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\Code\1033\Class.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\Data\1033\Dataset.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\General\1033\Text.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\WPF\1033\WPFUserControl.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\CSharp\1033\Architecture Application Add-in.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\VisualBasic\1033\Architecture Application Add-in.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Firaxis Games\Sid Meier's Civilization 4 - Warlords is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726\Users\S-1-5-21-399089533-3685514525-3991642726-1000 is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ItemTemplatesCache\VisualBasic\Windows Forms\1033\SplashScreen.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\CSharp\1033\Architecture Application Add-in.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\VSTAHost\Architecture2011\9.0\ProjectTemplatesCache\VisualBasic\1033\Architecture Application Add-in.zip is too long.
The directory name C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Infineon\TPM Software 2.0\BackupData\S-1-5-21-399089533-3685514525-3991642726\Users\S-1-5-21-399089533-3685514525-3991642726-1000 is too long.
 
 Directory of C:\Users\Default
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
11/02/2006  05:02 AM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
11/02/2006  05:02 AM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
11/02/2006  05:02 AM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
11/02/2006  05:02 AM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/02/2006  05:02 AM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/02/2006  05:02 AM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
11/02/2006  05:02 AM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
11/02/2006  05:02 AM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
11/02/2006  05:02 AM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\Default\AppData\Local
 
11/02/2006  05:02 AM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
11/02/2006  05:02 AM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
11/02/2006  05:02 AM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\Users\Default\Documents
 
11/02/2006  05:02 AM    <JUNCTION>     My Music [C:\Users\Default\Music]
11/02/2006  05:02 AM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
11/02/2006  05:02 AM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 
 Directory of C:\Users\Derren
 
01/23/2009  07:27 PM    <JUNCTION>     Application Data [C:\Users\Derren\AppData\Roaming]
01/23/2009  07:27 PM    <JUNCTION>     Cookies [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Cookies]
01/23/2009  07:27 PM    <JUNCTION>     Local Settings [C:\Users\Derren\AppData\Local]
01/23/2009  07:27 PM    <JUNCTION>     My Documents [C:\Users\Derren\Documents]
01/23/2009  07:27 PM    <JUNCTION>     NetHood [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/23/2009  07:27 PM    <JUNCTION>     PrintHood [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/23/2009  07:27 PM    <JUNCTION>     Recent [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Recent]
01/23/2009  07:27 PM    <JUNCTION>     SendTo [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\SendTo]
01/23/2009  07:27 PM    <JUNCTION>     Start Menu [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Start Menu]
01/23/2009  07:27 PM    <JUNCTION>     Templates [C:\Users\Derren\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\Derren\AppData\Local
 
01/23/2009  07:27 PM    <JUNCTION>     Application Data [C:\Users\Derren\AppData\Local]
01/23/2009  07:27 PM    <JUNCTION>     History [C:\Users\Derren\AppData\Local\Microsoft\Windows\History]
01/23/2009  07:27 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Derren\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\Users\Derren\Documents
 
01/23/2009  07:27 PM    <JUNCTION>     My Music [C:\Users\Derren\Music]
01/23/2009  07:27 PM    <JUNCTION>     My Pictures [C:\Users\Derren\Pictures]
01/23/2009  07:27 PM    <JUNCTION>     My Videos [C:\Users\Derren\Videos]
               0 File(s)              0 bytes
 
 Directory of C:\Users\Public\Documents
 
11/02/2006  05:02 AM    <JUNCTION>     My Music [C:\Users\Public\Music]
11/02/2006  05:02 AM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
11/02/2006  05:02 AM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 
 Directory of C:\Users\UpdatusUser
 
02/28/2012  06:20 AM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Roaming]
02/28/2012  06:20 AM    <JUNCTION>     Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
02/28/2012  06:20 AM    <JUNCTION>     Local Settings [C:\Users\UpdatusUser\AppData\Local]
02/28/2012  06:20 AM    <JUNCTION>     My Documents [C:\Users\UpdatusUser\Documents]
02/28/2012  06:20 AM    <JUNCTION>     NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/28/2012  06:20 AM    <JUNCTION>     PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/28/2012  06:20 AM    <JUNCTION>     Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
02/28/2012  06:20 AM    <JUNCTION>     SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
02/28/2012  06:20 AM    <JUNCTION>     Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
02/28/2012  06:20 AM    <JUNCTION>     Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\Users\UpdatusUser\AppData\Local
 
02/28/2012  06:20 AM    <JUNCTION>     Application Data [C:\Users\UpdatusUser\AppData\Local]
02/28/2012  06:20 AM    <JUNCTION>     History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
02/28/2012  06:20 AM    <JUNCTION>     Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\Users\UpdatusUser\Documents
 
02/28/2012  06:20 AM    <JUNCTION>     My Music [C:\Users\UpdatusUser\Music]
02/28/2012  06:20 AM    <JUNCTION>     My Pictures [C:\Users\UpdatusUser\Pictures]
02/28/2012  06:20 AM    <JUNCTION>     My Videos [C:\Users\UpdatusUser\Videos]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
09/11/2010  03:57 PM    <JUNCTION>     Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
09/11/2010  03:57 PM    <JUNCTION>     Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     My Documents [C:\Windows\system32\config\systemprofile\Documents]
09/11/2010  03:57 PM    <JUNCTION>     NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
09/11/2010  03:57 PM    <JUNCTION>     PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
09/11/2010  03:57 PM    <JUNCTION>     Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
09/11/2010  03:57 PM    <JUNCTION>     SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
09/11/2010  03:57 PM    <JUNCTION>     Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
09/11/2010  03:57 PM    <JUNCTION>     Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 
 Directory of C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
 
09/11/2010  03:57 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/11/2010  03:57 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/11/2010  03:57 PM    <JUNCTION>     Temporary Internet Files [.]
               0 File(s)              0 bytes
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Color\Profiles is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Avg2013\update\backup is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\CrashReports is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\IdentityCRL is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\IdentityCRL\production\temp is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Internet Explorer\DOMStore is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\History\History.IE5 is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Photo Gallery\Original Images is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\History\History.IE5\MSHist012009012320090124 is too long.
The directory name C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5 is too long.
 
 Directory of C:\windows\System32\config\systemprofile\Documents
 
09/11/2010  03:57 PM    <JUNCTION>     My Music [C:\Windows\system32\config\systemprofile\Music]
09/11/2010  03:57 PM    <JUNCTION>     My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
09/11/2010  03:57 PM    <JUNCTION>     My Videos [C:\Windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes
 
     Total Files Listed:
               0 File(s)              0 bytes
             420 Dir(s)  44,408,815,616 bytes free
 
========= End of CMD: =========
 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12D8DC34-49EF-4381-B4DA-727F0FB4650B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12D8DC34-49EF-4381-B4DA-727F0FB4650B}" => Key deleted successfully.
C:\Windows\System32\Tasks\At30 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At30" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D3B553D-D885-489D-B586-1100024873A3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D3B553D-D885-489D-B586-1100024873A3}" => Key deleted successfully.
C:\Windows\System32\Tasks\At19 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At19" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D8432EF-2664-422A-810A-B3813A86CEE4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D8432EF-2664-422A-810A-B3813A86CEE4}" => Key deleted successfully.
C:\Windows\System32\Tasks\At7 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At7" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{25D8DCD5-CEF5-4444-868F-4D615365D5BA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25D8DCD5-CEF5-4444-868F-4D615365D5BA}" => Key deleted successfully.
C:\Windows\System32\Tasks\At6 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At6" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B61B28F-BA4B-4817-A9A0-31A15DAA3010}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B61B28F-BA4B-4817-A9A0-31A15DAA3010}" => Key deleted successfully.
C:\Windows\System32\Tasks\At34 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At34" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2FC0A651-A7AA-4960-BD06-F547F149247B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FC0A651-A7AA-4960-BD06-F547F149247B}" => Key deleted successfully.
C:\Windows\System32\Tasks\At16 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At16" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{305755D1-05C1-4AC0-B418-357E3282D3A4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{305755D1-05C1-4AC0-B418-357E3282D3A4}" => Key deleted successfully.
C:\Windows\System32\Tasks\At1 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{481DDA46-72E0-4A5B-8758-63BE9B171077}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{481DDA46-72E0-4A5B-8758-63BE9B171077}" => Key deleted successfully.
C:\Windows\System32\Tasks\At8 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At8" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EDB4687-42AB-48C3-8311-761E49553E78}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EDB4687-42AB-48C3-8311-761E49553E78}" => Key deleted successfully.
C:\Windows\System32\Tasks\At21 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At21" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{545F47F2-662F-4853-8ED4-12EFF9DB063C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{545F47F2-662F-4853-8ED4-12EFF9DB063C}" => Key deleted successfully.
C:\Windows\System32\Tasks\At41 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At41" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5875857A-6621-403D-95C4-231B6301A5AE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5875857A-6621-403D-95C4-231B6301A5AE}" => Key deleted successfully.
C:\Windows\System32\Tasks\At18 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At18" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6582DC90-1A43-4720-AAB6-060D3A164C83}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6582DC90-1A43-4720-AAB6-060D3A164C83}" => Key deleted successfully.
C:\Windows\System32\Tasks\At12 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At12" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{679F4CC9-29EB-4500-9F17-0DACAAF15C71}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{679F4CC9-29EB-4500-9F17-0DACAAF15C71}" => Key deleted successfully.
C:\Windows\System32\Tasks\At45 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At45" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{690E62A4-636B-4159-BC14-E9ED8E143425}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{690E62A4-636B-4159-BC14-E9ED8E143425}" => Key deleted successfully.
C:\Windows\System32\Tasks\At15 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At15" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BA827B0-C0AF-476E-9052-E7DDC6237976}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BA827B0-C0AF-476E-9052-E7DDC6237976}" => Key deleted successfully.
C:\Windows\System32\Tasks\At20 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At20" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6D69CFF6-F407-435D-9968-BE78AF6F162F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D69CFF6-F407-435D-9968-BE78AF6F162F}" => Key deleted successfully.
C:\Windows\System32\Tasks\At38 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At38" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E1B4D5B-D89B-4E41-A61E-0F29D6ACD386}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E1B4D5B-D89B-4E41-A61E-0F29D6ACD386}" => Key deleted successfully.
C:\Windows\System32\Tasks\At5 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At5" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74E2EF70-7D71-4F60-B14A-7146C5FD0280}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74E2EF70-7D71-4F60-B14A-7146C5FD0280}" => Key deleted successfully.
C:\Windows\System32\Tasks\At10 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At10" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7503B4D9-F762-4B44-921F-9C8E9E1156F3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7503B4D9-F762-4B44-921F-9C8E9E1156F3}" => Key deleted successfully.
C:\Windows\System32\Tasks\At47 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At47" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A4738AE-48F5-4F8D-AE4C-F14D67F5C4E8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A4738AE-48F5-4F8D-AE4C-F14D67F5C4E8}" => Key deleted successfully.
C:\Windows\System32\Tasks\At4 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At4" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{806FA36F-3E96-452B-A4BC-E8EFF61ED8FF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{806FA36F-3E96-452B-A4BC-E8EFF61ED8FF}" => Key deleted successfully.
C:\Windows\System32\Tasks\At36 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At36" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80EA4C1B-38DB-4D3A-BFC9-17661C3B15BB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80EA4C1B-38DB-4D3A-BFC9-17661C3B15BB}" => Key deleted successfully.
C:\Windows\System32\Tasks\At14 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At14" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{817B0743-1598-4D60-9E99-743B736A2357}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{817B0743-1598-4D60-9E99-743B736A2357}" => Key deleted successfully.
C:\Windows\System32\Tasks\At26 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At26" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{869A77A6-A9EA-463C-96C9-244D0B70B852}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{869A77A6-A9EA-463C-96C9-244D0B70B852}" => Key deleted successfully.
C:\Windows\System32\Tasks\At35 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At35" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88BE2B1C-D7C4-4423-8868-5526C43E3E27}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88BE2B1C-D7C4-4423-8868-5526C43E3E27}" => Key deleted successfully.
C:\Windows\System32\Tasks\At43 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At43" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92A098D5-F626-4494-AEB0-4D76B7520889}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92A098D5-F626-4494-AEB0-4D76B7520889}" => Key deleted successfully.
C:\Windows\System32\Tasks\At31 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At31" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95F5200F-9A83-4BAB-AD35-B18E59F411DF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95F5200F-9A83-4BAB-AD35-B18E59F411DF}" => Key deleted successfully.
C:\Windows\System32\Tasks\At32 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At32" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{996AF8AE-9A0C-481B-B971-A24F4CC342C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{996AF8AE-9A0C-481B-B971-A24F4CC342C6}" => Key deleted successfully.
C:\Windows\System32\Tasks\At42 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At42" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A89C158-C412-46B6-BF5E-094713EA4F1A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A89C158-C412-46B6-BF5E-094713EA4F1A}" => Key deleted successfully.
C:\Windows\System32\Tasks\At23 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At23" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F53F2DB-A94B-4C7E-8C1A-47CDB9BB71DF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F53F2DB-A94B-4C7E-8C1A-47CDB9BB71DF}" => Key deleted successfully.
C:\Windows\System32\Tasks\At37 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At37" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A98234F4-A93A-4119-82F1-68531657292C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A98234F4-A93A-4119-82F1-68531657292C}" => Key deleted successfully.
C:\Windows\System32\Tasks\At44 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At44" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD34EC60-062E-4AD2-976F-15CB8C8E6A21}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD34EC60-062E-4AD2-976F-15CB8C8E6A21}" => Key deleted successfully.
C:\Windows\System32\Tasks\At46 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At46" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE1D31B4-BB6B-4B0D-A862-1EBC515E34AA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE1D31B4-BB6B-4B0D-A862-1EBC515E34AA}" => Key deleted successfully.
C:\Windows\System32\Tasks\At33 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At33" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C052C3D0-B913-4B13-A9DE-F0980AC94537}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C052C3D0-B913-4B13-A9DE-F0980AC94537}" => Key deleted successfully.
C:\Windows\System32\Tasks\At11 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At11" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2B1DBBA-7E43-4266-B2AD-A662239EFBD9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2B1DBBA-7E43-4266-B2AD-A662239EFBD9}" => Key deleted successfully.
C:\Windows\System32\Tasks\At22 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At22" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C48FD466-6B0A-485B-9D2F-22CE20382CC9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C48FD466-6B0A-485B-9D2F-22CE20382CC9}" => Key deleted successfully.
C:\Windows\System32\Tasks\At3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA62ED40-8E12-4D99-8AD9-9CE8F0DDFCF5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA62ED40-8E12-4D99-8AD9-9CE8F0DDFCF5}" => Key deleted successfully.
C:\Windows\System32\Tasks\At25 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At25" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D06D1257-3E35-4CA8-AB17-6BC38AECFA32}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D06D1257-3E35-4CA8-AB17-6BC38AECFA32}" => Key deleted successfully.
C:\Windows\System32\Tasks\At28 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At28" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB603B2B-70B5-46A7-BDA6-5F6D80FAA2B7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB603B2B-70B5-46A7-BDA6-5F6D80FAA2B7}" => Key deleted successfully.
C:\Windows\System32\Tasks\At17 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At17" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3CC7EA6-C915-41A1-9E37-9EF5B53FCBB8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3CC7EA6-C915-41A1-9E37-9EF5B53FCBB8}" => Key deleted successfully.
C:\Windows\System32\Tasks\At39 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At39" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB545074-F6A3-462E-9E53-D3E6A856C943}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB545074-F6A3-462E-9E53-D3E6A856C943}" => Key deleted successfully.
C:\Windows\System32\Tasks\At40 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At40" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBF480CC-6B9B-4ED9-BECF-7491D720B525}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBF480CC-6B9B-4ED9-BECF-7491D720B525}" => Key deleted successfully.
C:\Windows\System32\Tasks\At13 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At13" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED2F16D0-7DDA-4ADD-836F-7DB66EE9C534}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED2F16D0-7DDA-4ADD-836F-7DB66EE9C534}" => Key deleted successfully.
C:\Windows\System32\Tasks\At2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFF528C0-6E83-40F5-8CF4-42C4E4CDF207}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFF528C0-6E83-40F5-8CF4-42C4E4CDF207}" => Key deleted successfully.
C:\Windows\System32\Tasks\At27 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At27" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F07B1663-A73B-46B1-9BB0-2C932CDB61E8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F07B1663-A73B-46B1-9BB0-2C932CDB61E8}" => Key deleted successfully.
C:\Windows\System32\Tasks\At48 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At48" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8CF165E-E725-4B7E-B203-158D28DE618F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8CF165E-E725-4B7E-B203-158D28DE618F}" => Key deleted successfully.
C:\Windows\System32\Tasks\At24 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At24" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD934627-9508-47A4-804B-B1D4451FC941}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD934627-9508-47A4-804B-B1D4451FC941}" => Key deleted successfully.
C:\Windows\System32\Tasks\At9 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At9" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FF626DA6-126D-480A-A354-559A5C491CF1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF626DA6-126D-480A-A354-559A5C491CF1}" => Key deleted successfully.
C:\Windows\System32\Tasks\At29 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At29" => Key deleted successfully.
C:\ProgramData\TEMP => ":054203E4" ADS removed successfully.
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully.


#9 Derren

Derren
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:23 PM

Posted 07 December 2014 - 08:59 PM

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2014 01
Ran by Derren (administrator) on MAINDESKTOP on 07-12-2014 17:30:48
Running from C:\Users\Derren
Loaded Profile: Derren (Available profiles: Derren & UpdatusUser)
Platform: Microsoft® Windows Vista™ Business  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(Livescribe) C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe
(Microsoft Corporation) C:\windows\System32\wuauclt.exe
(Microsoft Corporation) C:\windows\System32\SLsvc.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [318488 2008-04-07] (PDF Complete Inc)
HKLM\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [329824 2011-12-29] (BillP Studios)
HKLM\...\Run: [PTHOSTTR] => C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [145184 2007-01-09] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1310720 2008-07-08] (Analog Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [{767ba7ba-f87a-20fa-d297-337b0b512df0}] => C:\ProgramData\Microsoft\{767ba7ba-f87a-20fa-d297-337b0b512df0}\{767ba7ba-f87a-20fa-d297-337b0b512df0}.exe [392243 2014-12-03] ()
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
HKLM\...\Policies\Explorer\Run: [{767ba7ba-f87a-20fa-d297-337b0b512df0}] => C:\ProgramData\Microsoft\{767ba7ba-f87a-20fa-d297-337b0b512df0}\{767ba7ba-f87a-20fa-d297-337b0b512df0}.exe [392243 2014-12-03] ( ())
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Run: [Google Update] => C:\Users\Derren\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-18] (Google Inc.)
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Run: [WLSync] => C:\Program Files\Windows Live\Mesh\WLSync.exe /background
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\MountPoints2: {005a59a4-3812-11e2-b6a1-000ffeeca200} - H:\setup.exe -a
Lsa: [Notification Packages] SbHpNp scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Users\Derren\AppData\Local\Temp\lhc.dll No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thirdgen.org/techboard/
HKU\S-1-5-21-399089533-3685514525-3991642726-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=smb&pf=desktop
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\S-1-5-21-399089533-3685514525-3991642726-1000 -> {BD6A8C42-5023-49BB-A6ED-05F45024BDEE} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1091&query={searchTerms}&invocationType=tb50hpcmdtie7-en-us
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: CmjBrowserHelperObject Object -> {6FE6A929-59D1-4763-91AD-29B61CFFB35B} -> C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-399089533-3685514525-3991642726-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKU\S-1-5-21-399089533-3685514525-3991642726-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-399089533-3685514525-3991642726-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Derren\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-399089533-3685514525-3991642726-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-399089533-3685514525-3991642726-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nptgeqplugin.dll (Tamarack Software, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Derren\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-02]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-29]
CHR Extension: (Google Search) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-29]
CHR Extension: (Terminal for Google) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\denbapicipbiplggmfebiogiphopgjca [2012-02-29]
CHR Extension: (*Split Screen*) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\eachfleknamlcepmplpdghagngjfjkin [2012-05-26]
CHR Extension: (Frame two pages) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\eldgpcphflnopbjadiaonofideekgdgm [2012-05-26]
CHR Extension: (Google Play Music) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-12-06]
CHR Extension: (feedly) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-04-02]
CHR Extension: (Google Mail Checker) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2012-02-29]
CHR Extension: (Google bookmarks) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfieeekinhmpmgnonkgbmklfdheojoni [2012-02-29]
CHR Extension: (Google Wallet) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole [2013-01-27]
CHR Extension: (Greyscale) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm [2012-10-17]
CHR Extension: (Evernote Web Clipper) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2012-02-29]
CHR Extension: (Gmail) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-29]
CHR Profile: C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (YouTube) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-29]
CHR Extension: (Google Search) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-29]
CHR Extension: (AVG Safe Search) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2012-02-29]
CHR Extension: (Gmail) - C:\Users\Derren\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-29]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path
CHR HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Derren\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-03]
CHR HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR StartMenuInternet: Google Chrome - C:\Users\Derren\AppData\Local\Google\Chrome\Application\chrome.exe
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [74240 2007-02-06] (Cognizance Corporation) [File not signed]
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\ASChnl.dll [131584 2006-06-21] (Cognizance Corporation) [File not signed]
S2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [183064 2007-06-07] (Intel Corporation)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [221184 2007-07-09] (SafeBoot International) [File not signed]
S2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 IFXSpMgtSrv; C:\Windows\system32\ifxspmgt.exe [677408 2007-05-23] (Infineon Technologies AG)
S2 IFXTCS; C:\Windows\system32\ifxtcs.exe [853536 2007-05-23] (Infineon Technologies AG)
S2 LMS; C:\Program Files\Intel\AMT\LMS.exe [109336 2007-06-07] (Intel)
S2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [576024 2008-04-07] (PDF Complete Inc)
R2 PenCommService; C:\Program Files\Common Files\Livescribe\PenComm\PenCommService.exe [470528 2011-10-27] (Livescribe) [File not signed]
S2 PersonalSecureDriveService; C:\Windows\system32\IfxPsdSv.exe [140832 2007-04-18] (Infineon Technologies AG)
S2 UNS; C:\Program Files\Intel\AMT\UNS.exe [2521880 2007-06-07] (Intel)
S2 vToolbarUpdater; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [246624 2011-12-09] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2014-04-15] (AVG Technologies CZ, s.r.o.)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [39080 2007-04-18] (Infineon Technologies AG)
S3 PulseUsb; C:\Windows\System32\DRIVERS\PulseUsb.sys [20480 2011-10-27] (Windows ® Win 7 DDK provider) [File not signed]
R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [5808 2007-06-13] (SafeBoot International) [File not signed]
R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [101167 2007-06-13] () [File not signed]
R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [44720 2006-10-09] (SafeBoot N.V.) [File not signed]
R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13184 2007-06-14] (SafeBoot International)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-07 17:30 - 2014-12-07 17:32 - 00022644 _____ () C:\Users\Derren\FRST.txt
2014-12-07 17:29 - 2014-12-07 17:29 - 00015296 _____ () C:\Users\Derren\fixlist.txt
2014-12-07 17:28 - 2014-12-07 17:29 - 01111040 _____ (Farbar) C:\Users\Derren\FRST.exe
2014-12-04 19:13 - 2014-12-05 04:37 - 00000000 ____D () C:\Users\Derren\Desktop\FRST-OlderVersion
2014-12-04 19:11 - 2014-12-04 19:12 - 00015296 _____ () C:\Users\Derren\Desktop\fixlist.txt
2014-12-04 18:35 - 2014-12-04 18:35 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Derren\Desktop\tdsskiller.exe
2014-12-03 23:12 - 2014-12-03 23:12 - 00000000 ____D () C:\ProgramData\WukokTagef
2014-12-03 08:03 - 2014-12-03 08:03 - 00037700 _____ () C:\ProgramData\893686b8
2014-12-03 08:03 - 2014-12-03 08:03 - 00024826 _____ () C:\Users\Derren\AppData\Local\893686b8
2014-12-03 08:03 - 2014-12-03 08:03 - 00023342 _____ () C:\Users\Derren\AppData\Roaming\893686b8
2014-12-02 19:19 - 2014-12-02 19:20 - 00050168 _____ () C:\Users\Derren\Desktop\Addition.txt
2014-12-02 19:18 - 2014-12-02 19:20 - 00031847 _____ () C:\Users\Derren\Desktop\FRST.txt
2014-12-02 19:17 - 2014-12-07 17:31 - 00000000 ____D () C:\FRST
2014-11-30 14:31 - 2014-11-30 14:31 - 00010298 _____ () C:\Users\Derren\Desktop\attach.txt
2014-11-30 14:31 - 2014-11-30 14:30 - 00015803 _____ () C:\Users\Derren\Desktop\dds.txt
2014-11-30 14:26 - 2014-11-30 14:27 - 00688992 ____R (Swearware) C:\Users\Derren\Desktop\dds.com
2014-11-25 20:27 - 2014-12-04 17:10 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-25 20:27 - 2014-11-25 20:27 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-25 20:26 - 2014-11-25 20:26 - 00079576 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-25 20:23 - 2014-11-26 03:35 - 00000000 ____D () C:\Users\Derren\Desktop\mbar
2014-11-25 20:18 - 2014-11-25 20:19 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Derren\Desktop\mbar-1.08.2.1001.exe
2014-11-25 19:46 - 2014-11-25 19:46 - 00000600 _____ () C:\Users\Derren\Desktop\FSS.txt
2014-11-25 19:33 - 2014-11-25 19:33 - 00000377 _____ () C:\Users\Derren\Desktop\Result.txt
2014-11-25 19:15 - 2014-11-25 19:17 - 00003566 _____ () C:\Users\Derren\Desktop\Rkill.txt
2014-11-25 19:01 - 2014-11-25 19:02 - 00854414 _____ () C:\Users\Derren\Desktop\SecurityCheck.exe
2014-11-25 18:57 - 2014-11-25 18:58 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Derren\Desktop\rkill.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-07 17:25 - 2006-11-02 04:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 17:25 - 2006-11-02 04:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 17:21 - 2013-12-17 16:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-07 17:09 - 2010-02-04 05:51 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 17:08 - 2014-05-07 14:38 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-399089533-3685514525-3991642726-1000UA.job
2014-12-07 10:08 - 2010-02-04 05:51 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 08:01 - 2010-10-30 15:51 - 00000000 ____D () C:\ProgramData\MFAData
2014-12-06 22:16 - 2009-01-14 00:43 - 02037394 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 20:08 - 2014-05-07 14:38 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-399089533-3685514525-3991642726-1000Core.job
2014-12-06 20:06 - 2009-01-23 21:33 - 00002032 _____ () C:\Users\Derren\AppData\Local\d3d9caps.dat
2014-12-06 19:22 - 2006-11-02 02:33 - 00756378 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 18:44 - 2013-03-12 15:38 - 00000000 ____D () C:\Users\Derren\AppData\Roaming\Skype
2014-12-04 18:44 - 2012-05-29 04:05 - 00000000 ___RD () C:\Users\Derren\Google Drive
2014-12-04 18:43 - 2011-02-07 09:16 - 00000000 ____D () C:\Users\Derren\Documents\PhraseExpress
2014-12-04 18:40 - 2012-01-04 08:34 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-04 18:40 - 2011-10-03 09:12 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-04 18:40 - 2006-11-02 05:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-04 18:38 - 2006-11-02 05:01 - 00032592 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-04 17:16 - 2014-10-18 17:40 - 00000000 ___RD () C:\Program Files\Skype
2014-12-04 17:16 - 2013-03-12 15:37 - 00000000 ____D () C:\ProgramData\Skype
2014-12-04 17:10 - 2006-11-02 05:00 - 00097756 _____ () C:\Windows\PFRO.log
2014-12-01 20:17 - 2009-11-04 20:49 - 00002551 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Mindjet MindManager 8.lnk
2014-12-01 20:10 - 2009-06-27 16:53 - 00069120 _____ () C:\Users\Derren\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-26 07:21 - 2013-02-20 19:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-26 07:21 - 2012-01-07 21:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-26 03:40 - 2006-11-02 03:18 - 00000000 ____D () C:\Windows\MSAgent
2014-11-26 03:34 - 2006-11-02 03:18 - 00000000 _SHDC () C:\Windows\$NtUninstallKB62280$
2014-11-25 17:14 - 2012-02-29 12:58 - 00002086 _____ () C:\Users\Derren\Desktop\Google Chrome.lnk
2014-11-22 22:18 - 2011-02-23 08:37 - 00000000 ____D () C:\Users\Derren\AppData\Local\CutePDF Writer
2014-11-20 16:13 - 2006-11-02 03:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-16 14:57 - 2013-03-17 07:19 - 00163682 _____ () C:\Windows\Minidump\Mini111614-01.dmp
2014-11-16 14:57 - 2011-09-25 07:33 - 00000000 ____D () C:\Windows\Minidump
2014-11-07 18:07 - 2012-06-16 08:22 - 00000000 ____D () C:\Users\Derren\Desktop\aa Waiting Area
 
Files to move or delete:
====================
C:\Users\Derren\FRST.exe
 
 
Some content of TEMP:
====================
C:\Users\Derren\AppData\Local\Temp\DE50.tmp.exe
C:\Users\Derren\AppData\Local\Temp\diskfix.exe
C:\Users\Derren\AppData\Local\Temp\FAC6.tmp.exe
C:\Users\Derren\AppData\Local\Temp\fixtool.exe
C:\Users\Derren\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Derren\AppData\Local\Temp\syserrfix.exe
C:\Users\Derren\AppData\Local\Temp\UpdateFlashPlayer_155b8256.exe
C:\Users\Derren\AppData\Local\Temp\UpdateFlashPlayer_1ca80c58.exe
C:\Users\Derren\AppData\Local\Temp\UpdateFlashPlayer_3d1dd47d.exe
C:\Users\Derren\AppData\Local\Temp\UpdateFlashPlayer_6751127d.exe
C:\Users\Derren\AppData\Local\Temp\UpdateFlashPlayer_7028e2fc.exe
C:\Users\Derren\AppData\Local\Temp\UpdateFlashPlayer_97355ee5.exe
C:\Users\Derren\AppData\Local\Temp\UpdateFlashPlayer_9bf20c43.exe
C:\Users\Derren\AppData\Local\Temp\UpdateFlashPlayer_d6d96333.exe
C:\Users\Derren\AppData\Local\Temp\{24737CF4-7C4B-4867-9C94-C2581EFB0545}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-07 07:24
 
==================== End Of Log ============================
 
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2014 01
Ran by Derren at 2014-12-07 17:33:47
Running from C:\Users\Derren
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2013 (Enabled - Out of date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Enabled - Out of date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.26.1 - AOL LLC)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3485 - AVG Technologies)
AVG 2013 (Version: 13.0.3485 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.4189 - AVG Technologies) Hidden
Beyond the Red Line (HKLM\...\Beyond the Red Line 1.0) (Version: 1.0 - Name of your company)
BIOS Configuration for HP ProtectTools (HKLM\...\{64AE6DA6-8B61-4DF7-AFC0-7134E4C458FA}) (Version: 3.00 F1 - Hewlett-Packard)
BUG Mod 4.4 (HKLM\...\BUG Mod 4.4) (Version:  - )
Celestia 1.5.1 (HKLM\...\Celestia_is1) (Version:  - Shatters Software)
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Credential Manager for HP ProtectTools (HKLM\...\{BE41F3D2-FC73-4C3E-A2C2-5D2B08A5B2D0}) (Version: 2.5.0.880.13 - Hewlett-Packard )
CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version:  - )
Drive Encryption for HP ProtectTools (HKLM\...\{2AD74810-E122-4D37-9CE8-EC4BF9A065CC}) (Version: 1.0.4 - Hewlett-Packard)
Embedded Security for HP ProtectTools (HKLM\...\{F42CF6B5-8594-4D3A-B96F-30FD3BC1AAA5}) (Version: 5.0.2 - Hewlett-Packard)
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Gmail Backup (HKLM\...\gmailbackup) (Version:  - )
Google Chrome (HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Drive (HKLM\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
GoToMeeting 6.0.0.1259 (HKU\S-1-5-21-399089533-3685514525-3991642726-1000\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Backup & Recovery Manager (HKLM\...\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}) (Version: 4.3.6 enhanced - Hewlett-Packard Company)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{8EAB4100-B343-41AE-A880-418746998209}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{79ACC31A-87EA-472A-853E-5AC6A97CE569}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Product Detection (HKLM\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\{2DB165DC-DDB4-403F-B985-19F3EC7D0357}) (Version: 3.00 A10 - Hewlett-Packard)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
Intel® Network Connections 12.4.38.0 (HKLM\...\PROSetDX) (Version: 12.4.38.0 - Intel)
Intel® Active Management Technology (HKLM\...\MESOL) (Version:  - Intel Corporation)
Intel® Management Engine Interface (HKLM\...\HECI) (Version:  - Intel Corporation)
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1271 - InterVideo Inc.)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.600 - Oracle)
Livescribe Connect (HKLM\...\com.livescribe.LivescribeConnect) (Version: 1.2.1.58498 - Livescribe Inc)
Livescribe Connect (Version: 1.2.1 - Livescribe Inc) Hidden
Livescribe Desktop (HKLM\...\Livescribe Desktop 2.8.3) (Version: 2.8.3 - Livescribe Inc)
Logitech Gaming Software (HKLM\...\{B9242864-2841-4ADE-86E0-8F90F91B04DD}) (Version: 4.40 - )
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware version 1.65.1.1000 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.65.1.1000 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Mindjet MindManager 8 (HKLM\...\{628C9797-454A-4856-99AD-58ACBA0472E4}) (Version: 8.1.920 - Mindjet LLC)
MS Access 97 SP2 (HKLM\...\MS Access 97 SP2) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA 3D Vision Controller Driver 295.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 295.73 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.12.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.12.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0209 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0209 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Opera 12.12 (HKLM\...\Opera 12.12.1707) (Version: 12.12.1707 - Opera Software ASA)
PDF Complete (HKLM\...\PDF Complete) (Version: 3.5.22 - PDF Complete, Inc.)
PhraseExpress v8.0.127 (HKLM\...\PhraseExpress_is1) (Version: 8.0.127 - Bartels Media)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Sid Meier's Civilization 4 - Beyond the Sword (HKLM\...\{32E4F0D2-C135-475E-A841-1D59A0D22989}) (Version: 3.19 - Firaxis Games)
Sid Meier's Civilization 4 - Warlords (HKLM\...\{3E4B349F-10B5-4586-9D99-489A90A8B228}) (Version: 2.13 - Firaxis Games)
Sid Meier's Civilization 4 (HKLM\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.74 - Firaxis Games)
Sid Meier's Civilization 4 (Version: 1.00.0000 - Firaxis Games) Hidden
SketchUp 2014 (HKLM\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited)
Skype™ 6.22 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.5860 - Analog Devices)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.0 - Safer Networking Limited)
SpywareBlaster 4.5 (HKLM\...\SpywareBlaster_is1) (Version: 4.5.0 - Javacool Software LLC)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.5 - Flagship Industries, Inc.)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Warzone 2100-2.3.9 (HKLM\...\Warzone 2100-2.3.9) (Version: 2.3.9 - Warzone 2100 Project)
Warzone 2100-3.1_beta11 (HKLM\...\Warzone 2100-3.1_beta11) (Version: 3.1_beta11 - Warzone 2100 Project)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
WinPatrol (HKLM\...\{007811BF-E310-4285-BFC6-55DB29B3EDDE}) (Version: 24.0.2012 - BillP Studios)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Derren\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit Architecture 2011\Program\APIContext.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Derren\AppData\Local\Google\Chrome\Application\39.0.2171.71\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{6A481001-E531-11CF-A115-00A024158DAF}\localserver32 -> C:\PROGRA~1\IMSIDE~1\DOUBLE~1\Program\DOUBLE~1.EXE No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{6A481003-E531-11CF-A115-00A024158DAF}\localserver32 -> C:\PROGRA~1\IMSIDE~1\DOUBLE~1\Program\DOUBLE~1.EXE No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{6A481004-E531-11CF-A115-00A024158DAF}\localserver32 -> C:\PROGRA~1\IMSIDE~1\DOUBLE~1\Program\DOUBLE~1.EXE No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{6A481005-E531-11CF-A115-00A024158DAF}\localserver32 -> C:\PROGRA~1\IMSIDE~1\DOUBLE~1\Program\DOUBLE~1.EXE No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{6A481801-E531-11CF-A115-00A024158DAF}\InprocServer32 -> C:\Program Files\IMSIDesign\DoubleCAD XT 3\Program\IMSIGX17.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{6A481802-E531-11CF-A115-00A024158DAF}\InprocServer32 -> C:\Program Files\IMSIDesign\DoubleCAD XT 3\Program\IMSIGX17.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{6A481803-E531-11CF-A115-00A024158DAF}\InprocServer32 -> C:\Program Files\IMSIDesign\DoubleCAD XT 3\Program\IMSIGX17.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{6A481804-E531-11CF-A115-00A024158DAF}\InprocServer32 -> C:\Program Files\IMSIDesign\DoubleCAD XT 3\Program\IMSIGX17.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{6A481805-E531-11CF-A115-00A024158DAF}\InprocServer32 -> C:\Program Files\IMSIDesign\DoubleCAD XT 3\Program\IMSIGX17.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1259\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{98065826-5157-8891-8784-438888677059}\InprocServer32 -> C:\Users\Derren\AppData\Local\Temp\lhc.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}\InprocServer32 -> C:\Windows\system32\MSVBVM60.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> C:\Users\Derren\AppData\Local\Temp\lhc.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-399089533-3685514525-3991642726-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Derren\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
 
==================== Restore Points  =========================
 
25-11-2014 08:00:12 Scheduled Checkpoint
26-11-2014 03:09:51 Windows Defender Checkpoint
26-11-2014 08:02:41 Windows Update
26-11-2014 11:33:35 Malwarebytes Anti-Rootkit Restore Point
27-11-2014 08:07:47 Scheduled Checkpoint
28-11-2014 08:00:05 Scheduled Checkpoint
29-11-2014 08:00:05 Scheduled Checkpoint
30-11-2014 08:54:10 Scheduled Checkpoint
01-12-2014 08:01:27 Scheduled Checkpoint
02-12-2014 08:00:05 Scheduled Checkpoint
03-12-2014 08:02:43 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 02:23 - 2011-12-31 15:01 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {142FDD71-533A-4ABC-85A4-677026CCC5E3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {1B0FE52E-C600-4502-A459-295C89B3CD48} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-399089533-3685514525-3991642726-1000UA => C:\Users\Derren\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {1B94A237-270B-48B9-BF2C-5E9E5D8481FB} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {2D2CF2F8-E126-41C2-9E09-FC507C8C1FFE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {70BCFFFE-EEF1-411B-9A11-4259713918BC} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {730EE5B8-68CE-4418-A9B8-D5B4CBAAAF0F} - System32\Tasks\RealCreateProcessScheduledTask80610693S-1-5-21-399089533-3685514525-3991642726-1000 => C:\Program Files\Real\RealPlayer\realplay.exe
Task: {8237D40B-E98F-4E96-84C8-8284F5B71F7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {8CF58204-6343-469F-A6FB-C3019C742A2C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-399089533-3685514525-3991642726-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {955134BE-2CDE-4B1F-9A9B-FF072178B835} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2008-01-20] (Microsoft Corporation)
Task: {978D7A9D-4E54-4A1A-9154-AF00E0BA7C7A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-399089533-3685514525-3991642726-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {9C296145-5C88-4C1A-9675-625471326C54} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-399089533-3685514525-3991642726-1000Core => C:\Users\Derren\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {F4C46FE1-13A1-43F1-AA2E-14597C10C013} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-399089533-3685514525-3991642726-1000Core.job => C:\Users\Derren\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-399089533-3685514525-3991642726-1000UA.job => C:\Users\Derren\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-10-27 14:56 - 2011-10-27 14:56 - 00276992 _____ () C:\Program Files\Common Files\Livescribe\PenComm\PenCommSdk.dll
2011-02-23 08:36 - 2009-11-05 07:39 - 00087552 _____ () C:\Windows\System32\cpwmon2k.dll
2014-11-25 17:13 - 2014-11-24 22:39 - 09009480 _____ () C:\Users\Derren\AppData\Local\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-25 17:13 - 2014-11-24 22:39 - 01677128 _____ () C:\Users\Derren\AppData\Local\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2014-04-11 15:38 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Derren\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-11 15:38 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Derren\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-11-25 17:13 - 2014-11-24 22:39 - 14910280 _____ () C:\Users\Derren\AppData\Local\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows\$NtUninstallKB62280$:SummaryInformation
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\40179248.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\45909118.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\40179248.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\45909118.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-399089533-3685514525-3991642726-500 - Administrator - Disabled)
Derren (S-1-5-21-399089533-3685514525-3991642726-1000 - Administrator - Enabled) => C:\Users\Derren
Guest (S-1-5-21-399089533-3685514525-3991642726-501 - Limited - Enabled)
UpdatusUser (S-1-5-21-399089533-3685514525-3991642726-1003 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/06/2014 02:50:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application explorer.exe, version 6.0.6002.18005, time stamp 0x2a425e19, faulting module mshtml.dll, version 9.0.8112.16584, time stamp 0x541cb3c5, exception code 0xc0000005, fault offset 0x004c47c3,
process id 0x1958, application start time 0xexplorer.exe0.
 
Error: (12/05/2014 00:21:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application explorer.exe, version 6.0.6002.18005, time stamp 0x2a425e19, faulting module mshtml.dll, version 9.0.8112.16584, time stamp 0x541cb3c5, exception code 0xc0000005, fault offset 0x002ba5f9,
process id 0x12e4, application start time 0xexplorer.exe0.
 
Error: (12/04/2014 09:52:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application explorer.exe, version 6.0.6002.18005, time stamp 0x2a425e19, faulting module ntdll.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000420, fault offset 0x000b06fc,
process id 0x161c, application start time 0xexplorer.exe0.
 
Error: (12/04/2014 06:40:33 PM) (Source: Intel® AMT) (EventID: 2002) (User: )
Description: [UNS] Failed to subscribe to local Intel® AMT.
 
Error: (12/04/2014 05:24:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS\SEGOE-UI-LIGHT-ARABIC.WOFF> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (12/04/2014 05:24:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS\SEGOE-UI-LIGHT-ARABIC.WOFF> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (12/04/2014 05:24:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS\SEGOE-UI-LIGHT-ARABIC.EOT> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (12/04/2014 05:24:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS\SEGOE-UI-LIGHT-ARABIC.EOT> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (12/04/2014 05:24:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (12/04/2014 05:24:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
 
System errors:
=============
Error: (12/04/2014 07:18:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Software Licensing11200001Restart the service
 
Error: (12/04/2014 07:18:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: 1Restart the serviceWindows Search%%1056
 
Error: (12/04/2014 07:17:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Media Player Network Sharing Service1300001Restart the service
 
Error: (12/04/2014 07:17:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: hpqwmiex1
 
Error: (12/04/2014 07:17:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restart the service
 
Error: (12/04/2014 07:17:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: vToolbarUpdater1
 
Error: (12/04/2014 07:17:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Intel® Active Management Technology User Notification Service1
 
Error: (12/04/2014 07:17:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Personal Secure Drive service1
 
Error: (12/04/2014 07:17:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Livescribe Pulse Smartpen Service110003Run the configured recovery program
 
Error: (12/04/2014 07:17:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: PDF Document Manager1
 
 
Microsoft Office Sessions:
=========================
Error: (12/06/2014 02:50:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.0.6002.180052a425e19mshtml.dll9.0.8112.16584541cb3c5c0000005004c47c3195801d0114267c704d0
 
Error: (12/05/2014 00:21:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.0.6002.180052a425e19mshtml.dll9.0.8112.16584541cb3c5c0000005002ba5f912e401d010c85a573b50
 
Error: (12/04/2014 09:52:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.0.6002.180052a425e19ntdll.dll6.0.6002.1888151da3e27c0000420000b06fc161c01d0104f412fe9c0
 
Error: (12/04/2014 06:40:33 PM) (Source: Intel® AMT) (EventID: 2002) (User: )
Description: [UNS] Failed to subscribe to local Intel® AMT.
 
Error: (12/04/2014 05:24:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS\SEGOE-UI-LIGHT-ARABIC.WOFF
 
Error: (12/04/2014 05:24:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS\SEGOE-UI-LIGHT-ARABIC.WOFF
 
Error: (12/04/2014 05:24:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS\SEGOE-UI-LIGHT-ARABIC.EOT
 
Error: (12/04/2014 05:24:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS\SEGOE-UI-LIGHT-ARABIC.EOT
 
Error: (12/04/2014 05:24:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS
 
Error: (12/04/2014 05:24:03 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\USERS\DERREN\APPDATA\LOCAL\SKYPE\APPS\LOGIN\FONTS
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-12-07 17:33:04.987
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-07 17:33:04.635
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-07 17:33:04.309
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-07 17:33:04.102
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-07 17:32:02.079
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-07 17:32:01.890
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-07 17:32:01.610
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-07 17:32:01.344
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-07 17:32:00.142
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-07 17:31:59.948
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 77%
Total physical RAM: 2011.55 MB
Available physical RAM: 452.51 MB
Total Pagefile: 4274.1 MB
Available Pagefile: 1653.42 MB
Total Virtual: 2047.88 MB
Available Virtual: 1890.3 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:134.94 GB) (Free:37.65 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.05 GB) (Free:7.13 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (OS_TOOLS) (Fixed) (Total:1.95 GB) (Free:1.73 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 3833069C)
Partition 1: (Active) - (Size=134.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=102 MB) - (Type=72)
 
==================== End Of Log ============================


#10 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:23 AM

Posted 08 December 2014 - 06:08 AM

Hello,

 

I guess that the FRST took a long time due to junction points which are a bit messed up.

 

 

STEP 1

 

 

Please make you hidden files visible - check this out:

How to see hidden files in Windows

Then navigate to C:\ProgramData\Application Data and right-click on Application Data => and select Properties.

Go to Security and click on the Advanced button. Go to the Owner tab and click on the Edit button => select SYSTEM from the list (if not available then click on Other users group and type SYSTEM, then press the check names button and confirm with OK).

Now select SYSTEM from the list and press the checkbox beside Replace owner on subcontainers and objects. Select YES of the dialog box.

Now go to the Permissions tab and click on the Change Permissions => place a checkbox beside Include inheritable permissions from this object's parent and press Apply.

Now double-click the first entry (it should contain the description <not inherited> under Inherited From) => and check the box Clear ALL.

Put a Deny checkbox beside List folder/Read data and click OK, then Apply and confirm with YES of the dialog box

KVx9Ifh.png

 

 

Check and fix the permissions for these folders as well:

 

C:\Documents and Settings\All Users\Application Data

C:\windows\System32\config\systemprofile\AppData\Local\Application Data

 

 

 

STEP 2

 

 

I noticed that you have used the tool in your other topic but I want you to give it another try just in case:

Please download Malwarebytes Anti-Rootkit MBAM_Logo.png and save it to your desktop.

  • Be sure to print out and follow these instructions for performing a scan.
  • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  • Copy and paste the contents of these two log files in your next reply.

 

 

STEP 3

 

 

Please download the following file => and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

 

Regards,

Georgi


cXfZ4wS.png


#11 Derren

Derren
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:23 PM

Posted 08 December 2014 - 11:28 PM

I'm sorry, but I'm stuck on Step 1 so I did not continue with the other steps.

 

 

"Now select SYSTEM from the list and press the checkbox beside Replace owner on subcontainers and objects. Select YES of the dialog box."

 

"Yes" isn't offered. After checking the box nothing happens, so I click "OK" and I get a message that says "If you have just taken ownership of this object you will need to close and reopen this objects properties before you can view or change permissions. "

"Now go to the Permissions tab and click on the Change Permissions" There is no "Change Permissions" so instead I clicked the "Edit" button and I see "Include inheritable permissions from this object's parent" but it is already checked.

 

"Now double-click the first entry (it should contain the description <not inherited> under Inherited From)" The description under "Inherited From" does not read <not inherited> but instead it reads "Parent Object.".

 

So I gave up there and decided to post back.

 

I'm running Windows Vista Business Service Pack 2 if that helps.

 

Thank you,

 

Derren



#12 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:23 AM

Posted 09 December 2014 - 08:24 AM

Hi Derren,

 

I made you a quick video to help you see what I'm saying:

 

http://www.dailymotion.com/video/x2c5kpb_desktop-2014-12-09-15-14-27-868

 

Hope that helps a bit.

 

 

Regards,

Georgi


cXfZ4wS.png


#13 Derren

Derren
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:23 PM

Posted 09 December 2014 - 09:02 PM

You're video is fine (though part way through the player changed itself so the view was blurry, but after some time I figured out how to put the resolution back to readable) and it shows what I had tried to do.

 

I see two things. First, I don't have the Application Data folder quite like yours, because mine is shown as a Shortcut instead of a regular folder (see screenshot). And no matter how many times I click it, the next "app data" folder is also a shortcut, not an actual folder.

 

Also, my permissions screen has an "Edit" button instead of the "Change Permissions" button that was shown on your screen (see screenshot).

 

Sorry for the trouble, and I will always take care to follow your instructions to the letter.

 

Thank you,

 

Derren

Attached Files



#14 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:03:23 AM

Posted 10 December 2014 - 12:12 PM

Hi Derren,

 

I see two things. First, I don't have the Application Data folder quite like yours, because mine is shown as a Shortcut instead of a regular folder (see screenshot). And no matter how many times I click it, the next "app data" folder is also a shortcut, not an actual folder.

 

Yes, this is because the folder is a junction point and it is used for backward compatibility.

 

Also, my permissions screen has an "Edit" button instead of the "Change Permissions" button that was shown on your screen (see screenshot).

 

What happens when you press the Edit button?

 

 

 

Regards,

Georgi


cXfZ4wS.png


#15 Derren

Derren
  • Topic Starter

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Local time:05:23 PM

Posted 10 December 2014 - 11:52 PM

Well, when I press the edit button I get that "User Account Control" security box that asks for permission to continue. Then I'm at the same "Advanced Security Settings for Application Data" screen with a "Permissions" tab only.

 

"SYSTEM" is the first of five entries listed, but "Include inheritable permission from this object's parent" box is already checked.

 

And on the list, SYSTEM shows "Parent Object" under Inherited From.

 

Under this list there are buttons for "Add..." and "Edit..."

 

In the attached screenshot I did not check the box, that is exactly how the settings appear when I first open it.

 

 

Attached Files






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users