OTL logfile created on: 10/16/2013 9:12:51 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\STDEEZ\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
1.93 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 44.01% Memory free
4.11 Gb Paging File | 2.80 Gb Available in Paging File | 68.15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.00 Gb Total Space | 60.70 Gb Free Space | 27.34% Space Free | Partition Type: NTFS
Drive D: | 10.88 Gb Total Space | 1.42 Gb Free Space | 13.09% Space Free | Partition Type: NTFS
Drive E: | 4.38 Gb Total Space | 0.01 Gb Free Space | 0.18% Space Free | Partition Type: UDF
Drive F: | 29.06 Gb Total Space | 17.89 Gb Free Space | 61.55% Space Free | Partition Type: FAT32
 
Computer Name: STDEEZ-PC | User Name: STDEEZ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/10/16 09:10:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\STDEEZ\Desktop\OTL.exe
PRC - [2013/10/16 00:25:18 | 005,069,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
PRC - [2013/09/13 18:24:32 | 000,350,792 | ---- | M] (Verizon) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
PRC - [2013/05/02 08:28:50 | 000,238,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 11:11:46 | 000,284,304 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/07/17 13:31:18 | 000,776,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012/07/17 13:31:18 | 000,116,632 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2011/09/02 17:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/17 13:55:42 | 001,565,696 | ---- | M] (Alcatel-Lucent) -- C:\Program Files\Verizon\McciTrayApp.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2008/01/20 19:24:36 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RacAgent.exe
PRC - [2007/06/27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/10/16 08:43:12 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll
MOD - [2013/10/15 12:50:38 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
MOD - [2013/10/15 12:49:56 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f228cc72a6647716127cd44ca416e6dc\PresentationFramework.ni.dll
MOD - [2013/10/15 12:49:18 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2482534bee5c520cdfe9c8f7df6a92f\PresentationCore.ni.dll
MOD - [2013/10/15 12:48:52 | 003,325,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c16ade1485996fa4981edc7df436a15b\WindowsBase.ni.dll
MOD - [2013/09/02 19:33:37 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll
MOD - [2013/09/02 19:31:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
MOD - [2013/09/02 19:31:17 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e0ade6fc2bcb5fbd4c8978bf92784a3\System.Transactions.ni.dll
MOD - [2013/09/02 19:31:16 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5ba1ebef462c4f9cb1a8fe05c0419d0e\System.EnterpriseServices.ni.dll
MOD - [2013/09/02 19:31:16 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5ba1ebef462c4f9cb1a8fe05c0419d0e\System.EnterpriseServices.Wrapper.dll
MOD - [2013/09/02 18:36:34 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013/09/02 18:36:04 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/09/02 18:35:44 | 006,622,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1eff630f4194c74287d1dd4a859693f7\System.Data.ni.dll
MOD - [2013/09/01 22:43:23 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/07/15 17:19:06 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af7b745f6a06b800c73f1556553fe331\PresentationFramework.Aero.ni.dll
MOD - [2013/07/15 17:18:17 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2012/07/17 13:31:18 | 000,776,088 | ---- | M] () -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/04/10 23:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/04/10 19:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/29 21:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/29 21:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2008/09/30 16:56:06 | 000,032,768 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/09/30 16:52:02 | 000,007,168 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/09/30 16:52:00 | 000,057,344 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/09/30 16:51:52 | 000,118,784 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/09/30 16:51:52 | 000,010,240 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/09/30 16:51:36 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/09/30 16:51:36 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/09/30 16:51:36 | 000,005,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2008/09/23 18:21:22 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2013/10/15 10:26:40 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/09/13 18:24:32 | 000,350,792 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012/07/17 13:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2011/09/02 17:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motmodem.sys -- (motmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2012/06/11 12:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012/06/08 17:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012/06/08 17:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012/06/05 11:04:10 | 000,023,608 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TuneConvertAudio.sys -- (TuneConvertAudio)
DRV - [2012/06/05 10:36:30 | 000,023,608 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MusCAudio.sys -- (MusCAudio)
DRV - [2012/01/25 15:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2011/12/22 17:37:35 | 000,075,264 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\System32\drivers\dfsc.sys -- (DfsC)
DRV - [2011/11/08 14:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2010/09/26 20:13:10 | 001,882,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/07/15 17:45:44 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009/01/29 19:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2009/01/20 07:49:26 | 000,142,848 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/10/03 04:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/08/10 18:00:38 | 000,059,904 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUWWAN.sys -- (PTDUWWAN)
DRV - [2008/08/10 18:00:32 | 000,039,936 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUVsp.sys -- (PTDUVsp)
DRV - [2008/08/10 18:00:30 | 000,041,344 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUMdm.sys -- (PTDUMdm)
DRV - [2008/08/10 18:00:28 | 000,033,024 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PTDUBus.sys -- (PTDUBus)
DRV - [2008/06/29 07:52:26 | 000,112,128 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/01/20 19:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/10/17 16:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{6A28AFCB-D7B6-4628-8EA2-D66964A22F01}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF
IE - HKLM\..\SearchScopes\{8214ADD5-AD05-4B67-BD93-C3BB6003BCCF}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscql
IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Presario&pf=cnnb
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes,DefaultScope = {C966D386-7D62-422A-A99B-3ED460520996}
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC}: "URL" = http://searchservice.myspace.com/index.cfm?fuseaction=sitesearch.results&qry={searchTerms}&type=Web&orig=IMC-IE
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBF_en
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{6A28AFCB-D7B6-4628-8EA2-D66964A22F01}: "URL" = http://www.bing.com/search?FORM=CPNTDF&PC=CPNTDF&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{8214ADD5-AD05-4B67-BD93-C3BB6003BCCF}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=uscql
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{9B97950D-482C-1D79-568F-FC7B9D40C785}: "URL" = http://www.bing.com/search?q={searchTerms}&pc=Z192&form=ZGAIDF&install_date=20111130&iesrc={referrer:source}
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69}: "URL" = http://search.bearshare.com/webResults.html?src=ieb&q={searchTerms}
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms}
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\SearchScopes\{C966D386-7D62-422A-A99B-3ED460520996}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\STDEEZ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\electronicarts.com/GameFacePlugin: C:\Users\STDEEZ\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
 
 
[2012/06/06 18:49:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Extensions
[2009/02/22 11:21:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2012/04/16 18:05:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Firefox\extensions
[2012/04/16 18:05:11 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/05/31 09:53:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions
[2012/05/31 09:53:16 | 000,086,818 | ---- | M] () (No name found) -- C:\Users\STDEEZ\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=994519&p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR - homepage: http://search.yahoo.com?type=994519&fr=spigot-yhp-ch
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\STDEEZ\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Game Face Plugin (Enabled) = C:\Users\STDEEZ\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Ebay Shopping Assistant by Spigot = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.0_0\
CHR - Extension: Domain Error Assistant = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0\
CHR - Extension: 1Click Downloader = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.6_0\
CHR - Extension: Slick Savings = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\
CHR - Extension: Amazon Shopping Assistant by Spigot = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
CHR - Extension: Gmail = C:\Users\STDEEZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O3 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O3 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..\Toolbar\WebBrowser: (no name) - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe (Alcatel-Lucent)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Open using &Advanced JPEG Compressor - C:\Program Files\Advanced JPEG Compressor\ajcieex.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Add to Wish List - {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files\Amazon\Add to Wish List IE Extension\run.htm ()
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..Trusted Domains: netzero.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..Trusted Domains: netzero.net ([]* in Trusted sites)
O15 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5844C376-CF45-4FF5-B969-91E10F515F79}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\STDEEZ\Pictures\New Folder (2)\35681_132129916815051_100000541309601_259686_7025739_n.jpg
O24 - Desktop BackupWallPaper: C:\Users\STDEEZ\Pictures\New Folder (2)\35681_132129916815051_100000541309601_259686_7025739_n.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/09/09 15:21:46 | 000,000,000 | RH-- | M] () - E:\autorun.wbcat -- [ UDF ]
O32 - AutoRun File - [2013/09/09 15:21:46 | 000,000,127 | ---- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{61031d29-74b6-11e2-9238-001f1658ee8b}\Shell - "" = AutoRun
O33 - MountPoints2\{61031d29-74b6-11e2-9238-001f1658ee8b}\Shell\AutoRun\command - "" = G:\MotorolaDeviceManagerSetup.exe -a
O33 - MountPoints2\{7b45316e-4c56-11e1-af6b-001f1658ee8b}\Shell - "" = AutoRun
O33 - MountPoints2\{7b45316e-4c56-11e1-af6b-001f1658ee8b}\Shell\AutoRun\command - "" = G:\UEZLink.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKU\S-1-5-21-470285979-1123823893-1365921699-1000\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2013/10/16 09:10:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\STDEEZ\Desktop\OTL.exe
[2013/10/16 08:09:53 | 000,000,000 | ---D | C] -- C:\Users\STDEEZ\Desktop\fix
[2013/10/15 12:53:03 | 001,087,213 | ---- | C] (Farbar) -- C:\Users\STDEEZ\Desktop\FRST.exe
[2013/10/15 12:50:53 | 000,000,000 | ---D | C] -- C:\FRST
[2013/10/15 11:51:34 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/15 10:25:56 | 017,226,632 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013/10/15 10:11:56 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/15 10:11:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/15 10:11:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/10/15 10:11:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/15 10:11:46 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/10/15 10:11:46 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/15 10:11:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/10/15 10:11:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/10/09 14:05:09 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/10/09 14:05:09 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/10/09 14:05:09 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/10/09 14:05:09 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/10/09 14:05:09 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/10/09 14:05:09 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/10/09 14:05:09 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/10/09 14:05:09 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/10/09 14:05:07 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013/10/09 14:05:06 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/09 14:05:05 | 002,050,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/09 14:04:52 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/10/09 14:04:52 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/10/09 14:04:47 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/09 14:04:47 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/09 14:00:39 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2009/02/22 11:02:32 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\STDEEZ\AppData\Roaming\pcouffin.sys
[3 C:\Users\STDEEZ\Documents\*.tmp files -> C:\Users\STDEEZ\Documents\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2013/10/16 09:10:04 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/16 09:10:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\STDEEZ\Desktop\OTL.exe
[2013/10/16 08:58:32 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/16 08:56:15 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PCConfidential.job
[2013/10/16 08:56:15 | 000,000,412 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2013/10/16 08:55:02 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/16 08:55:02 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/16 08:54:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/16 08:54:52 | 2075,336,704 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/16 08:24:14 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/16 08:13:31 | 000,000,285 | ---- | M] () -- C:\Users\STDEEZ\Desktop\FRST - Shortcut.lnk
[2013/10/16 07:55:09 | 000,002,148 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/10/15 12:53:09 | 000,604,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/10/15 12:53:09 | 000,104,420 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/10/15 12:46:35 | 000,344,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/15 10:26:34 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/10/15 10:26:34 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/10/15 10:26:03 | 017,226,632 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2013/09/22 03:22:59 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/09/22 03:14:39 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/09/22 03:12:32 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/09/22 03:09:55 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/09/22 03:08:41 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/09/22 03:05:42 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/09/22 03:03:18 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/09/22 02:59:06 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/09/16 11:01:51 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[3 C:\Users\STDEEZ\Documents\*.tmp files -> C:\Users\STDEEZ\Documents\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/10/16 08:13:31 | 000,000,285 | ---- | C] () -- C:\Users\STDEEZ\Desktop\FRST - Shortcut.lnk
[2012/10/20 21:08:15 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012/09/06 17:41:02 | 000,018,035 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Music Converter.dat
[2012/08/13 21:03:20 | 007,261,256 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe
[2012/06/06 18:51:11 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/12/22 11:42:21 | 000,008,802 | -HS- | C] () -- C:\Users\STDEEZ\AppData\Local\143306s0j286x770y614f0jar4x1
[2011/12/22 11:42:21 | 000,008,802 | -HS- | C] () -- C:\ProgramData\143306s0j286x770y614f0jar4x1
[2011/12/05 15:54:43 | 000,009,464 | -HS- | C] () -- C:\ProgramData\2205733420
[2011/12/01 19:42:16 | 000,009,552 | -HS- | C] () -- C:\Users\STDEEZ\AppData\Local\603732e5q466t887e628b2oot0o6
[2011/12/01 19:42:16 | 000,009,552 | -HS- | C] () -- C:\ProgramData\603732e5q466t887e628b2oot0o6
[2011/04/13 10:53:26 | 000,061,224 | ---- | C] () -- C:\Users\STDEEZ\GoToAssistDownloadHelper.exe
[2010/01/30 17:14:30 | 000,001,041 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\vso_ts_preview.xml
[2009/06/14 10:21:26 | 000,018,277 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\UserTile.png
[2009/06/02 21:04:03 | 000,003,878 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\wklnhst.dat
[2009/03/25 20:27:18 | 000,007,052 | ---- | C] () -- C:\Users\STDEEZ\AppData\Local\d3d9caps.dat
[2009/02/22 11:02:32 | 000,087,608 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\inst.exe
[2009/02/22 11:02:32 | 000,007,887 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\pcouffin.cat
[2009/02/22 11:02:32 | 000,001,144 | ---- | C] () -- C:\Users\STDEEZ\AppData\Roaming\pcouffin.inf
[2009/02/19 16:56:10 | 000,201,728 | ---- | C] () -- C:\Users\STDEEZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/20 01:07:23 | 000,000,284 | ---- | C] () -- C:\ProgramData\hpqp.ini
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2011/12/22 16:28:07 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\EBQU48LQ\t.cxt.ms\lso.swf\u.sol
[2011/12/22 14:35:04 | 000,000,000 | ---D | M] -- C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\EBQU48LQ\wbads.vo.llnwd.net\o25\u
[2011/12/22 16:28:07 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB62280$\systemprofile\Application Data\Macromedia\Flash Player\#SharedObjects\EBQU48LQ\t.cxt.ms\lso.swf\u.sol
[2011/12/22 14:35:04 | 000,000,000 | ---D | M] -- C:\Windows\$NtUninstallKB62280$\systemprofile\Application Data\Macromedia\Flash Player\#SharedObjects\EBQU48LQ\wbads.vo.llnwd.net\o25\u
[2013/06/04 13:08:55 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN\S-1-5-18\$ff24043d55f85ce9a20a8337d9b4b888\L
[2013/06/04 13:08:55 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN\S-1-5-18\$ff24043d55f85ce9a20a8337d9b4b888\U
[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2010/06/15 14:48:59 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Amazon
[2013/06/04 21:46:03 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Azureus
[2012/07/23 12:32:39 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\com.acrobat.createpdf.CreatePDFDesktop
[2012/01/11 15:23:33 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/06/15 17:47:37 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Command and Conquer 4
[2012/07/23 11:34:14 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\DAEMON Tools Lite
[2012/07/23 10:55:47 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\DriverCure
[2012/08/29 13:38:16 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Electronic Arts
[2011/12/23 18:24:54 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\ERS Game Studios
[2009/02/25 20:17:22 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\funkitron
[2009/02/22 19:35:44 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\iWin
[2009/05/01 16:19:44 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\LimeWire
[2009/02/01 18:23:19 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Ludia
[2009/06/02 20:45:50 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\MailWasherPro
[2013/02/11 19:30:12 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Motorola
[2013/02/11 19:39:31 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Motorola Mobility
[2009/03/21 18:04:33 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\MusicNet
[2009/02/22 20:32:23 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\muvee Technologies
[2013/06/04 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Nico Mak Computing
[2012/07/23 10:55:46 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\ParetoLogic
[2009/06/14 10:21:25 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\PeerNetworking
[2009/02/25 20:07:22 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\PlayFirst
[2011/05/04 15:56:55 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Red Alert 3
[2013/10/15 12:40:24 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Slick Savings
[2009/12/25 13:32:42 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Smith Micro
[2009/02/01 16:41:13 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\SPORE Creature Creator
[2009/06/02 21:06:09 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Template
[2011/04/27 12:10:19 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\uTorrent
[2013/04/02 23:22:56 | 000,000,000 | ---D | M] -- C:\Users\STDEEZ\AppData\Roaming\Vso
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
[color=#E56717]========== Base Services ==========[/color]
SRV - [2006/11/02 02:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008/01/20 19:24:17 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/20 19:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/04/10 23:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/04/10 23:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/16 07:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/04/10 23:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/20 19:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2013/07/07 21:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/04/10 23:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/04/10 23:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 08:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/20 19:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/04/10 23:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/20 19:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/04/10 23:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2009/04/10 23:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/20 19:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/20 19:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/20 19:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/20 19:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/20 19:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/04/10 23:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 07:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/16 07:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/04/10 23:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/20 19:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/04/10 23:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/04/10 23:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/20 19:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/16 07:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/04/10 23:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 09:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 04:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/04/10 23:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/04 11:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009/04/10 23:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 04:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009/04/10 23:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/04/10 23:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/04/10 23:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009/04/10 23:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/20 19:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/10 23:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009/04/10 23:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009/04/10 23:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009/04/10 23:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/04/10 23:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 15:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/04/10 23:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/11 12:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/10 04:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]< c:\program files (x86)\Google\Desktop >[/color]
[2006/11/02 06:01:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2006/11/02 06:01:49 | 000,032,548 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/01/30 22:29:45 | 000,000,326 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForSTDEEZ.job
[2009/02/22 15:42:06 | 000,000,416 | ---- | C] () -- C:\Windows\Tasks\PCConfidential.job
[2010/01/29 14:53:41 | 000,000,882 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010/01/29 14:53:44 | 000,000,886 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/06/06 19:00:25 | 000,000,412 | ---- | C] () -- C:\Windows\Tasks\PC Optimizer Pro startups.job
[2012/08/30 18:05:43 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
 
[color=#A23BEC]< c:\program files\Google\Desktop  >[/color]
 
[color=#A23BEC]< dir "%systemdrive%\*" /S /A:L /C >[/color]
 Volume in drive C has no label.
 Volume Serial Number is 2228-7488
 Directory of C:\
11/02/2006  06:02 AM    <JUNCTION>     Documents and Settings [c:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
11/02/2006  06:02 AM    <JUNCTION>     Application Data [c:\ProgramData]
11/02/2006  06:02 AM    <JUNCTION>     Desktop [c:\Users\Public\Desktop]
11/02/2006  06:02 AM    <JUNCTION>     Documents [c:\Users\Public\Documents]
11/02/2006  06:02 AM    <JUNCTION>     Favorites [c:\Users\Public\Favorites]
11/02/2006  06:02 AM    <JUNCTION>     Start Menu [c:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  06:02 AM    <JUNCTION>     Templates [c:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
11/02/2006  06:02 AM    <SYMLINKD>     All Users [c:\ProgramData]
11/02/2006  06:02 AM    <JUNCTION>     Default User [c:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
11/02/2006  06:02 AM    <JUNCTION>     Application Data [c:\ProgramData]
11/02/2006  06:02 AM    <JUNCTION>     Desktop [c:\Users\Public\Desktop]
11/02/2006  06:02 AM    <JUNCTION>     Documents [c:\Users\Public\Documents]
11/02/2006  06:02 AM    <JUNCTION>     Favorites [c:\Users\Public\Favorites]
11/02/2006  06:02 AM    <JUNCTION>     Start Menu [c:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006  06:02 AM    <JUNCTION>     Templates [c:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
11/02/2006  06:02 AM    <JUNCTION>     Application Data [c:\Users\Default\AppData\Roaming]
11/02/2006  06:02 AM    <JUNCTION>     Cookies [c:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
11/02/2006  06:02 AM    <JUNCTION>     Local Settings [c:\Users\Default\AppData\Local]
11/02/2006  06:02 AM    <JUNCTION>     My Documents [c:\Users\Default\Documents]
11/02/2006  06:02 AM    <JUNCTION>     NetHood [c:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/02/2006  06:02 AM    <JUNCTION>     PrintHood [c:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/02/2006  06:02 AM    <JUNCTION>     Recent [c:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
11/02/2006  06:02 AM    <JUNCTION>     SendTo [c:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
11/02/2006  06:02 AM    <JUNCTION>     Start Menu [c:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
11/02/2006  06:02 AM    <JUNCTION>     Templates [c:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
11/02/2006  06:02 AM    <JUNCTION>     Application Data [c:\Users\Default\AppData\Local]
11/02/2006  06:02 AM    <JUNCTION>     History [c:\Users\Default\AppData\Local\Microsoft\Windows\History]
11/02/2006  06:02 AM    <JUNCTION>     Temporary Internet Files [c:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
11/02/2006  06:02 AM    <JUNCTION>     My Music [c:\Users\Default\Music]
11/02/2006  06:02 AM    <JUNCTION>     My Pictures [c:\Users\Default\Pictures]
11/02/2006  06:02 AM    <JUNCTION>     My Videos [c:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
11/02/2006  06:02 AM    <JUNCTION>     My Music [c:\Users\Public\Music]
11/02/2006  06:02 AM    <JUNCTION>     My Pictures [c:\Users\Public\Pictures]
11/02/2006  06:02 AM    <JUNCTION>     My Videos [c:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\STDEEZ
01/30/2009  10:19 PM    <JUNCTION>     Application Data [C:\Users\STDEEZ\AppData\Roaming]
01/30/2009  10:19 PM    <JUNCTION>     Cookies [C:\Users\STDEEZ\AppData\Roaming\Microsoft\Windows\Cookies]
01/30/2009  10:19 PM    <JUNCTION>     Local Settings [C:\Users\STDEEZ\AppData\Local]
01/30/2009  10:19 PM    <JUNCTION>     My Documents [C:\Users\STDEEZ\Documents]
01/30/2009  10:19 PM    <JUNCTION>     NetHood [C:\Users\STDEEZ\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/30/2009  10:19 PM    <JUNCTION>     PrintHood [C:\Users\STDEEZ\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/30/2009  10:19 PM    <JUNCTION>     Recent [C:\Users\STDEEZ\AppData\Roaming\Microsoft\Windows\Recent]
01/30/2009  10:19 PM    <JUNCTION>     SendTo [C:\Users\STDEEZ\AppData\Roaming\Microsoft\Windows\SendTo]
01/30/2009  10:19 PM    <JUNCTION>     Start Menu [C:\Users\STDEEZ\AppData\Roaming\Microsoft\Windows\Start Menu]
01/30/2009  10:19 PM    <JUNCTION>     Templates [C:\Users\STDEEZ\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\STDEEZ\AppData\Local
01/30/2009  10:19 PM    <JUNCTION>     Application Data [C:\Users\STDEEZ\AppData\Local]
01/30/2009  10:19 PM    <JUNCTION>     History [C:\Users\STDEEZ\AppData\Local\Microsoft\Windows\History]
01/30/2009  10:19 PM    <JUNCTION>     Temporary Internet Files [C:\Users\STDEEZ\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\STDEEZ\AppData\LocalLow
04/12/2011  05:19 PM    <JUNCTION>     PlayReady [C:\ProgramData\Microsoft\PlayReady]
               0 File(s)              0 bytes
 Directory of C:\Users\STDEEZ\Documents
01/30/2009  10:19 PM    <JUNCTION>     My Music [C:\Users\STDEEZ\Music]
01/30/2009  10:19 PM    <JUNCTION>     My Pictures [C:\Users\STDEEZ\Pictures]
01/30/2009  10:19 PM    <JUNCTION>     My Videos [C:\Users\STDEEZ\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows
02/16/2010  08:03 PM    <SYMLINKD>     $NtUninstallKB62280$ [..]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
10/23/2008  03:55 AM    <JUNCTION>     Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
10/23/2008  03:55 AM    <JUNCTION>     Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     My Documents [C:\Windows\system32\config\systemprofile\Documents]
10/23/2008  03:55 AM    <JUNCTION>     NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/23/2008  03:55 AM    <JUNCTION>     PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/23/2008  03:55 AM    <JUNCTION>     Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
10/23/2008  03:55 AM    <JUNCTION>     SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
10/23/2008  03:55 AM    <JUNCTION>     Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
10/23/2008  03:55 AM    <JUNCTION>     Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [.]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [.]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Documents
10/23/2008  03:55 AM    <JUNCTION>     My Music [C:\Windows\system32\config\systemprofile\Music]
10/23/2008  03:55 AM    <JUNCTION>     My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
10/23/2008  03:55 AM    <JUNCTION>     My Videos [C:\Windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [.]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [.]
               0 File(s)              0 bytes
 Directory of C:\Windows\$NtUninstallKB62280$\systemprofile\My Documents
10/23/2008  03:55 AM    <JUNCTION>     My Music [C:\Windows\system32\config\systemprofile\Music]
10/23/2008  03:55 AM    <JUNCTION>     My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
10/23/2008  03:55 AM    <JUNCTION>     My Videos [C:\Windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
10/23/2008  03:55 AM    <JUNCTION>     Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
10/23/2008  03:55 AM    <JUNCTION>     Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     My Documents [C:\Windows\system32\config\systemprofile\Documents]
10/23/2008  03:55 AM    <JUNCTION>     NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/23/2008  03:55 AM    <JUNCTION>     PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/23/2008  03:55 AM    <JUNCTION>     Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
10/23/2008  03:55 AM    <JUNCTION>     SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
10/23/2008  03:55 AM    <JUNCTION>     Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
10/23/2008  03:55 AM    <JUNCTION>     Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [.]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Documents
10/23/2008  03:55 AM    <JUNCTION>     My Music [C:\Windows\system32\config\systemprofile\Music]
10/23/2008  03:55 AM    <JUNCTION>     My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
10/23/2008  03:55 AM    <JUNCTION>     My Videos [C:\Windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008  03:55 AM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008  03:55 AM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008  03:55 AM    <JUNCTION>     Temporary Internet Files [.]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\My Documents
10/23/2008  03:55 AM    <JUNCTION>     My Music [C:\Windows\system32\config\systemprofile\Music]
10/23/2008  03:55 AM    <JUNCTION>     My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
10/23/2008  03:55 AM    <JUNCTION>     My Videos [C:\Windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows\winsxs\x86_security-malware-windows-defender-events_31bf3856ad364e35_6.0.6000.16386_none_b3613e39beae266f
11/02/2006  05:34 AM    <SYMLINK>      MpEvMsg.dll [...]
               1 File(s)         65,640 bytes
 Directory of C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6001.18000_none_57bcb0ca582f18c5
11/02/2006  05:34 AM    <SYMLINK>      MpAsDesc.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpClient.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpCmdRun.exe [...]
01/20/2008  07:23 PM    <SYMLINK>      MpOAV.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpRtMon.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpRtPlug.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpSigDwn.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpSvc.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MSASCui.exe [...]
01/20/2008  07:23 PM    <SYMLINK>      MsMpCom.dll [...]
11/02/2006  05:34 AM    <SYMLINK>      MsMpLics.dll [...]
11/02/2006  05:34 AM    <SYMLINK>      MsMpRes.dll [...]
              12 File(s)      3,765,552 bytes
 Directory of C:\Windows\winsxs\x86_security-malware-windows-defender_31bf3856ad364e35_6.0.6002.18005_none_59a829d65550e411
11/02/2006  05:34 AM    <SYMLINK>      MpAsDesc.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpClient.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpCmdRun.exe [...]
01/20/2008  07:23 PM    <SYMLINK>      MpOAV.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpRtMon.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpRtPlug.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpSigDwn.dll [...]
04/10/2009  11:27 PM    <SYMLINK>      MpSoftEx.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MpSvc.dll [...]
01/20/2008  07:23 PM    <SYMLINK>      MSASCui.exe [...]
01/20/2008  07:23 PM    <SYMLINK>      MsMpCom.dll [...]
11/02/2006  05:34 AM    <SYMLINK>      MsMpLics.dll [...]
11/02/2006  05:34 AM    <SYMLINK>      MsMpRes.dll [...]
              13 File(s)      4,278,552 bytes
     Total Files Listed:
              26 File(s)      8,109,744 bytes
             228 Dir(s)  64,793,935,872 bytes free
 
[color=#A23BEC]<  >[/color]
 
[color=#A23BEC]<  >[/color]
 
[color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color]
[C:\Windows\$NtUninstallKB62280$] -> Error: Cannot create file handle -> Unknown point type
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 237 bytes -> C:\ProgramData\Temp:A88BE334
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >