[smonster50]

First off, Happy New Year!

Secondly, I'm noticing a lot of issues on my computer today. Everything started after installing several Microsoft Updates this morning, not sure if it was then or if I just had a dormant virus or malware waiting to go active. Anyway, I have tried running both AVG free and MBAM. While they eventually will load (a few minutes after double clicking) they run for 30 seconds or so, then don't respond for 30 seconds, then they run again and then stop...over and over. Obviously, that makes completing any of these scans time consuming or impossible (if they get stuck in the not responding state).

In conjunction with these scans running oddly, I am seeing the same behavior from other programs like Dreamweaver and Google Chrome. Chrome is also running about 9 different processes in the task manager that totals over 300k memory. I realize that the way chrome works is a little different than other browsers so having multiple processes is normal, but I have never seen this many totalling that much memory.

When no scans are running my CPU usage is relatively normal, but when I have Chrome open it fluctuates from 4% up to 65% which seems a little odd.

I have also noticed an issue lately (last 2 days) with playing one game online with my 360, could this be tied into any malware issues or would it be unrelated?

I tried running exe explorer, as your guide states, and that helped a little with my programs hanging but it's still not perfect. This allowed me to run MBAM a little more efficiently and it has found 2 suspicious files; (PUP.Optional.Conduit.A) and (PUP.Optional.Spigot.A).

Thanks for any help!
Justin

[Advertisements]

Welcome to GeeksToGo, smonster50

My name is Machiavelli and I'll try to fix your PC problems. If you are in SafeMode then print my instructions! Removing Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do, just ask me! Please stay in contact with me until the problem is fixed.





!NOTE! Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.

 

Happy new Year!

I have also noticed an issue lately (last 2 days) with playing one game online with my 360, could this be tied into any malware issues or would it be unrelated?

What is a 360? (You mean the XBOX Controller for PC?) Which game? And which issue?

• Step 1: OTL Scan

• Download OTL to your Desktop
• Run OTL (for Win Vista / Win 7 / Win8: Right click on OTL >> Run as Administrator)
• Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the box in OTL. To do that:
  
  • Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.
    
    

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    qmgr.dll
    winsock.*
    /md5stop
    dir "%systemdrive%\*" /S /A:L /C
    CREATERESTOREPOINT
    

• Make sure all other windows are closed.
  
  • You will see a console like the one below:
    
    
    
    
  • Click the box beside Scan All Users at the top of the console
  • IF you have a 64bit Windows, click the box beside Include 64bit Scans at the top of the console.
  • Make sure the Output box at the top is set to Standard Output.
  • Check the boxes beside LOP Check and Purity Check.
    Place the mouse pointer inside the box, right click and click Paste. This will put the above script inside OTL
  • Click the button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted.
  • When the scan completes, it will open OTL.Txt on the desktop. The Extras.txt file will be minimized on the taskbar. These files is also saved in the same location as OTL (it should be on your desktop).
  • Please copy the contents of these files and paste it into your reply. To do that:
    
  • On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
  • Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.

[/list]Please also post the Extras.txt file.

• Step 2: ASWMBR

Please download aswMBR from one of the links below and save it to your Desktop.

Download Mirror #1

• Right-click on aswMBR.exe and select Run as Administrator (if you have XP just run it).
• Click Yes when asked to download the Avast! definitions.
• Click Scan to initiate the scan.
• When the scan finishes, click Save Log and save this to your Desktop.
• Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

• Step 3: Security Check

Download Security Check from here or here.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. (for Win Vista / Win 7 / Win8 Right click on the Security Check icon and select Run as Administrator)
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

[Machiavelli]

Welcome to GeeksToGo, smonster50

My name is Machiavelli and I'll try to fix your PC problems. If you are in SafeMode then print my instructions! Removing Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do, just ask me! Please stay in contact with me until the problem is fixed.





!NOTE! Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.

I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.

 

Happy new Year!

I have also noticed an issue lately (last 2 days) with playing one game online with my 360, could this be tied into any malware issues or would it be unrelated?

What is a 360? (You mean the XBOX Controller for PC?) Which game? And which issue?

• Step 1: OTL Scan

• Download OTL to your Desktop
• Run OTL (for Win Vista / Win 7 / Win8: Right click on OTL >> Run as Administrator)
• Please copy the text in the Quote box below, (Do Not copy the word Quote), and paste it in the box in OTL. To do that:
  
  • Highlight everything inside the quote box, (except the word Quote), right click the mouse and click Copy.
    
    

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    qmgr.dll
    winsock.*
    /md5stop
    dir "%systemdrive%\*" /S /A:L /C
    CREATERESTOREPOINT
    

• Make sure all other windows are closed.
  
  • You will see a console like the one below:
    
    
    
    
  • Click the box beside Scan All Users at the top of the console
  • IF you have a 64bit Windows, click the box beside Include 64bit Scans at the top of the console.
  • Make sure the Output box at the top is set to Standard Output.
  • Check the boxes beside LOP Check and Purity Check.
    Place the mouse pointer inside the box, right click and click Paste. This will put the above script inside OTL
  • Click the button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted.
  • When the scan completes, it will open OTL.Txt on the desktop. The Extras.txt file will be minimized on the taskbar. These files is also saved in the same location as OTL (it should be on your desktop).
  • Please copy the contents of these files and paste it into your reply. To do that:
    
  • On the OTL.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
  • Right click inside the forum post window then click Paste. This will paste the contents of the OTL.txt file in the in the post window.

[/list]Please also post the Extras.txt file.

• Step 2: ASWMBR

Please download aswMBR from one of the links below and save it to your Desktop.

Download Mirror #1

• Right-click on aswMBR.exe and select Run as Administrator (if you have XP just run it).
• Click Yes when asked to download the Avast! definitions.
• Click Scan to initiate the scan.
• When the scan finishes, click Save Log and save this to your Desktop.
• Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

• Step 3: Security Check

Download Security Check from here or here.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. (for Win Vista / Win 7 / Win8 Right click on the Security Check icon and select Run as Administrator)
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

[Machiavelli]

• Step 4: Malwarebytes

• Start Malwarebytes (if you have Win Vista / Win 7 / Win 8 do a Right click on MBAM and select Run as Administrator)
• Go to the tab called Logs
• Select the Logfile where MBAM has something found (as you said in your post)
• Click open and a Logfile will open - post the results
• If you made other scans where it also found something please post also these results
• Post them in the thread

[smonster50]

Thanks for your help!
So far, I've run through the first two steps but the OTL scan did not save an extras.txt file. I plan on continuing the steps but I wanted to get these posted for you asap.

As for the question about my 360 comment; it is in reference to playing Assassins Creed 4 on my xbox 360 console.

OTL Scan:
OTL logfile created on: 1/1/2014 3:39:54 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Justin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19489)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.93 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 49.61% Memory free
6.10 Gb Paging File | 4.37 Gb Available in Paging File | 71.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.21 Gb Total Space | 175.00 Gb Free Space | 60.93% Space Free | Partition Type: NTFS
Drive D: | 10.88 Gb Total Space | 1.25 Gb Free Space | 11.49% Space Free | Partition Type: NTFS
Drive E: | 29.35 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: JUSTIN-PC | User Name: Justin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/01 15:32:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
PRC - [2013/10/16 00:30:02 | 005,175,856 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2013/09/03 08:54:02 | 000,840,568 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/02/27 16:38:44 | 001,259,568 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/11/19 17:25:32 | 002,598,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/11/08 03:51:06 | 000,768,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/03/19 04:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 03:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/09/08 17:48:34 | 005,554,552 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2011/09/08 17:48:34 | 003,281,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2011/09/08 17:48:34 | 001,485,176 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2011/09/08 17:48:34 | 000,451,960 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe
PRC - [2011/08/01 10:11:38 | 001,091,984 | ---- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/06 11:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/01 13:45:36 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\e77e7cdf3072d5a658832b8863ff439e\System.Management.ni.dll
MOD - [2013/12/30 19:46:14 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
MOD - [2013/12/30 19:46:11 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e0ade6fc2bcb5fbd4c8978bf92784a3\System.Transactions.ni.dll
MOD - [2013/12/30 19:46:09 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5ba1ebef462c4f9cb1a8fe05c0419d0e\System.EnterpriseServices.ni.dll
MOD - [2013/12/30 19:46:09 | 000,280,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5ba1ebef462c4f9cb1a8fe05c0419d0e\System.EnterpriseServices.Wrapper.dll
MOD - [2013/12/30 19:45:54 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll
MOD - [2013/12/30 18:37:56 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013/12/30 18:37:16 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
MOD - [2013/12/30 18:37:04 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/12/30 18:36:35 | 006,622,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1eff630f4194c74287d1dd4a859693f7\System.Data.ni.dll
MOD - [2013/12/30 18:35:08 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af7b745f6a06b800c73f1556553fe331\PresentationFramework.Aero.ni.dll
MOD - [2013/12/30 18:34:28 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f228cc72a6647716127cd44ca416e6dc\PresentationFramework.ni.dll
MOD - [2013/12/30 18:34:01 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\b2482534bee5c520cdfe9c8f7df6a92f\PresentationCore.ni.dll
MOD - [2013/12/30 18:33:46 | 003,325,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c16ade1485996fa4981edc7df436a15b\WindowsBase.ni.dll
MOD - [2013/12/30 18:33:41 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/12/30 18:32:56 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2013/08/07 14:25:24 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2011/09/08 17:48:36 | 000,962,936 | ---- | M] () -- C:\Program Files\Tablet\Pen\libxml2.dll
MOD - [2011/08/01 07:34:44 | 000,064,000 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\WDCollections.dll
MOD - [2011/03/04 11:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2011/03/04 11:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2011/03/04 11:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
MOD - [2009/04/11 01:28:21 | 000,368,640 | ---- | M] () -- C:\Windows\System32\msjetoledb40.dll
MOD - [2009/04/10 21:04:15 | 000,113,664 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
MOD - [2009/03/29 23:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/29 23:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2009/01/12 15:50:42 | 000,259,480 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
MOD - [2009/01/12 15:50:42 | 000,120,216 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
MOD - [2009/01/12 15:50:42 | 000,038,184 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
MOD - [2009/01/12 15:50:40 | 000,345,384 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
MOD - [2009/01/12 15:49:44 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
MOD - [2008/09/30 18:56:06 | 000,032,768 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
MOD - [2008/09/30 18:52:02 | 000,007,168 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2008/09/30 18:52:00 | 000,057,344 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2008/09/30 18:51:52 | 000,118,784 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
MOD - [2008/09/30 18:51:52 | 000,010,240 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2008/09/30 18:51:36 | 000,040,960 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2008/09/30 18:51:36 | 000,028,672 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2008/09/30 18:51:36 | 000,005,632 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2008/09/16 19:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - [2013/12/10 18:43:26 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/16 00:30:02 | 005,175,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/15 11:00:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/09/08 17:48:34 | 005,554,552 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2011/09/08 17:48:34 | 000,451,960 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2011/08/01 10:11:38 | 001,091,984 | ---- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
SRV - [2011/08/01 10:11:36 | 001,592,208 | ---- | M] (Western Digital ) [On_Demand | Stopped] -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe -- (WDFMEService)
SRV - [2011/08/01 10:11:32 | 000,263,056 | ---- | M] (WDC) [On_Demand | Stopped] -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe -- (WDDMService)
SRV - [2010/09/03 01:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/04/21 11:59:02 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\hasplms.exe -- (hasplms)
SRV - [2008/10/06 11:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\MpEngineStore\MpKsl731bc772.sys -- (MpKsl731bc772)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motusbdevice.sys -- (motusbdevice)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Motousbnet.sys -- (Motousbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motswch.sys -- (MotoSwitchService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motmodem.sys -- (motmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgpfl.sys -- (motccgpfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgp.sys -- (motccgp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\mcdbus.sys -- (mcdbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Justin\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motfilt.sys -- (BTCFilterService)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (androidusb)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2013/04/11 02:18:40 | 000,302,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/12/10 03:28:36 | 000,142,176 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/11/08 03:49:26 | 000,250,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/04/19 03:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 03:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 12:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 12:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 12:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/09/08 17:49:26 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2011/09/08 17:49:24 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2011/08/17 22:21:20 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2011/08/17 22:21:20 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2011/08/17 18:16:58 | 000,083,392 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vsflt53.sys -- (vidsflt53)
DRV - [2011/02/16 17:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2010/09/26 20:13:10 | 001,882,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009/09/02 02:09:24 | 000,176,128 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/07/09 13:18:56 | 000,587,776 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hardlock.sys -- (hardlock)
DRV - [2009/04/10 23:45:24 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2009/04/10 23:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/01/16 11:42:28 | 000,352,256 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2008/10/03 02:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/06/29 09:52:26 | 000,112,128 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2008/01/20 21:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2008/01/20 21:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2007/10/17 18:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/09/28 14:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pnetmdm.sys -- (pnetmdm)
DRV - [2006/01/07 10:09:50 | 000,007,548 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Samhid.sys -- (samhid)
DRV - [2001/07/13 12:56:14 | 000,014,976 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SBKUPNT.SYS -- (SBKUPNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {6A28AFCB-D7B6-4628-8EA2-D66964A22F01}
IE - HKLM\..\SearchScopes\{6A28AFCB-D7B6-4628-8EA2-D66964A22F01}: "URL" = http://search.live.c...ms}&FORM=HPNTDF
IE - HKLM\..\SearchScopes\{8214ADD5-AD05-4B67-BD93-C3BB6003BCCF}: "URL" = http://www.ask.com/w...}&l=dis&o=uscql
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2790392


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...000001fe125972c
IE - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...000001fe125972c
IE - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\..\SearchScopes\{63140ECF-C629-BE59-8F0E-90B4FF340C03}: "URL" = http://lf.startnow.c...eferrer:source}
IE - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\..\SearchScopes\{6A28AFCB-D7B6-4628-8EA2-D66964A22F01}: "URL" = http://search.live.c...rc=IE-SearchBox
IE - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\..\SearchScopes\{8214ADD5-AD05-4B67-BD93-C3BB6003BCCF}: "URL" = http://www.ask.com/w...}&l=dis&o=uscql
IE - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2790392
IE - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "BitTorrentBar Customized Web Search"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.babylo...00001fe125972c"
FF - prefs.js..extensions.enabledAddons: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:10.20.101.5
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: vshareus@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://search.condui...6517861&UM=&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files\Veetle\VLCBroadcast\npvbp.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Justin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Justin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013/11/17 15:01:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2013/11/14 20:42:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/02 16:59:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/21 00:42:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/17 15:01:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/22 15:17:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/21 00:42:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/17 15:01:22 | 000,000,000 | ---D | M]

[2009/10/11 21:41:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Extensions
[2013/12/31 17:15:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\etn8nz09.default\extensions
[2010/04/27 17:44:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\etn8nz09.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013/05/18 16:04:29 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\etn8nz09.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/12/31 17:15:56 | 000,000,000 | ---D | M] (BitTorrentBar) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\etn8nz09.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2010/08/28 21:36:10 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\etn8nz09.default\extensions\vshareus@toolbar
[2011/07/22 21:05:23 | 000,002,287 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\etn8nz09.default\searchplugins\bing-zugo.xml
[2010/08/28 21:36:25 | 000,001,599 | ---- | M] () -- C:\Users\Justin\AppData\Roaming\Mozilla\Firefox\Profiles\etn8nz09.default\searchplugins\web-search.xml
[2013/07/02 23:15:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/07/15 11:00:47 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/08/25 16:50:28 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/02/28 17:52:53 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/08 16:34:25 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2012/02/28 17:52:53 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Justin\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Justin\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Justin\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\Justin\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Angry Birds = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Flash Video Download = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\anadfmbemnidomdljfcdgdoomhghoclk\1.3.14_0\
CHR - Extension: Google Drive = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Dark Vibe = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj\1.1_0\
CHR - Extension: Google Calendar = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Pandora = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl\1.0_0\
CHR - Extension: Print Using Google Cloud Print\u2122 = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffaifmgpcdjedlffbhenaloimajbdkfg\0.35_0\
CHR - Extension: EasyBib Tools = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmffdimoneaieldiddcmajhbjijmnggi\0.5.1_0\
CHR - Extension: Vine for Chrome = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfkidejapghjmjphojdbnchkdphccno\1.6.0_0\
CHR - Extension: Google Play Music = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg\5.2_0\
CHR - Extension: AVG Safe Search = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: SiriusXM = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmdlfddehjblgbccmjfpmhlkpihglka\1_0\
CHR - Extension: BitTorrentBar = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.24.3.503_0\
CHR - Extension: BitTorrentBar = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\10.24.3.503_0\nativeMessaging\nmHost
CHR - Extension: Vine = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mngfmlhilmiimkdabkgmafgdnlgalooa\1.1.6_0\
CHR - Extension: AVG Do Not Track = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Google Wallet = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.3_0\
CHR - Extension: Gmail = C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/06/02 23:57:13 | 000,003,332 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.newoa
O1 - Hosts: 127.0.0.1 practivate.adobe.ntp
O1 - Hosts: 127.0.0.1 practivate.adobe.ipp
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 wip.adobe.com
O1 - Hosts: 127.0.0.1 wip1.aobe.com
O1 - Hosts: 127.0.0.1 wip2.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.wip.adobe.com
O1 - Hosts: 127.0.0.1 www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com
O1 - Hosts: 127.0.0.1 www.wip3.adobe.com
O1 - Hosts: 127.0.0.1 www.wip4.adobe.com
O1 - Hosts: 41 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Aimersoft Helper Compact.exe] C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (AimerSoft)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-407335840-2487793303-1710378656-1000..\Run: [AVG-Secure-Search-Update_0913a] C:\Users\Justin\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe /PROMPT --mid 405a0da311d7b483a06d491cafe25e55-61d86bbcf5313f11d8ff1ba749b2b4576dfc39db --CMPID 0913a File not found
O4 - HKU\S-1-5-21-407335840-2487793303-1710378656-1000..\Run: [ROC_ROC_APR2013_AV] C:\Users\Justin\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 405a0da311d7b483a06d491cafe25e55-61d86bbcf5313f11d8ff1ba749b2b4576dfc39db --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-407335840-2487793303-1710378656-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{215415F8-A58D-455F-B969-88575422B161}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{705F09E2-C31B-4BE5-B8FD-B98333A1B7F2}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Justin\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Justin\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/01/01 15:34:47 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Justin\Desktop\aswMBR.exe
[2014/01/01 15:31:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2014/01/01 12:51:17 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/01/01 01:30:14 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/12/31 23:27:41 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013/12/31 22:21:29 | 000,000,000 | ---D | C] -- C:\Users\Justin\Documents\AnitVirus Programs
[2013/12/30 16:45:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2013/12/30 16:21:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013/12/30 16:21:08 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/12/30 16:21:08 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/12/30 16:21:08 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/12/30 16:21:08 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/12/30 16:21:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2013/12/30 16:21:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/12/30 16:21:08 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2013/12/30 16:21:07 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2013/12/30 16:21:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/12/30 16:21:06 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/12/30 16:21:06 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/12/30 16:21:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013/12/30 16:21:05 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2013/12/30 16:21:05 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2013/12/30 16:21:05 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/12/30 16:21:05 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2013/12/30 16:21:05 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2013/12/30 16:21:04 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2013/12/30 16:21:04 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/12/30 16:20:40 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013/12/30 16:20:39 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013/12/30 16:20:33 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/12/30 16:20:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/12/30 16:20:24 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2013/12/30 16:20:16 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/12/30 16:20:15 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/12/30 16:20:15 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/12/30 16:20:15 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/12/30 16:20:15 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/12/30 16:20:15 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/12/30 16:20:15 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/12/30 16:20:15 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/12/30 16:20:08 | 003,603,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013/12/30 16:20:08 | 003,551,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013/12/30 16:20:06 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2013/12/30 16:20:03 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/12/30 16:19:55 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013/12/30 16:19:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/12/30 16:19:40 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/12/30 16:19:40 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/12/30 16:19:35 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013/12/30 16:19:32 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/12/30 16:19:28 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2013/12/30 16:19:28 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013/12/30 16:19:28 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2013/12/30 16:19:26 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013/12/30 16:19:24 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printcom.dll
[2013/12/30 16:19:22 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/12/30 16:19:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2013/12/10 18:59:33 | 000,000,000 | ---D | C] -- C:\Users\Justin\AppData\Roaming\FileZilla
[2013/12/10 18:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013/12/10 18:59:21 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2009/07/31 16:02:12 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe
[2009/07/31 16:02:12 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe
[2009/07/31 16:02:11 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe
[2009/07/31 16:02:11 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe
[2009/07/31 16:02:11 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/01 15:43:38 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/01 15:35:37 | 000,987,410 | ---- | M] () -- C:\Users\Justin\Desktop\SecurityCheck.exe
[2014/01/01 15:34:48 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Justin\Desktop\aswMBR.exe
[2014/01/01 15:32:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Justin\Desktop\OTL.exe
[2014/01/01 15:29:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-407335840-2487793303-1710378656-1000UA.job
[2014/01/01 15:27:59 | 000,000,284 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2014/01/01 15:26:59 | 004,629,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/01 15:24:40 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/01 15:24:40 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/01 15:24:28 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/01 15:24:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/01 15:21:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/01 12:01:57 | 147,617,139 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2014/01/01 11:51:57 | 000,007,728 | ---- | M] () -- C:\Users\Justin\AppData\Local\d3d9caps.dat
[2013/12/31 20:38:18 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C7717FDE-7E36-47B9-AEC2-441F13E29FE5}.job
[2013/12/31 14:35:10 | 000,000,039 | ---- | M] () -- C:\Windows\Irremote.ini
[2013/12/30 19:40:08 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForJustin.job
[2013/12/30 18:42:10 | 000,640,658 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/12/30 18:42:10 | 000,118,878 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/12/30 10:20:47 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-407335840-2487793303-1710378656-1000Core.job
[2013/12/29 18:13:13 | 000,565,438 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2013/12/19 21:15:04 | 000,001,456 | ---- | M] () -- C:\Users\Justin\AppData\Local\Adobe Save for Web 12.0 Prefs
[2013/12/15 00:02:58 | 000,096,768 | ---- | M] () -- C:\Users\Justin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/12/12 19:00:31 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/12/10 18:59:29 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2013/12/10 18:43:25 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/12/10 18:43:25 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/12/05 18:03:06 | 000,002,086 | ---- | M] () -- C:\Users\Justin\Desktop\Google Chrome.lnk
[2013/12/03 18:09:11 | 000,002,627 | ---- | M] () -- C:\Users\Justin\Desktop\Microsoft Office Word 2007.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/01 15:34:55 | 000,987,410 | ---- | C] () -- C:\Users\Justin\Desktop\SecurityCheck.exe
[2013/12/30 16:20:06 | 000,218,228 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2013/12/10 18:59:29 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2013/12/10 18:43:23 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForJustin.job
[2012/10/29 21:51:58 | 000,000,132 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/06/03 19:33:18 | 000,000,151 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\default.rss
[2012/06/03 12:06:21 | 000,000,039 | ---- | C] () -- C:\Windows\Irremote.ini
[2012/06/03 11:39:40 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI
[2012/06/03 11:35:18 | 000,057,344 | R--- | C] () -- C:\Windows\CTREBOOT.EXE
[2012/06/02 23:24:50 | 000,034,814 | ---- | C] () -- C:\Users\Justin\AppData\Local\dt.dat
[2012/04/25 17:44:16 | 000,000,132 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2012/03/18 00:21:50 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/02/25 14:47:02 | 000,000,132 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012/01/20 12:14:34 | 000,004,732 | ---- | C] () -- C:\ProgramData\content.ie5
[2012/01/17 18:29:50 | 000,011,794 | ---- | C] () -- C:\Users\Justin\gsview32.ini
[2011/12/31 15:52:12 | 000,011,374 | -HS- | C] () -- C:\Users\Justin\AppData\Local\ara327au0mpx25ws6q613p7wrvbho2wq2awry
[2011/12/31 15:52:12 | 000,011,374 | -HS- | C] () -- C:\ProgramData\ara327au0mpx25ws6q613p7wrvbho2wq2awry
[2011/07/31 11:11:35 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/07/26 22:10:31 | 000,001,456 | ---- | C] () -- C:\Users\Justin\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/12/21 00:57:55 | 000,976,384 | -HS- | C] () -- C:\Users\Justin\ehthumbs_vista.db
[2010/05/14 21:45:48 | 000,000,000 | ---- | C] () -- C:\Users\Justin\AppData\Local\prvlcl.dat
[2009/12/28 21:07:27 | 000,000,476 | ---- | C] () -- C:\Users\Justin\AppData\Roaming\wklnhst.dat
[2009/08/03 04:13:57 | 000,007,728 | ---- | C] () -- C:\Users\Justin\AppData\Local\d3d9caps.dat
[2009/07/31 16:04:27 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009/07/31 16:04:27 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4FDB0D3899.sys
[2009/07/31 14:42:45 | 000,096,768 | ---- | C] () -- C:\Users\Justin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/23 23:07:36 | 000,000,284 | ---- | C] () -- C:\ProgramData\hpqp.ini

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/08/17 18:18:39 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Acronis
[2011/06/04 01:40:35 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Auslogics
[2012/01/07 21:51:39 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\AVG
[2013/01/23 09:29:20 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\AVG January 2013 Campaign
[2012/01/07 20:43:46 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\AVG2012
[2013/12/15 00:02:10 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Azureus
[2013/08/15 08:10:09 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Backup Tickets
[2009/07/31 18:32:02 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Bitstream
[2012/02/18 15:13:22 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/09/17 08:49:53 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2011/07/26 18:34:10 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2009/08/04 22:27:53 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\com.adobe.ExMan
[2012/01/14 21:54:35 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2013/08/28 14:36:40 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Configuration
[2010/04/10 15:11:10 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Elluminate
[2013/12/19 21:35:00 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\FileZilla
[2011/08/17 19:55:16 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\GetRightToGo
[2010/08/21 12:40:42 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Gmote
[2012/10/01 22:36:23 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\HandBrake
[2012/05/07 23:38:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Motorola
[2010/03/12 14:52:39 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\NVD
[2010/03/12 22:05:44 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\SoftGrid Client
[2011/11/08 18:47:16 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/06/12 22:45:46 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TeamViewer
[2013/08/15 08:10:19 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Temp
[2009/12/28 21:07:40 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Template
[2012/07/22 16:30:35 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Thumbnail me
[2010/03/12 22:32:48 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TP
[2012/02/12 21:02:05 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\TuneUp Software
[2013/07/27 22:02:05 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Utherverse
[2012/02/25 17:35:06 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\Wacom
[2012/02/25 17:35:18 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2010/01/09 14:21:26 | 000,000,000 | ---D | M] -- C:\Users\Justin\AppData\Roaming\webex

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV - [2006/11/02 04:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008/01/20 21:24:17 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/20 21:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/04/11 01:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/04/11 01:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/16 09:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/04/11 01:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/20 21:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2013/07/07 23:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/04/11 01:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/04/11 01:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 10:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/20 21:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/04/11 01:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/20 21:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/04/11 01:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/04/11 01:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/20 21:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/20 21:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/20 21:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/20 21:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/20 21:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/04/11 01:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 09:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/16 09:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/04/11 01:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/20 21:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/04/11 01:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/04/11 01:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/20 21:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/16 09:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/04/11 01:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 11:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 06:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/04/11 01:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/04 13:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009/04/11 01:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 06:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009/04/11 01:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/04/11 01:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/04/11 01:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009/04/11 01:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/20 21:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/11 01:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009/04/11 01:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009/04/11 01:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009/04/11 01:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/04/11 01:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 17:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/04/11 01:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/11 14:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/10 06:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >
[2007/11/07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2013/12/31 22:09:34 | 000,294,400 | ---- | M] () MD5=BCA8A954D37665FB19391C9A573AB283 -- C:\Documents and Settings\Justin\Documents\AnitVirus Programs\explorer.exe
[2013/12/31 22:09:34 | 000,294,400 | ---- | M] () MD5=BCA8A954D37665FB19391C9A573AB283 -- C:\Users\Justin\Documents\AnitVirus Programs\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 21:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: QMGR.DLL >
[2008/01/20 21:25:00 | 000,758,272 | ---- | M] (Microsoft Corporation) MD5=02ED7B4DBC2A3232A389106DA7515C3D -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
[2009/04/11 01:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\ERDNT\cache\qmgr.dll
[2009/04/11 01:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\System32\qmgr.dll
[2009/04/11 01:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) MD5=93952506C6D67330367F7E7934B6A02F -- C:\Windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll

< MD5 for: SERVICES >
[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services

< MD5 for: SERVICES.AIP >
[2011/03/11 14:41:32 | 000,132,752 | ---- | M] (Adobe Systems Incorporated) MD5=12425D5DE6FBDF9167DF659D5F7F0C83 -- C:\Program Files\Adobe\Adobe Illustrator CS5.1\Plug-ins\Extensions\Services.aip

< MD5 for: SERVICES.ASFX >
[2013/09/03 08:54:18 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Locale\fr_FR\Services\Services.asfx
[2013/09/03 08:54:20 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\Services\Services.asfx

< MD5 for: SERVICES.CFG >
[2013/09/03 08:54:16 | 000,558,864 | ---- | M] () MD5=4097D9DB7F5DB4533DDA8271136C9B7B -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Services\Services.cfg
[2012/09/23 20:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/09/05 09:04:00 | 000,559,090 | ---- | M] () MD5=8ADD48E413D05BF2E7AEC00173DDFABC -- C:\Program Files\Adobe\Reader 11.0\Reader\Services\Services.cfg
[2010/10/25 15:13:46 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA3301004F7706000000000050\10.0.0\services.cfg

< MD5 for: SERVICES.CFSERVICE.JAR >
[2011/06/10 01:55:46 | 000,142,226 | ---- | M] () MD5=CBC7CE70C8D3BDB2D042F57C6B2D40C3 -- C:\Program Files\Adobe\Adobe Flash Builder 4.5\eclipse\plugins\com.adobe.flexbuilder.services.CFService_4.5.1.313231\services.CFService.jar

< MD5 for: SERVICES.EXE >
[2008/01/20 21:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\ERDNT\cache\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 07:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 07:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui

< MD5 for: SERVICES.EXE-2260497F.PF >
[2014/01/01 15:25:19 | 000,055,604 | ---- | M] () MD5=DAF3E3FDD578E5CE67B59ADA3D746B55 -- C:\Windows\Prefetch\SERVICES.EXE-2260497F.pf

< MD5 for: SERVICES.LNK >
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Documents and Settings\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Documents and Settings\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 21:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
File not found Unable to obtain MD5 -- C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
File not found Unable to obtain MD5 -- C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 07:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 07:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: SERVICES.PHPSERVICE.JAR >
[2011/06/10 01:55:46 | 000,148,501 | ---- | M] () MD5=849E2A2D5F967418B73A78D4B820A646 -- C:\Program Files\Adobe\Adobe Flash Builder 4.5\eclipse\plugins\com.adobe.flexbuilder.services.PHPService_4.5.1.313231\services.PHPService.jar

< MD5 for: SERVICES.STATICCONTENTSERVICE.JAR >
[2011/06/10 01:55:48 | 000,072,917 | ---- | M] () MD5=C1B8AE7C1130A6A973D7B95903A46CFE -- C:\Program Files\Adobe\Adobe Flash Builder 4.5\eclipse\plugins\com.adobe.flexbuilder.services.StaticContentService_4.5.1.313231\services.StaticContentService.jar

< MD5 for: SERVICES.WEBSERVICE.DERIVED.JAR >
[2011/06/10 01:55:48 | 000,183,653 | ---- | M] () MD5=56940B2BE45E3052404D32C6B8A8D446 -- C:\Program Files\Adobe\Adobe Flash Builder 4.5\eclipse\plugins\com.adobe.flexbuilder.services.WEBService.derived_4.5.1.313231\services.WEBService.derived.jar

< MD5 for: SVCHOST.EXE >
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/20 21:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WINSOCK.DLL >
[2006/11/02 02:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\System32\WINSOCK.DLL
[2006/11/02 02:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6001.18000_none_fe0d791a728dd79c\WINSOCK.DLL
[2006/11/02 02:10:22 | 000,002,864 | ---- | M] (Microsoft Corporation) MD5=68485C5EF0E2EFCEBF21BBB1042B823B -- C:\Windows\winsxs\x86_microsoft-windows-ntvdm-system32_31bf3856ad364e35_6.0.6002.18005_none_fff8f2266fafa2e8\WINSOCK.DLL

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is EE6F-8314
Directory of C:\
11/02/2006 08:02 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Documents and Settings
11/02/2006 08:02 AM <SYMLINKD> All Users [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [.]
11/02/2006 08:02 AM <JUNCTION> Desktop [.]
11/02/2006 08:02 AM <JUNCTION> Documents [.]
11/02/2006 08:02 AM <JUNCTION> Favorites [.]
11/02/2006 08:02 AM <JUNCTION> Start Menu [.]
11/02/2006 08:02 AM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
11/02/2006 08:02 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
11/02/2006 08:02 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
11/02/2006 08:02 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/02/2006 08:02 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/02/2006 08:02 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
11/02/2006 08:02 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default\AppData\Local
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
11/02/2006 08:02 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
11/02/2006 08:02 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Default\Documents
11/02/2006 08:02 AM <JUNCTION> My Music [C:\Users\Default\Music]
11/02/2006 08:02 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
11/02/2006 08:02 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Justin
07/23/2009 11:48 PM <JUNCTION> Application Data [C:\Users\Justin\AppData\Roaming]
07/23/2009 11:48 PM <JUNCTION> Cookies [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies]
07/23/2009 11:48 PM <JUNCTION> Local Settings [C:\Users\Justin\AppData\Local]
07/23/2009 11:48 PM <JUNCTION> My Documents [C:\Users\Justin\Documents]
07/23/2009 11:48 PM <JUNCTION> NetHood [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/23/2009 11:48 PM <JUNCTION> PrintHood [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/23/2009 11:48 PM <JUNCTION> Recent [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Recent]
07/23/2009 11:48 PM <JUNCTION> SendTo [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\SendTo]
07/23/2009 11:48 PM <JUNCTION> Start Menu [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu]
07/23/2009 11:48 PM <JUNCTION> Templates [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Justin\AppData\Local
07/23/2009 11:48 PM <JUNCTION> Application Data [C:\Users\Justin\AppData\Local]
07/23/2009 11:48 PM <JUNCTION> History [C:\Users\Justin\AppData\Local\Microsoft\Windows\History]
07/23/2009 11:48 PM <JUNCTION> Temporary Internet Files [C:\Users\Justin\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Mcx1
05/04/2013 10:34 PM <JUNCTION> Application Data [C:\Users\Mcx1\AppData\Roaming]
05/04/2013 10:34 PM <JUNCTION> Cookies [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Cookies]
05/04/2013 10:34 PM <JUNCTION> Local Settings [C:\Users\Mcx1\AppData\Local]
05/04/2013 10:34 PM <JUNCTION> My Documents [C:\Users\Mcx1\Documents]
05/04/2013 10:34 PM <JUNCTION> NetHood [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/04/2013 10:34 PM <JUNCTION> PrintHood [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/04/2013 10:34 PM <JUNCTION> Recent [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Recent]
05/04/2013 10:34 PM <JUNCTION> SendTo [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\SendTo]
05/04/2013 10:34 PM <JUNCTION> Start Menu [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu]
05/04/2013 10:34 PM <JUNCTION> Templates [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Mcx1\AppData\Local
05/04/2013 10:34 PM <JUNCTION> Application Data [C:\Users\Mcx1\AppData\Local]
05/04/2013 10:34 PM <JUNCTION> History [C:\Users\Mcx1\AppData\Local\Microsoft\Windows\History]
05/04/2013 10:34 PM <JUNCTION> Temporary Internet Files [C:\Users\Mcx1\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Mcx1\Documents
05/04/2013 10:34 PM <JUNCTION> My Music [C:\Users\Mcx1\Music]
05/04/2013 10:34 PM <JUNCTION> My Pictures [C:\Users\Mcx1\Pictures]
05/04/2013 10:34 PM <JUNCTION> My Videos [C:\Users\Mcx1\Videos]
0 File(s) 0 bytes
Directory of C:\Documents and Settings\Public\Documents
11/02/2006 08:02 AM <JUNCTION> My Music [C:\Users\Public\Music]
11/02/2006 08:02 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
11/02/2006 08:02 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\ProgramData
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\ProgramData\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [.]
11/02/2006 08:02 AM <JUNCTION> Desktop [.]
11/02/2006 08:02 AM <JUNCTION> Documents [.]
11/02/2006 08:02 AM <JUNCTION> Favorites [.]
11/02/2006 08:02 AM <JUNCTION> Start Menu [.]
11/02/2006 08:02 AM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Users
11/02/2006 08:02 AM <SYMLINKD> All Users [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\ProgramData]
11/02/2006 08:02 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
11/02/2006 08:02 AM <JUNCTION> Documents [C:\Users\Public\Documents]
11/02/2006 08:02 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
11/02/2006 08:02 AM <JUNCTION> Application Data [.]
11/02/2006 08:02 AM <JUNCTION> Desktop [.]
11/02/2006 08:02 AM <JUNCTION> Documents [.]
11/02/2006 08:02 AM <JUNCTION> Favorites [.]
11/02/2006 08:02 AM <JUNCTION> Start Menu [.]
11/02/2006 08:02 AM <JUNCTION> Templates [.]
0 File(s) 0 bytes
Directory of C:\Users\Default
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
11/02/2006 08:02 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
11/02/2006 08:02 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
11/02/2006 08:02 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/02/2006 08:02 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/02/2006 08:02 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
11/02/2006 08:02 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
11/02/2006 08:02 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
11/02/2006 08:02 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
11/02/2006 08:02 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
11/02/2006 08:02 AM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
11/02/2006 08:02 AM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
11/02/2006 08:02 AM <JUNCTION> My Music [C:\Users\Default\Music]
11/02/2006 08:02 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
11/02/2006 08:02 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Justin
07/23/2009 11:48 PM <JUNCTION> Application Data [C:\Users\Justin\AppData\Roaming]
07/23/2009 11:48 PM <JUNCTION> Cookies [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Cookies]
07/23/2009 11:48 PM <JUNCTION> Local Settings [C:\Users\Justin\AppData\Local]
07/23/2009 11:48 PM <JUNCTION> My Documents [C:\Users\Justin\Documents]
07/23/2009 11:48 PM <JUNCTION> NetHood [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/23/2009 11:48 PM <JUNCTION> PrintHood [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/23/2009 11:48 PM <JUNCTION> Recent [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Recent]
07/23/2009 11:48 PM <JUNCTION> SendTo [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\SendTo]
07/23/2009 11:48 PM <JUNCTION> Start Menu [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Start Menu]
07/23/2009 11:48 PM <JUNCTION> Templates [C:\Users\Justin\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Justin\AppData\Local
07/23/2009 11:48 PM <JUNCTION> Application Data [C:\Users\Justin\AppData\Local]
07/23/2009 11:48 PM <JUNCTION> History [C:\Users\Justin\AppData\Local\Microsoft\Windows\History]
07/23/2009 11:48 PM <JUNCTION> Temporary Internet Files [C:\Users\Justin\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Mcx1
05/04/2013 10:34 PM <JUNCTION> Application Data [C:\Users\Mcx1\AppData\Roaming]
05/04/2013 10:34 PM <JUNCTION> Cookies [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Cookies]
05/04/2013 10:34 PM <JUNCTION> Local Settings [C:\Users\Mcx1\AppData\Local]
05/04/2013 10:34 PM <JUNCTION> My Documents [C:\Users\Mcx1\Documents]
05/04/2013 10:34 PM <JUNCTION> NetHood [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/04/2013 10:34 PM <JUNCTION> PrintHood [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/04/2013 10:34 PM <JUNCTION> Recent [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Recent]
05/04/2013 10:34 PM <JUNCTION> SendTo [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\SendTo]
05/04/2013 10:34 PM <JUNCTION> Start Menu [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu]
05/04/2013 10:34 PM <JUNCTION> Templates [C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Mcx1\AppData\Local
05/04/2013 10:34 PM <JUNCTION> Application Data [C:\Users\Mcx1\AppData\Local]
05/04/2013 10:34 PM <JUNCTION> History [C:\Users\Mcx1\AppData\Local\Microsoft\Windows\History]
05/04/2013 10:34 PM <JUNCTION> Temporary Internet Files [C:\Users\Mcx1\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Mcx1\Documents
05/04/2013 10:34 PM <JUNCTION> My Music [C:\Users\Mcx1\Music]
05/04/2013 10:34 PM <JUNCTION> My Pictures [C:\Users\Mcx1\Pictures]
05/04/2013 10:34 PM <JUNCTION> My Videos [C:\Users\Mcx1\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
11/02/2006 08:02 AM <JUNCTION> My Music [C:\Users\Public\Music]
11/02/2006 08:02 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
11/02/2006 08:02 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Windows
07/22/2011 08:33 PM <SYMLINKD> $NtUninstallKB34366$ [c:\windows\system32\config]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
10/23/2008 05:55 AM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> My Documents [C:\Windows\system32\config\systemprofile\Documents]
10/23/2008 05:55 AM <JUNCTION> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/23/2008 05:55 AM <JUNCTION> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/23/2008 05:55 AM <JUNCTION> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
10/23/2008 05:55 AM <JUNCTION> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
10/23/2008 05:55 AM <JUNCTION> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
10/23/2008 05:55 AM <JUNCTION> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [.]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Windows\$NtUninstallKB34366$\systemprofile\Documents
10/23/2008 05:55 AM <JUNCTION> My Music [C:\Windows\system32\config\systemprofile\Music]
10/23/2008 05:55 AM <JUNCTION> My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
10/23/2008 05:55 AM <JUNCTION> My Videos [C:\Windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
10/23/2008 05:55 AM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> My Documents [C:\Windows\system32\config\systemprofile\Documents]
10/23/2008 05:55 AM <JUNCTION> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/23/2008 05:55 AM <JUNCTION> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/23/2008 05:55 AM <JUNCTION> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
10/23/2008 05:55 AM <JUNCTION> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
10/23/2008 05:55 AM <JUNCTION> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
10/23/2008 05:55 AM <JUNCTION> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
10/23/2008 05:55 AM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
10/23/2008 05:55 AM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
10/23/2008 05:55 AM <JUNCTION> Temporary Internet Files [.]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\Documents
10/23/2008 05:55 AM <JUNCTION> My Music [C:\Windows\system32\config\systemprofile\Music]
10/23/2008 05:55 AM <JUNCTION> My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
10/23/2008 05:55 AM <JUNCTION> My Videos [C:\Windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
460 Dir(s) 187,873,943,552 bytes free

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB34366$] -> -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 184 bytes -> C:\ProgramData\Temp:4BF2F6B5
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:587EB586

< End of report >


aswMBR Scan:
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-01-01 17:42:26
-----------------------------
17:42:26.385 OS Version: Windows 6.0.6002 Service Pack 2
17:42:26.385 Number of processors: 2 586 0x170A
17:42:26.385 ComputerName: JUSTIN-PC UserName: Justin
17:42:57.221 Initialize success
17:45:31.772 AVAST engine defs: 14010101
17:46:17.979 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:46:17.979 Disk 0 Vendor: TOSHIBA_MK3252GSX LV011C Size: 305245MB BusType: 3
17:47:03.437 Disk 0 MBR read successfully
17:47:03.437 Disk 0 MBR scan
17:47:03.469 Disk 0 unknown MBR code
17:47:03.469 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 294097 MB offset 63
17:47:03.515 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 11144 MB offset 602312704
17:47:03.515 Disk 0 scanning sectors +625135616
17:47:03.827 Disk 0 scanning C:\Windows\system32\drivers
18:02:45.315 Service scanning
18:03:30.353 Modules scanning
18:06:17.153 Disk 0 trace - called modules:
18:06:17.168 ntkrnlpa.exe CLASSPNP.SYS disk.sys vsflt53.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
18:06:17.683 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d1c4d0]
18:06:17.683 3 CLASSPNP.SYS[8ae2a8b3] -> nt!IofCallDriver -> [0x86c19378]
18:06:17.683 5 vsflt53.sys[82f22c2b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x862cb390]
18:06:19.321 AVAST engine scan C:\Windows
18:08:38.174 AVAST engine scan C:\Windows\system32
18:20:55.639 AVAST engine scan C:\Windows\system32\drivers
18:27:04.424 AVAST engine scan C:\Users\Justin
19:39:34.172 AVAST engine scan C:\ProgramData
20:04:03.765 Scan finished successfully
20:50:49.508 Disk 0 MBR has been saved successfully to "C:\Users\Justin\Desktop\MBR.dat"
20:50:49.523 The log file has been saved successfully to "C:\Users\Justin\Desktop\aswMBR.txt"

Attached Files

•  OTL.Txt   298.31KB   159 downloads
•  aswMBR.txt   1.9KB   175 downloads

[smonster50]

Security Check Scan:
Results of screen317's Security Check version 0.99.78
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 8 Out of date!
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.1
Java™ 7 Update 5
Java version out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader XI
Mozilla Firefox 13.0.1 Firefox out of Date!
Google Chrome 31.0.1650.57
Google Chrome 31.0.1650.63
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 4 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

[smonster50]

MBAM Log:
2013/12/31 23:19:11 -0500 JUSTIN-PC Justin MESSAGE Protection stopped

[Machiavelli]

• Step 1: CKScanner

Download CKScanner from here

Important : Save it to your desktop.

• Right click on CKScanner.exe and select Run as Administrator, then click Search For Files.
• After a very short time, when the cursor hourglass disappears, click Save List To File.
• A message box will verify that the file is saved.
• Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

• Step 2: Extras Log

• Open on the desktop. To do that:
  
  • XP users: Double click on the OTL icon.
  • Vista / 7 Users: Right click on the icon and click Run as Administrator)
• Make sure all other windows are closed.
  
  • Please click on the "None" Button
  • Under the option Extra Registry please select Use Safe List
  • Click the button. Do not change any settings unless otherwise told to do so.
  • Let the scan run uninterrupted.
  • When the scan completes, it will open Extras.Txt on the desktop
  • Please copy the contents of this file and paste it into your reply. To do that:
    
  • On the Extras.txt file Menu Bar click Edit then click Select All. This will highlight the contents of the file. Then click Copy.
  • Right click inside the forum post window then click Paste. This will paste the contents of the Extras.txt file in the in the post window.

[/list]

• Step 3: exeHelper Log

Please post the exeHelper Log. It is located under the same directory where you saved exeHelper.exe and the text-file is called exehelperlog.txt

[CompCav]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.