Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Help! Ram being eating malwarebytes freezeing [Solved]

virus malware memory

  • This topic is locked This topic is locked

#1
twain1

twain1

    Member

  • Member
  • PipPip
  • 27 posts

This has been going on for months now every 10 to 20 mins i see my ram depleting 2g each i havent downloaded anything

installed or did anything to cause the problem I dont know whats going on...secondly my virus scanner always freezes or doesent respond when its at a process of deleting viruses can anyone please help just want this issue fixed and gone for good...


  • 0

Advertisements


#2
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi twain1, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
Note: Please, bare in mind that I am still a trainee and my replies need to be reviewed by my teachers before I post them to you which requires time as both teachers and helpers are volunteers here. Take it as a good thing because now you have two people examining your problem. I really hope that we will be able to send you home with a smile on your face. :)

 
  • Step #1 Scan with OTL
    • Please download OldTimer's Listit from one of the following locations and save it to your Desktop.
      Download Link 1
      Download Link 2
      Downlaod LInk 3
    • Copy and Paste the following code inside the Custom Scans/Fixes box;
      netsvcs
      BASESERVICES
      %SYSTEMDRIVE%\*.exe
      dir "%systemdrive%\*" /S /A:L /C
      /md5start
      services.*
      explorer.exe
      winlogon.exe
      Userinit.exe
      svchost.exe
      /md5stop
      CREATERESTOREPOINT
    • Click the Quick Scan button;
    • After the scan two logs will be produced;
    • Copy and paste the content of the logs in your next reply
 
  • Step #2 Scan with Security Check
    • Download Security Check by screen317 to your Desktop from any of the following location;
    • Right click on the program and choose Run as Administrator;
    • After the checking a log will appear;
    • Copy and Paste the content of the log in your next reply.
 
  • Required Log(s):
    • OldTimer's ListIt Log(s) --
      • OTL.txt;
      • Extras.txt
    • Security Check Log
Regards,
Valinorum
  • 0

#3
twain1

twain1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

OTL logfile created on: 4/18/2014 10:55:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\aarons\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.99 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 51.96% Memory free
6.20 Gb Paging File | 4.36 Gb Available in Paging File | 70.40% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 35.13 Gb Free Space | 25.28% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.23 Gb Free Space | 62.27% Space Free | Partition Type: NTFS
 
Computer Name: AARONS-PC | User Name: aarons | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/04/18 22:29:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\aarons\Downloads\OTL.exe
PRC - [2014/04/14 22:36:41 | 000,647,168 | ---- | M] (IDEVFH) -- C:\Users\aarons\AppData\Roaming\Mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
PRC - [2014/04/14 07:45:18 | 000,258,160 | ---- | M] (Dell) -- C:\Users\aarons\AppData\Local\Apps\2.0\71Q8ZXZ9.NP0\LPEEM8HG.5YJ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
PRC - [2014/04/11 19:53:50 | 000,055,592 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\IMVUClient.exe
PRC - [2014/03/29 03:40:07 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/03/12 03:09:49 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\21.2.0.38\n360.exe
PRC - [2014/01/15 19:40:24 | 000,277,920 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
PRC - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/01 15:11:20 | 000,067,584 | ---- | M] (PasswordBox, Inc.) -- C:\Program Files\PasswordBox\pbbtnService.exe
PRC - [2013/10/30 20:09:08 | 002,990,304 | ---- | M] (Nota Inc.) -- C:\Program Files\Gyazo\GyStation.exe
PRC - [2013/10/30 17:51:34 | 002,838,568 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
PRC - [2013/10/30 17:51:30 | 000,091,688 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\nielsenonline.exe
PRC - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2013/09/12 12:06:06 | 005,110,672 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2013/09/07 17:22:26 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013/07/15 16:09:24 | 000,554,384 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/05 14:22:40 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/08/09 12:02:26 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/05/30 16:45:22 | 000,231,576 | ---- | M] () -- C:\Program Files\otshot\ZalmanUpdateService.exe
PRC - [2012/04/16 03:44:04 | 000,177,152 | ---- | M] (Clasys Ltd.) -- C:\Program Files\iNTERNET Turbo\ITTray.exe
PRC - [2012/02/05 23:34:45 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/03/31 15:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/08/06 13:13:12 | 000,087,336 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\NServiceEntry.exe
PRC - [2010/06/24 14:34:52 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2009/11/17 17:15:08 | 000,087,968 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
PRC - [2009/08/21 08:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009/07/07 19:10:14 | 000,151,552 | ---- | M] () -- C:\Windows\System32\ANIWConnService.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/04/11 19:53:50 | 000,055,592 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\IMVUClient.exe
MOD - [2014/04/08 19:57:06 | 000,131,072 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_imvugecko.pyd
MOD - [2014/04/08 19:57:02 | 000,083,968 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_imvuflash.pyd
MOD - [2014/04/08 19:55:58 | 001,736,192 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_avatarwindow.pyd
MOD - [2014/04/08 19:52:18 | 000,190,976 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\imvugecko.dll
MOD - [2014/04/08 19:52:12 | 000,110,592 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\imvuflash.dll
MOD - [2014/04/08 19:51:10 | 000,943,616 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\SceneWindow.dll
MOD - [2014/04/03 19:29:26 | 000,059,392 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_sqlite3.pyd
MOD - [2014/04/03 19:29:16 | 000,044,032 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_pylzma.pyd
MOD - [2014/04/03 19:28:40 | 000,135,680 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_libzero.pyd
MOD - [2014/04/03 19:26:54 | 000,812,544 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_cal3d.pyd
MOD - [2014/04/03 19:13:54 | 000,506,368 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\sqlite3.dll
MOD - [2014/04/03 19:07:24 | 000,010,752 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\nphwndproxy.dll
MOD - [2014/04/03 19:04:34 | 000,014,336 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\MemoryHook.dll
MOD - [2014/04/03 19:03:14 | 000,169,984 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\zero.dll
MOD - [2014/04/03 19:03:10 | 000,072,704 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\ParticleLib.dll
MOD - [2014/04/03 18:58:12 | 000,276,480 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\cal3d.dll
MOD - [2014/04/03 18:57:42 | 000,216,576 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\boost_python.dll
MOD - [2014/04/03 18:57:38 | 000,031,744 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\CallStack.dll
MOD - [2014/04/03 18:01:44 | 016,166,280 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\NPSWF32.dll
MOD - [2014/04/03 17:57:56 | 000,126,976 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\pyexpat.pyd
MOD - [2014/04/03 17:57:56 | 000,109,568 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\pywintypes27.dll
MOD - [2014/04/03 17:57:56 | 000,087,040 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_ctypes.pyd
MOD - [2014/04/03 17:57:56 | 000,046,080 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_socket.pyd
MOD - [2014/04/03 17:57:56 | 000,028,160 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_ssl.pyd
MOD - [2014/04/03 17:57:56 | 000,010,240 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\select.pyd
MOD - [2014/04/03 17:57:40 | 000,016,384 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32clipboard.pyd
MOD - [2014/04/03 17:57:38 | 000,110,592 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32file.pyd
MOD - [2014/04/03 17:57:38 | 000,098,304 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32api.pyd
MOD - [2014/04/03 17:57:38 | 000,034,816 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32process.pyd
MOD - [2014/04/03 17:57:36 | 000,166,912 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32gui.pyd
MOD - [2014/04/03 17:57:36 | 000,016,896 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32event.pyd
MOD - [2014/04/03 17:57:32 | 000,659,456 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_imaging.pyd
MOD - [2014/04/03 17:57:30 | 000,265,216 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32com.shell.shell.pyd
MOD - [2014/04/03 17:57:18 | 000,357,888 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\pythoncom27.dll
MOD - [2014/04/03 17:48:30 | 000,872,448 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\js3250.dll
MOD - [2014/03/29 03:40:06 | 003,642,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/02/14 05:32:29 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3cf321fb70231d473d99105a582c23e1\System.Deployment.ni.dll
MOD - [2014/02/14 05:32:19 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll
MOD - [2014/02/14 05:30:33 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll
MOD - [2014/02/14 05:29:52 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll
MOD - [2014/02/14 05:29:02 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll
MOD - [2014/02/14 05:19:51 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll
MOD - [2014/02/14 05:19:28 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll
MOD - [2013/12/18 11:14:42 | 000,851,968 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\npfirefoxprocessor.dll
MOD - [2013/12/18 11:14:14 | 001,246,720 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\npffaddons.dll
MOD - [2013/12/18 11:13:34 | 000,224,768 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\npwmi.dll
MOD - [2013/12/18 11:13:20 | 000,228,864 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\npsurvey.dll
MOD - [2013/12/18 11:13:08 | 000,150,528 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\npsp1.dll
MOD - [2013/12/18 11:12:44 | 000,504,832 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\communication.dll
MOD - [2013/10/30 17:49:40 | 000,504,320 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll
MOD - [2013/09/07 17:22:25 | 016,166,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2012/05/25 05:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2009/07/07 17:50:04 | 000,258,048 | ---- | M] () -- C:\Windows\System32\wlanapp.dll
MOD - [2009/06/01 13:23:24 | 000,315,392 | ---- | M] () -- C:\Program Files\ANI\ANIWZCS2 Service\ANIOApi.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - File not found [Auto | Stopped] -- C:\Users\aarons\AppData\Local\LOGMEI~2\LMIR0001.tmp\LMI_Rescue_srv.exe -- (LMIRescue_64bc35dc-6e03-4953-bce6-dd4e0e2f61bb)
SRV - File not found [Auto | Stopped] -- C:\ProgramData\BrowserDefender\2.6.1562.221\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe -- (BrowserDefendert)
SRV - [2014/04/09 16:45:26 | 000,297,984 | ---- | M] () [Auto | Stopped] -- C:\Program Files\SoftwareUpdater\SystemStore.exe -- (SystemStoreService)
SRV - [2014/03/29 03:40:06 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/12 03:09:49 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\21.2.0.38\N360.exe -- (N360)
SRV - [2014/01/15 19:39:44 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/01 15:11:20 | 000,067,584 | ---- | M] (PasswordBox, Inc.) [Auto | Running] -- C:\Program Files\PasswordBox\pbbtnService.exe -- (PasswordBox)
SRV - [2013/10/30 17:51:34 | 002,838,568 | ---- | M] (The Nielsen Company) [Auto | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate)
SRV - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/05 14:22:40 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/08/09 12:02:26 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/05/30 16:45:22 | 000,231,576 | ---- | M] () [Auto | Running] -- C:\Program Files\otshot\ZalmanUpdateService.exe -- (otshot)
SRV - [2012/01/03 14:14:00 | 004,726,616 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011/03/31 15:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/08/06 13:13:12 | 000,087,336 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010/06/24 14:34:52 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/11/17 17:15:08 | 000,087,968 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe -- (AERTFilters)
SRV - [2009/07/07 19:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ANIWConnService.exe -- (ANIWConnService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva398.sys -- (XDva398)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva392.sys -- (XDva392)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva391.sys -- (XDva391)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva389.sys -- (XDva389)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva387.sys -- (XDva387)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva385.sys -- (XDva385)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva383.sys -- (XDva383)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva365.sys -- (XDva365)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva285.sys -- (XDva285)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\IPlayUnlimited\Cabal Reloaded\Byakko.K32 -- (ByakkoDriver)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | Auto | Stopped] --  -- (adfs)
DRV - [2014/04/17 16:30:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2014/04/13 21:11:32 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2014/04/13 04:37:13 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140418.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/04/13 04:37:13 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/04/13 04:37:13 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140418.016\NAVENG.SYS -- (NAVENG)
DRV - [2014/04/11 16:26:30 | 000,395,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140417.001\IDSvix86.sys -- (IDSVix86)
DRV - [2014/03/19 01:34:28 | 001,098,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/03/03 23:18:12 | 000,936,152 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1502000.026\symefa.sys -- (SymEFA)
DRV - [2014/02/17 20:32:41 | 000,384,728 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1502000.026\symtdiv.sys -- (SYMTDIv)
DRV - [2014/02/12 20:59:49 | 000,664,280 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\1502000.026\srtsp.sys -- (SRTSP)
DRV - [2013/12/18 11:11:56 | 000,023,080 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\nnfwdk.sys -- (nnfwdk)
DRV - [2013/10/02 03:31:32 | 000,031,560 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2013/09/26 21:45:56 | 000,206,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1502000.026\ironx86.sys -- (SymIRON)
DRV - [2013/09/25 21:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1502000.026\ccsetx86.sys -- (ccSet_N360)
DRV - [2013/09/22 01:18:40 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
DRV - [2013/09/17 15:17:38 | 000,188,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2013/09/17 15:17:38 | 000,134,248 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013/09/17 15:17:38 | 000,122,376 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2013/09/09 21:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1502000.026\symds.sys -- (SymDS)
DRV - [2013/09/09 20:49:48 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1502000.026\srtspx.sys -- (SRTSPX)
DRV - [2013/09/04 14:57:44 | 000,024,040 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gfiutil.sys -- (gfiutil)
DRV - [2013/05/23 08:39:14 | 000,043,368 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gfiark.sys -- (gfiark)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/10/19 19:10:28 | 000,083,912 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2012/08/24 15:41:32 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2012/03/16 11:08:48 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf003.sys -- (apf003)
DRV - [2011/11/27 21:05:20 | 000,010,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf001.sys -- (apf001)
DRV - [2010/11/26 18:02:28 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/06/23 09:23:44 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/06/18 14:09:48 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motport.sys -- (motport)
DRV - [2010/06/18 14:09:48 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2010/06/18 13:41:34 | 000,019,968 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2010/04/01 13:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2010/02/17 05:44:14 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssmirrdr.sys -- (ssmirrdr)
DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/01/25 18:56:44 | 000,009,472 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2009/12/30 11:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/08/03 09:56:10 | 000,735,232 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Dnetr28u.sys -- (netr28u)
DRV - [2009/07/10 12:01:06 | 000,025,856 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motoandroid.sys -- (motandroidusb)
DRV - [2009/06/09 23:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/04/11 00:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2009/03/06 17:09:52 | 000,012,800 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\anodlwf.sys -- (anodlwf)
DRV - [2009/01/29 16:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 16:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008/01/19 01:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/11/02 14:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007/04/29 03:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/12/31 14:38:18 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2005/01/02 16:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...me=true&tid=397
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...=397&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...=397&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...me=true&tid=397
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...me=true&tid=397
IE - HKLM\..\URLSearchHook: {650598e1-b35a-45d3-b607-896d7acb64c3} - No CLSID value found
IE - HKLM\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found
IE - HKLM\..\URLSearchHook: {93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.certif...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.co...ie7&rlz=1I7DMUS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...me=true&tid=397
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.2.0.38
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...=397&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...=397&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...me=true&tid=397
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...me=true&tid=397
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=19/06/2013
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://mixidj.delta-...121146&tsp=5000
IE - HKCU\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcas...q={searchTerms}
IE - HKCU\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...mrud=04-07-2013
IE - HKCU\..\SearchScopes\{4E7CEC2A-C5D2-C947-D95C-8B952AF7CCD5}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{66D5E31B-4556-C309-8E9A-C2BE01B8E9EF}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = playbryte/search/redirect/?type=default&user_id=76646507-6f14-415c-a2fa-b8831d0a2ab0&query={searchTerms}
IE - HKCU\..\SearchScopes\{B6DF8598-1E91-4B7A-884A-B2D1E954D3EC}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{C948826D-71F6-40A7-9DCB-F99B2DD62765}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\Comcast: "URL" = http://search.xfinit...art_tech_search
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.mysearchr...m/?c=4001&t=01"
FF - prefs.js..extensions.enabledAddons: tidynetwork%40tidynetwork:5.0
FF - prefs.js..extensions.enabledAddons: addon%40defaulttab.com:2.3.3
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.3.20140326060057
FF - prefs.js..extensions.enabledAddons: %7BE173B749-DB5B-4fd2-BA0E-94ECEA0CA55B%7D:7.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kr.gameclub.com/WebStarter: C:\Users\TwainDaPrince\AppData\Roaming\GameClub_en\NPMicroGamesCOM.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter5\FirefoxAddOns\npfirefoxtracker.dll (Nielsen)
FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.2.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.2.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Malek\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/09 17:35:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]:
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B1FC07E1-E05B-4567-8891-E63FBE545BA8}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/09/10 18:10:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012/09/10 18:10:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Iminent\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Mozilla Firefox\extensions\[email protected] [2014/03/29 03:39:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Program Files\RelevantKnowledge\firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\PasswordBox\Firefox [2013/11/21 09:22:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\NetRatingsNetSight\NetSight\meter5\FirefoxAddOns\[email protected] [2014/04/18 21:44:18 | 000,009,382 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014/04/13 21:14:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/04/18 21:11:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/04/15 19:42:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/04/04 16:18:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014/04/15 14:15:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/09 17:35:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\aarons\AppData\Roaming\Mixi.DJ\ffextension [2012/12/05 10:00:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{cd288a68-7b21-4f14-b789-82cc44992259}: C:\Program Files\LyricsContainer\133.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/04/15 19:42:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/04/04 16:18:44 | 000,000,000 | ---D | M]
 
[2012/11/22 12:29:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aarons\AppData\Roaming\mozilla\Extensions
[2012/11/22 12:29:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aarons\AppData\Roaming\mozilla\Extensions\[email protected]
[2014/04/14 22:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions
[2014/03/28 00:51:41 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/08/20 16:36:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(38)
[2013/09/14 09:59:59 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2014/04/02 09:50:32 | 000,000,000 | ---D | M] (IMVU Inc) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
[2014/04/14 22:39:22 | 000,000,000 | ---D | M] (Memory Fox) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2013/08/19 14:21:54 | 000,000,000 | ---D | M] (LyricsContainer) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\128
[2013/09/11 14:03:45 | 000,000,000 | ---D | M] (LyricsContainer) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\133
[2013/08/01 08:50:05 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\[email protected]
[2013/08/13 00:35:22 | 000,000,000 | ---D | M] (Tidy Network) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\[email protected]
[2014/03/24 20:21:19 | 000,050,775 | ---- | M] () (No name found) -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\extensions\[email protected]
[2014/02/26 13:53:52 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/07/04 18:45:14 | 000,002,611 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\AOL Search.xml
[2013/05/10 17:43:46 | 000,006,503 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\babylon.xml
[2013/05/10 17:43:46 | 000,006,503 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\BrowserDefender.xml
[2013/05/10 17:43:46 | 000,006,503 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\BrowserProtect.xml
[2013/02/23 19:29:51 | 000,001,300 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\claro.xml
[2013/06/19 18:43:48 | 000,001,037 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\conduit.xml
[2013/09/09 18:57:45 | 000,001,305 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\mixidj.xml
[2013/09/11 00:08:24 | 000,004,103 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\SweetIM Search.xml
[2013/03/09 09:58:40 | 000,001,292 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\visualbee.xml
[2013/09/12 18:02:37 | 000,022,910 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\Web Search.xml
[2014/03/29 03:39:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Extensions
[2014/03/29 03:38:49 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Program Files\Mozilla Firefox\Extensions\[email protected]
[2014/03/29 03:39:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Extensions\[email protected]
[2014/03/29 03:38:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/03/29 03:40:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/06/29 18:25:04 | 000,050,336 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npBFPlugin.dll
[2012/05/02 12:24:56 | 000,064,512 | ---- | M] (Kaneva, LLC.) -- C:\Program Files\mozilla firefox\plugins\npkanevapatch.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Web (Enabled)
CHR - default_search_provider: search_url = http://feed.snapdo.c...Date=19/06/2013
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggncmpccbjknepgpadjeehajomjbab\5.0.0.0_0\
CHR - Extension: Savings Vault = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgnadhkglnmmilocdmlpdbkppdiheid\1.0_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\crossrider
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\blcefchbfgmakifmejncnbognjoadloc\2.0.0.428_0\
CHR - Extension: McAfee Security Scan+ = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: McAfee Security Scan+ = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\codhancjnefphmenmfgkbbojnneggnec\0.0.2.7_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\codhancjnefphmenmfgkbbojnneggnec\0.0.2.7_0\template.
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\codhancjnefphmenmfgkbbojnneggnec\0.0.2.7_1\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\codhancjnefphmenmfgkbbojnneggnec\0.0.2.7_1\template.
CHR - Extension: Complitly plugin for chrome = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.1_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.4_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.4_1\
CHR - Extension: Complitly plugin for chrome = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_1\
CHR - Extension: Complitly plugin for chrome = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_2\
CHR - Extension: Complitly plugin for chrome = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_3\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\1.0.0_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.13.20.29_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.13.20.29_1\
CHR - Extension: uTorrentControl_v2 = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.16.100.504_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.16.4.512_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh\1_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgailgaldchajpkkmbjdlbimhdnmmgld\
CHR - Extension: Downloader = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.0_0\
CHR - Extension: Downloader = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.0_1\
CHR - Extension: Downloader = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.0_2\
CHR - Extension: Downloader = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.0_3\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.16.100.4\
CHR - Extension: Nielsen = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.7.8_0\
CHR - Extension: Nielsen = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.7.8_1\
CHR - Extension: Nielsen = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.7.9_0\
CHR - Extension: Nielsen = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.8.1_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn\1.0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn\1.0_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.21_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm\1.0_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm\1.0_1\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm\1.0_2\
CHR - Extension: RelevantKnowledge = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.332.2_0\
CHR - Extension: RelevantKnowledge = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.336.2_0\
CHR - Extension: RelevantKnowledge = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.336.2_1\
CHR - Extension: RelevantKnowledge = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.336.2_2\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.3.0.11_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.0.1.12_0\
CHR - Extension: Google Wallet = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Wallet = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Lavasoft NewTab = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_0\
CHR - Extension: Lavasoft NewTab = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_1\
CHR - Extension: RebateRobot = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: RebateRobot = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmfbdeonhcacfoakminfhhgllaelfhda\2.1.2_0\
CHR - Extension: RebateRobot = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmfbdeonhcacfoakminfhhgllaelfhda\2.1.2_1\
CHR - Extension: RebateRobot = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmfbdeonhcacfoakminfhhgllaelfhda\2.1.2_2\
CHR - Extension: RebateRobot = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmfbdeonhcacfoakminfhhgllaelfhda\2.2_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pollkeobaahnbmpcgombjfibedabcddd\1.0.2_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pollkeobaahnbmpcgombjfibedabcddd\1.0.2_1\
CHR - Extension: Mixi.DJ Player = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbcffkbfomaljfeljglbkoibcncjon\1.0_0\
CHR - Extension: Mixi.DJ Player = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbcffkbfomaljfeljglbkoibcncjon\1.0_1\
CHR - Extension: Mixi.DJ Player = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbcffkbfomaljfeljglbkoibcncjon\1.0_2\
CHR - Extension: Mixi.DJ Player = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbcffkbfomaljfeljglbkoibcncjon\1.0_3\
 
O1 HOSTS File: ([2014/02/14 02:04:11 | 000,000,074 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 54.204.28.26    ajgnadhkglnmmilocdmlpdbkppdiheid
O2 - BHO: (no name) - {01FEFC77-1031-43C6-BA9A-FEC28E75607C} - No CLSID value found.
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - No CLSID value found.
O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\aarons\AppData\Local\DownloadTerms\temp.dat ()
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (PasswordBox Helper) - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O2 - BHO: (no name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No CLSID value found.
O2 - BHO: (no name) - {6636902a-3781-4d94-ab36-af118b839af5} - No CLSID value found.
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.2.0.38\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found.
O2 - BHO: (no name) - {93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Smart Suggestor) - {DB536AF2-E422-402d-B7FD-887297F1A198} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll (Think Tank Labs, LLC)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {6636902a-3781-4d94-ab36-af118b839af5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {650598E1-B35A-45D3-B607-896D7ACB64C3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {93C338DE-5FB5-4FB5-AB4E-0EEDC0BD9F3A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [iTurbo] C:\Program Files\iNTERNET Turbo\ITTray.exe (Clasys Ltd.)
O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\nielsenonline.exe (The Nielsen Company)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [DellSystemDetect] C:\Users\aarons\AppData\Local\Apps\2.0\71Q8ZXZ9.NP0\LPEEM8HG.5YJ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe (Dell)
O4 - HKCU..\Run: [Gyazo] C:\Program Files\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = C:\Users\aarons\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Download Photo... - res://C:\Program Files\DelorTech, Ltd\MXDFP 1.0\FBDownloader.dll/500 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: Smart Suggestor - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll (Think Tank Labs, LLC)
O9 - Extra 'Tools' menuitem : Smart Suggestor options - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll (Think Tank Labs, LLC)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freer...ller.cab?v=1045 (Reg Error: Key error.)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Value error.)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.c...ch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {B1437251-01BF-47ff-8254-A4CD22E0E2BF}  (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {D89D97A9-12C5-45E3-9353-3540761FE15C} http://channel.dontb...alWebLaunch.CAB (SealWebLaunch Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08EF5DC0-73A6-4458-A5A5-2CAFE1D00852}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95E3C658-D383-463E-AC0C-5570B6B5D77F}: DhcpNameServer = 192.168.15.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\aarons\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\aarons\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
CREATERESTOREPOINT
System Restore Service not available.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/04/17 16:30:16 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/04/15 16:41:34 | 000,000,000 | ---D | C] -- C:\Users\aarons\AppData\Local\ESET
[2014/04/15 14:15:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014/04/15 14:15:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014/04/14 14:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/04/14 03:13:59 | 000,000,000 | ---D | C] -- C:\Users\aarons\AppData\Local\NPE
[2014/04/14 01:37:58 | 000,384,728 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\symtdiv.sys
[2014/04/14 01:37:56 | 000,447,704 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\symnets.sys
[2014/04/14 01:37:56 | 000,021,520 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\symelam.sys
[2014/04/14 01:37:54 | 000,936,152 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\symefa.sys
[2014/04/14 01:37:54 | 000,367,704 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\symds.sys
[2014/04/14 01:37:54 | 000,032,344 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\srtspx.sys
[2014/04/14 01:37:52 | 000,664,280 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\srtsp.sys
[2014/04/14 01:37:52 | 000,206,936 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\ironx86.sys
[2014/04/14 01:37:51 | 000,127,064 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\ccsetx86.sys
[2014/04/14 01:09:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\1502000.026
[2014/04/13 21:11:33 | 000,142,936 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2014/04/13 21:11:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/04/13 21:02:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2014/04/13 21:02:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2014/04/13 21:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2014/04/13 20:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2014/04/12 07:16:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
[2014/04/12 07:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\Magical Jelly Bean
[2014/04/11 18:40:07 | 000,024,040 | ---- | C] (ThreatTrack Security) -- C:\Windows\System32\drivers\gfiutil.sys
[2014/04/11 18:40:05 | 000,043,368 | ---- | C] (ThreatTrack Security) -- C:\Windows\System32\drivers\gfiark.sys
[2014/04/11 18:39:32 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2014/04/10 21:40:32 | 000,000,000 | ---D | C] -- C:\Users\aarons\AppData\Local\LogMeIn Rescue Applet
[2014/04/10 20:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2014/04/02 20:33:19 | 000,000,000 | ---D | C] -- C:\Users\aarons\AppData\Local\visi_coupon
[2014/04/02 20:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\BoostSoftware
[2014/03/29 03:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/02/11 23:57:32 | 001,654,869 | ---- | C] (Dynu Systems Inc.) -- C:\ProgramData\DynuEncrypt.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/04/18 23:11:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/18 23:11:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/18 22:44:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1005UA.job
[2014/04/18 22:21:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1002UA.job
[2014/04/18 21:55:17 | 000,000,828 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
[2014/04/18 21:45:11 | 000,003,284 | ---- | M] () -- C:\Windows\System32\ANIWZCS{08EF5DC0-73A6-4458-A5A5-2CAFE1D00852}
[2014/04/18 21:45:11 | 000,003,284 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\ANIWZCS{08EF5DC0-73A6-4458-A5A5-2CAFE1D00852}
[2014/04/18 21:43:17 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2014/04/18 21:43:09 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2014/04/18 21:11:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/17 23:29:00 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1005UA.job
[2014/04/17 19:00:15 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2014/04/17 16:30:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/04/17 11:29:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1005Core.job
[2014/04/17 09:44:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1005Core.job
[2014/04/17 03:23:42 | 000,032,126 | ---- | M] () -- C:\Windows\System32\drivers\N360\1502000.026\VT20140417.018
[2014/04/16 13:21:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1002Core.job
[2014/04/15 14:27:07 | 002,242,403 | ---- | M] () -- C:\Windows\System32\drivers\N360\1502000.026\Cat.DB
[2014/04/14 02:53:37 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/04/13 23:42:14 | 000,000,822 | ---- | M] () -- C:\Users\aarons\Desktop\IMVU.lnk
[2014/04/13 21:11:32 | 000,142,936 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2014/04/13 21:11:32 | 000,008,194 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2014/04/13 21:11:32 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2014/04/13 15:19:01 | 000,005,216 | ---- | M] () -- C:\Users\aarons\AppData\Local\d3d9caps.dat
[2014/04/12 07:16:47 | 000,000,865 | ---- | M] () -- C:\Users\aarons\Application Data\Microsoft\Internet Explorer\Quick Launch\KeyFinder.lnk
[2014/04/11 18:40:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\SBRC.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/04/18 21:54:32 | 000,032,126 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\VT20140417.018
[2014/04/14 02:51:09 | 002,242,403 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\Cat.DB
[2014/04/14 01:37:56 | 000,008,184 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symnet.cat
[2014/04/14 01:37:56 | 000,001,440 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symnet.inf
[2014/04/14 01:37:56 | 000,001,098 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symelam.inf
[2014/04/14 01:37:55 | 000,009,931 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symelam.cat
[2014/04/14 01:37:54 | 000,008,182 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symefa.cat
[2014/04/14 01:37:54 | 000,008,176 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symds.cat
[2014/04/14 01:37:54 | 000,003,433 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symefa.inf
[2014/04/14 01:37:54 | 000,002,852 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symds.inf
[2014/04/14 01:37:53 | 000,008,180 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\srtspx.cat
[2014/04/14 01:37:53 | 000,001,389 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\srtspx.inf
[2014/04/14 01:37:52 | 000,008,176 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\srtsp.cat
[2014/04/14 01:37:52 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\srtsp.inf
[2014/04/14 01:37:51 | 000,008,194 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\ccsetx86.cat
[2014/04/14 01:37:51 | 000,008,176 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\iron.cat
[2014/04/14 01:37:51 | 000,000,829 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\ccsetx86.inf
[2014/04/14 01:37:51 | 000,000,737 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\iron.inf
[2014/04/14 01:09:11 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\isolate.ini
[2014/04/13 21:11:33 | 000,008,194 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2014/04/13 21:11:33 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2014/04/13 21:11:22 | 000,001,977 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/04/13 06:59:56 | 000,003,284 | ---- | C] () -- C:\Windows\System32\ANIWZCS{08EF5DC0-73A6-4458-A5A5-2CAFE1D00852}
[2014/04/12 07:16:47 | 000,000,865 | ---- | C] () -- C:\Users\aarons\Application Data\Microsoft\Internet Explorer\Quick Launch\KeyFinder.lnk
[2014/04/11 18:40:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SBRC.dat
[2014/02/14 02:05:50 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/12/19 01:40:05 | 000,000,129 | ---- | C] () -- C:\Users\aarons\AppData\Roaming\WB.CFG
[2013/09/30 22:02:31 | 000,031,560 | ---- | C] () -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013/09/20 22:30:05 | 000,000,079 | ---- | C] () -- C:\Windows\wininit.ini
[2013/09/05 05:19:06 | 000,048,402 | -HS- | C] () -- C:\Users\aarons\AppData\Local\ws_updater.exe
[2013/08/19 14:35:29 | 000,838,880 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2012/10/10 11:36:59 | 000,003,284 | ---- | C] () -- C:\Users\aarons\AppData\Roaming\ANIWZCS{08EF5DC0-73A6-4458-A5A5-2CAFE1D00852}
[2012/10/10 11:36:01 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ANIWConnService.exe
[2012/10/10 11:35:44 | 000,217,088 | ---- | C] () -- C:\Windows\System32\aIPH.dll
[2012/10/10 11:35:44 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AQCKGen.dll
[2012/10/10 11:35:44 | 000,045,115 | ---- | C] () -- C:\Windows\System32\ANICtl.dll
[2012/10/10 11:35:42 | 000,258,048 | ---- | C] () -- C:\Windows\System32\wlanapp.dll
[2012/10/10 11:34:48 | 000,315,392 | ---- | C] () -- C:\Windows\System32\ANIOApi.dll
[2012/10/10 11:34:05 | 000,237,568 | ---- | C] () -- C:\Windows\System32\ANIWPS.exe
[2012/10/10 11:34:04 | 000,733,184 | ---- | C] () -- C:\Windows\System32\ANIOWPS.dll
[2012/10/10 11:20:39 | 000,012,800 | ---- | C] () -- C:\Windows\System32\drivers\anodlwf.sys
[2012/10/10 11:20:38 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2012/07/02 16:43:00 | 000,009,216 | ---- | C] () -- C:\Windows\Launcher.exe
[2012/02/22 08:31:42 | 002,826,261 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20120221_102741.tif
[2012/02/22 08:31:38 | 000,489,181 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20120221_102636.tif
[2012/02/22 08:31:16 | 003,293,677 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20120221_103102.tif
[2011/11/28 12:52:21 | 000,005,216 | ---- | C] () -- C:\Users\aarons\AppData\Local\d3d9caps.dat
[2011/11/28 12:24:35 | 000,456,133 | ---- | C] () -- C:\Users\aarons\517 364 3718_20111128_112313.tif
[2011/09/21 09:38:58 | 000,459,577 | ---- | C] () -- C:\Users\aarons\5178865458_20110919_135537.tif
[2011/05/24 08:14:50 | 002,358,835 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20110524_091218.tif
[2011/05/24 08:14:45 | 000,489,171 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20110524_083012.tif
[2010/11/12 08:15:12 | 001,832,235 | ---- | C] () -- C:\Users\aarons\313 667 0779_20101112_070959.tif
[2010/05/29 06:24:14 | 000,487,659 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20100528_123729.tif
[2010/05/15 08:27:50 | 001,409,530 | ---- | C] () -- C:\Users\aarons\12483062014_20100513_154541.tif
[2010/05/13 08:13:50 | 000,470,144 | ---- | C] () -- C:\Users\aarons\12483062014_20100513_091253.tif
[2010/04/19 06:37:19 | 000,000,670 | ---- | C] () -- C:\Users\aarons\AppData\Roaming\wklnhst.dat
[2010/03/08 15:24:50 | 000,475,999 | ---- | C] () -- C:\Users\aarons\Select Portfolio_20100304_140452.tif
[2010/03/03 15:27:11 | 000,475,991 | ---- | C] () -- C:\Users\aarons\FAXAGENT_20100303_142540.tif
[2010/03/01 19:22:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/19 16:44:59 | 000,000,632 | RHS- | C] () -- C:\Users\aarons\ntuser.pol
[2009/10/24 14:48:51 | 000,021,504 | ---- | C] () -- C:\Users\aarons\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006/11/02 07:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/08/17 01:17:58 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Allmyapps
[2013/09/09 18:37:51 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\BabSolution
[2013/09/20 08:26:35 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Babylon
[2012/12/18 13:33:24 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\bsnes
[2014/01/12 04:53:24 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Claro LTD
[2013/01/07 00:07:41 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\DefaultTab
[2010/02/13 16:00:22 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\DriverCure
[2013/09/20 08:26:52 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\File Scout
[2013/05/29 20:57:52 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\fltk.org
[2013/09/30 02:53:44 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\FrostWire
[2014/01/26 22:50:07 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Gyazo
[2013/03/30 18:25:45 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\HTC
[2011/08/19 07:47:31 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2014/04/18 22:00:51 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\IMVU
[2014/04/13 23:47:17 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\IMVUClient
[2013/09/25 22:46:56 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\JAM Software
[2013/09/22 22:19:11 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Mixi.DJ
[2014/04/17 02:18:16 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\mixidj
[2010/08/21 22:27:13 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\motorola
[2012/11/20 13:31:31 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\MusicOasis
[2012/09/07 11:39:33 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\ooVoo Details
[2013/05/15 09:16:40 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\OpenCandy
[2013/09/29 20:08:39 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Product_RM
[2013/01/17 14:31:41 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\SearchProtect
[2010/03/09 14:48:27 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\supportdotcom
[2010/03/09 16:53:41 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\SupportSoft
[2010/04/19 06:38:05 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Template
[2014/02/28 20:59:57 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\thriXXX
[2011/08/19 06:18:12 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Tific
[2012/11/22 12:29:46 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\TomTom
[2013/05/15 09:19:43 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\TuneUp Software
[2013/09/29 20:40:35 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\UpdaterEX
[2014/01/11 23:04:37 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\uTorrent
[2012/12/14 11:17:01 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\VAFMusic
[2013/02/23 18:50:59 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\visualbee
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
========== Base Services ==========
SRV - [2006/11/02 04:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008/01/19 02:33:43 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/19 02:33:01 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/04/11 01:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/04/11 01:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/16 09:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/04/11 01:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/19 02:33:49 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2013/07/07 23:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/04/11 01:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/04/11 01:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 10:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/19 02:34:08 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/04/11 01:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/19 02:34:34 | 000,288,256 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/04/11 01:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/04/11 01:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/19 02:34:49 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/19 02:35:36 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/19 02:35:36 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/19 02:35:38 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/19 02:35:57 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/04/11 01:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 09:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/16 09:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/04/11 01:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/19 02:36:15 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/04/11 01:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/04/11 01:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/19 02:36:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/16 09:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/04/11 01:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 11:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 06:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/04/11 01:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/04 13:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009/04/11 01:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 06:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009/04/11 01:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/04/11 01:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/04/11 01:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009/04/11 01:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/19 02:36:20 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/11 01:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009/04/11 01:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009/04/11 01:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009/04/11 01:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/04/11 01:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 17:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/04/11 01:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/10/25 03:35:44 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/10/25 03:05:49 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
 
< %SYSTEMDRIVE%\*.exe >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C is OS
 Volume Serial Number is CC0C-B06C
 Directory of C:\
10/24/2009  02:12 PM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
10/24/2009  02:12 PM    <JUNCTION>     Application Data [C:\ProgramData]
10/24/2009  02:12 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
10/24/2009  02:12 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
10/24/2009  02:12 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
10/24/2009  02:12 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/24/2009  02:12 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
10/24/2009  02:12 PM    <SYMLINKD>     All Users [C:\ProgramData]
10/24/2009  02:12 PM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\aarons
10/24/2009  02:17 PM    <JUNCTION>     Application Data [C:\Users\aarons\AppData\Roaming]
10/24/2009  02:17 PM    <JUNCTION>     Cookies [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Cookies]
10/24/2009  02:17 PM    <JUNCTION>     Local Settings [C:\Users\aarons\AppData\Local]
10/24/2009  02:17 PM    <JUNCTION>     My Documents [C:\Users\aarons\Documents]
10/24/2009  02:17 PM    <JUNCTION>     NetHood [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/24/2009  02:17 PM    <JUNCTION>     PrintHood [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/24/2009  02:17 PM    <JUNCTION>     Recent [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Recent]
10/24/2009  02:17 PM    <JUNCTION>     SendTo [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\SendTo]
10/24/2009  02:17 PM    <JUNCTION>     Start Menu [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu]
10/24/2009  02:17 PM    <JUNCTION>     Templates [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\aarons\AppData\Local
10/24/2009  02:17 PM    <JUNCTION>     Application Data [C:\Users\aarons\AppData\Local]
10/24/2009  02:17 PM    <JUNCTION>     History [C:\Users\aarons\AppData\Local\Microsoft\Windows\History]
10/24/2009  02:17 PM    <JUNCTION>     Temporary Internet Files [C:\Users\aarons\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\aarons\Documents
10/24/2009  02:17 PM    <JUNCTION>     My Music [C:\Users\aarons\Music]
10/24/2009  02:17 PM    <JUNCTION>     My Pictures [C:\Users\aarons\Pictures]
10/24/2009  02:17 PM    <JUNCTION>     My Videos [C:\Users\aarons\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
10/24/2009  02:12 PM    <JUNCTION>     Application Data [C:\ProgramData]
10/24/2009  02:12 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
10/24/2009  02:12 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
10/24/2009  02:12 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
10/24/2009  02:12 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/24/2009  02:12 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
10/24/2009  02:12 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
10/24/2009  02:12 PM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
10/24/2009  02:12 PM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
10/24/2009  02:12 PM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/24/2009  02:12 PM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/24/2009  02:12 PM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
10/24/2009  02:12 PM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
10/24/2009  02:12 PM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
10/24/2009  02:12 PM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
10/24/2009  02:12 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
10/24/2009  02:12 PM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
10/24/2009  02:12 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
10/24/2009  02:12 PM    <JUNCTION>     My Music [C:\Users\Default\Music]
10/24/2009  02:12 PM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
10/24/2009  02:12 PM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Entwain
10/24/2009  05:39 PM    <JUNCTION>     Application Data [C:\Users\Entwain\AppData\Roaming]
10/24/2009  05:39 PM    <JUNCTION>     Cookies [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Cookies]
10/24/2009  05:39 PM    <JUNCTION>     Local Settings [C:\Users\Entwain\AppData\Local]
10/24/2009  05:39 PM    <JUNCTION>     My Documents [C:\Users\Entwain\Documents]
10/24/2009  05:39 PM    <JUNCTION>     NetHood [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/24/2009  05:39 PM    <JUNCTION>     PrintHood [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/24/2009  05:39 PM    <JUNCTION>     Recent [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Recent]
10/24/2009  05:39 PM    <JUNCTION>     SendTo [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\SendTo]
10/24/2009  05:39 PM    <JUNCTION>     Start Menu [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Start Menu]
10/24/2009  05:39 PM    <JUNCTION>     Templates [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Entwain\AppData\Local
10/24/2009  05:39 PM    <JUNCTION>     Application Data [C:\Users\Entwain\AppData\Local]
10/24/2009  05:39 PM    <JUNCTION>     History [C:\Users\Entwain\AppData\Local\Microsoft\Windows\History]
10/24/2009  05:39 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Entwain\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Entwain\Documents
10/24/2009  05:39 PM    <JUNCTION>     My Music [C:\Users\Entwain\Music]
10/24/2009  05:39 PM    <JUNCTION>     My Pictures [C:\Users\Entwain\Pictures]
10/24/2009  05:39 PM    <JUNCTION>     My Videos [C:\Users\Entwain\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
10/24/2009  02:12 PM    <JUNCTION>     My Music [C:\Users\Public\Music]
10/24/2009  02:12 PM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
10/24/2009  02:12 PM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\twizzle
10/03/2010  09:11 PM    <JUNCTION>     Application Data [C:\Users\twizzle\AppData\Roaming]
10/03/2010  09:11 PM    <JUNCTION>     Cookies [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Cookies]
10/03/2010  09:11 PM    <JUNCTION>     Local Settings [C:\Users\twizzle\AppData\Local]
10/03/2010  09:11 PM    <JUNCTION>     My Documents [C:\Users\twizzle\Documents]
10/03/2010  09:11 PM    <JUNCTION>     NetHood [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/03/2010  09:11 PM    <JUNCTION>     PrintHood [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/03/2010  09:11 PM    <JUNCTION>     Recent [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Recent]
10/03/2010  09:11 PM    <JUNCTION>     SendTo [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\SendTo]
10/03/2010  09:11 PM    <JUNCTION>     Start Menu [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Start Menu]
10/03/2010  09:11 PM    <JUNCTION>     Templates [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\twizzle\AppData\Local
10/03/2010  09:11 PM    <JUNCTION>     Application Data [C:\Users\twizzle\AppData\Local]
10/03/2010  09:11 PM    <JUNCTION>     History [C:\Users\twizzle\AppData\Local\Microsoft\Windows\History]
10/03/2010  09:11 PM    <JUNCTION>     Temporary Internet Files [C:\Users\twizzle\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\twizzle\Documents
10/03/2010  09:11 PM    <JUNCTION>     My Music [C:\Users\twizzle\Music]
10/03/2010  09:11 PM    <JUNCTION>     My Pictures [C:\Users\twizzle\Pictures]
10/03/2010  09:11 PM    <JUNCTION>     My Videos [C:\Users\twizzle\Videos]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile
09/20/2011  01:04 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
09/20/2011  01:04 PM    <JUNCTION>     Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
09/20/2011  01:04 PM    <JUNCTION>     My Documents [C:\Windows\system32\config\systemprofile\Documents]
09/20/2011  01:04 PM    <JUNCTION>     NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
09/20/2011  01:04 PM    <JUNCTION>     PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
09/20/2011  01:04 PM    <JUNCTION>     Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
09/20/2011  01:04 PM    <JUNCTION>     SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
09/20/2011  01:04 PM    <JUNCTION>     Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
09/20/2011  01:04 PM    <JUNCTION>     Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\AppData\Local
09/20/2011  01:04 PM    <JUNCTION>     Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/20/2011  01:04 PM    <JUNCTION>     History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/20/2011  01:04 PM    <JUNCTION>     Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Windows\System32\config\systemprofile\Documents
09/20/2011  01:04 PM    <JUNCTION>     My Music [C:\Windows\system32\config\systemprofile\Music]
09/20/2011  01:04 PM    <JUNCTION>     My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
09/20/2011  01:04 PM    <JUNCTION>     My Videos [C:\Windows\system32\config\systemprofile\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              96 Dir(s)  37,742,714,880 bytes free
 
< MD5 for: EXPLORER.EXE  >
[2009/10/25 16:59:44 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009/10/25 16:59:43 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009/10/25 16:59:43 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/03/06 19:54:31 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/03/06 19:54:30 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009/10/25 16:59:43 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 04:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 02:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: SERVICES  >
[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services
 
< MD5 for: SERVICES.CFG  >
[2013/12/18 13:42:40 | 000,558,851 | ---- | M] () MD5=A044715A48D8FADB9366D554F20D3331 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 11:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
 
< MD5 for: SERVICES.EXE  >
[2008/01/19 02:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2006/11/02 04:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\ERDNT\cache\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2006/11/02 07:38:29 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 07:38:29 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
 
< MD5 for: SERVICES.INI  >
[2010/11/10 22:08:38 | 000,002,934 | ---- | M] () MD5=795E54812680DE8A87D6C049B38884A7 -- C:\Program Files\IObit\Advanced SystemCare 3\services.ini
 
< MD5 for: SERVICES.JS  >
[2014/04/03 09:04:54 | 000,003,147 | ---- | M] () MD5=2FD91762B4C2F6ED25428D709A8B3A84 -- C:\Program Files\PasswordBox\Firefox\resources\passwordbox\lib\services.js
 
< MD5 for: SERVICES.LNK  >
[2010/11/12 20:20:49 | 000,001,688 | ---- | M] () MD5=57F439E53C77A31727FDA91A72F7B408 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2010/11/12 20:20:49 | 000,001,688 | ---- | M] () MD5=57F439E53C77A31727FDA91A72F7B408 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof
 
< MD5 for: SERVICES.MSC  >
[2006/11/02 07:39:04 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 07:39:04 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6000.16386_none_cd2d20a848cfd40f\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc
 
< MD5 for: SVCHOST.EXE  >
[2006/11/02 04:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 02:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/19 02:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 02:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
 
< MD5 for: USERINIT.EXE  >
[2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 04:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 04:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/19 02:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2012/04/24 15:23:53 | 000,296,960 | ---- | M] (Microsoft Corporation) MD5=EC9B9B923F6A36E215562113BCE3856E -- C:\Windows\ERDNT\cache\winlogon.exe
 
========== Files - Unicode (All) ==========
[2013/09/11 16:46:43 | 000,000,000 | ---D | M](C:\ProgramData\?S?S0) -- C:\ProgramData\䖠Ş䉐Ş0
[2013/09/11 16:46:43 | 000,000,000 | ---D | M](C:\ProgramData\?S?S0) -- C:\ProgramData\䖠Ş䉐Ş0
[2013/09/11 01:04:08 | 000,000,000 | ---D | M](C:\ProgramData\?U?U0) -- C:\ProgramData\䖠Ǖ䉐Ǖ0
[2013/09/11 01:04:08 | 000,000,000 | ---D | M](C:\ProgramData\?U?U0) -- C:\ProgramData\䖠Ǖ䉐Ǖ0
[2013/09/11 00:12:25 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ǎ䉐Ǎ0
[2013/09/11 00:12:25 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ǎ䉐Ǎ0
[2013/08/17 02:17:01 | 000,000,000 | ---D | M](C:\ProgramData\?s?s0) -- C:\ProgramData\䖠s䉐s0
[2013/08/17 02:17:01 | 000,000,000 | ---D | M](C:\ProgramData\?s?s0) -- C:\ProgramData\䖠s䉐s0
[2013/08/16 17:23:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Lj䉐Lj0
[2013/08/16 17:23:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Lj䉐Lj0
[2013/08/16 13:07:26 | 000,000,000 | ---D | M](C:\ProgramData\?ç?ç0) -- C:\ProgramData\䖠ç䉐ç0
[2013/08/16 13:07:26 | 000,000,000 | ---D | M](C:\ProgramData\?ç?ç0) -- C:\ProgramData\䖠ç䉐ç0
[2013/08/16 12:26:27 | 000,000,000 | ---D | M](C:\ProgramData\?ö?ö0) -- C:\ProgramData\䖠ö䉐ö0
[2013/08/16 12:26:27 | 000,000,000 | ---D | M](C:\ProgramData\?ö?ö0) -- C:\ProgramData\䖠ö䉐ö0
[2013/08/16 12:12:04 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠G䉐G0
[2013/08/16 12:12:04 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠G䉐G0
[2013/08/16 10:01:07 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Ȃ䉐Ȃ0
[2013/08/16 10:01:07 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Ȃ䉐Ȃ0
[2013/08/15 15:13:31 | 000,000,000 | ---D | M](C:\ProgramData\?õ?õ0) -- C:\ProgramData\䖠õ䉐õ0
[2013/08/15 15:13:31 | 000,000,000 | ---D | M](C:\ProgramData\?õ?õ0) -- C:\ProgramData\䖠õ䉐õ0
[2013/08/15 07:46:46 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
[2013/08/15 07:46:46 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
[2013/08/15 05:49:48 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䖠ǟ䉐ǟ0
[2013/08/15 05:49:48 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䖠ǟ䉐ǟ0
[2013/08/14 20:37:23 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ę䉐ę0
[2013/08/14 20:37:23 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ę䉐ę0
[2013/08/06 10:45:19 | 000,000,000 | ---D | M](C:\ProgramData\?K?K0) -- C:\ProgramData\䖠Ǩ䉐Ǩ0
[2013/08/06 10:45:19 | 000,000,000 | ---D | M](C:\ProgramData\?K?K0) -- C:\ProgramData\䖠Ǩ䉐Ǩ0
[2013/07/29 18:49:17 | 000,000,000 | ---D | M](C:\ProgramData\?!?!0) -- C:\ProgramData\䖠ǃ䉐ǃ0
[2013/07/29 18:49:17 | 000,000,000 | ---D | M](C:\ProgramData\?!?!0) -- C:\ProgramData\䖠ǃ䉐ǃ0
[2013/07/29 16:54:29 | 000,000,000 | ---D | M](C:\ProgramData\?8?80) -- C:\ProgramData\䖠8䉐80
[2013/07/29 16:54:29 | 000,000,000 | ---D | M](C:\ProgramData\?8?80) -- C:\ProgramData\䖠8䉐80
[2013/07/29 01:18:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
[2013/07/29 01:18:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
[2013/07/28 23:55:56 | 000,000,000 | ---D | M](C:\ProgramData\?q?q0) -- C:\ProgramData\䖠q䉐q0
[2013/07/28 23:55:56 | 000,000,000 | ---D | M](C:\ProgramData\?q?q0) -- C:\ProgramData\䖠q䉐q0
[2013/07/27 12:05:21 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠Ǥ䉐Ǥ0
[2013/07/27 12:05:21 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠Ǥ䉐Ǥ0
[2013/07/23 21:27:18 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ě䉐ě0
[2013/07/23 21:27:18 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ě䉐ě0
[2013/07/22 12:01:22 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ā䉐Ā0
[2013/07/22 12:01:22 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ā䉐Ā0
[2013/07/16 13:09:46 | 000,000,000 | ---D | M](C:\ProgramData\? ? 0) -- C:\ProgramData\䖠 䉐 0
[2013/07/16 13:09:46 | 000,000,000 | ---D | M](C:\ProgramData\? ? 0) -- C:\ProgramData\䖠 䉐 0
[2013/07/13 04:08:43 | 000,000,000 | ---D | M](C:\ProgramData\?O?O0) -- C:\ProgramData\䖠Ǒ䉐Ǒ0
[2013/07/13 04:08:43 | 000,000,000 | ---D | M](C:\ProgramData\?O?O0) -- C:\ProgramData\䖠Ǒ䉐Ǒ0
[2013/07/13 03:44:57 | 000,000,000 | ---D | M](C:\ProgramData\?t?t0) -- C:\ProgramData\䖠ƫ䉐ƫ0
[2013/07/13 03:44:57 | 000,000,000 | ---D | M](C:\ProgramData\?t?t0) -- C:\ProgramData\䖠ƫ䉐ƫ0
[2013/07/11 19:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?F?F0) -- C:\ProgramData\䖠F䉐F0
[2013/07/11 19:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?F?F0) -- C:\ProgramData\䖠F䉐F0
[2013/07/10 00:33:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠dz䉐dz0
[2013/07/10 00:33:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠dz䉐dz0
[2013/07/08 14:30:09 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠u䉐u0
[2013/07/08 14:30:09 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠u䉐u0
[2013/07/02 00:19:09 | 000,000,000 | ---D | M](C:\ProgramData\?¶?¶0) -- C:\ProgramData\䖠¶䉐¶0
[2013/07/02 00:19:09 | 000,000,000 | ---D | M](C:\ProgramData\?¶?¶0) -- C:\ProgramData\䖠¶䉐¶0
[2013/07/01 14:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?E?E0) -- C:\ProgramData\䖠Ē䉐Ē0
[2013/07/01 14:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?E?E0) -- C:\ProgramData\䖠Ē䉐Ē0
[2013/07/01 11:48:13 | 000,000,000 | ---D | M](C:\ProgramData\?j?j0) -- C:\ProgramData\䖠ǰ䉐ǰ0
[2013/07/01 11:48:13 | 000,000,000 | ---D | M](C:\ProgramData\?j?j0) -- C:\ProgramData\䖠ǰ䉐ǰ0
[2013/06/26 08:23:20 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠ǚ䉐ǚ0
[2013/06/26 08:23:20 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠ǚ䉐ǚ0
[2013/06/19 11:00:05 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䔸Ǎ䇨Ǎ0
[2013/06/19 11:00:05 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䔸Ǎ䇨Ǎ0
[2013/06/13 20:30:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ƹ䇨Ƹ0
[2013/06/13 20:30:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ƹ䇨Ƹ0
[2013/06/09 14:01:06 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ʊ䇨Ʊ0
[2013/06/09 14:01:06 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ʊ䇨Ʊ0
[2013/06/09 09:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?z?z0) -- C:\ProgramData\䔸ƶ䇨ƶ0
[2013/06/09 09:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?z?z0) -- C:\ProgramData\䔸ƶ䇨ƶ0
[2013/06/05 17:01:10 | 000,000,000 | ---D | M](C:\ProgramData\?5?50) -- C:\ProgramData\䔸5䇨50
[2013/06/05 17:01:10 | 000,000,000 | ---D | M](C:\ProgramData\?5?50) -- C:\ProgramData\䔸5䇨50
[2013/06/01 18:10:16 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǯ䇨ǯ0
[2013/06/01 18:10:16 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǯ䇨ǯ0
[2013/05/27 15:40:47 | 000,000,000 | ---D | M](C:\ProgramData\?g?g0) -- C:\ProgramData\䔸ǧ䇨ǧ0
[2013/05/27 15:40:47 | 000,000,000 | ---D | M](C:\ProgramData\?g?g0) -- C:\ProgramData\䔸ǧ䇨ǧ0
[2013/05/09 16:45:30 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƨ䇨ƨ0
[2013/05/09 16:45:30 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƨ䇨ƨ0
[2013/04/30 15:37:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǵ䇨Ǵ0
[2013/04/30 15:37:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǵ䇨Ǵ0
[2013/04/29 09:33:21 | 000,000,000 | ---D | M](C:\ProgramData\?#?#0) -- C:\ProgramData\䔸#䇨#0
[2013/04/29 09:33:21 | 000,000,000 | ---D | M](C:\ProgramData\?#?#0) -- C:\ProgramData\䔸#䇨#0
[2013/04/24 11:57:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƃ䇨ƃ0
[2013/04/24 11:57:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƃ䇨ƃ0
[2013/04/24 11:40:41 | 000,000,000 | ---D | M](C:\ProgramData\?­?­0) -- C:\ProgramData\䔸­䇨­0
[2013/04/24 11:40:41 | 000,000,000 | ---D | M](C:\ProgramData\?­?­0) -- C:\ProgramData\䔸­䇨­0
[2013/04/21 15:02:37 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ǥ䇨Ǥ0
[2013/04/21 15:02:37 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ǥ䇨Ǥ0
[2013/04/13 12:44:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ș䇨Ș0
[2013/04/13 12:44:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ș䇨Ș0
[2013/04/12 09:56:12 | 000,000,000 | ---D | M](C:\ProgramData\?D?D0) -- C:\ProgramData\䔸Ď䇨Ď0
[2013/04/12 09:56:12 | 000,000,000 | ---D | M](C:\ProgramData\?D?D0) -- C:\ProgramData\䔸Ď䇨Ď0
[2013/04/11 16:02:25 | 000,000,000 | ---D | M](C:\ProgramData\?(?(0) -- C:\ProgramData\䔸(䇨(0
[2013/04/11 16:02:25 | 000,000,000 | ---D | M](C:\ProgramData\?(?(0) -- C:\ProgramData\䔸(䇨(0
[2013/04/07 16:29:15 | 000,000,000 | ---D | M](C:\ProgramData\?C?C0) -- C:\ProgramData\䔸Ĉ䇨Ĉ0
[2013/04/07 16:29:15 | 000,000,000 | ---D | M](C:\ProgramData\?C?C0) -- C:\ProgramData\䔸Ĉ䇨Ĉ0
[2013/04/03 15:22:08 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ȇ䇨Ȇ0
[2013/04/03 15:22:08 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ȇ䇨Ȇ0
[2013/03/30 18:24:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȁ䇨ȁ0
[2013/03/30 18:24:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȁ䇨ȁ0
[2013/03/17 13:54:26 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ğ䇨Ğ0
[2013/03/17 13:54:26 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ğ䇨Ğ0
[2013/03/16 14:14:46 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䔸ǘ䇨ǘ0
[2013/03/16 14:14:46 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䔸ǘ䇨ǘ0
[2013/03/04 12:27:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸䇨0
[2013/03/04 12:27:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸䇨0
[2013/03/03 16:30:27 | 000,000,000 | ---D | M](C:\ProgramData\?ï?ï0) -- C:\ProgramData\䔸ï䇨ï0
[2013/03/03 16:30:27 | 000,000,000 | ---D | M](C:\ProgramData\?ï?ï0) -- C:\ProgramData\䔸ï䇨ï0
[2013/03/01 15:02:17 | 000,000,000 | ---D | M](C:\ProgramData\?6?60) -- C:\ProgramData\䔸6䇨60
[2013/03/01 15:02:17 | 000,000,000 | ---D | M](C:\ProgramData\?6?60) -- C:\ProgramData\䔸6䇨60
[2013/02/28 23:41:04 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȍ䇨ȍ0
[2013/02/28 23:41:04 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȍ䇨ȍ0
[2013/02/28 16:32:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǡ䇨Ǡ0
[2013/02/28 16:32:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǡ䇨Ǡ0
[2013/02/28 09:08:52 | 000,000,000 | ---D | M](C:\ProgramData\?¢?¢0) -- C:\ProgramData\䔸¢䇨¢0
[2013/02/28 09:08:52 | 000,000,000 | ---D | M](C:\ProgramData\?¢?¢0) -- C:\ProgramData\䔸¢䇨¢0
[2013/02/27 18:24:30 | 000,000,000 | ---D | M](C:\ProgramData\?ê?ê0) -- C:\ProgramData\䔸ê䇨ê0
[2013/02/27 18:24:30 | 000,000,000 | ---D | M](C:\ProgramData\?ê?ê0) -- C:\ProgramData\䔸ê䇨ê0
[2013/02/26 08:39:39 | 000,000,000 | ---D | M](C:\ProgramData\?w?w0) -- C:\ProgramData\䔸w䇨w0
[2013/02/26 08:39:39 | 000,000,000 | ---D | M](C:\ProgramData\?w?w0) -- C:\ProgramData\䔸w䇨w0
[2013/02/25 12:48:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸nj䇨nj0
[2013/02/25 12:48:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸nj䇨nj0
[2013/02/23 21:51:56 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǹ䇨ǹ0
[2013/02/23 21:51:56 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǹ䇨ǹ0
(C:\ProgramData\?z?z0) -- C:\ProgramData\䔸ƶ䇨ƶ0
(C:\ProgramData\?w?w0) -- C:\ProgramData\䔸w䇨w0
(C:\ProgramData\?U?U0) -- C:\ProgramData\䖠Ǖ䉐Ǖ0
(C:\ProgramData\?u?u0) -- C:\ProgramData\䖠ǚ䉐ǚ0
(C:\ProgramData\?u?u0) -- C:\ProgramData\䖠u䉐u0
(C:\ProgramData\?u?u0) -- C:\ProgramData\䔸ǘ䇨ǘ0
(C:\ProgramData\?t?t0) -- C:\ProgramData\䖠ƫ䉐ƫ0
(C:\ProgramData\?S?S0) -- C:\ProgramData\䖠Ş䉐Ş0
(C:\ProgramData\?s?s0) -- C:\ProgramData\䖠s䉐s0
(C:\ProgramData\?q?q0) -- C:\ProgramData\䖠q䉐q0
(C:\ProgramData\?õ?õ0) -- C:\ProgramData\䖠õ䉐õ0
(C:\ProgramData\?ö?ö0) -- C:\ProgramData\䖠ö䉐ö0
(C:\ProgramData\?O?O0) -- C:\ProgramData\䖠Ǒ䉐Ǒ0
(C:\ProgramData\?K?K0) -- C:\ProgramData\䖠Ǩ䉐Ǩ0
(C:\ProgramData\?j?j0) -- C:\ProgramData\䖠ǰ䉐ǰ0
(C:\ProgramData\?ï?ï0) -- C:\ProgramData\䔸ï䇨ï0
(C:\ProgramData\?G?G0) -- C:\ProgramData\䖠Ǥ䉐Ǥ0
(C:\ProgramData\?G?G0) -- C:\ProgramData\䖠G䉐G0
(C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ǥ䇨Ǥ0
(C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ğ䇨Ğ0
(C:\ProgramData\?g?g0) -- C:\ProgramData\䔸ǧ䇨ǧ0
(C:\ProgramData\?F?F0) -- C:\ProgramData\䖠F䉐F0
(C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ę䉐ę0
(C:\ProgramData\?E?E0) -- C:\ProgramData\䖠Ē䉐Ē0
(C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ě䉐ě0
(C:\ProgramData\?ê?ê0) -- C:\ProgramData\䔸ê䇨ê0
(C:\ProgramData\?D?D0) -- C:\ProgramData\䔸Ď䇨Ď0
(C:\ProgramData\?ç?ç0) -- C:\ProgramData\䖠ç䉐ç0
(C:\ProgramData\?C?C0) -- C:\ProgramData\䔸Ĉ䇨Ĉ0
(C:\ProgramData\?a?a0) -- C:\ProgramData\䖠ǟ䉐ǟ0
(C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ā䉐Ā0
(C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ǎ䉐Ǎ0
(C:\ProgramData\?A?A0) -- C:\ProgramData\䔸Ǎ䇨Ǎ0
(C:\ProgramData\?8?80) -- C:\ProgramData\䖠8䉐80
(C:\ProgramData\?6?60) -- C:\ProgramData\䔸6䇨60
(C:\ProgramData\?5?50) -- C:\ProgramData\䔸5䇨50
(C:\ProgramData\?¶?¶0) -- C:\ProgramData\䖠¶䉐¶0
(C:\ProgramData\?¢?¢0) -- C:\ProgramData\䔸¢䇨¢0
(C:\ProgramData\?­?­0) -- C:\ProgramData\䔸­䇨­0
(C:\ProgramData\????0) -- C:\ProgramData\䖠Lj䉐Lj0
(C:\ProgramData\????0) -- C:\ProgramData\䖠dz䉐dz0
(C:\ProgramData\????0) -- C:\ProgramData\䖠Ȃ䉐Ȃ0
(C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
(C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ƹ䇨Ƹ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ǯ䇨ǯ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ʊ䇨Ʊ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ƨ䇨ƨ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ș䇨Ș0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ȍ䇨ȍ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ǹ䇨ǹ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸nj䇨nj0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ǵ䇨Ǵ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ȇ䇨Ȇ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ƃ䇨ƃ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ȁ䇨ȁ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ǡ䇨Ǡ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸䇨0
(C:\ProgramData\?(?(0) -- C:\ProgramData\䔸(䇨(0
(C:\ProgramData\?#?#0) -- C:\ProgramData\䔸#䇨#0
(C:\ProgramData\?!?!0) -- C:\ProgramData\䖠ǃ䉐ǃ0
(C:\ProgramData\? ? 0) -- C:\ProgramData\䖠 䉐 0
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> C:\Users\aarons\Documents\Imported Photos 00002.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\aarons\Documents\Imported Photos 00001.jpg:Roxio EMC Stream
@Alternate Data Stream - 64 bytes -> C:\Users\aarons\Documents\party 177.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\aarons\Documents\party 174.AVI:TOC.WMV
@Alternate Data Stream - 166 bytes -> C:\ProgramData\TEMP:FB1B13D8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:466F9D5D

< End of report >


  • 0

#4
twain1

twain1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 35.13 Gb Free Space | 25.28% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.23 Gb Free Space | 62.27% Space Free | Partition Type: NTFS
 
Computer Name: AARONS-PC | User Name: aarons | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\File Type Helper\FileTypeHelper.exe "%1" (Microsoft)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FreemiumAnalyze] -- C:\Program Files\Covus Freemium\Free System Utilities\freemiumContext.exe ANALYSE %1 (Microsoft)
Directory [FreemiumFindEmptyFolders] -- C:\Program Files\Covus Freemium\Free System Utilities\freemiumContext.exe EMPTYFOLDERS %1 (Microsoft)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1"
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-276059291-3993976188-3623813286-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07947613-CB42-4BB6-8557-34157AADD363}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{189AAA40-A800-4BC9-B35D-8E791235BFC6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1E4B68B1-E5F7-4115-83C2-CCBC619839B9}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2C77AE45-1D1C-4C67-8B4D-649876B12E74}" = lport=8381 | protocol=17 | dir=in | name=league of legends launcher |
"{2DBC71BB-7530-4D98-AA0C-EA3EF8B7FEE4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FC8FB12-AFE5-4A3A-A1DF-6747D14CB9C4}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
"{3436321E-57CB-4364-A567-C55D85734FE3}" = lport=49165 | protocol=6 | dir=in | name=akamai netsession interface |
"{424BB191-38B2-4DB5-9AB0-75A0905DE44F}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{487CF497-EA20-45CD-80D8-E93F7860F0FD}" = lport=8381 | protocol=6 | dir=in | name=league of legends launcher |
"{5E64FB09-A7FD-43FC-8411-748FB486A104}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{60803605-FF2B-469C-A527-BEB9C50B9A5A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6C2EC7D0-2FED-4B63-B57E-ECA4E67898AA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7297AADD-A060-4E61-9D04-DEBDC63501EC}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 |
"{78BC9A32-1CD8-41C2-8188-08D9018EAA3F}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
"{7CDE9663-F406-46AA-BB50-D5E06ADACD1A}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 |
"{7DBA4835-F822-4A62-BC6D-A3EC49D232C7}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 |
"{93F3F844-CDA3-4DBA-83E9-2D1ED93B0349}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{94E12D7D-AADB-41C6-BE3F-0E5172E7B9A4}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 |
"{A2C28AB8-01AF-4457-A2B2-4538F811E36C}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AA021B44-1417-4E7F-A52E-084393FAEED4}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{AF3A6791-4413-4020-9644-65B8374801FB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B07CAC37-428C-4A83-9029-EB649620920F}" = lport=56690 | protocol=6 | dir=in | name=akamai netsession interface |
"{C9A28E44-C286-44C7-BAE0-FE27E635814D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F9140A7B-AFF3-47F3-A1D5-F8AFFBEE437A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0388AB03-0E78-4580-8E56-332681BE9E3C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{08770117-EFB9-456C-8B90-66BB8BFB435C}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{0B940A45-D95F-4B7B-A28C-A41A6C7D115E}" = protocol=17 | dir=in | app=c:\program files\dogpile bundle toolbar\toolbarupdate.exe |
"{0CE09764-38D7-4389-B0DA-28F7DB8325AB}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{0D10E05E-D24C-4F7F-AE2A-E79897CEC9E5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{0FA26A93-9FB5-47ED-93D1-2F58DC724C89}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{1417190A-A83C-4AD3-B3DD-1F60A7291D1E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{1547A1C1-FF82-4A67-B215-A0471D2998B1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{16154C1A-CC0A-4F1D-8B0F-019C1CBA4B2D}" = protocol=17 | dir=in | app=c:\program files\bucksbee loyalty plugin - guppy media\troubleshooter.exe |
"{18A1F17A-AA3B-457C-914E-6973A7961BBF}" = protocol=17 | dir=in | app=c:\program files\dogpile bundle toolbar\troubleshooter.exe |
"{1B022ACA-17E9-4F01-842D-CF6158404749}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2601B096-0CDC-4F86-8A42-658E83083F37}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{28F41AD3-956A-4AEC-B09A-AA7D9FE1A8FF}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{2FF6FA5D-A457-4352-A8C0-7DE46F87ECFC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{30FB5FBD-B74C-4814-868E-8B315E5233D1}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{3D74B9B1-2EBB-4CAE-9936-E13A2011A9EA}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{3E428437-4D13-4AD6-9297-B304515A8584}" = protocol=6 | dir=in | app=c:\users\aarons\appdata\roaming\imvuclient\imvuqualityagent.exe |
"{4D7BA35B-2383-45A4-A014-7D00B0773C68}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{4DEEC14F-D36F-4661-BDC8-55F6D2D2FA39}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{55D23757-EE4D-4B91-BA76-C0D4F8489326}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{58DAB5DD-36FF-41D2-A4BB-37FD54753EE1}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5DAB3F21-A071-44B6-8636-155A2B2B2B68}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{61215C82-B7E7-453B-AF38-8F85EBFEE8BC}" = protocol=6 | dir=in | app=c:\program files\blastshark\lunia\blastshark.exe |
"{67931D3D-45BA-4284-AB7B-26E1879CBA87}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{68432C58-3B33-466D-BF8F-D1F93598FF45}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{6A3BA060-9A7F-418E-8E50-86E718CF855D}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{75DD929D-FB2F-4043-8C05-23CFDC8B21F9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{769A34EB-C333-4749-979D-946E281AB403}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{792FB6A6-9AE8-4815-83FD-DB0C40F313D2}" = protocol=6 | dir=in | app=c:\users\aarons\appdata\local\temp\~osad6f.tmp\rlvknlg.exe |
"{7ECD0EE4-98B7-4F5F-A45A-F81159F32BCF}" = dir=out | app=c:\users\twaind~1\appdata\local\temp\{bbff5290-4fe3-3329-d1c2-07c1601c7066}\addons\_farmfrenzy2.exe |
"{7ED2DA86-E84E-43BC-8A16-BE61BC3FC172}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{812FEEBA-9FBC-4E52-922C-D5E68BAF895E}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{820D2836-2425-43A3-BF9B-2B5F5C9603B1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{889D44E0-DEC8-4EB2-8ACA-33DC7857F2AD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{8B17DD97-D073-4309-B171-91D41EDB5EF5}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{8B2A5A75-E785-45C4-9458-F431EA3C8228}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{90298DB3-B10C-4B1A-B666-55055F4F9034}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{90CFDBB2-C254-4D31-9CFD-9C9CC7617968}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{991D09F2-6392-4431-87F8-18C45D1F5431}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{9C02A60D-3D08-4061-BA79-D34A57FF8119}" = protocol=6 | dir=in | app=c:\program files\dogpile bundle toolbar\troubleshooter.exe |
"{9EB58A47-979E-4BA3-8394-EB8396319CBB}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{A22024F2-BF6A-4E4C-9084-4733C988B60B}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{A30E0411-D084-4D8F-B628-6365C1100E63}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A90A03EB-F17E-4667-AC2B-4746E5B61152}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{AA976D96-1207-4BC7-8D84-13B5B9C0862F}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{AE85B58B-628E-4939-8D3B-00833D97F76E}" = protocol=17 | dir=in | app=c:\program files\blastshark\lunia\blastshark.exe |
"{BDB2939E-D233-4E75-9239-99417CADF39B}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{BDD0B221-075F-4E3C-ADF2-5F0F7C874AE5}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{BF1ECE2A-CE81-423B-96CD-CC21CED6A6FF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{C2B6560A-9065-4CCD-91BA-F743598DEA18}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{CEC2EA13-876E-4DDB-9BB3-DEA418BCA571}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{D517A32C-42A0-43BD-AAB8-93837C61293E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{D525B3B8-D093-4CA5-BCCD-254A10BC30D4}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D8C4873A-F0FB-4926-8F83-614AFE72868C}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe |
"{E06486EF-FA50-4E35-BC55-56570B7C54FD}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{E190C63A-ABAE-4308-B31F-F41779149F6F}" = protocol=6 | dir=in | app=c:\program files\bucksbee loyalty plugin - guppy media\troubleshooter.exe |
"{E1CA973C-A62E-4B51-B29C-0ADEC8BB873D}" = protocol=17 | dir=in | app=c:\users\aarons\appdata\roaming\imvuclient\imvuqualityagent.exe |
"{E52FE86D-9004-4265-88C9-13C57CB56F1A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{F06C6E36-A064-4118-81CA-B8EADC297CB8}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F1717585-5CA0-4199-ABA4-C4B6DD7BA1C0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F25E766A-082E-467D-AAF1-AE543DA4ABBF}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{FC9E0CBB-E72F-4BA1-80A9-A465F004E11C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{FD948FE7-4F16-4ED1-879A-C430AFEFF653}" = protocol=6 | dir=in | app=c:\program files\dogpile bundle toolbar\toolbarupdate.exe |
"TCP Query User{42D20E7E-06FD-412D-9935-B1E5AB67554B}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{A28FAD40-545C-41AE-A59E-C14CBE4FE696}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"UDP Query User{C1342E12-9434-4A95-98DC-59A879FA7DF3}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{CA7D5D83-7F20-4CEE-AD82-8688E4E6C13F}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{118C3943-1683-42EF-824D-C22E70DB42E7}" = Comcast Desktop Software (v1.2.1)
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B6C0E95-182C-48E0-9C4B-4F916308249C}" = iTunes
"{1BE7C1D9-06A8-466D-ADEA-B07F68BDEFB5}" = ESET NOD32 Antivirus
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{24176A21-AFC8-3DCC-A2BB-901734AA64B9}" = Google Talk Plugin
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java™ 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{398E8625-6F3A-4C54-B54C-28F0ABB89774}" = BPD_HPSU
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4405EF46-7892-4308-881C-BD893B509B23}" = IMVU Client
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.4.1
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 2.0.2
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{703EC8AF-18E8-4A81-AEC6-8FF64AD76924}" = IMVU Cal3D Exporter for 3ds Max
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel® PRO Network Connections 12.1.11.0
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BB493F6-1E56-4748-B3A3-D7B1FB6EE2FE}" = Motorola Mobile Drivers Installation 4.7.1
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{887868A2-D6DE-3255-AA92-AA0B5A59B874}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FA57E32-3D16-4FF8-884B-174A5A257F01}" = QuickShare
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{a669300e-6ee1-4d7b-a048-f9e373b992b7}" = Free System Utilities
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A88E1685-1986-4A86-8E88-5FE1E727D026}" = RealDownloader
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.9)
"{AC995FD4-E43B-423D-A8A0-F7B1B28C8E49}" = Free SystemUtilities
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B4750ECE-3B5F-462F-8950-614D1E0B2204}" = Facebook Video Calling 1.1.0.13
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CD0773D5-C18E-495c-B39B-21A96415EDD5}" = HP Officejet J4500 Series
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D6B3114F-945B-4980-BF7A-AF12E9161A0F}" = iCloud
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}" = D-Link RangeBooster N DWA-140
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{D9DC70B6-BE13-41DD-9053-9E617E72D085}" = MOTOROLA MEDIA LINK
"{DD8D87E5-C372-462F-B168-94612B1D9451}" = HTC Sync
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DEE2C7D1-47BE-49F6-A850-9C518780D87F}_is1" = RebateRobot for Chrome version 2.1.2
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED721ABC-423D-4F7D-AEBB-E1E39C388E84}" = Facebook Video Calling 1.0.0.8714
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"38934_Savings Vault" = Savings Vault
"7-Zip" = 7-Zip 9.20
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"claro" = Claro toolbar  
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"ESET Online Scanner" = ESET Online Scanner v3
"FrostWire" = FrostWire 4.21.1
"GC" = GC
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"HTC_WModemDriver" = WModem Driver Installer
"iNTERNET Turbo" = iNTERNET Turbo
"KeyFinder_is1" = Magical Jelly Bean KeyFinder
"Lavalon Dragonica1.0" = Lavalon Dragonica
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MotoConnect" = MotoConnect 1.1.31
"Mozilla Firefox 28.0 (x86 en-US)" = Mozilla Firefox 28.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Music Saved" = Music Saved
"N360" = Norton 360
"NetSight" = Nielsen
"PROSetDX" = Intel® PRO Network Connections 12.1.11.0
"Shop for HP Supplies" = Shop for HP Supplies
"Smart Defrag 2_is1" = Smart Defrag 2
"SmartSuggestor" = Smart Suggestor
"SolitaireChallenge" = Solitaire Challenge (remove only)
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"TreeSize Free_is1" = TreeSize Free V2.7
"Virtual Audio Cable 4.04" = Virtual Audio Cable 4.04
"VLC media player" = VLC media player 1.0.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"www_phm" = support.com EasySupport
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"DownloadTerms" = DownloadTerms
"JoinMe" = join.me
"UpdaterEX" = Extended Update
"Video Converter" = Video Converter
"Winamp Detect" = Winamp Detector Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 4/15/2014 2:30:57 AM | Computer Name = aarons-PC | Source = VSS | ID = 8193
Description =
 
Error - 4/15/2014 3:16:59 PM | Computer Name = aarons-PC | Source = VSS | ID = 8193
Description =
 
Error - 4/15/2014 3:22:04 PM | Computer Name = aarons-PC | Source = VSS | ID = 8193
Description =
 
Error - 4/15/2014 3:23:55 PM | Computer Name = aarons-PC | Source = VSS | ID = 8193
Description =
 
Error - 4/15/2014 3:25:45 PM | Computer Name = aarons-PC | Source = VSS | ID = 8193
Description =
 
Error - 4/16/2014 2:57:34 AM | Computer Name = aarons-PC | Source = VSS | ID = 8193
Description =
 
Error - 4/16/2014 9:12:00 PM | Computer Name = aarons-PC | Source = MsiInstaller | ID = 11706
Description =
 
Error - 4/16/2014 10:18:39 PM | Computer Name = aarons-PC | Source = VSS | ID = 8193
Description =
 
Error - 4/17/2014 3:23:48 AM | Computer Name = aarons-PC | Source = EventSystem | ID = 4621
Description =
 
Error - 4/17/2014 12:51:14 PM | Computer Name = aarons-PC | Source = EventSystem | ID = 4621
Description =
 
[ System Events ]
Error - 4/18/2014 10:10:56 PM | Computer Name = aarons-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
 
Error - 4/18/2014 10:12:18 PM | Computer Name = aarons-PC | Source = DCOM | ID = 10016
Description =
 
Error - 4/18/2014 10:12:32 PM | Computer Name = aarons-PC | Source = DCOM | ID = 10016
Description =
 
Error - 4/18/2014 10:12:38 PM | Computer Name = aarons-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 4/18/2014 10:12:38 PM | Computer Name = aarons-PC | Source = Service Control Manager | ID = 7009
Description =
 
Error - 4/18/2014 10:12:38 PM | Computer Name = aarons-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 4/18/2014 10:12:38 PM | Computer Name = aarons-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 4/18/2014 10:12:38 PM | Computer Name = aarons-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 4/18/2014 10:12:38 PM | Computer Name = aarons-PC | Source = Service Control Manager | ID = 7000
Description =
 
Error - 4/18/2014 10:13:15 PM | Computer Name = aarons-PC | Source = Service Control Manager | ID = 7022
Description =
 
 
< End of report >
 

Results of screen317's Security Check version 0.99.82  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Ad-Aware
 Malwarebytes Anti-Malware version 1.75.0.1300  
 JavaFX 2.1.0    
 Java™ 6 Update 26  
 Java 7 Update 51  
 Java™ SE Runtime Environment 6
 Java version out of Date!
  Adobe Flash Player     11.8.800.94 Flash Player out of Date!  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox (28.0)
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Ad-Aware AAWService.exe is disabled!
 Ad-Aware AAWTray.exe is disabled!
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Mozilla Firefox nielsenonline.exe -?-   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````


Edited by twain1, 18 April 2014 - 11:47 PM.

  • 0

#5
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Please wait while I analyze your logs and plan a fix for your issue. In addition, please,do not edit your posts. If you believe you missed something, add a new reply.
Thank you.
  • 0

#6
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi twain1, :)

I have notices that you have more than one antivirus installed in your system. Well, this is one of the situations where more is not merrier. They tend to create conflict with each other and their different pattern on your system protection can deteriorate your system performance.
I have listed the antivirus(es) you have in your system.
  • ESET NOD32 Antivirus
  • Norton 360
Please, keep only one and report me your decision so that I can remove the other one.

 
  • Step #3 Uninstall Programs
    I want you to uninstall the following program(s) listed below due to poor reputation we receive about them. To uninstall a program, go to Start > Control Panel > Uninstall a program or Start > Control Panel > Programs and Features. Wait for the list to fill up and double-click on the items I have listed below and follow the on-screen instruction to remove/uninstall them.
    • DownloadTerms;
    • Extended Update;
    • Yahoo! Toolbar;
    • Smart Suggestor;
    • McAfee Security Scan Plus;
    • iNTERNET Turbo;
    • FrostWire 4.21.1;
    • Claro toolbar;
    • Savings Vault;
    • Free SystemUtilities;
    • Free System Utilities;
    • SweetIM for Messenger 3.7;
    • Pando Media Booster;
    • Ask Toolbar;
    • Complitly;
    • SolutionCenter;
    • Java SE Runtime Environment 6;
    • Java 6 Update 26;
    • BPDSoftware
 
  • Step #4 Fix with OTL
    • Re-run OTL by right clicking and choosing Run as administrator;
    • Under the Custom Scans/Fixes Box copy and paste the following contents inside the quote box. (Do not include the word 'quote').

      :Commands
      [createrestorepoint]

      :OTL
      @Alternate Data Stream - 166 bytes -> C:\ProgramData\TEMP:FB1B13D8
      @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
      @Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:466F9D5D
      [2013/09/11 16:46:43 | 000,000,000 | ---D | M](C:\ProgramData\?S?S0) -- C:\ProgramData\䖠Ş䉐Ş0
      [2013/09/11 16:46:43 | 000,000,000 | ---D | M](C:\ProgramData\?S?S0) -- C:\ProgramData\䖠Ş䉐Ş0
      [2013/09/11 01:04:08 | 000,000,000 | ---D | M](C:\ProgramData\?U?U0) -- C:\ProgramData\䖠Ǖ䉐Ǖ0
      [2013/09/11 01:04:08 | 000,000,000 | ---D | M](C:\ProgramData\?U?U0) -- C:\ProgramData\䖠Ǖ䉐Ǖ0
      [2013/09/11 00:12:25 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ǎ䉐Ǎ0
      [2013/09/11 00:12:25 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ǎ䉐Ǎ0
      [2013/08/17 02:17:01 | 000,000,000 | ---D | M](C:\ProgramData\?s?s0) -- C:\ProgramData\䖠s䉐s0
      [2013/08/17 02:17:01 | 000,000,000 | ---D | M](C:\ProgramData\?s?s0) -- C:\ProgramData\䖠s䉐s0
      [2013/08/16 17:23:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Lj䉐Lj0
      [2013/08/16 17:23:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Lj䉐Lj0
      [2013/08/16 13:07:26 | 000,000,000 | ---D | M](C:\ProgramData\?ç?ç0) -- C:\ProgramData\䖠ç䉐ç0
      [2013/08/16 13:07:26 | 000,000,000 | ---D | M](C:\ProgramData\?ç?ç0) -- C:\ProgramData\䖠ç䉐ç0
      [2013/08/16 12:26:27 | 000,000,000 | ---D | M](C:\ProgramData\?ö?ö0) -- C:\ProgramData\䖠ö䉐ö0
      [2013/08/16 12:26:27 | 000,000,000 | ---D | M](C:\ProgramData\?ö?ö0) -- C:\ProgramData\䖠ö䉐ö0
      [2013/08/16 12:12:04 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠G䉐G0
      [2013/08/16 12:12:04 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠G䉐G0
      [2013/08/16 10:01:07 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Ȃ䉐Ȃ0
      [2013/08/16 10:01:07 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Ȃ䉐Ȃ0
      [2013/08/15 15:13:31 | 000,000,000 | ---D | M](C:\ProgramData\?õ?õ0) -- C:\ProgramData\䖠õ䉐õ0
      [2013/08/15 15:13:31 | 000,000,000 | ---D | M](C:\ProgramData\?õ?õ0) -- C:\ProgramData\䖠õ䉐õ0
      [2013/08/15 07:46:46 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
      [2013/08/15 07:46:46 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
      [2013/08/15 05:49:48 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䖠ǟ䉐ǟ0
      [2013/08/15 05:49:48 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䖠ǟ䉐ǟ0
      [2013/08/14 20:37:23 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ę䉐ę0
      [2013/08/14 20:37:23 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ę䉐ę0
      [2013/08/06 10:45:19 | 000,000,000 | ---D | M](C:\ProgramData\?K?K0) -- C:\ProgramData\䖠Ǩ䉐Ǩ0
      [2013/08/06 10:45:19 | 000,000,000 | ---D | M](C:\ProgramData\?K?K0) -- C:\ProgramData\䖠Ǩ䉐Ǩ0
      [2013/07/29 18:49:17 | 000,000,000 | ---D | M](C:\ProgramData\?!?!0) -- C:\ProgramData\䖠ǃ䉐ǃ0
      [2013/07/29 18:49:17 | 000,000,000 | ---D | M](C:\ProgramData\?!?!0) -- C:\ProgramData\䖠ǃ䉐ǃ0
      [2013/07/29 16:54:29 | 000,000,000 | ---D | M](C:\ProgramData\?8?80) -- C:\ProgramData\䖠8䉐80
      [2013/07/29 16:54:29 | 000,000,000 | ---D | M](C:\ProgramData\?8?80) -- C:\ProgramData\䖠8䉐80
      [2013/07/29 01:18:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
      [2013/07/29 01:18:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
      [2013/07/28 23:55:56 | 000,000,000 | ---D | M](C:\ProgramData\?q?q0) -- C:\ProgramData\䖠q䉐q0
      [2013/07/28 23:55:56 | 000,000,000 | ---D | M](C:\ProgramData\?q?q0) -- C:\ProgramData\䖠q䉐q0
      [2013/07/27 12:05:21 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠Ǥ䉐Ǥ0
      [2013/07/27 12:05:21 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠Ǥ䉐Ǥ0
      [2013/07/23 21:27:18 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ě䉐ě0
      [2013/07/23 21:27:18 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ě䉐ě0
      [2013/07/22 12:01:22 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ā䉐Ā0
      [2013/07/22 12:01:22 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ā䉐Ā0
      [2013/07/16 13:09:46 | 000,000,000 | ---D | M](C:\ProgramData\? ? 0) -- C:\ProgramData\䖠 䉐 0
      [2013/07/16 13:09:46 | 000,000,000 | ---D | M](C:\ProgramData\? ? 0) -- C:\ProgramData\䖠 䉐 0
      [2013/07/13 04:08:43 | 000,000,000 | ---D | M](C:\ProgramData\?O?O0) -- C:\ProgramData\䖠Ǒ䉐Ǒ0
      [2013/07/13 04:08:43 | 000,000,000 | ---D | M](C:\ProgramData\?O?O0) -- C:\ProgramData\䖠Ǒ䉐Ǒ0
      [2013/07/13 03:44:57 | 000,000,000 | ---D | M](C:\ProgramData\?t?t0) -- C:\ProgramData\䖠ƫ䉐ƫ0
      [2013/07/13 03:44:57 | 000,000,000 | ---D | M](C:\ProgramData\?t?t0) -- C:\ProgramData\䖠ƫ䉐ƫ0
      [2013/07/11 19:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?F?F0) -- C:\ProgramData\䖠F䉐F0
      [2013/07/11 19:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?F?F0) -- C:\ProgramData\䖠F䉐F0
      [2013/07/10 00:33:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠dz䉐dz0
      [2013/07/10 00:33:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠dz䉐dz0
      [2013/07/08 14:30:09 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠u䉐u0
      [2013/07/08 14:30:09 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠u䉐u0
      [2013/07/02 00:19:09 | 000,000,000 | ---D | M](C:\ProgramData\?¶?¶0) -- C:\ProgramData\䖠¶䉐¶0
      [2013/07/02 00:19:09 | 000,000,000 | ---D | M](C:\ProgramData\?¶?¶0) -- C:\ProgramData\䖠¶䉐¶0
      [2013/07/01 14:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?E?E0) -- C:\ProgramData\䖠Ē䉐Ē0
      [2013/07/01 14:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?E?E0) -- C:\ProgramData\䖠Ē䉐Ē0
      [2013/07/01 11:48:13 | 000,000,000 | ---D | M](C:\ProgramData\?j?j0) -- C:\ProgramData\䖠ǰ䉐ǰ0
      [2013/07/01 11:48:13 | 000,000,000 | ---D | M](C:\ProgramData\?j?j0) -- C:\ProgramData\䖠ǰ䉐ǰ0
      [2013/06/26 08:23:20 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠ǚ䉐ǚ0
      [2013/06/26 08:23:20 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠ǚ䉐ǚ0
      [2013/06/19 11:00:05 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䔸Ǎ䇨Ǎ0
      [2013/06/19 11:00:05 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䔸Ǎ䇨Ǎ0
      [2013/06/13 20:30:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ƹ䇨Ƹ0
      [2013/06/13 20:30:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ƹ䇨Ƹ0
      [2013/06/09 14:01:06 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ʊ䇨Ʊ0
      [2013/06/09 14:01:06 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ʊ䇨Ʊ0
      [2013/06/09 09:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?z?z0) -- C:\ProgramData\䔸ƶ䇨ƶ0
      [2013/06/09 09:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?z?z0) -- C:\ProgramData\䔸ƶ䇨ƶ0
      [2013/06/05 17:01:10 | 000,000,000 | ---D | M](C:\ProgramData\?5?50) -- C:\ProgramData\䔸5䇨50
      [2013/06/05 17:01:10 | 000,000,000 | ---D | M](C:\ProgramData\?5?50) -- C:\ProgramData\䔸5䇨50
      [2013/06/01 18:10:16 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǯ䇨ǯ0
      [2013/06/01 18:10:16 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǯ䇨ǯ0
      [2013/05/27 15:40:47 | 000,000,000 | ---D | M](C:\ProgramData\?g?g0) -- C:\ProgramData\䔸ǧ䇨ǧ0
      [2013/05/27 15:40:47 | 000,000,000 | ---D | M](C:\ProgramData\?g?g0) -- C:\ProgramData\䔸ǧ䇨ǧ0
      [2013/05/09 16:45:30 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƨ䇨ƨ0
      [2013/05/09 16:45:30 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƨ䇨ƨ0
      [2013/04/30 15:37:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǵ䇨Ǵ0
      [2013/04/30 15:37:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǵ䇨Ǵ0
      [2013/04/29 09:33:21 | 000,000,000 | ---D | M](C:\ProgramData\?#?#0) -- C:\ProgramData\䔸#䇨#0
      [2013/04/29 09:33:21 | 000,000,000 | ---D | M](C:\ProgramData\?#?#0) -- C:\ProgramData\䔸#䇨#0
      [2013/04/24 11:57:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƃ䇨ƃ0
      [2013/04/24 11:57:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƃ䇨ƃ0
      [2013/04/24 11:40:41 | 000,000,000 | ---D | M](C:\ProgramData\?­?­0) -- C:\ProgramData\䔸­䇨­0
      [2013/04/24 11:40:41 | 000,000,000 | ---D | M](C:\ProgramData\?­?­0) -- C:\ProgramData\䔸­䇨­0
      [2013/04/21 15:02:37 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ǥ䇨Ǥ0
      [2013/04/21 15:02:37 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ǥ䇨Ǥ0
      [2013/04/13 12:44:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ș䇨Ș0
      [2013/04/13 12:44:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ș䇨Ș0
      [2013/04/12 09:56:12 | 000,000,000 | ---D | M](C:\ProgramData\?D?D0) -- C:\ProgramData\䔸Ď䇨Ď0
      [2013/04/12 09:56:12 | 000,000,000 | ---D | M](C:\ProgramData\?D?D0) -- C:\ProgramData\䔸Ď䇨Ď0
      [2013/04/11 16:02:25 | 000,000,000 | ---D | M](C:\ProgramData\?(?(0) -- C:\ProgramData\䔸(䇨(0
      [2013/04/11 16:02:25 | 000,000,000 | ---D | M](C:\ProgramData\?(?(0) -- C:\ProgramData\䔸(䇨(0
      [2013/04/07 16:29:15 | 000,000,000 | ---D | M](C:\ProgramData\?C?C0) -- C:\ProgramData\䔸Ĉ䇨Ĉ0
      [2013/04/07 16:29:15 | 000,000,000 | ---D | M](C:\ProgramData\?C?C0) -- C:\ProgramData\䔸Ĉ䇨Ĉ0
      [2013/04/03 15:22:08 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ȇ䇨Ȇ0
      [2013/04/03 15:22:08 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ȇ䇨Ȇ0
      [2013/03/30 18:24:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȁ䇨ȁ0
      [2013/03/30 18:24:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȁ䇨ȁ0
      [2013/03/17 13:54:26 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ğ䇨Ğ0
      [2013/03/17 13:54:26 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ğ䇨Ğ0
      [2013/03/16 14:14:46 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䔸ǘ䇨ǘ0
      [2013/03/16 14:14:46 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䔸ǘ䇨ǘ0
      [2013/03/04 12:27:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸䇨0
      [2013/03/04 12:27:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸䇨0
      [2013/03/03 16:30:27 | 000,000,000 | ---D | M](C:\ProgramData\?ï?ï0) -- C:\ProgramData\䔸ï䇨ï0
      [2013/03/03 16:30:27 | 000,000,000 | ---D | M](C:\ProgramData\?ï?ï0) -- C:\ProgramData\䔸ï䇨ï0
      [2013/03/01 15:02:17 | 000,000,000 | ---D | M](C:\ProgramData\?6?60) -- C:\ProgramData\䔸6䇨60
      [2013/03/01 15:02:17 | 000,000,000 | ---D | M](C:\ProgramData\?6?60) -- C:\ProgramData\䔸6䇨60
      [2013/02/28 23:41:04 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȍ䇨ȍ0
      [2013/02/28 23:41:04 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȍ䇨ȍ0
      [2013/02/28 16:32:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǡ䇨Ǡ0
      [2013/02/28 16:32:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǡ䇨Ǡ0
      [2013/02/28 09:08:52 | 000,000,000 | ---D | M](C:\ProgramData\?¢?¢0) -- C:\ProgramData\䔸¢䇨¢0
      [2013/02/28 09:08:52 | 000,000,000 | ---D | M](C:\ProgramData\?¢?¢0) -- C:\ProgramData\䔸¢䇨¢0
      [2013/02/27 18:24:30 | 000,000,000 | ---D | M](C:\ProgramData\?ê?ê0) -- C:\ProgramData\䔸ê䇨ê0
      [2013/02/27 18:24:30 | 000,000,000 | ---D | M](C:\ProgramData\?ê?ê0) -- C:\ProgramData\䔸ê䇨ê0
      [2013/02/26 08:39:39 | 000,000,000 | ---D | M](C:\ProgramData\?w?w0) -- C:\ProgramData\䔸w䇨w0
      [2013/02/26 08:39:39 | 000,000,000 | ---D | M](C:\ProgramData\?w?w0) -- C:\ProgramData\䔸w䇨w0
      [2013/02/25 12:48:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸nj䇨nj0
      [2013/02/25 12:48:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸nj䇨nj0
      [2013/02/23 21:51:56 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǹ䇨ǹ0
      [2013/02/23 21:51:56 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǹ䇨ǹ0
      (C:\ProgramData\?z?z0) -- C:\ProgramData\䔸ƶ䇨ƶ0
      (C:\ProgramData\?w?w0) -- C:\ProgramData\䔸w䇨w0
      (C:\ProgramData\?U?U0) -- C:\ProgramData\䖠Ǖ䉐Ǖ0
      (C:\ProgramData\?u?u0) -- C:\ProgramData\䖠ǚ䉐ǚ0
      (C:\ProgramData\?u?u0) -- C:\ProgramData\䖠u䉐u0
      (C:\ProgramData\?u?u0) -- C:\ProgramData\䔸ǘ䇨ǘ0
      (C:\ProgramData\?t?t0) -- C:\ProgramData\䖠ƫ䉐ƫ0
      (C:\ProgramData\?S?S0) -- C:\ProgramData\䖠Ş䉐Ş0
      (C:\ProgramData\?s?s0) -- C:\ProgramData\䖠s䉐s0
      (C:\ProgramData\?q?q0) -- C:\ProgramData\䖠q䉐q0
      (C:\ProgramData\?õ?õ0) -- C:\ProgramData\䖠õ䉐õ0
      (C:\ProgramData\?ö?ö0) -- C:\ProgramData\䖠ö䉐ö0
      (C:\ProgramData\?O?O0) -- C:\ProgramData\䖠Ǒ䉐Ǒ0
      (C:\ProgramData\?K?K0) -- C:\ProgramData\䖠Ǩ䉐Ǩ0
      (C:\ProgramData\?j?j0) -- C:\ProgramData\䖠ǰ䉐ǰ0
      (C:\ProgramData\?ï?ï0) -- C:\ProgramData\䔸ï䇨ï0
      (C:\ProgramData\?G?G0) -- C:\ProgramData\䖠Ǥ䉐Ǥ0
      (C:\ProgramData\?G?G0) -- C:\ProgramData\䖠G䉐G0
      (C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ǥ䇨Ǥ0
      (C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ğ䇨Ğ0
      (C:\ProgramData\?g?g0) -- C:\ProgramData\䔸ǧ䇨ǧ0
      (C:\ProgramData\?F?F0) -- C:\ProgramData\䖠F䉐F0
      (C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ę䉐ę0
      (C:\ProgramData\?E?E0) -- C:\ProgramData\䖠Ē䉐Ē0
      (C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ě䉐ě0
      (C:\ProgramData\?ê?ê0) -- C:\ProgramData\䔸ê䇨ê0
      (C:\ProgramData\?D?D0) -- C:\ProgramData\䔸Ď䇨Ď0
      (C:\ProgramData\?ç?ç0) -- C:\ProgramData\䖠ç䉐ç0
      (C:\ProgramData\?C?C0) -- C:\ProgramData\䔸Ĉ䇨Ĉ0
      (C:\ProgramData\?a?a0) -- C:\ProgramData\䖠ǟ䉐ǟ0
      (C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ā䉐Ā0
      (C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ǎ䉐Ǎ0
      (C:\ProgramData\?A?A0) -- C:\ProgramData\䔸Ǎ䇨Ǎ0
      (C:\ProgramData\?8?80) -- C:\ProgramData\䖠8䉐80
      (C:\ProgramData\?6?60) -- C:\ProgramData\䔸6䇨60
      (C:\ProgramData\?5?50) -- C:\ProgramData\䔸5䇨50
      (C:\ProgramData\?¶?¶0) -- C:\ProgramData\䖠¶䉐¶0
      (C:\ProgramData\?¢?¢0) -- C:\ProgramData\䔸¢䇨¢0
      (C:\ProgramData\?­?­0) -- C:\ProgramData\䔸­䇨­0
      (C:\ProgramData\????0) -- C:\ProgramData\䖠Lj䉐Lj0
      (C:\ProgramData\????0) -- C:\ProgramData\䖠dz䉐dz0
      (C:\ProgramData\????0) -- C:\ProgramData\䖠Ȃ䉐Ȃ0
      (C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
      (C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸Ƹ䇨Ƹ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸ǯ䇨ǯ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸Ʊ䇨Ʊ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸ƨ䇨ƨ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸Ș䇨Ș0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸ȍ䇨ȍ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸ǹ䇨ǹ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸nj䇨nj0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸Ǵ䇨Ǵ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸Ȇ䇨Ȇ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸ƃ䇨ƃ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸ȁ䇨ȁ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸Ǡ䇨Ǡ0
      (C:\ProgramData\????0) -- C:\ProgramData\䔸䇨0
      (C:\ProgramData\?(?(0) -- C:\ProgramData\䔸(䇨(0
      (C:\ProgramData\?#?#0) -- C:\ProgramData\䔸#䇨#0
      (C:\ProgramData\?!?!0) -- C:\ProgramData\䖠ǃ䉐ǃ0
      [2013/02/23 18:50:59 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\visualbee
      [2014/01/11 23:04:37 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\uTorrent
      [2012/12/14 11:17:01 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\VAFMusic
      [2013/05/15 09:19:43 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\TuneUp Software
      [2013/09/29 20:40:35 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\UpdaterEX
      [2014/02/28 20:59:57 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\thriXXX
      [2013/01/17 14:31:41 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\SearchProtect
      [2013/05/15 09:16:40 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\OpenCandy
      [2013/09/22 22:19:11 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Mixi.DJ
      [2014/04/17 02:18:16 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\mixidj
      [2012/11/20 13:31:31 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\MusicOasis
      [2013/09/30 02:53:44 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\FrostWire
      [2013/01/07 00:07:41 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\DefaultTab
      [2010/02/13 16:00:22 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\DriverCure
      [2013/09/20 08:26:52 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\File Scout
      [2014/01/12 04:53:24 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Claro LTD
      [2013/09/09 18:37:51 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\BabSolution
      [2013/09/20 08:26:35 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Babylon
      [2014/04/18 21:43:09 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
      [2014/04/18 21:43:17 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
      [2014/04/10 20:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
      O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
      O16 - DPF: {B1437251-01BF-47ff-8254-A4CD22E0E2BF} (Reg Error: Key error.)
      O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
      O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
      O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
      O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
      O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
      O9 - Extra Button: Smart Suggestor - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll (Think Tank Labs, LLC)
      O9 - Extra 'Tools' menuitem : Smart Suggestor options - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll (Think Tank Labs, LLC)
      O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
      O4 - Startup: C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = C:\Users\aarons\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe ()
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {650598E1-B35A-45D3-B607-896D7ACB64C3} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {93C338DE-5FB5-4FB5-AB4E-0EEDC0BD9F3A} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
      O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
      O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
      O3 - HKLM\..\Toolbar: (no name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {6636902a-3781-4d94-ab36-af118b839af5} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No CLSID value found.
      O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
      O2 - BHO: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found.
      O2 - BHO: (no name) - {93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} - No CLSID value found.
      O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
      O2 - BHO: (Smart Suggestor) - {DB536AF2-E422-402d-B7FD-887297F1A198} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll (Think Tank Labs, LLC)
      O2 - BHO: (no name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No CLSID value found.
      O2 - BHO: (no name) - {6636902a-3781-4d94-ab36-af118b839af5} - No CLSID value found.
      O2 - BHO: (no name) - {01FEFC77-1031-43C6-BA9A-FEC28E75607C} - No CLSID value found.
      O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
      O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
      O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - No CLSID value found.
      O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\aarons\AppData\Local\DownloadTerms\temp.dat ()
      [2012/05/02 12:24:56 | 000,064,512 | ---- | M] (Kaneva, LLC.) -- C:\Program Files\mozilla firefox\plugins\npkanevapatch.dll
      [2013/03/09 09:58:40 | 000,001,292 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\visualbee.xml
      [2013/09/12 18:02:37 | 000,022,910 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\Web Search.xml
      [2013/07/04 18:45:14 | 000,002,611 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\AOL Search.xml
      [2013/05/10 17:43:46 | 000,006,503 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\babylon.xml
      [2013/05/10 17:43:46 | 000,006,503 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\BrowserDefender.xml
      [2013/05/10 17:43:46 | 000,006,503 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\BrowserProtect.xml
      [2013/02/23 19:29:51 | 000,001,300 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\claro.xml
      [2013/06/19 18:43:48 | 000,001,037 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\conduit.xml
      [2013/09/09 18:57:45 | 000,001,305 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\mixidj.xml
      [2013/09/11 00:08:24 | 000,004,103 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\SweetIM Search.xml
      SRV - [2014/01/15 19:39:44 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)

      :Commands
      [emptytemp]
      [resethosts]

    • Click on "Run Fix" and let the program run unhindered;
    • Your PC will reboot automatically and a log will be opened;
    • Please post it in your next reply.
 
  • Step #5 Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart;
    • Copy and Paste the contents of this log in your reply.
 
  • Step #6 Fix with Junkware Removal Tool
    Download Junkware Removal Tool by thisisu to your Desktop from the link below.
    Download Link 1
    Download Link 2
    • Disable your anti-virus to avoid potential conflicts. For more information please acknowledge yourself this article;
    • Run the program either by double-clicking(Windows XP) or Right-clicking and choosing Run as administrator(Windows Vista and above);
    • Please be patient as the tool cleans your system;
    • After completion of the process a log named JRT.txt will automatically open and is save to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #7 Run Zoek
    Temporary disable your security software i.e. anti-virus, anti-malware. Peruse this if you are unsure. Download Zoek.exe by smeenk from one of the following locations listed below --
    Download Link #1
    Download Link #2
    • Right-click and choose Run as administrator to run the program.
      • Note: The program may not appear instantaneously. Await few minutes for the program to start if that happens
    • Copy and Paste the following content inside the code box into Zoek's box --
      FFdefaults;
      CHRdefaults;
      iedefaults;
      emptyalltemp;
      autoclean;
      
    • Close all open Windows including your web-browser.
    • Click on Run Script.
    • Your system may reboot and a log file will open which is also located in your systemdrive.
    • Copy and Paste the contents of the log in your next reply.
 
  • Required Log(s):
    • OTL Fix Log;
    • AdwCleaner Log;
    • Junkware Removal Tool Log;
    • Zoek Log
Regards,
Valinorum
  • 0

#7
twain1

twain1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

All processes killed
========== COMMANDS ==========
System Restore Service not available.
========== OTL ==========
ADS C:\ProgramData\TEMP:FB1B13D8 deleted successfully.
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
ADS C:\ProgramData\TEMP:466F9D5D deleted successfully.
C:\ProgramData\䖠Ş䉐Ş0 folder moved successfully.
Folder C:\ProgramData\䖠Ş䉐Ş0\ not found.
C:\ProgramData\䖠Ǖ䉐Ǖ0 folder moved successfully.
Folder C:\ProgramData\䖠Ǖ䉐Ǖ0\ not found.
C:\ProgramData\䖠Ǎ䉐Ǎ0 folder moved successfully.
Folder C:\ProgramData\䖠Ǎ䉐Ǎ0\ not found.
C:\ProgramData\䖠s䉐s0 folder moved successfully.
Folder C:\ProgramData\䖠s䉐s0\ not found.
C:\ProgramData\䖠Lj䉐Lj0 folder moved successfully.
Folder C:\ProgramData\䖠Lj䉐Lj0\ not found.
C:\ProgramData\䖠ç䉐ç0 folder moved successfully.
Folder C:\ProgramData\䖠ç䉐ç0\ not found.
C:\ProgramData\䖠ö䉐ö0 folder moved successfully.
Folder C:\ProgramData\䖠ö䉐ö0\ not found.
C:\ProgramData\䖠G䉐G0 folder moved successfully.
Folder C:\ProgramData\䖠G䉐G0\ not found.
C:\ProgramData\䖠Ȃ䉐Ȃ0 folder moved successfully.
Folder C:\ProgramData\䖠Ȃ䉐Ȃ0\ not found.
C:\ProgramData\䖠õ䉐õ0 folder moved successfully.
Folder C:\ProgramData\䖠õ䉐õ0\ not found.
Folder C:\ProgramData\䖠䉐0\ not found.
Folder C:\ProgramData\䖠䉐0\ not found.
C:\ProgramData\䖠ǟ䉐ǟ0 folder moved successfully.
Folder C:\ProgramData\䖠ǟ䉐ǟ0\ not found.
C:\ProgramData\䖠ę䉐ę0 folder moved successfully.
Folder C:\ProgramData\䖠ę䉐ę0\ not found.
C:\ProgramData\䖠Ǩ䉐Ǩ0 folder moved successfully.
Folder C:\ProgramData\䖠Ǩ䉐Ǩ0\ not found.
C:\ProgramData\䖠ǃ䉐ǃ0 folder moved successfully.
Folder C:\ProgramData\䖠ǃ䉐ǃ0\ not found.
C:\ProgramData\䖠8䉐80 folder moved successfully.
Folder C:\ProgramData\䖠8䉐80\ not found.
Folder C:\ProgramData\䖠䉐0\ not found.
Folder C:\ProgramData\䖠䉐0\ not found.
C:\ProgramData\䖠q䉐q0 folder moved successfully.
Folder C:\ProgramData\䖠q䉐q0\ not found.
C:\ProgramData\䖠Ǥ䉐Ǥ0 folder moved successfully.
Folder C:\ProgramData\䖠Ǥ䉐Ǥ0\ not found.
C:\ProgramData\䖠ě䉐ě0 folder moved successfully.
Folder C:\ProgramData\䖠ě䉐ě0\ not found.
C:\ProgramData\䖠Ā䉐Ā0 folder moved successfully.
Folder C:\ProgramData\䖠Ā䉐Ā0\ not found.
C:\ProgramData\䖠 䉐 0 folder moved successfully.
Folder C:\ProgramData\䖠 䉐 0\ not found.
C:\ProgramData\䖠Ǒ䉐Ǒ0 folder moved successfully.
Folder C:\ProgramData\䖠Ǒ䉐Ǒ0\ not found.
C:\ProgramData\䖠ƫ䉐ƫ0 folder moved successfully.
Folder C:\ProgramData\䖠ƫ䉐ƫ0\ not found.
C:\ProgramData\䖠F䉐F0 folder moved successfully.
Folder C:\ProgramData\䖠F䉐F0\ not found.
C:\ProgramData\䖠dz䉐dz0 folder moved successfully.
Folder C:\ProgramData\䖠dz䉐dz0\ not found.
C:\ProgramData\䖠u䉐u0 folder moved successfully.
Folder C:\ProgramData\䖠u䉐u0\ not found.
C:\ProgramData\䖠¶䉐¶0 folder moved successfully.
Folder C:\ProgramData\䖠¶䉐¶0\ not found.
C:\ProgramData\䖠Ē䉐Ē0 folder moved successfully.
Folder C:\ProgramData\䖠Ē䉐Ē0\ not found.
C:\ProgramData\䖠ǰ䉐ǰ0 folder moved successfully.
Folder C:\ProgramData\䖠ǰ䉐ǰ0\ not found.
C:\ProgramData\䖠ǚ䉐ǚ0 folder moved successfully.
Folder C:\ProgramData\䖠ǚ䉐ǚ0\ not found.
C:\ProgramData\䔸Ǎ䇨Ǎ0 folder moved successfully.
Folder C:\ProgramData\䔸Ǎ䇨Ǎ0\ not found.
C:\ProgramData\䔸Ƹ䇨Ƹ0 folder moved successfully.
Folder C:\ProgramData\䔸Ƹ䇨Ƹ0\ not found.
C:\ProgramData\䔸Ʊ䇨Ʊ0 folder moved successfully.
Folder C:\ProgramData\䔸Ʊ䇨Ʊ0\ not found.
C:\ProgramData\䔸ƶ䇨ƶ0 folder moved successfully.
Folder C:\ProgramData\䔸ƶ䇨ƶ0\ not found.
C:\ProgramData\䔸5䇨50 folder moved successfully.
Folder C:\ProgramData\䔸5䇨50\ not found.
C:\ProgramData\䔸ǯ䇨ǯ0 folder moved successfully.
Folder C:\ProgramData\䔸ǯ䇨ǯ0\ not found.
C:\ProgramData\䔸ǧ䇨ǧ0 folder moved successfully.
Folder C:\ProgramData\䔸ǧ䇨ǧ0\ not found.
C:\ProgramData\䔸ƨ䇨ƨ0 folder moved successfully.
Folder C:\ProgramData\䔸ƨ䇨ƨ0\ not found.
C:\ProgramData\䔸Ǵ䇨Ǵ0 folder moved successfully.
Folder C:\ProgramData\䔸Ǵ䇨Ǵ0\ not found.
C:\ProgramData\䔸#䇨#0 folder moved successfully.
Folder C:\ProgramData\䔸#䇨#0\ not found.
C:\ProgramData\䔸ƃ䇨ƃ0 folder moved successfully.
Folder C:\ProgramData\䔸ƃ䇨ƃ0\ not found.
C:\ProgramData\䔸­䇨­0 folder moved successfully.
Folder C:\ProgramData\䔸­䇨­0\ not found.
C:\ProgramData\䔸Ǥ䇨Ǥ0 folder moved successfully.
Folder C:\ProgramData\䔸Ǥ䇨Ǥ0\ not found.
C:\ProgramData\䔸Ș䇨Ș0 folder moved successfully.
Folder C:\ProgramData\䔸Ș䇨Ș0\ not found.
C:\ProgramData\䔸Ď䇨Ď0 folder moved successfully.
Folder C:\ProgramData\䔸Ď䇨Ď0\ not found.
C:\ProgramData\䔸(䇨(0 folder moved successfully.
Folder C:\ProgramData\䔸(䇨(0\ not found.
C:\ProgramData\䔸Ĉ䇨Ĉ0 folder moved successfully.
Folder C:\ProgramData\䔸Ĉ䇨Ĉ0\ not found.
C:\ProgramData\䔸Ȇ䇨Ȇ0 folder moved successfully.
Folder C:\ProgramData\䔸Ȇ䇨Ȇ0\ not found.
C:\ProgramData\䔸ȁ䇨ȁ0 folder moved successfully.
Folder C:\ProgramData\䔸ȁ䇨ȁ0\ not found.
C:\ProgramData\䔸Ğ䇨Ğ0 folder moved successfully.
Folder C:\ProgramData\䔸Ğ䇨Ğ0\ not found.
C:\ProgramData\䔸ǘ䇨ǘ0 folder moved successfully.
Folder C:\ProgramData\䔸ǘ䇨ǘ0\ not found.
Folder C:\ProgramData\䔸䇨0\ not found.
Folder C:\ProgramData\䔸䇨0\ not found.
C:\ProgramData\䔸ï䇨ï0 folder moved successfully.
Folder C:\ProgramData\䔸ï䇨ï0\ not found.
C:\ProgramData\䔸6䇨60 folder moved successfully.
Folder C:\ProgramData\䔸6䇨60\ not found.
C:\ProgramData\䔸ȍ䇨ȍ0 folder moved successfully.
Folder C:\ProgramData\䔸ȍ䇨ȍ0\ not found.
C:\ProgramData\䔸Ǡ䇨Ǡ0 folder moved successfully.
Folder C:\ProgramData\䔸Ǡ䇨Ǡ0\ not found.
C:\ProgramData\䔸¢䇨¢0 folder moved successfully.
Folder C:\ProgramData\䔸¢䇨¢0\ not found.
C:\ProgramData\䔸ê䇨ê0 folder moved successfully.
Folder C:\ProgramData\䔸ê䇨ê0\ not found.
C:\ProgramData\䔸w䇨w0 folder moved successfully.
Folder C:\ProgramData\䔸w䇨w0\ not found.
C:\ProgramData\䔸nj䇨nj0 folder moved successfully.
Folder C:\ProgramData\䔸nj䇨nj0\ not found.
C:\ProgramData\䔸ǹ䇨ǹ0 folder moved successfully.
Folder C:\ProgramData\䔸ǹ䇨ǹ0\ not found.
C:\Users\aarons\AppData\Roaming\visualbee folder moved successfully.
C:\Users\aarons\AppData\Roaming\uTorrent\dlimagecache folder moved successfully.
C:\Users\aarons\AppData\Roaming\uTorrent\apps folder moved successfully.
C:\Users\aarons\AppData\Roaming\uTorrent folder moved successfully.
C:\Users\aarons\AppData\Roaming\VAFMusic\downloads folder moved successfully.
C:\Users\aarons\AppData\Roaming\VAFMusic\config folder moved successfully.
C:\Users\aarons\AppData\Roaming\VAFMusic folder moved successfully.
C:\Users\aarons\AppData\Roaming\TuneUp Software\TU2013\TuningIndex folder moved successfully.
C:\Users\aarons\AppData\Roaming\TuneUp Software\TU2013\Dashboard folder moved successfully.
C:\Users\aarons\AppData\Roaming\TuneUp Software\TU2013\Backups folder moved successfully.
C:\Users\aarons\AppData\Roaming\TuneUp Software\TU2013 folder moved successfully.
C:\Users\aarons\AppData\Roaming\TuneUp Software folder moved successfully.
C:\Users\aarons\AppData\Roaming\UpdaterEX\UpdateProc folder moved successfully.
C:\Users\aarons\AppData\Roaming\UpdaterEX folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Screenshots folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Save\Models\Model0014 folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Save\Models\Model0009 folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Save\Models\Model0005 folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Save\Models folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Save folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Music folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Movies folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Mod\ToyEdit folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Mod\PoseEdit folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Mod\FaceMate folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Mod\ActiveMod folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Mod folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Logs folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Community\Sequencer folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Community\Customizer folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Community folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Archives\2.155.001 folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure\Archives folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\Hentai3D2-CryofPleasure folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Screenshots folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save\Models\Model0012 folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save\Models\Model0009 folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save\Models\Model0003 folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save\Models folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Save folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Music folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Movies folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Mod\ToyEdit folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Mod\PoseEdit folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Mod\FaceMate folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Mod\ActiveMod folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Mod folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Logs folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Community\Sequencer folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Community\Customizer folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Community folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Archives\2.153.001 folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust\Archives folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX\3DSexVilla2-Everlust folder moved successfully.
C:\Users\aarons\AppData\Roaming\thriXXX folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\Res folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd\images folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spsd folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd\images folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\ffprotect\Dialogs\spbd folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\ffprotect\Dialogs\lib folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\ffprotect\Dialogs folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\ffprotect folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\Dialogs\spsd\images folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\Dialogs\spsd folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\Dialogs\spbd\images folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\Dialogs\spbd folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\Dialogs\lib folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\Dialogs folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect\bin folder moved successfully.
C:\Users\aarons\AppData\Roaming\SearchProtect folder moved successfully.
C:\Users\aarons\AppData\Roaming\OpenCandy\OpenCandy_6F835431F86D4DA59A0888D09D612078 folder moved successfully.
C:\Users\aarons\AppData\Roaming\OpenCandy\5643F34F1F854DBAA7A7286E9A555228 folder moved successfully.
C:\Users\aarons\AppData\Roaming\OpenCandy\415FE7DDDD2045DFA7D936D8A2278EE8 folder moved successfully.
C:\Users\aarons\AppData\Roaming\OpenCandy folder moved successfully.
C:\Users\aarons\AppData\Roaming\Mixi.DJ\ffextension\defaults\preferences folder moved successfully.
C:\Users\aarons\AppData\Roaming\Mixi.DJ\ffextension\defaults folder moved successfully.
C:\Users\aarons\AppData\Roaming\Mixi.DJ\ffextension\chrome\skin folder moved successfully.
C:\Users\aarons\AppData\Roaming\Mixi.DJ\ffextension\chrome\locale\en-US folder moved successfully.
C:\Users\aarons\AppData\Roaming\Mixi.DJ\ffextension\chrome\locale folder moved successfully.
C:\Users\aarons\AppData\Roaming\Mixi.DJ\ffextension\chrome\content folder moved successfully.
C:\Users\aarons\AppData\Roaming\Mixi.DJ\ffextension\chrome folder moved successfully.
C:\Users\aarons\AppData\Roaming\Mixi.DJ\ffextension folder moved successfully.
C:\Users\aarons\AppData\Roaming\Mixi.DJ folder moved successfully.
C:\Users\aarons\AppData\Roaming\mixidj folder moved successfully.
C:\Users\aarons\AppData\Roaming\MusicOasis\Local Store\database folder moved successfully.
C:\Users\aarons\AppData\Roaming\MusicOasis\Local Store\#ApplicationUpdater folder moved successfully.
C:\Users\aarons\AppData\Roaming\MusicOasis\Local Store folder moved successfully.
C:\Users\aarons\AppData\Roaming\MusicOasis folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\xml\data folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\xml folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\themes\frostwirePro_theme folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\themes folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\overlays folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\azureus\torrents folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\azureus\tmp folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\azureus\plugins folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\azureus\net folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\azureus\logs\save folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\azureus\logs folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\azureus\dht folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\azureus\active folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\azureus folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\.NetworkShare\Incomplete folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\.NetworkShare folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire\.AppSpecialShare folder moved successfully.
C:\Users\aarons\AppData\Roaming\FrostWire folder moved successfully.
C:\Users\aarons\AppData\Roaming\DefaultTab\DefaultTab folder moved successfully.
C:\Users\aarons\AppData\Roaming\DefaultTab folder moved successfully.
C:\Users\aarons\AppData\Roaming\DriverCure folder moved successfully.
C:\Users\aarons\AppData\Roaming\File Scout folder moved successfully.
C:\Users\aarons\AppData\Roaming\Claro LTD folder moved successfully.
C:\Users\aarons\AppData\Roaming\BabSolution\Shared folder moved successfully.
C:\Users\aarons\AppData\Roaming\BabSolution\CR folder moved successfully.
C:\Users\aarons\AppData\Roaming\BabSolution folder moved successfully.
C:\Users\aarons\AppData\Roaming\Babylon folder moved successfully.
C:\Windows\Tasks\PC Optimizer Pro startups.job moved successfully.
C:\Windows\Tasks\RMAutoUpdate.job moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files\KIS14.0.1.4651.0.998.0 folder moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files\KIS14.0.0.4651.0.1854.0\slideshow folder moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files\KIS14.0.0.4651.0.1854.0 folder moved successfully.
C:\ProgramData\Kaspersky Lab Setup Files folder moved successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Starting removal of ActiveX control {B1437251-01BF-47ff-8254-A4CD22E0E2BF}
C:\Users\TwainDaPrince\AppData\Roaming\GameClub_en\GameClubCOM.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{B1437251-01BF-47ff-8254-A4CD22E0E2BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1437251-01BF-47ff-8254-A4CD22E0E2BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{B1437251-01BF-47ff-8254-A4CD22E0E2BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1437251-01BF-47ff-8254-A4CD22E0E2BF}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\dell.com\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\real.com\rhap-app-4-0\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\real.com\rhapreg\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{520BD054-EEEE-487c-84E8-D5B2DFFE5C18}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{520BD054-EEEE-487c-84E8-D5B2DFFE5C18}\ not found.
File C:\Program Files\Smart Suggestor\SmartSuggestor.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{520BD054-EEEE-487c-84E8-D5B2DFFE5C18}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{520BD054-EEEE-487c-84E8-D5B2DFFE5C18}\ not found.
File C:\Program Files\Smart Suggestor\SmartSuggestor.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d9288080-1baa-4bc4-9cf8-a92d743db949}\ not found.
C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk moved successfully.
C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk moved successfully.
C:\Users\aarons\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0C8413C1-FAD1-446C-8584-BE50576F863E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C8413C1-FAD1-446C-8584-BE50576F863E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{61539ECD-CC67-4437-A03C-9AACCBD14326} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61539ECD-CC67-4437-A03C-9AACCBD14326}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{650598E1-B35A-45D3-B607-896D7ACB64C3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{650598E1-B35A-45D3-B607-896D7ACB64C3}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{90B49673-5506-483E-B92B-CA0265BD9CA8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90B49673-5506-483E-B92B-CA0265BD9CA8}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{93C338DE-5FB5-4FB5-AB4E-0EEDC0BD9F3A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93C338DE-5FB5-4FB5-AB4E-0EEDC0BD9F3A}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{650598e1-b35a-45d3-b607-896d7acb64c3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{650598e1-b35a-45d3-b607-896d7acb64c3}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{6636902a-3781-4d94-ab36-af118b839af5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6636902a-3781-4d94-ab36-af118b839af5}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{90b49673-5506-483e-b92b-ca0265bd9ca8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90b49673-5506-483e-b92b-ca0265bd9ca8}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C80BDEB2-8735-44C6-BD55-A1CCD555667A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90b49673-5506-483e-b92b-ca0265bd9ca8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90b49673-5506-483e-b92b-ca0265bd9ca8}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB536AF2-E422-402d-B7FD-887297F1A198}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB536AF2-E422-402d-B7FD-887297F1A198}\ not found.
File C:\Program Files\Smart Suggestor\SmartSuggestor.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{650598e1-b35a-45d3-b607-896d7acb64c3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{650598e1-b35a-45d3-b607-896d7acb64c3}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6636902a-3781-4d94-ab36-af118b839af5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6636902a-3781-4d94-ab36-af118b839af5}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01FEFC77-1031-43C6-BA9A-FEC28E75607C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01FEFC77-1031-43C6-BA9A-FEC28E75607C}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
File C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ not found.
File C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}\ deleted successfully.
C:\Users\aarons\AppData\Local\DownloadTerms\temp.dat moved successfully.
C:\Program Files\Mozilla Firefox\plugins\npkanevapatch.dll moved successfully.
C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\visualbee.xml moved successfully.
C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\Web Search.xml moved successfully.
C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\AOL Search.xml moved successfully.
C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\babylon.xml moved successfully.
C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\BrowserDefender.xml moved successfully.
C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\BrowserProtect.xml moved successfully.
C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\claro.xml moved successfully.
C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\conduit.xml moved successfully.
C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\mixidj.xml moved successfully.
C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\SweetIM Search.xml moved successfully.
Error: No service named McComponentHostService was found to stop!
Service\Driver key McComponentHostService not found.
File C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: aarons
->Temp folder emptied: 137825839 bytes
->Temporary Internet Files folder emptied: 548900330 bytes
->Java cache emptied: 29914 bytes
->FireFox cache emptied: 95206800 bytes
->Google Chrome cache emptied: 18397637 bytes
->Flash cache emptied: 438170 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32835 bytes
->Google Chrome cache emptied: 253484430 bytes
->Flash cache emptied: 57925 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Entwain
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 294871 bytes
->Java cache emptied: 1795275 bytes
->Google Chrome cache emptied: 347745556 bytes
->Flash cache emptied: 100759 bytes
 
User: Malek
 
User: PrinceTwain
 
User: Public
->Temp folder emptied: 0 bytes
 
User: TEMP
->Temp folder emptied: 0 bytes
->Google Chrome cache emptied: 253484430 bytes
->Flash cache emptied: 4293 bytes
 
User: twizzle
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 12763214 bytes
->Java cache emptied: 65651 bytes
->Google Chrome cache emptied: 247857426 bytes
->Flash cache emptied: 95998 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 155952 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 139426 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 1,830.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 04192014_072951

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


  • 0

#8
twain1

twain1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

ADWcleaner stopped responding when it was trying to clean did the same thing like mbam


  • 0

#9
twain1

twain1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

i kept ESET NOD32 Antivirus btw


  • 0

#10
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Proceed with Junkware Removal Tool and Zoek.
  • 0

Advertisements


#11
twain1

twain1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista ™ Home Basic x86
Ran by aarons on Sat 04/19/2014 at  9:01:01.91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\\*.crossrider.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\New Windows\Allow\\*.crossrider.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wtb.band
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wtb.band.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\certifiedtoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\complitly.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\discoveryhelper.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\gifanimator.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\imesh.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\imtrprogress.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\imweb.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C430996F-4AA8-4AA8-81DE-F54432CD5786}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\complitly
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\visualbee
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wecarereminder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\compete
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitengine
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\freecause
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricscontainer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\utorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\whitesmoke_new
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-276059291-3993976188-3623813286-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-276059291-3993976188-3623813286-1000\Software\wajam
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update whilokii
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\browsercompanion
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\firstsearch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\claro.claroappcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\claro.claroappcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\claro.clarodskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\claro.clarodskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.claroesrvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\esrv.claroesrvc.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bandobjectattribute
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.dockingpanel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbarbandobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbardisplaystate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbarmenuform
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imweb.imwebcontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\suggestmeyes.suggestmeyesbho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\suggestmeyes.suggestmeyesbho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\claro
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4ffbb818-b13c-11e0-931d-b2664824019b}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8fb495a1-4a3f-4c1d-bd27-3f3ab2e66763}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9fa57e32-3d16-4ff8-884b-174a5a257f01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a0c9df2b-89b5-4483-8983-18a68200f1b4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2612669
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2786678
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3150609
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3309350
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B6DF8598-1E91-4B7A-884A-B2D1E954D3EC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\asktoolbarinfo"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"



~~~ Files

Successfully deleted: [File] "C:\Windows\System32\Tasks\scheduled update for ask toolbar"
Successfully deleted: [File] C:\Windows\System32\Tasks\DealPly
Successfully deleted: [File] C:\Windows\System32\Tasks\epupdater
Successfully deleted: [File] C:\Windows\System32\Tasks\Updater23986.exe
Successfully deleted: [File] C:\Windows\Tasks\rmschedule.job



~~~ Folders

Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\certifiedtoolbar"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\claro ltd"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\fast free converter"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\imvu_inc"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\mixidj"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\smartbar"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\whitesmoke_new"
Successfully deleted: [Folder] "C:\Users\aarons\Local Settings\Application Data\adawarebp"
Successfully deleted: [Folder] "C:\Users\aarons\Local Settings\Application Data\cre"
Successfully deleted: [Folder] "C:\Users\aarons\Local Settings\Application Data\smartbar"
Successfully deleted: [Folder] "C:\Users\aarons\Local Settings\Application Data\swvupdater"
Successfully deleted: [Folder] "C:\Users\aarons\Local Settings\Application Data\visi_coupon"
Successfully deleted: [Folder] "C:\Users\aarons\Local Settings\Application Data\visualbeeexe"
Successfully deleted: [Folder] "C:\Users\aarons\Local Settings\Application Data\wajam"
Successfully deleted: [Folder] "C:\Program Files\lesstabs"
Successfully deleted: [Folder] "C:\Program Files\sweetpacks"
Successfully deleted: [Folder] "C:\Program Files\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Users\aarons\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
Successfully deleted: [Empty Folder] C:\Users\aarons\appdata\local\{09CAA740-D477-4E06-A253-B1F97C532976}
Successfully deleted: [Folder] "C:\Users\aarons\appdata\locallow\asktoolbar"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\user.js
Successfully deleted: [File] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\invalidprefs.js
Successfully deleted: [File] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\extensions\[email protected]
Successfully deleted: [File] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\search-here.xml
Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\[email protected]"
Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\[email protected]"
Successfully deleted: [Folder] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\smartbar
Successfully deleted: [Folder] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\extensions\128
Successfully deleted: [Folder] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\extensions\133
Successfully deleted: [Folder] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Folder] C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\[email protected]
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\[email protected]
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\[email protected]
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\{c7ae725d-fa5c-4027-bb4c-787ef9f8248a}
Successfully deleted the following from C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\prefs.js

user_pref("CT3220468.smartbar.CTID", "CT3220468");
user_pref("CT3220468.smartbar.Uninstall", "0");
user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
user_pref("CT3309350.smartbar.CTID", "CT3309350");
user_pref("CT3309350.smartbar.Uninstall", "0");
user_pref("CT3309350.smartbar.toolbarName", "BrowserPlus2 ");
user_pref("browser.newtab.url", "hxxp://www.mysearchresults.com/?c=9998&t=01&nt=nt1&uid=ffff03cf117c445afd1ef4dea0863a75");
user_pref("browser.startup.homepage", "hxxp://www.mysearchresults.com/?c=4001&t=01");
user_pref("extensions.defaulttab.PIR7", 1397183531);
user_pref("extensions.defaulttab.browserID", "ffff03cf117c445afd1ef4dea0863a75");
user_pref("extensions.defaulttab.config", "{\"set_default_search\":\"Search Here|Search Here\",\"features\":[{\"engine\":\"Related Search - NS1 - DDC\",\"additional_config\":\
user_pref("extensions.defaulttab.firstrun", false);
user_pref("extensions.defaulttab.homepage.original", "hxxp://www.mysearchresults.com/?c=9998&t=01");
user_pref("extensions.defaulttab.installdate", 1395164807);
user_pref("extensions.defaulttab.installedVersion", "2.3.3");
user_pref("extensions.defaulttab.lastNetSeerDownload", 1397582675);
user_pref("extensions.defaulttab.useNewTabWhiteList", false);
Emptied folder: C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\minidumps [267 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\aarons\appdata\local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh
Successfully deleted: [Folder] C:\Users\aarons\appdata\local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl
Successfully deleted: [Folder] C:\Users\aarons\appdata\local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda
Successfully deleted: [Folder] C:\Users\aarons\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Folder] C:\Users\aarons\appdata\local\Google\Chrome\User Data\Default\Extensions\ippkomaaonokjnfjoikaemidanojkfmm
Successfully deleted: [Folder] C:\Users\aarons\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Folder] C:\Users\aarons\appdata\local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Successfully deleted: [Folder] C:\Users\aarons\appdata\local\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon
Successfully deleted: [Folder] C:\Users\aarons\appdata\local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm
Successfully deleted: [Folder] C:\Users\aarons\appdata\local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 04/19/2014 at  9:35:30.35
End of JRT log


  • 0

#12
twain1

twain1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

for zoek im getting an error msg saying Cant find script engine ''VBScript''


  • 0

#13
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Can you try AdwCleaner now as instructed in Step 5?
  • 0

#14
twain1

twain1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

# AdwCleaner v3.024 - Report created 19/04/2014 at 10:06:25
# Updated 18/04/2014 by Xplode
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : aarons - AARONS-PC
# Running from : C:\Users\aarons\Downloads\AdwCleaner(2).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\aarons\AppData\Local\SoftwareUpdater
Folder Deleted : C:\Users\aarons\AppData\LocalLow\BrowserPlus2
Folder Deleted : C:\Users\aarons\AppData\LocalLow\Viral_Tube
Folder Deleted : C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Entwain\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Entwain\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\Entwain\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Entwain\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\twizzle\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\twizzle\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\twizzle\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\twizzle\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\twizzle\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\twizzle\AppData\LocalLow\ShoppingReport2
Folder Deleted : C:\Users\twizzle\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\PrinceTwain\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\aarons\AppData\Roaming\Mozilla\Firefox\Profiles\h3eg7qcu.default\adawaretb
Folder Deleted : C:\Users\aarons\AppData\Roaming\Mozilla\Firefox\Profiles\h3eg7qcu.default\Extensions\[email protected]
Folder Deleted : C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn
Folder Deleted : C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pollkeobaahnbmpcgombjfibedabcddd
Folder Deleted : C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl
File Deleted : C:\Users\Public\Desktop\iMesh.lnk
File Deleted : C:\Users\aarons\AppData\Roaming\Mozilla\Firefox\Profiles\h3eg7qcu.default\defaulttab.config
File Deleted : C:\Windows\System32\Tasks\Software Updater Ui
File Deleted : C:\Windows\System32\Tasks\Software Updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\abfmigjiaapipflmopkaaooigcjjdojh
Key Deleted : HKCU\Software\Google\Chrome\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F08F59B-4B41-4DB9-B894-C85A2BE08D89}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2353012D-0BFC-432A-9945-A798C6B3FF03}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2353012D-0BFC-432A-9945-A798C6B3FF03}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{347B5A1E-6E85-48C8-BBB1-6CB12AA80010}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{347B5A1E-6E85-48C8-BBB1-6CB12AA80010}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{651D23A3-4D9D-4AF3-ADDF-51E353CD92B9}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{955485B6-D9A5-45F3-98CF-A75A2DFECD44}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{955485B6-D9A5-45F3-98CF-A75A2DFECD44}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6909A104-AC2E-4DC1-BC9A-60A8117EDFD4}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6909A104-AC2E-4DC1-BC9A-60A8117EDFD4}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4C5AE9EB-04BC-47AB-8261-D4E418B160D0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4C5AE9EB-04BC-47AB-8261-D4E418B160D0}
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.Device
Key Deleted : HKLM\SOFTWARE\Classes\iMesh.file
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKCU\Software\855de8ae63cea12
Key Deleted : HKLM\SOFTWARE\855de8ae63cea12
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D7490A-D9C7-47DF-91F3-23FB36D5204B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A83013E6-BF8A-410F-B343-E9D1E597A36E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{51D7490A-D9C7-47DF-91F3-23FB36D5204B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C6EA3-B429-41BE-A4D7-BDA62A79CC5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17E6BFC-D0FC-4F6C-AB16-8D5431BB73BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{04C8179F-161E-4B98-88EA-E58946E64796}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B55701E0-1B04-47A4-B11B-41E4050263B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1A72D6-0B2B-4C5B-9EFA-33E6D9407281}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF5EEA24-DA93-4D95-8460-AB86B4FFFC75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C48A7A5-A108-4683-9AB5-706A091CD372}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{650598E1-B35A-45D3-B607-896D7ACB64C3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{93C338DE-5FB5-4FB5-AB4E-0EEDC0BD9F3A}]
Key Deleted : HKCU\Software\Claro LTD
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Mp3Tube
Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade
Key Deleted : HKCU\Software\AppDataLow\Software\Savings Vault
Key Deleted : HKCU\Software\AppDataLow\Software\BrowserPlus2
Key Deleted : HKCU\Software\AppDataLow\Software\IMVU_Inc
Key Deleted : HKCU\Software\AppDataLow\Software\Viral_Tube
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\Bench
Key Deleted : HKLM\Software\Claro LTD
Key Deleted : HKLM\Software\FREEzeFlip
Key Deleted : HKLM\Software\FREEzeFrog
Key Deleted : HKLM\Software\Imesh
Key Deleted : HKLM\Software\InfoAtoms
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\SimplyGen
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\BrowserPlus2
Key Deleted : HKLM\Software\IMVU_Inc
Key Deleted : HKLM\Software\Viral_Tube
Key Deleted : HKLM\Software\WhiteSmoke_New
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{9FA57E32-3D16-4FF8-884B-174A5A257F01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facetheme
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Fast Free Converter
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FBDownloader
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FREEzeFlipSA
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FREEzeFrogSA
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Homepage Protection Service
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\I Want This
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IspAssistant-Mp3Tube
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\[email protected]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mixidj
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Mp3Tube Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\QuestScan
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Savings Vault
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShoppingReport2
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\StartNow Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserPlus2 Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMVU_Inc Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viral_Tube Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WhiteSmoke_New Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Features\1A594BF8F3A4D1C4DB72F3A32B6E7636
Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636
Key Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16545

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\aarons\AppData\Roaming\Mozilla\Firefox\Profiles\h3eg7qcu.default\prefs.js ]

Line Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.FirstTime", "true");
Line Deleted : user_pref("CT3220468.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3220468.UserID", "UN06182610534655153");
Line Deleted : user_pref("CT3220468.countryCode", "US");
Line Deleted : user_pref("CT3220468.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3220468.fixUrls", true);
Line Deleted : user_pref("CT3220468.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3220468.lastVersion", "10.20.0.513");
Line Deleted : user_pref("CT3220468.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Line Deleted : user_pref("CT3220468.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://uTorrentControlv2.OurToo[...]
Line Deleted : user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3220468.searchSuggestEnabledByUser", "True");
Line Deleted : user_pref("CT3220468.searchUserMode", "2");
Line Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2 \"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_services_Configuration_lastUpdate", "1380161232073");
Line Deleted : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1379946643417");
Line Deleted : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1380161227286");
Line Deleted : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1379513180196");
Line Deleted : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1379513180103");
Line Deleted : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1380161230556");
Line Deleted : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1380161227298");
Line Deleted : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1379513180282");
Line Deleted : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1380161230358");
Line Deleted : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1380161227155");
Line Deleted : user_pref("CT3220468.settingsINI", true);
Line Deleted : user_pref("CT3220468.showToolbarPermission", "false");
Line Deleted : user_pref("CT3220468.toolbarBornServerTime", "28-12-2012");
Line Deleted : user_pref("CT3220468.toolbarCurrentServerTime", "28-12-2012");
Line Deleted : user_pref("CT3220468.toolbarDisabled", "true");
Line Deleted : user_pref("CT3220468.toolbarLoginClientTime", "Mon Aug 19 2013 11:49:40 GMT-0500 (Central Standard Time)");
Line Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1380161213702,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3309350.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3309350.FirstTime", "true");
Line Deleted : user_pref("CT3309350.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3309350.UserID", "UN21499056853772702");
Line Deleted : user_pref("CT3309350.countryCode", "US");
Line Deleted : user_pref("CT3309350.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3309350.fixUrls", true);
Line Deleted : user_pref("CT3309350.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3309350.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3309350.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3309350.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3309350.lastVersion", "10.16.9.506");
Line Deleted : user_pref("CT3309350.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3309350.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3309350.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://BrowserPlus2.OurToolbar.com/\",\"EB_TO[...]
Line Deleted : user_pref("CT3309350.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3309350.searchSuggestEnabledByUser", "TRUE");
Line Deleted : user_pref("CT3309350.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3309350.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3309350\"}");
Line Deleted : user_pref("CT3309350.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://BrowserPlus2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3309350.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"BrowserPlus2\"}");
Line Deleted : user_pref("CT3309350.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3309350.serviceLayer_services_Configuration_lastUpdate", "1376948352244");
Line Deleted : user_pref("CT3309350.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1376948357745");
Line Deleted : user_pref("CT3309350.serviceLayer_services_appsMetadata_lastUpdate", "1376948357249");
Line Deleted : user_pref("CT3309350.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1376948357275");
Line Deleted : user_pref("CT3309350.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1376948357586");
Line Deleted : user_pref("CT3309350.serviceLayer_services_searchAPI_lastUpdate", "1376948352262");
Line Deleted : user_pref("CT3309350.serviceLayer_services_serviceMap_lastUpdate", "1376948351567");
Line Deleted : user_pref("CT3309350.serviceLayer_services_toolbarContextMenu_lastUpdate", "1376948357416");
Line Deleted : user_pref("CT3309350.serviceLayer_services_toolbarSettings_lastUpdate", "1376948351744");
Line Deleted : user_pref("CT3309350.serviceLayer_services_translation_lastUpdate", "1376948357778");
Line Deleted : user_pref("CT3309350.settingsINI", true);
Line Deleted : user_pref("CT3309350.showToolbarPermission", "false");
Line Deleted : user_pref("CT3309350_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1376948329017,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("extensions.claro.admin", false);
Line Deleted : user_pref("extensions.claro.aflt", "babsst");
Line Deleted : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Line Deleted : user_pref("extensions.claro.autoRvrt", "false");
Line Deleted : user_pref("extensions.claro.dfltLng", "en");
Line Deleted : user_pref("extensions.claro.excTlbr", false);
Line Deleted : user_pref("extensions.claro.id", "cc0cb06c000000000000bcf685ae21bf");
Line Deleted : user_pref("extensions.claro.instlDay", "15760");
Line Deleted : user_pref("extensions.claro.instlRef", "sst");
Line Deleted : user_pref("extensions.claro.prdct", "claro");
Line Deleted : user_pref("extensions.claro.prtnrId", "claro");
Line Deleted : user_pref("extensions.claro.rvrt", "false");
Line Deleted : user_pref("extensions.claro.tlbrId", "base");
Line Deleted : user_pref("extensions.claro.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.claro.vrsn", "1.8.8.5");
Line Deleted : user_pref("extensions.claro.vrsni", "1.8.8.5");
Line Deleted : user_pref("extensions.claro_i.excTlbr", false);
Line Deleted : user_pref("extensions.claro_i.newTab", false);
Line Deleted : user_pref("extensions.claro_i.smplGrp", "none");
Line Deleted : user_pref("extensions.claro_i.vrsnTs", "1.8.8.518:29:46");
Line Deleted : user_pref("extensions.defaulttab.config", "{\"set_default_search\":\"Search Here|Search Here\",\"features\":[{\"engine\":\"Related Search - NS1 - DDC\",\"additional_config\":\"c=1A3578,tlid=22406\",\"[...]
Line Deleted : user_pref("extensions.ui.lastCategory", "addons://search/claro%20toolbar");
Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Line Deleted : user_pref("extentions.webcake.installId", "820748f2-7588-487f-90b6-c58a5a6ffbf5");

-\\ Google Chrome v

[ File : C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : search_url
Deleted : keyword

[ File : C:\Users\Entwain\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\twizzle\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [63897 octets] - [19/04/2014 07:47:18]
AdwCleaner[R1].txt - [59764 octets] - [19/04/2014 08:23:12]
AdwCleaner[R2].txt - [60003 octets] - [19/04/2014 08:34:43]
AdwCleaner[R3].txt - [44183 octets] - [19/04/2014 09:59:49]
AdwCleaner[S0].txt - [3333 octets] - [19/04/2014 07:53:51]
AdwCleaner[S1].txt - [350 octets] - [19/04/2014 08:25:46]
AdwCleaner[S2].txt - [351 octets] - [19/04/2014 08:39:57]
AdwCleaner[S3].txt - [44189 octets] - [19/04/2014 10:06:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [44250 octets] ##########


  • 0

#15
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Can you delete your current version of zoek and re-download it to follow the Zoek's instruction? Also, how is your PC running?
  • 0






Similar Topics


Also tagged with one or more of these keywords: virus, malware, memory

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP