OTL logfile created on: 4/18/2014 10:55:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\aarons\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.99 Gb Total Physical Memory | 1.55 Gb Available Physical Memory | 51.96% Memory free
6.20 Gb Paging File | 4.36 Gb Available in Paging File | 70.40% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 35.13 Gb Free Space | 25.28% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.23 Gb Free Space | 62.27% Space Free | Partition Type: NTFS
Computer Name: AARONS-PC | User Name: aarons | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/04/18 22:29:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\aarons\Downloads\OTL.exe
PRC - [2014/04/14 22:36:41 | 000,647,168 | ---- | M] (IDEVFH) -- C:\Users\aarons\AppData\Roaming\Mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
PRC - [2014/04/14 07:45:18 | 000,258,160 | ---- | M] (Dell) -- C:\Users\aarons\AppData\Local\Apps\2.0\71Q8ZXZ9.NP0\LPEEM8HG.5YJ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe
PRC - [2014/04/11 19:53:50 | 000,055,592 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\IMVUClient.exe
PRC - [2014/03/29 03:40:07 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/03/12 03:09:49 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\21.2.0.38\n360.exe
PRC - [2014/01/15 19:40:24 | 000,277,920 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
PRC - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/11/01 15:11:20 | 000,067,584 | ---- | M] (PasswordBox, Inc.) -- C:\Program Files\PasswordBox\pbbtnService.exe
PRC - [2013/10/30 20:09:08 | 002,990,304 | ---- | M] (Nota Inc.) -- C:\Program Files\Gyazo\GyStation.exe
PRC - [2013/10/30 17:51:34 | 002,838,568 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
PRC - [2013/10/30 17:51:30 | 000,091,688 | ---- | M] (The Nielsen Company) -- C:\Program Files\NetRatingsNetSight\NetSight\nielsenonline.exe
PRC - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2013/09/12 12:06:06 | 005,110,672 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2013/09/07 17:22:26 | 001,861,512 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
PRC - [2013/07/15 16:09:24 | 000,554,384 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/12/05 14:22:40 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/08/09 12:02:26 | 000,038,608 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012/05/30 16:45:22 | 000,231,576 | ---- | M] () -- C:\Program Files\otshot\ZalmanUpdateService.exe
PRC - [2012/04/16 03:44:04 | 000,177,152 | ---- | M] (Clasys Ltd.) -- C:\Program Files\iNTERNET Turbo\ITTray.exe
PRC - [2012/02/05 23:34:45 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2011/03/31 15:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2010/08/06 13:13:12 | 000,087,336 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\NServiceEntry.exe
PRC - [2010/06/24 14:34:52 | 000,091,456 | ---- | M] () -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe
PRC - [2009/11/17 17:15:08 | 000,087,968 | ---- | M] (Andrea Electronics Corporation) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
PRC - [2009/08/21 08:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009/07/07 19:10:14 | 000,151,552 | ---- | M] () -- C:\Windows\System32\ANIWConnService.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
========== Modules (No Company Name) ==========
MOD - [2014/04/11 19:53:50 | 000,055,592 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\IMVUClient.exe
MOD - [2014/04/08 19:57:06 | 000,131,072 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_imvugecko.pyd
MOD - [2014/04/08 19:57:02 | 000,083,968 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_imvuflash.pyd
MOD - [2014/04/08 19:55:58 | 001,736,192 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_avatarwindow.pyd
MOD - [2014/04/08 19:52:18 | 000,190,976 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\imvugecko.dll
MOD - [2014/04/08 19:52:12 | 000,110,592 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\imvuflash.dll
MOD - [2014/04/08 19:51:10 | 000,943,616 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\SceneWindow.dll
MOD - [2014/04/03 19:29:26 | 000,059,392 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_sqlite3.pyd
MOD - [2014/04/03 19:29:16 | 000,044,032 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_pylzma.pyd
MOD - [2014/04/03 19:28:40 | 000,135,680 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_libzero.pyd
MOD - [2014/04/03 19:26:54 | 000,812,544 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_cal3d.pyd
MOD - [2014/04/03 19:13:54 | 000,506,368 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\sqlite3.dll
MOD - [2014/04/03 19:07:24 | 000,010,752 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\nphwndproxy.dll
MOD - [2014/04/03 19:04:34 | 000,014,336 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\MemoryHook.dll
MOD - [2014/04/03 19:03:14 | 000,169,984 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\zero.dll
MOD - [2014/04/03 19:03:10 | 000,072,704 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\ParticleLib.dll
MOD - [2014/04/03 18:58:12 | 000,276,480 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\cal3d.dll
MOD - [2014/04/03 18:57:42 | 000,216,576 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\boost_python.dll
MOD - [2014/04/03 18:57:38 | 000,031,744 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\CallStack.dll
MOD - [2014/04/03 18:01:44 | 016,166,280 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\NPSWF32.dll
MOD - [2014/04/03 17:57:56 | 000,126,976 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\pyexpat.pyd
MOD - [2014/04/03 17:57:56 | 000,109,568 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\pywintypes27.dll
MOD - [2014/04/03 17:57:56 | 000,087,040 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_ctypes.pyd
MOD - [2014/04/03 17:57:56 | 000,046,080 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_socket.pyd
MOD - [2014/04/03 17:57:56 | 000,028,160 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_ssl.pyd
MOD - [2014/04/03 17:57:56 | 000,010,240 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\select.pyd
MOD - [2014/04/03 17:57:40 | 000,016,384 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32clipboard.pyd
MOD - [2014/04/03 17:57:38 | 000,110,592 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32file.pyd
MOD - [2014/04/03 17:57:38 | 000,098,304 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32api.pyd
MOD - [2014/04/03 17:57:38 | 000,034,816 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32process.pyd
MOD - [2014/04/03 17:57:36 | 000,166,912 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32gui.pyd
MOD - [2014/04/03 17:57:36 | 000,016,896 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32event.pyd
MOD - [2014/04/03 17:57:32 | 000,659,456 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\_imaging.pyd
MOD - [2014/04/03 17:57:30 | 000,265,216 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\win32com.shell.shell.pyd
MOD - [2014/04/03 17:57:18 | 000,357,888 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\pythoncom27.dll
MOD - [2014/04/03 17:48:30 | 000,872,448 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\IMVUClient\js3250.dll
MOD - [2014/03/29 03:40:06 | 003,642,480 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/02/14 05:32:29 | 001,801,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3cf321fb70231d473d99105a582c23e1\System.Deployment.ni.dll
MOD - [2014/02/14 05:32:19 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\d17ceca243fabda73eefb21d9bd072df\System.Configuration.ni.dll
MOD - [2014/02/14 05:30:33 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f87e71868aedbc6c4e8fe7160d17c4ab\System.Xml.ni.dll
MOD - [2014/02/14 05:29:52 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d2b605fc7deda872727d1ed37710420e\System.Windows.Forms.ni.dll
MOD - [2014/02/14 05:29:02 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8e6265a54260bddfc05951e764f5bc48\System.Drawing.ni.dll
MOD - [2014/02/14 05:19:51 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\957628d9dd7b3bf370a56dca7835a997\System.ni.dll
MOD - [2014/02/14 05:19:28 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\694a37a84dee2cd2609a1dfab27c0433\mscorlib.ni.dll
MOD - [2013/12/18 11:14:42 | 000,851,968 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\npfirefoxprocessor.dll
MOD - [2013/12/18 11:14:14 | 001,246,720 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\npffaddons.dll
MOD - [2013/12/18 11:13:34 | 000,224,768 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\npwmi.dll
MOD - [2013/12/18 11:13:20 | 000,228,864 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\npsurvey.dll
MOD - [2013/12/18 11:13:08 | 000,150,528 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\npsp1.dll
MOD - [2013/12/18 11:12:44 | 000,504,832 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\communication.dll
MOD - [2013/10/30 17:49:40 | 000,504,320 | ---- | M] () -- C:\Program Files\NetRatingsNetSight\NetSight\nsmmc.dll
MOD - [2013/09/07 17:22:25 | 016,166,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_8_800_94.dll
MOD - [2012/05/25 05:25:00 | 000,921,600 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2009/07/07 17:50:04 | 000,258,048 | ---- | M] () -- C:\Windows\System32\wlanapp.dll
MOD - [2009/06/01 13:23:24 | 000,315,392 | ---- | M] () -- C:\Program Files\ANI\ANIWZCS2 Service\ANIOApi.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - File not found [Auto | Stopped] -- C:\Users\aarons\AppData\Local\LOGMEI~2\LMIR0001.tmp\LMI_Rescue_srv.exe -- (LMIRescue_64bc35dc-6e03-4953-bce6-dd4e0e2f61bb)
SRV - File not found [Auto | Stopped] -- C:\ProgramData\BrowserDefender\2.6.1562.221\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe -- (BrowserDefendert)
SRV - [2014/04/09 16:45:26 | 000,297,984 | ---- | M] () [Auto | Stopped] -- C:\Program Files\SoftwareUpdater\SystemStore.exe -- (SystemStoreService)
SRV - [2014/03/29 03:40:06 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/03/12 03:09:49 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\21.2.0.38\N360.exe -- (N360)
SRV - [2014/01/15 19:39:44 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/12/18 13:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/01 15:11:20 | 000,067,584 | ---- | M] (PasswordBox, Inc.) [Auto | Running] -- C:\Program Files\PasswordBox\pbbtnService.exe -- (PasswordBox)
SRV - [2013/10/30 17:51:34 | 002,838,568 | ---- | M] (The Nielsen Company) [Auto | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe -- (NielsenUpdate)
SRV - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/12/05 14:22:40 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/08/09 12:02:26 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/05/30 16:45:22 | 000,231,576 | ---- | M] () [Auto | Running] -- C:\Program Files\otshot\ZalmanUpdateService.exe -- (otshot)
SRV - [2012/01/03 14:14:00 | 004,726,616 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2011/03/31 15:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2010/08/06 13:13:12 | 000,087,336 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010/06/24 14:34:52 | 000,091,456 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2009/11/17 17:15:08 | 000,087,968 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe -- (AERTFilters)
SRV - [2009/07/07 19:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Windows\System32\ANIWConnService.exe -- (ANIWConnService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva398.sys -- (XDva398)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva392.sys -- (XDva392)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva391.sys -- (XDva391)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva389.sys -- (XDva389)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva387.sys -- (XDva387)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva385.sys -- (XDva385)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva383.sys -- (XDva383)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva365.sys -- (XDva365)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva285.sys -- (XDva285)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleXNt.sys -- (EagleXNt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\IPlayUnlimited\Cabal Reloaded\Byakko.K32 -- (ByakkoDriver)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2014/04/17 16:30:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2014/04/13 21:11:32 | 000,142,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2014/04/13 04:37:13 | 001,612,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140418.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2014/04/13 04:37:13 | 000,376,920 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2014/04/13 04:37:13 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140418.016\NAVENG.SYS -- (NAVENG)
DRV - [2014/04/11 16:26:30 | 000,395,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140417.001\IDSvix86.sys -- (IDSVix86)
DRV - [2014/03/19 01:34:28 | 001,098,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2014/03/03 23:18:12 | 000,936,152 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\1502000.026\symefa.sys -- (SymEFA)
DRV - [2014/02/17 20:32:41 | 000,384,728 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1502000.026\symtdiv.sys -- (SYMTDIv)
DRV - [2014/02/12 20:59:49 | 000,664,280 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\1502000.026\srtsp.sys -- (SRTSP)
DRV - [2013/12/18 11:11:56 | 000,023,080 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\Program Files\NetRatingsNetSight\NetSight\meter5\nnfwdk.sys -- (nnfwdk)
DRV - [2013/10/02 03:31:32 | 000,031,560 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2013/09/26 21:45:56 | 000,206,936 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1502000.026\ironx86.sys -- (SymIRON)
DRV - [2013/09/25 21:50:25 | 000,127,064 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1502000.026\ccsetx86.sys -- (ccSet_N360)
DRV - [2013/09/22 01:18:40 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
DRV - [2013/09/17 15:17:38 | 000,188,808 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2013/09/17 15:17:38 | 000,134,248 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2013/09/17 15:17:38 | 000,122,376 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2013/09/09 21:47:26 | 000,367,704 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\1502000.026\symds.sys -- (SymDS)
DRV - [2013/09/09 20:49:48 | 000,032,344 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\1502000.026\srtspx.sys -- (SRTSPX)
DRV - [2013/09/04 14:57:44 | 000,024,040 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gfiutil.sys -- (gfiutil)
DRV - [2013/05/23 08:39:14 | 000,043,368 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gfiark.sys -- (gfiark)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/10/19 19:10:28 | 000,083,912 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2012/08/24 15:41:32 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2012/03/16 11:08:48 | 000,013,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf003.sys -- (apf003)
DRV - [2011/11/27 21:05:20 | 000,010,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\apf001.sys -- (apf001)
DRV - [2010/11/26 18:02:28 | 000,015,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010/06/23 09:23:44 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010/06/18 14:09:48 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motport.sys -- (motport)
DRV - [2010/06/18 14:09:48 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2010/06/18 13:41:34 | 000,019,968 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2010/04/01 13:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2010/02/17 05:44:14 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssmirrdr.sys -- (ssmirrdr)
DRV - [2010/02/03 14:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/01/25 18:56:44 | 000,009,472 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2009/12/30 11:21:16 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
DRV - [2009/08/03 09:56:10 | 000,735,232 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Dnetr28u.sys -- (netr28u)
DRV - [2009/07/10 12:01:06 | 000,025,856 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motoandroid.sys -- (motandroidusb)
DRV - [2009/06/09 23:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/04/11 00:06:26 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDScan.sys -- (WSDScan)
DRV - [2009/03/06 17:09:52 | 000,012,800 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\anodlwf.sys -- (anodlwf)
DRV - [2009/01/29 16:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 16:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008/01/19 01:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/11/02 14:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2007/04/29 03:42:24 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/12/31 14:38:18 | 000,031,616 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/10/18 13:08:18 | 000,258,048 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2005/01/02 16:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...me=true&tid=397
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...=397&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...=397&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...me=true&tid=397
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...me=true&tid=397
IE - HKLM\..\URLSearchHook: {650598e1-b35a-45d3-b607-896d7acb64c3} - No CLSID value found
IE - HKLM\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found
IE - HKLM\..\URLSearchHook: {93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...hromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.certif...q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://www.google.co...ie7&rlz=1I7DMUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.certif...me=true&tid=397
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.2.0.38
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.certif...=397&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.certif...=397&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.certif...me=true&tid=397
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.certif...me=true&tid=397
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...Date=19/06/2013
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://mixidj.delta-...121146&tsp=5000
IE - HKCU\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcas...q={searchTerms}
IE - HKCU\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect...mrud=04-07-2013
IE - HKCU\..\SearchScopes\{4E7CEC2A-C5D2-C947-D95C-8B952AF7CCD5}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{66D5E31B-4556-C309-8E9A-C2BE01B8E9EF}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{91607fa7-3c2f-4f90-93e3-d5337a6b0ac2}: "URL" = playbryte/search/redirect/?type=default&user_id=76646507-6f14-415c-a2fa-b8831d0a2ab0&query={searchTerms}
IE - HKCU\..\SearchScopes\{B6DF8598-1E91-4B7A-884A-B2D1E954D3EC}: "URL" = http://www.mysearchr...q={searchTerms}
IE - HKCU\..\SearchScopes\{C948826D-71F6-40A7-9DCB-F99B2DD62765}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\Comcast: "URL" = http://search.xfinit...art_tech_search
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "http://www.mysearchr...m/?c=4001&t=01"
FF - prefs.js..extensions.enabledAddons: tidynetwork%40tidynetwork:5.0
FF - prefs.js..extensions.enabledAddons: addon%40defaulttab.com:2.3.3
FF - prefs.js..extensions.enabledAddons: %7B635abd67-4fe9-1b23-4f01-e679fa7484c1%7D:3.2.3.20140326060057
FF - prefs.js..extensions.enabledAddons: %7BE173B749-DB5B-4fd2-BA0E-94ECEA0CA55B%7D:7.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@kr.gameclub.com/WebStarter: C:\Users\TwainDaPrince\AppData\Roaming\GameClub_en\NPMicroGamesCOM.dll File not found
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nielsen/FirefoxTracker: C:\Program Files\NetRatingsNetSight\NetSight\meter5\FirefoxAddOns\npfirefoxtracker.dll (Nielsen)
FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.2.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.2.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Malek\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\npsoe.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/09 17:35:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbdownloader@KMcore:
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B1FC07E1-E05B-4567-8891-E63FBE545BA8}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/09/10 18:10:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012/09/10 18:10:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Iminent\[email protected]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Mozilla Firefox\extensions\[email protected] [2014/03/29 03:39:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}: C:\Program Files\RelevantKnowledge\firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\PasswordBox\Firefox [2013/11/21 09:22:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\NetRatingsNetSight\NetSight\meter5\FirefoxAddOns\[email protected] [2014/04/18 21:44:18 | 000,009,382 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014/04/13 21:14:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014/04/18 21:11:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/04/15 19:42:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/04/04 16:18:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014/04/15 14:15:17 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/09 17:35:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\aarons\AppData\Roaming\Mixi.DJ\ffextension [2012/12/05 10:00:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{cd288a68-7b21-4f14-b789-82cc44992259}: C:\Program Files\LyricsContainer\133.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/04/15 19:42:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/04/04 16:18:44 | 000,000,000 | ---D | M]
[2012/11/22 12:29:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aarons\AppData\Roaming\mozilla\Extensions
[2012/11/22 12:29:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aarons\AppData\Roaming\mozilla\Extensions\[email protected]
[2014/04/14 22:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions
[2014/03/28 00:51:41 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2013/08/20 16:36:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}(38)
[2013/09/14 09:59:59 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2014/04/02 09:50:32 | 000,000,000 | ---D | M] (IMVU Inc) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{90b49673-5506-483e-b92b-ca0265bd9ca8}
[2014/04/14 22:39:22 | 000,000,000 | ---D | M] (Memory Fox) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2013/08/19 14:21:54 | 000,000,000 | ---D | M] (LyricsContainer) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\128
[2013/09/11 14:03:45 | 000,000,000 | ---D | M] (LyricsContainer) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\133
[2013/08/01 08:50:05 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\[email protected]
[2013/08/13 00:35:22 | 000,000,000 | ---D | M] (Tidy Network) -- C:\Users\aarons\AppData\Roaming\mozilla\Firefox\Profiles\h3eg7qcu.default\extensions\tidynetwork@tidynetwork
[2014/03/24 20:21:19 | 000,050,775 | ---- | M] () (No name found) -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\extensions\[email protected]
[2014/02/26 13:53:52 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/07/04 18:45:14 | 000,002,611 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\AOL Search.xml
[2013/05/10 17:43:46 | 000,006,503 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\babylon.xml
[2013/05/10 17:43:46 | 000,006,503 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\BrowserDefender.xml
[2013/05/10 17:43:46 | 000,006,503 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\BrowserProtect.xml
[2013/02/23 19:29:51 | 000,001,300 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\claro.xml
[2013/06/19 18:43:48 | 000,001,037 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\conduit.xml
[2013/09/09 18:57:45 | 000,001,305 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\mixidj.xml
[2013/09/11 00:08:24 | 000,004,103 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\SweetIM Search.xml
[2013/03/09 09:58:40 | 000,001,292 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\visualbee.xml
[2013/09/12 18:02:37 | 000,022,910 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\mozilla\firefox\profiles\h3eg7qcu.default\searchplugins\Web Search.xml
[2014/03/29 03:39:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Extensions
[2014/03/29 03:38:49 | 000,000,000 | ---D | M] (DownloadTerms) -- C:\Program Files\Mozilla Firefox\Extensions\[email protected]
[2014/03/29 03:39:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\Extensions\[email protected]
[2014/03/29 03:38:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/03/29 03:40:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/06/29 18:25:04 | 000,050,336 | ---- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npBFPlugin.dll
[2012/05/02 12:24:56 | 000,064,512 | ---- | M] (Kaneva, LLC.) -- C:\Program Files\mozilla firefox\plugins\npkanevapatch.dll
========== Chrome ==========
CHR - default_search_provider: Web (Enabled)
CHR - default_search_provider: search_url = http://feed.snapdo.c...Date=19/06/2013
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahggncmpccbjknepgpadjeehajomjbab\5.0.0.0_0\
CHR - Extension: Savings Vault = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajgnadhkglnmmilocdmlpdbkppdiheid\1.0_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\crossrider
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\alocmpjlljemiokibhkkhikmkakdiaeh\1.23.57_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\blcefchbfgmakifmejncnbognjoadloc\2.0.0.428_0\
CHR - Extension: McAfee Security Scan+ = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: McAfee Security Scan+ = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh\3.8.141.12_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\codhancjnefphmenmfgkbbojnneggnec\0.0.2.7_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\codhancjnefphmenmfgkbbojnneggnec\0.0.2.7_0\template.
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\codhancjnefphmenmfgkbbojnneggnec\0.0.2.7_1\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\codhancjnefphmenmfgkbbojnneggnec\0.0.2.7_1\template.
CHR - Extension: Complitly plugin for chrome = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.1_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.4_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.4_1\
CHR - Extension: Complitly plugin for chrome = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0\
CHR - Extension: Complitly plugin for chrome = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_1\
CHR - Extension: Complitly plugin for chrome = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_2\
CHR - Extension: Complitly plugin for chrome = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_3\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\1.0.0_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.13.20.29_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.13.20.29_1\
CHR - Extension: uTorrentControl_v2 = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.16.100.504_0\
CHR - Extension: uTorrentControl_v2 = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.16.4.512_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh\1_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgailgaldchajpkkmbjdlbimhdnmmgld\
CHR - Extension: Downloader = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.0_0\
CHR - Extension: Downloader = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.0_1\
CHR - Extension: Downloader = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.0_2\
CHR - Extension: Downloader = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.0_3\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigplimlmgilpobjilfbfeilnpiigpgl\10.16.100.4\
CHR - Extension: Nielsen = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.7.8_0\
CHR - Extension: Nielsen = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.7.8_1\
CHR - Extension: Nielsen = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.7.9_0\
CHR - Extension: Nielsen = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgceplfonlgodadnpognljgdjlcnpjnh\1.8.1_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn\1.0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn\1.0_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpmjnommfoljgjbckjmjhkmnhfmcmon\1.2.0.21_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm\1.0_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm\1.0_1\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmblfngognklgemafekefcdjcnkdhmdm\1.0_2\
CHR - Extension: RelevantKnowledge = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.332.2_0\
CHR - Extension: RelevantKnowledge = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.336.2_0\
CHR - Extension: RelevantKnowledge = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.336.2_1\
CHR - Extension: RelevantKnowledge = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.336.2_2\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.3.0.11_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.0.1.12_0\
CHR - Extension: Google Wallet = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Google Wallet = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Lavasoft NewTab = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_0\
CHR - Extension: Lavasoft NewTab = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.12_1\
CHR - Extension: RebateRobot = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: RebateRobot = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmfbdeonhcacfoakminfhhgllaelfhda\2.1.2_0\
CHR - Extension: RebateRobot = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmfbdeonhcacfoakminfhhgllaelfhda\2.1.2_1\
CHR - Extension: RebateRobot = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmfbdeonhcacfoakminfhhgllaelfhda\2.1.2_2\
CHR - Extension: RebateRobot = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmfbdeonhcacfoakminfhhgllaelfhda\2.2_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pollkeobaahnbmpcgombjfibedabcddd\1.0.2_0\
CHR - Extension: No name found = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pollkeobaahnbmpcgombjfibedabcddd\1.0.2_1\
CHR - Extension: Mixi.DJ Player = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbcffkbfomaljfeljglbkoibcncjon\1.0_0\
CHR - Extension: Mixi.DJ Player = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbcffkbfomaljfeljglbkoibcncjon\1.0_1\
CHR - Extension: Mixi.DJ Player = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbcffkbfomaljfeljglbkoibcncjon\1.0_2\
CHR - Extension: Mixi.DJ Player = C:\Users\aarons\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbcffkbfomaljfeljglbkoibcncjon\1.0_3\
O1 HOSTS File: ([2014/02/14 02:04:11 | 000,000,074 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 54.204.28.26 ajgnadhkglnmmilocdmlpdbkppdiheid
O2 - BHO: (no name) - {01FEFC77-1031-43C6-BA9A-FEC28E75607C} - No CLSID value found.
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - No CLSID value found.
O2 - BHO: (DownloadTerms) - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\aarons\AppData\Local\DownloadTerms\temp.dat ()
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (PasswordBox Helper) - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O2 - BHO: (no name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No CLSID value found.
O2 - BHO: (no name) - {6636902a-3781-4d94-ab36-af118b839af5} - No CLSID value found.
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.2.0.38\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found.
O2 - BHO: (no name) - {93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} - No CLSID value found.
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Smart Suggestor) - {DB536AF2-E422-402d-B7FD-887297F1A198} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll (Think Tank Labs, LLC)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {650598e1-b35a-45d3-b607-896d7acb64c3} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {6636902a-3781-4d94-ab36-af118b839af5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.2.0.38\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {650598E1-B35A-45D3-B607-896D7ACB64C3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {93C338DE-5FB5-4FB5-AB4E-0EEDC0BD9F3A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [iTurbo] C:\Program Files\iNTERNET Turbo\ITTray.exe (Clasys Ltd.)
O4 - HKLM..\Run: [NielsenOnline] C:\Program Files\NetRatingsNetSight\NetSight\nielsenonline.exe (The Nielsen Company)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [DellSystemDetect] C:\Users\aarons\AppData\Local\Apps\2.0\71Q8ZXZ9.NP0\LPEEM8HG.5YJ\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe (Dell)
O4 - HKCU..\Run: [Gyazo] C:\Program Files\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = C:\Users\aarons\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Download Photo... - res://C:\Program Files\DelorTech, Ltd\MXDFP 1.0\FBDownloader.dll/500 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9 - Extra Button: Smart Suggestor - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll (Think Tank Labs, LLC)
O9 - Extra 'Tools' menuitem : Smart Suggestor options - {520BD054-EEEE-487c-84E8-D5B2DFFE5C18} - C:\Program Files\Smart Suggestor\SmartSuggestor.dll (Think Tank Labs, LLC)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www-cdn.freer...ller.cab?v=1045 (Reg Error: Key error.)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplane..._2.3.10.115.cab (Reg Error: Value error.)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.c...ch_USAv1005.cab (MGLaunch_v1004 Class)
O16 - DPF: {B1437251-01BF-47ff-8254-A4CD22E0E2BF} (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {D89D97A9-12C5-45E3-9353-3540761FE15C} http://channel.dontb...alWebLaunch.CAB (SealWebLaunch Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08EF5DC0-73A6-4458-A5A5-2CAFE1D00852}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95E3C658-D383-463E-AC0C-5570B6B5D77F}: DhcpNameServer = 192.168.15.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\aarons\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\aarons\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
System Restore Service not available.
========== Files/Folders - Created Within 30 Days ==========
[2014/04/17 16:30:16 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/04/15 16:41:34 | 000,000,000 | ---D | C] -- C:\Users\aarons\AppData\Local\ESET
[2014/04/15 14:15:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014/04/15 14:15:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014/04/14 14:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014/04/14 03:13:59 | 000,000,000 | ---D | C] -- C:\Users\aarons\AppData\Local\NPE
[2014/04/14 01:37:58 | 000,384,728 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\symtdiv.sys
[2014/04/14 01:37:56 | 000,447,704 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\symnets.sys
[2014/04/14 01:37:56 | 000,021,520 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\symelam.sys
[2014/04/14 01:37:54 | 000,936,152 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\symefa.sys
[2014/04/14 01:37:54 | 000,367,704 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\symds.sys
[2014/04/14 01:37:54 | 000,032,344 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\srtspx.sys
[2014/04/14 01:37:52 | 000,664,280 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\srtsp.sys
[2014/04/14 01:37:52 | 000,206,936 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\ironx86.sys
[2014/04/14 01:37:51 | 000,127,064 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\1502000.026\ccsetx86.sys
[2014/04/14 01:09:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\1502000.026
[2014/04/13 21:11:33 | 000,142,936 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2014/04/13 21:11:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/04/13 21:02:55 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2014/04/13 21:02:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2014/04/13 21:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2014/04/13 20:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2014/04/12 07:16:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyFinder
[2014/04/12 07:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\Magical Jelly Bean
[2014/04/11 18:40:07 | 000,024,040 | ---- | C] (ThreatTrack Security) -- C:\Windows\System32\drivers\gfiutil.sys
[2014/04/11 18:40:05 | 000,043,368 | ---- | C] (ThreatTrack Security) -- C:\Windows\System32\drivers\gfiark.sys
[2014/04/11 18:39:32 | 000,000,000 | ---D | C] -- C:\VIPRERESCUE
[2014/04/10 21:40:32 | 000,000,000 | ---D | C] -- C:\Users\aarons\AppData\Local\LogMeIn Rescue Applet
[2014/04/10 20:13:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2014/04/02 20:33:19 | 000,000,000 | ---D | C] -- C:\Users\aarons\AppData\Local\visi_coupon
[2014/04/02 20:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\BoostSoftware
[2014/03/29 03:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/02/11 23:57:32 | 001,654,869 | ---- | C] (Dynu Systems Inc.) -- C:\ProgramData\DynuEncrypt.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/18 23:11:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/18 23:11:12 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/18 22:44:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1005UA.job
[2014/04/18 22:21:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1002UA.job
[2014/04/18 21:55:17 | 000,000,828 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
[2014/04/18 21:45:11 | 000,003,284 | ---- | M] () -- C:\Windows\System32\ANIWZCS{08EF5DC0-73A6-4458-A5A5-2CAFE1D00852}
[2014/04/18 21:45:11 | 000,003,284 | ---- | M] () -- C:\Users\aarons\AppData\Roaming\ANIWZCS{08EF5DC0-73A6-4458-A5A5-2CAFE1D00852}
[2014/04/18 21:43:17 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2014/04/18 21:43:09 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2014/04/18 21:11:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/17 23:29:00 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1005UA.job
[2014/04/17 19:00:15 | 000,000,276 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2014/04/17 16:30:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/04/17 11:29:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1005Core.job
[2014/04/17 09:44:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1005Core.job
[2014/04/17 03:23:42 | 000,032,126 | ---- | M] () -- C:\Windows\System32\drivers\N360\1502000.026\VT20140417.018
[2014/04/16 13:21:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-276059291-3993976188-3623813286-1002Core.job
[2014/04/15 14:27:07 | 002,242,403 | ---- | M] () -- C:\Windows\System32\drivers\N360\1502000.026\Cat.DB
[2014/04/14 02:53:37 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/04/13 23:42:14 | 000,000,822 | ---- | M] () -- C:\Users\aarons\Desktop\IMVU.lnk
[2014/04/13 21:11:32 | 000,142,936 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2014/04/13 21:11:32 | 000,008,194 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2014/04/13 21:11:32 | 000,000,805 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2014/04/13 15:19:01 | 000,005,216 | ---- | M] () -- C:\Users\aarons\AppData\Local\d3d9caps.dat
[2014/04/12 07:16:47 | 000,000,865 | ---- | M] () -- C:\Users\aarons\Application Data\Microsoft\Internet Explorer\Quick Launch\KeyFinder.lnk
[2014/04/11 18:40:09 | 000,000,000 | ---- | M] () -- C:\Windows\System32\SBRC.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/18 21:54:32 | 000,032,126 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\VT20140417.018
[2014/04/14 02:51:09 | 002,242,403 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\Cat.DB
[2014/04/14 01:37:56 | 000,008,184 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symnet.cat
[2014/04/14 01:37:56 | 000,001,440 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symnet.inf
[2014/04/14 01:37:56 | 000,001,098 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symelam.inf
[2014/04/14 01:37:55 | 000,009,931 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symelam.cat
[2014/04/14 01:37:54 | 000,008,182 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symefa.cat
[2014/04/14 01:37:54 | 000,008,176 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symds.cat
[2014/04/14 01:37:54 | 000,003,433 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symefa.inf
[2014/04/14 01:37:54 | 000,002,852 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\symds.inf
[2014/04/14 01:37:53 | 000,008,180 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\srtspx.cat
[2014/04/14 01:37:53 | 000,001,389 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\srtspx.inf
[2014/04/14 01:37:52 | 000,008,176 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\srtsp.cat
[2014/04/14 01:37:52 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\srtsp.inf
[2014/04/14 01:37:51 | 000,008,194 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\ccsetx86.cat
[2014/04/14 01:37:51 | 000,008,176 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\iron.cat
[2014/04/14 01:37:51 | 000,000,829 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\ccsetx86.inf
[2014/04/14 01:37:51 | 000,000,737 | R--- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\iron.inf
[2014/04/14 01:09:11 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\1502000.026\isolate.ini
[2014/04/13 21:11:33 | 000,008,194 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2014/04/13 21:11:33 | 000,000,805 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2014/04/13 21:11:22 | 000,001,977 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014/04/13 06:59:56 | 000,003,284 | ---- | C] () -- C:\Windows\System32\ANIWZCS{08EF5DC0-73A6-4458-A5A5-2CAFE1D00852}
[2014/04/12 07:16:47 | 000,000,865 | ---- | C] () -- C:\Users\aarons\Application Data\Microsoft\Internet Explorer\Quick Launch\KeyFinder.lnk
[2014/04/11 18:40:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\SBRC.dat
[2014/02/14 02:05:50 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/12/19 01:40:05 | 000,000,129 | ---- | C] () -- C:\Users\aarons\AppData\Roaming\WB.CFG
[2013/09/30 22:02:31 | 000,031,560 | ---- | C] () -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013/09/20 22:30:05 | 000,000,079 | ---- | C] () -- C:\Windows\wininit.ini
[2013/09/05 05:19:06 | 000,048,402 | -HS- | C] () -- C:\Users\aarons\AppData\Local\ws_updater.exe
[2013/08/19 14:35:29 | 000,838,880 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2012/10/10 11:36:59 | 000,003,284 | ---- | C] () -- C:\Users\aarons\AppData\Roaming\ANIWZCS{08EF5DC0-73A6-4458-A5A5-2CAFE1D00852}
[2012/10/10 11:36:01 | 000,151,552 | ---- | C] () -- C:\Windows\System32\ANIWConnService.exe
[2012/10/10 11:35:44 | 000,217,088 | ---- | C] () -- C:\Windows\System32\aIPH.dll
[2012/10/10 11:35:44 | 000,049,152 | ---- | C] () -- C:\Windows\System32\AQCKGen.dll
[2012/10/10 11:35:44 | 000,045,115 | ---- | C] () -- C:\Windows\System32\ANICtl.dll
[2012/10/10 11:35:42 | 000,258,048 | ---- | C] () -- C:\Windows\System32\wlanapp.dll
[2012/10/10 11:34:48 | 000,315,392 | ---- | C] () -- C:\Windows\System32\ANIOApi.dll
[2012/10/10 11:34:05 | 000,237,568 | ---- | C] () -- C:\Windows\System32\ANIWPS.exe
[2012/10/10 11:34:04 | 000,733,184 | ---- | C] () -- C:\Windows\System32\ANIOWPS.dll
[2012/10/10 11:20:39 | 000,012,800 | ---- | C] () -- C:\Windows\System32\drivers\anodlwf.sys
[2012/10/10 11:20:38 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2012/07/02 16:43:00 | 000,009,216 | ---- | C] () -- C:\Windows\Launcher.exe
[2012/02/22 08:31:42 | 002,826,261 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20120221_102741.tif
[2012/02/22 08:31:38 | 000,489,181 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20120221_102636.tif
[2012/02/22 08:31:16 | 003,293,677 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20120221_103102.tif
[2011/11/28 12:52:21 | 000,005,216 | ---- | C] () -- C:\Users\aarons\AppData\Local\d3d9caps.dat
[2011/11/28 12:24:35 | 000,456,133 | ---- | C] () -- C:\Users\aarons\517 364 3718_20111128_112313.tif
[2011/09/21 09:38:58 | 000,459,577 | ---- | C] () -- C:\Users\aarons\5178865458_20110919_135537.tif
[2011/05/24 08:14:50 | 002,358,835 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20110524_091218.tif
[2011/05/24 08:14:45 | 000,489,171 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20110524_083012.tif
[2010/11/12 08:15:12 | 001,832,235 | ---- | C] () -- C:\Users\aarons\313 667 0779_20101112_070959.tif
[2010/05/29 06:24:14 | 000,487,659 | ---- | C] () -- C:\Users\aarons\Sedgwick CMS_20100528_123729.tif
[2010/05/15 08:27:50 | 001,409,530 | ---- | C] () -- C:\Users\aarons\12483062014_20100513_154541.tif
[2010/05/13 08:13:50 | 000,470,144 | ---- | C] () -- C:\Users\aarons\12483062014_20100513_091253.tif
[2010/04/19 06:37:19 | 000,000,670 | ---- | C] () -- C:\Users\aarons\AppData\Roaming\wklnhst.dat
[2010/03/08 15:24:50 | 000,475,999 | ---- | C] () -- C:\Users\aarons\Select Portfolio_20100304_140452.tif
[2010/03/03 15:27:11 | 000,475,991 | ---- | C] () -- C:\Users\aarons\FAXAGENT_20100303_142540.tif
[2010/03/01 19:22:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/19 16:44:59 | 000,000,632 | RHS- | C] () -- C:\Users\aarons\ntuser.pol
[2009/10/24 14:48:51 | 000,021,504 | ---- | C] () -- C:\Users\aarons\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 07:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/08/17 01:17:58 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Allmyapps
[2013/09/09 18:37:51 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\BabSolution
[2013/09/20 08:26:35 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Babylon
[2012/12/18 13:33:24 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\bsnes
[2014/01/12 04:53:24 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Claro LTD
[2013/01/07 00:07:41 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\DefaultTab
[2010/02/13 16:00:22 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\DriverCure
[2013/09/20 08:26:52 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\File Scout
[2013/05/29 20:57:52 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\fltk.org
[2013/09/30 02:53:44 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\FrostWire
[2014/01/26 22:50:07 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Gyazo
[2013/03/30 18:25:45 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\HTC
[2011/08/19 07:47:31 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2014/04/18 22:00:51 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\IMVU
[2014/04/13 23:47:17 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\IMVUClient
[2013/09/25 22:46:56 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\JAM Software
[2013/09/22 22:19:11 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Mixi.DJ
[2014/04/17 02:18:16 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\mixidj
[2010/08/21 22:27:13 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\motorola
[2012/11/20 13:31:31 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\MusicOasis
[2012/09/07 11:39:33 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\ooVoo Details
[2013/05/15 09:16:40 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\OpenCandy
[2013/09/29 20:08:39 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Product_RM
[2013/01/17 14:31:41 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\SearchProtect
[2010/03/09 14:48:27 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\supportdotcom
[2010/03/09 16:53:41 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\SupportSoft
[2010/04/19 06:38:05 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Template
[2014/02/28 20:59:57 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\thriXXX
[2011/08/19 06:18:12 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\Tific
[2012/11/22 12:29:46 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\TomTom
[2013/05/15 09:19:43 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\TuneUp Software
[2013/09/29 20:40:35 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\UpdaterEX
[2014/01/11 23:04:37 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\uTorrent
[2012/12/14 11:17:01 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\VAFMusic
[2013/02/23 18:50:59 | 000,000,000 | ---D | M] -- C:\Users\aarons\AppData\Roaming\visualbee
========== Purity Check ==========
========== Custom Scans ==========
========== Base Services ==========
SRV - [2006/11/02 04:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008/01/19 02:33:43 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/19 02:33:01 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/04/11 01:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/04/11 01:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/16 09:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/04/11 01:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/19 02:33:49 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2013/07/07 23:16:55 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/04/11 01:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/04/11 01:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 10:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/19 02:34:08 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/04/11 01:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/19 02:34:34 | 000,288,256 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/04/11 01:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/04/11 01:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/19 02:34:49 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/19 02:35:36 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/19 02:35:36 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/19 02:35:38 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/19 02:35:57 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/04/11 01:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 09:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/16 09:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/04/11 01:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/19 02:36:15 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/04/11 01:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/04/11 01:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/19 02:36:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/16 09:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/04/11 01:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 11:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 06:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/04/11 01:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/04 13:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009/04/11 01:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 06:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009/04/11 01:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/04/11 01:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/04/11 01:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009/04/11 01:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/19 02:36:20 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/11 01:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009/04/11 01:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009/04/11 01:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009/04/11 01:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/04/11 01:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 17:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/04/11 01:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/10/25 03:35:44 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/10/25 03:05:49 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is CC0C-B06C
Directory of C:\
10/24/2009 02:12 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
10/24/2009 02:12 PM <JUNCTION> Application Data [C:\ProgramData]
10/24/2009 02:12 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/24/2009 02:12 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/24/2009 02:12 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/24/2009 02:12 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/24/2009 02:12 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
10/24/2009 02:12 PM <SYMLINKD> All Users [C:\ProgramData]
10/24/2009 02:12 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\aarons
10/24/2009 02:17 PM <JUNCTION> Application Data [C:\Users\aarons\AppData\Roaming]
10/24/2009 02:17 PM <JUNCTION> Cookies [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Cookies]
10/24/2009 02:17 PM <JUNCTION> Local Settings [C:\Users\aarons\AppData\Local]
10/24/2009 02:17 PM <JUNCTION> My Documents [C:\Users\aarons\Documents]
10/24/2009 02:17 PM <JUNCTION> NetHood [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/24/2009 02:17 PM <JUNCTION> PrintHood [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/24/2009 02:17 PM <JUNCTION> Recent [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Recent]
10/24/2009 02:17 PM <JUNCTION> SendTo [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\SendTo]
10/24/2009 02:17 PM <JUNCTION> Start Menu [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Start Menu]
10/24/2009 02:17 PM <JUNCTION> Templates [C:\Users\aarons\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\aarons\AppData\Local
10/24/2009 02:17 PM <JUNCTION> Application Data [C:\Users\aarons\AppData\Local]
10/24/2009 02:17 PM <JUNCTION> History [C:\Users\aarons\AppData\Local\Microsoft\Windows\History]
10/24/2009 02:17 PM <JUNCTION> Temporary Internet Files [C:\Users\aarons\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\aarons\Documents
10/24/2009 02:17 PM <JUNCTION> My Music [C:\Users\aarons\Music]
10/24/2009 02:17 PM <JUNCTION> My Pictures [C:\Users\aarons\Pictures]
10/24/2009 02:17 PM <JUNCTION> My Videos [C:\Users\aarons\Videos]
0 File(s) 0 bytes
Directory of C:\Users\All Users
10/24/2009 02:12 PM <JUNCTION> Application Data [C:\ProgramData]
10/24/2009 02:12 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
10/24/2009 02:12 PM <JUNCTION> Documents [C:\Users\Public\Documents]
10/24/2009 02:12 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
10/24/2009 02:12 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
10/24/2009 02:12 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
10/24/2009 02:12 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
10/24/2009 02:12 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
10/24/2009 02:12 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
10/24/2009 02:12 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/24/2009 02:12 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/24/2009 02:12 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
10/24/2009 02:12 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
10/24/2009 02:12 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
10/24/2009 02:12 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
10/24/2009 02:12 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
10/24/2009 02:12 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
10/24/2009 02:12 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
10/24/2009 02:12 PM <JUNCTION> My Music [C:\Users\Default\Music]
10/24/2009 02:12 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
10/24/2009 02:12 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Entwain
10/24/2009 05:39 PM <JUNCTION> Application Data [C:\Users\Entwain\AppData\Roaming]
10/24/2009 05:39 PM <JUNCTION> Cookies [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Cookies]
10/24/2009 05:39 PM <JUNCTION> Local Settings [C:\Users\Entwain\AppData\Local]
10/24/2009 05:39 PM <JUNCTION> My Documents [C:\Users\Entwain\Documents]
10/24/2009 05:39 PM <JUNCTION> NetHood [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/24/2009 05:39 PM <JUNCTION> PrintHood [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/24/2009 05:39 PM <JUNCTION> Recent [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Recent]
10/24/2009 05:39 PM <JUNCTION> SendTo [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\SendTo]
10/24/2009 05:39 PM <JUNCTION> Start Menu [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Start Menu]
10/24/2009 05:39 PM <JUNCTION> Templates [C:\Users\Entwain\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Entwain\AppData\Local
10/24/2009 05:39 PM <JUNCTION> Application Data [C:\Users\Entwain\AppData\Local]
10/24/2009 05:39 PM <JUNCTION> History [C:\Users\Entwain\AppData\Local\Microsoft\Windows\History]
10/24/2009 05:39 PM <JUNCTION> Temporary Internet Files [C:\Users\Entwain\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Entwain\Documents
10/24/2009 05:39 PM <JUNCTION> My Music [C:\Users\Entwain\Music]
10/24/2009 05:39 PM <JUNCTION> My Pictures [C:\Users\Entwain\Pictures]
10/24/2009 05:39 PM <JUNCTION> My Videos [C:\Users\Entwain\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
10/24/2009 02:12 PM <JUNCTION> My Music [C:\Users\Public\Music]
10/24/2009 02:12 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
10/24/2009 02:12 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\twizzle
10/03/2010 09:11 PM <JUNCTION> Application Data [C:\Users\twizzle\AppData\Roaming]
10/03/2010 09:11 PM <JUNCTION> Cookies [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Cookies]
10/03/2010 09:11 PM <JUNCTION> Local Settings [C:\Users\twizzle\AppData\Local]
10/03/2010 09:11 PM <JUNCTION> My Documents [C:\Users\twizzle\Documents]
10/03/2010 09:11 PM <JUNCTION> NetHood [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/03/2010 09:11 PM <JUNCTION> PrintHood [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/03/2010 09:11 PM <JUNCTION> Recent [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Recent]
10/03/2010 09:11 PM <JUNCTION> SendTo [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\SendTo]
10/03/2010 09:11 PM <JUNCTION> Start Menu [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Start Menu]
10/03/2010 09:11 PM <JUNCTION> Templates [C:\Users\twizzle\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\twizzle\AppData\Local
10/03/2010 09:11 PM <JUNCTION> Application Data [C:\Users\twizzle\AppData\Local]
10/03/2010 09:11 PM <JUNCTION> History [C:\Users\twizzle\AppData\Local\Microsoft\Windows\History]
10/03/2010 09:11 PM <JUNCTION> Temporary Internet Files [C:\Users\twizzle\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\twizzle\Documents
10/03/2010 09:11 PM <JUNCTION> My Music [C:\Users\twizzle\Music]
10/03/2010 09:11 PM <JUNCTION> My Pictures [C:\Users\twizzle\Pictures]
10/03/2010 09:11 PM <JUNCTION> My Videos [C:\Users\twizzle\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
09/20/2011 01:04 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
09/20/2011 01:04 PM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
09/20/2011 01:04 PM <JUNCTION> My Documents [C:\Windows\system32\config\systemprofile\Documents]
09/20/2011 01:04 PM <JUNCTION> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
09/20/2011 01:04 PM <JUNCTION> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
09/20/2011 01:04 PM <JUNCTION> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
09/20/2011 01:04 PM <JUNCTION> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
09/20/2011 01:04 PM <JUNCTION> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
09/20/2011 01:04 PM <JUNCTION> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
09/20/2011 01:04 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
09/20/2011 01:04 PM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
09/20/2011 01:04 PM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\Documents
09/20/2011 01:04 PM <JUNCTION> My Music [C:\Windows\system32\config\systemprofile\Music]
09/20/2011 01:04 PM <JUNCTION> My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
09/20/2011 01:04 PM <JUNCTION> My Videos [C:\Windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
96 Dir(s) 37,742,714,880 bytes free
< MD5 for: EXPLORER.EXE >
[2009/10/25 16:59:44 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009/10/25 16:59:43 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009/10/25 16:59:43 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/03/06 19:54:31 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/03/06 19:54:30 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009/10/25 16:59:43 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 04:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 02:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SERVICES >
[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 16:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services
< MD5 for: SERVICES.CFG >
[2013/12/18 13:42:40 | 000,558,851 | ---- | M] () MD5=A044715A48D8FADB9366D554F20D3331 -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 11:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg
< MD5 for: SERVICES.EXE >
[2008/01/19 02:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2006/11/02 04:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\ERDNT\cache\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/11 01:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 07:38:29 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 07:38:29 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
< MD5 for: SERVICES.INI >
[2010/11/10 22:08:38 | 000,002,934 | ---- | M] () MD5=795E54812680DE8A87D6C049B38884A7 -- C:\Program Files\IObit\Advanced SystemCare 3\services.ini
< MD5 for: SERVICES.JS >
[2014/04/03 09:04:54 | 000,003,147 | ---- | M] () MD5=2FD91762B4C2F6ED25428D709A8B3A84 -- C:\Program Files\PasswordBox\Firefox\resources\passwordbox\lib\services.js
< MD5 for: SERVICES.LNK >
[2010/11/12 20:20:49 | 000,001,688 | ---- | M] () MD5=57F439E53C77A31727FDA91A72F7B408 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2010/11/12 20:20:49 | 000,001,688 | ---- | M] () MD5=57F439E53C77A31727FDA91A72F7B408 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof
< MD5 for: SERVICES.MSC >
[2006/11/02 07:39:04 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 07:39:04 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6000.16386_none_cd2d20a848cfd40f\services.msc
[2006/09/18 16:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc
< MD5 for: SVCHOST.EXE >
[2006/11/02 04:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 02:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/19 02:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 02:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: USERINIT.EXE >
[2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 02:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 04:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 04:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/19 02:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2012/04/24 15:23:53 | 000,296,960 | ---- | M] (Microsoft Corporation) MD5=EC9B9B923F6A36E215562113BCE3856E -- C:\Windows\ERDNT\cache\winlogon.exe
========== Files - Unicode (All) ==========
[2013/09/11 16:46:43 | 000,000,000 | ---D | M](C:\ProgramData\?S?S0) -- C:\ProgramData\䖠Ş䉐Ş0
[2013/09/11 16:46:43 | 000,000,000 | ---D | M](C:\ProgramData\?S?S0) -- C:\ProgramData\䖠Ş䉐Ş0
[2013/09/11 01:04:08 | 000,000,000 | ---D | M](C:\ProgramData\?U?U0) -- C:\ProgramData\䖠Ǖ䉐Ǖ0
[2013/09/11 01:04:08 | 000,000,000 | ---D | M](C:\ProgramData\?U?U0) -- C:\ProgramData\䖠Ǖ䉐Ǖ0
[2013/09/11 00:12:25 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ǎ䉐Ǎ0
[2013/09/11 00:12:25 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ǎ䉐Ǎ0
[2013/08/17 02:17:01 | 000,000,000 | ---D | M](C:\ProgramData\?s?s0) -- C:\ProgramData\䖠s䉐s0
[2013/08/17 02:17:01 | 000,000,000 | ---D | M](C:\ProgramData\?s?s0) -- C:\ProgramData\䖠s䉐s0
[2013/08/16 17:23:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Lj䉐Lj0
[2013/08/16 17:23:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Lj䉐Lj0
[2013/08/16 13:07:26 | 000,000,000 | ---D | M](C:\ProgramData\?ç?ç0) -- C:\ProgramData\䖠ç䉐ç0
[2013/08/16 13:07:26 | 000,000,000 | ---D | M](C:\ProgramData\?ç?ç0) -- C:\ProgramData\䖠ç䉐ç0
[2013/08/16 12:26:27 | 000,000,000 | ---D | M](C:\ProgramData\?ö?ö0) -- C:\ProgramData\䖠ö䉐ö0
[2013/08/16 12:26:27 | 000,000,000 | ---D | M](C:\ProgramData\?ö?ö0) -- C:\ProgramData\䖠ö䉐ö0
[2013/08/16 12:12:04 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠G䉐G0
[2013/08/16 12:12:04 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠G䉐G0
[2013/08/16 10:01:07 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Ȃ䉐Ȃ0
[2013/08/16 10:01:07 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠Ȃ䉐Ȃ0
[2013/08/15 15:13:31 | 000,000,000 | ---D | M](C:\ProgramData\?õ?õ0) -- C:\ProgramData\䖠õ䉐õ0
[2013/08/15 15:13:31 | 000,000,000 | ---D | M](C:\ProgramData\?õ?õ0) -- C:\ProgramData\䖠õ䉐õ0
[2013/08/15 07:46:46 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
[2013/08/15 07:46:46 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
[2013/08/15 05:49:48 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䖠ǟ䉐ǟ0
[2013/08/15 05:49:48 | 000,000,000 | ---D | M](C:\ProgramData\?a?a0) -- C:\ProgramData\䖠ǟ䉐ǟ0
[2013/08/14 20:37:23 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ę䉐ę0
[2013/08/14 20:37:23 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ę䉐ę0
[2013/08/06 10:45:19 | 000,000,000 | ---D | M](C:\ProgramData\?K?K0) -- C:\ProgramData\䖠Ǩ䉐Ǩ0
[2013/08/06 10:45:19 | 000,000,000 | ---D | M](C:\ProgramData\?K?K0) -- C:\ProgramData\䖠Ǩ䉐Ǩ0
[2013/07/29 18:49:17 | 000,000,000 | ---D | M](C:\ProgramData\?!?!0) -- C:\ProgramData\䖠ǃ䉐ǃ0
[2013/07/29 18:49:17 | 000,000,000 | ---D | M](C:\ProgramData\?!?!0) -- C:\ProgramData\䖠ǃ䉐ǃ0
[2013/07/29 16:54:29 | 000,000,000 | ---D | M](C:\ProgramData\?8?80) -- C:\ProgramData\䖠8䉐80
[2013/07/29 16:54:29 | 000,000,000 | ---D | M](C:\ProgramData\?8?80) -- C:\ProgramData\䖠8䉐80
[2013/07/29 01:18:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
[2013/07/29 01:18:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
[2013/07/28 23:55:56 | 000,000,000 | ---D | M](C:\ProgramData\?q?q0) -- C:\ProgramData\䖠q䉐q0
[2013/07/28 23:55:56 | 000,000,000 | ---D | M](C:\ProgramData\?q?q0) -- C:\ProgramData\䖠q䉐q0
[2013/07/27 12:05:21 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠Ǥ䉐Ǥ0
[2013/07/27 12:05:21 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䖠Ǥ䉐Ǥ0
[2013/07/23 21:27:18 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ě䉐ě0
[2013/07/23 21:27:18 | 000,000,000 | ---D | M](C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ě䉐ě0
[2013/07/22 12:01:22 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ā䉐Ā0
[2013/07/22 12:01:22 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ā䉐Ā0
[2013/07/16 13:09:46 | 000,000,000 | ---D | M](C:\ProgramData\? ? 0) -- C:\ProgramData\䖠 䉐 0
[2013/07/16 13:09:46 | 000,000,000 | ---D | M](C:\ProgramData\? ? 0) -- C:\ProgramData\䖠 䉐 0
[2013/07/13 04:08:43 | 000,000,000 | ---D | M](C:\ProgramData\?O?O0) -- C:\ProgramData\䖠Ǒ䉐Ǒ0
[2013/07/13 04:08:43 | 000,000,000 | ---D | M](C:\ProgramData\?O?O0) -- C:\ProgramData\䖠Ǒ䉐Ǒ0
[2013/07/13 03:44:57 | 000,000,000 | ---D | M](C:\ProgramData\?t?t0) -- C:\ProgramData\䖠ƫ䉐ƫ0
[2013/07/13 03:44:57 | 000,000,000 | ---D | M](C:\ProgramData\?t?t0) -- C:\ProgramData\䖠ƫ䉐ƫ0
[2013/07/11 19:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?F?F0) -- C:\ProgramData\䖠F䉐F0
[2013/07/11 19:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?F?F0) -- C:\ProgramData\䖠F䉐F0
[2013/07/10 00:33:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠dz䉐dz0
[2013/07/10 00:33:39 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䖠dz䉐dz0
[2013/07/08 14:30:09 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠u䉐u0
[2013/07/08 14:30:09 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠u䉐u0
[2013/07/02 00:19:09 | 000,000,000 | ---D | M](C:\ProgramData\?¶?¶0) -- C:\ProgramData\䖠¶䉐¶0
[2013/07/02 00:19:09 | 000,000,000 | ---D | M](C:\ProgramData\?¶?¶0) -- C:\ProgramData\䖠¶䉐¶0
[2013/07/01 14:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?E?E0) -- C:\ProgramData\䖠Ē䉐Ē0
[2013/07/01 14:45:54 | 000,000,000 | ---D | M](C:\ProgramData\?E?E0) -- C:\ProgramData\䖠Ē䉐Ē0
[2013/07/01 11:48:13 | 000,000,000 | ---D | M](C:\ProgramData\?j?j0) -- C:\ProgramData\䖠ǰ䉐ǰ0
[2013/07/01 11:48:13 | 000,000,000 | ---D | M](C:\ProgramData\?j?j0) -- C:\ProgramData\䖠ǰ䉐ǰ0
[2013/06/26 08:23:20 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠ǚ䉐ǚ0
[2013/06/26 08:23:20 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䖠ǚ䉐ǚ0
[2013/06/19 11:00:05 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䔸Ǎ䇨Ǎ0
[2013/06/19 11:00:05 | 000,000,000 | ---D | M](C:\ProgramData\?A?A0) -- C:\ProgramData\䔸Ǎ䇨Ǎ0
[2013/06/13 20:30:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ƹ䇨Ƹ0
[2013/06/13 20:30:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ƹ䇨Ƹ0
[2013/06/09 14:01:06 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ʊ䇨Ʊ0
[2013/06/09 14:01:06 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ʊ䇨Ʊ0
[2013/06/09 09:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?z?z0) -- C:\ProgramData\䔸ƶ䇨ƶ0
[2013/06/09 09:43:26 | 000,000,000 | ---D | M](C:\ProgramData\?z?z0) -- C:\ProgramData\䔸ƶ䇨ƶ0
[2013/06/05 17:01:10 | 000,000,000 | ---D | M](C:\ProgramData\?5?50) -- C:\ProgramData\䔸5䇨50
[2013/06/05 17:01:10 | 000,000,000 | ---D | M](C:\ProgramData\?5?50) -- C:\ProgramData\䔸5䇨50
[2013/06/01 18:10:16 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǯ䇨ǯ0
[2013/06/01 18:10:16 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǯ䇨ǯ0
[2013/05/27 15:40:47 | 000,000,000 | ---D | M](C:\ProgramData\?g?g0) -- C:\ProgramData\䔸ǧ䇨ǧ0
[2013/05/27 15:40:47 | 000,000,000 | ---D | M](C:\ProgramData\?g?g0) -- C:\ProgramData\䔸ǧ䇨ǧ0
[2013/05/09 16:45:30 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƨ䇨ƨ0
[2013/05/09 16:45:30 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƨ䇨ƨ0
[2013/04/30 15:37:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǵ䇨Ǵ0
[2013/04/30 15:37:38 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǵ䇨Ǵ0
[2013/04/29 09:33:21 | 000,000,000 | ---D | M](C:\ProgramData\?#?#0) -- C:\ProgramData\䔸#䇨#0
[2013/04/29 09:33:21 | 000,000,000 | ---D | M](C:\ProgramData\?#?#0) -- C:\ProgramData\䔸#䇨#0
[2013/04/24 11:57:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƃ䇨ƃ0
[2013/04/24 11:57:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ƃ䇨ƃ0
[2013/04/24 11:40:41 | 000,000,000 | ---D | M](C:\ProgramData\??0) -- C:\ProgramData\䔸䇨0
[2013/04/24 11:40:41 | 000,000,000 | ---D | M](C:\ProgramData\??0) -- C:\ProgramData\䔸䇨0
[2013/04/21 15:02:37 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ǥ䇨Ǥ0
[2013/04/21 15:02:37 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ǥ䇨Ǥ0
[2013/04/13 12:44:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ș䇨Ș0
[2013/04/13 12:44:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ș䇨Ș0
[2013/04/12 09:56:12 | 000,000,000 | ---D | M](C:\ProgramData\?D?D0) -- C:\ProgramData\䔸Ď䇨Ď0
[2013/04/12 09:56:12 | 000,000,000 | ---D | M](C:\ProgramData\?D?D0) -- C:\ProgramData\䔸Ď䇨Ď0
[2013/04/11 16:02:25 | 000,000,000 | ---D | M](C:\ProgramData\?(?(0) -- C:\ProgramData\䔸(䇨(0
[2013/04/11 16:02:25 | 000,000,000 | ---D | M](C:\ProgramData\?(?(0) -- C:\ProgramData\䔸(䇨(0
[2013/04/07 16:29:15 | 000,000,000 | ---D | M](C:\ProgramData\?C?C0) -- C:\ProgramData\䔸Ĉ䇨Ĉ0
[2013/04/07 16:29:15 | 000,000,000 | ---D | M](C:\ProgramData\?C?C0) -- C:\ProgramData\䔸Ĉ䇨Ĉ0
[2013/04/03 15:22:08 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ȇ䇨Ȇ0
[2013/04/03 15:22:08 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ȇ䇨Ȇ0
[2013/03/30 18:24:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȁ䇨ȁ0
[2013/03/30 18:24:43 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȁ䇨ȁ0
[2013/03/17 13:54:26 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ğ䇨Ğ0
[2013/03/17 13:54:26 | 000,000,000 | ---D | M](C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ğ䇨Ğ0
[2013/03/16 14:14:46 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䔸ǘ䇨ǘ0
[2013/03/16 14:14:46 | 000,000,000 | ---D | M](C:\ProgramData\?u?u0) -- C:\ProgramData\䔸ǘ䇨ǘ0
[2013/03/04 12:27:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸䇨0
[2013/03/04 12:27:37 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸䇨0
[2013/03/03 16:30:27 | 000,000,000 | ---D | M](C:\ProgramData\?ï?ï0) -- C:\ProgramData\䔸ï䇨ï0
[2013/03/03 16:30:27 | 000,000,000 | ---D | M](C:\ProgramData\?ï?ï0) -- C:\ProgramData\䔸ï䇨ï0
[2013/03/01 15:02:17 | 000,000,000 | ---D | M](C:\ProgramData\?6?60) -- C:\ProgramData\䔸6䇨60
[2013/03/01 15:02:17 | 000,000,000 | ---D | M](C:\ProgramData\?6?60) -- C:\ProgramData\䔸6䇨60
[2013/02/28 23:41:04 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȍ䇨ȍ0
[2013/02/28 23:41:04 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ȍ䇨ȍ0
[2013/02/28 16:32:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǡ䇨Ǡ0
[2013/02/28 16:32:29 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸Ǡ䇨Ǡ0
[2013/02/28 09:08:52 | 000,000,000 | ---D | M](C:\ProgramData\?¢?¢0) -- C:\ProgramData\䔸¢䇨¢0
[2013/02/28 09:08:52 | 000,000,000 | ---D | M](C:\ProgramData\?¢?¢0) -- C:\ProgramData\䔸¢䇨¢0
[2013/02/27 18:24:30 | 000,000,000 | ---D | M](C:\ProgramData\?ê?ê0) -- C:\ProgramData\䔸ê䇨ê0
[2013/02/27 18:24:30 | 000,000,000 | ---D | M](C:\ProgramData\?ê?ê0) -- C:\ProgramData\䔸ê䇨ê0
[2013/02/26 08:39:39 | 000,000,000 | ---D | M](C:\ProgramData\?w?w0) -- C:\ProgramData\䔸w䇨w0
[2013/02/26 08:39:39 | 000,000,000 | ---D | M](C:\ProgramData\?w?w0) -- C:\ProgramData\䔸w䇨w0
[2013/02/25 12:48:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸nj䇨nj0
[2013/02/25 12:48:24 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸nj䇨nj0
[2013/02/23 21:51:56 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǹ䇨ǹ0
[2013/02/23 21:51:56 | 000,000,000 | ---D | M](C:\ProgramData\????0) -- C:\ProgramData\䔸ǹ䇨ǹ0
(C:\ProgramData\?z?z0) -- C:\ProgramData\䔸ƶ䇨ƶ0
(C:\ProgramData\?w?w0) -- C:\ProgramData\䔸w䇨w0
(C:\ProgramData\?U?U0) -- C:\ProgramData\䖠Ǖ䉐Ǖ0
(C:\ProgramData\?u?u0) -- C:\ProgramData\䖠ǚ䉐ǚ0
(C:\ProgramData\?u?u0) -- C:\ProgramData\䖠u䉐u0
(C:\ProgramData\?u?u0) -- C:\ProgramData\䔸ǘ䇨ǘ0
(C:\ProgramData\?t?t0) -- C:\ProgramData\䖠ƫ䉐ƫ0
(C:\ProgramData\?S?S0) -- C:\ProgramData\䖠Ş䉐Ş0
(C:\ProgramData\?s?s0) -- C:\ProgramData\䖠s䉐s0
(C:\ProgramData\?q?q0) -- C:\ProgramData\䖠q䉐q0
(C:\ProgramData\?õ?õ0) -- C:\ProgramData\䖠õ䉐õ0
(C:\ProgramData\?ö?ö0) -- C:\ProgramData\䖠ö䉐ö0
(C:\ProgramData\?O?O0) -- C:\ProgramData\䖠Ǒ䉐Ǒ0
(C:\ProgramData\?K?K0) -- C:\ProgramData\䖠Ǩ䉐Ǩ0
(C:\ProgramData\?j?j0) -- C:\ProgramData\䖠ǰ䉐ǰ0
(C:\ProgramData\?ï?ï0) -- C:\ProgramData\䔸ï䇨ï0
(C:\ProgramData\?G?G0) -- C:\ProgramData\䖠Ǥ䉐Ǥ0
(C:\ProgramData\?G?G0) -- C:\ProgramData\䖠G䉐G0
(C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ǥ䇨Ǥ0
(C:\ProgramData\?G?G0) -- C:\ProgramData\䔸Ğ䇨Ğ0
(C:\ProgramData\?g?g0) -- C:\ProgramData\䔸ǧ䇨ǧ0
(C:\ProgramData\?F?F0) -- C:\ProgramData\䖠F䉐F0
(C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ę䉐ę0
(C:\ProgramData\?E?E0) -- C:\ProgramData\䖠Ē䉐Ē0
(C:\ProgramData\?e?e0) -- C:\ProgramData\䖠ě䉐ě0
(C:\ProgramData\?ê?ê0) -- C:\ProgramData\䔸ê䇨ê0
(C:\ProgramData\?D?D0) -- C:\ProgramData\䔸Ď䇨Ď0
(C:\ProgramData\?ç?ç0) -- C:\ProgramData\䖠ç䉐ç0
(C:\ProgramData\?C?C0) -- C:\ProgramData\䔸Ĉ䇨Ĉ0
(C:\ProgramData\?a?a0) -- C:\ProgramData\䖠ǟ䉐ǟ0
(C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ā䉐Ā0
(C:\ProgramData\?A?A0) -- C:\ProgramData\䖠Ǎ䉐Ǎ0
(C:\ProgramData\?A?A0) -- C:\ProgramData\䔸Ǎ䇨Ǎ0
(C:\ProgramData\?8?80) -- C:\ProgramData\䖠8䉐80
(C:\ProgramData\?6?60) -- C:\ProgramData\䔸6䇨60
(C:\ProgramData\?5?50) -- C:\ProgramData\䔸5䇨50
(C:\ProgramData\?¶?¶0) -- C:\ProgramData\䖠¶䉐¶0
(C:\ProgramData\?¢?¢0) -- C:\ProgramData\䔸¢䇨¢0
(C:\ProgramData\??0) -- C:\ProgramData\䔸䇨0
(C:\ProgramData\????0) -- C:\ProgramData\䖠Lj䉐Lj0
(C:\ProgramData\????0) -- C:\ProgramData\䖠dz䉐dz0
(C:\ProgramData\????0) -- C:\ProgramData\䖠Ȃ䉐Ȃ0
(C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
(C:\ProgramData\????0) -- C:\ProgramData\䖠䉐0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ƹ䇨Ƹ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ǯ䇨ǯ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ʊ䇨Ʊ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ƨ䇨ƨ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ș䇨Ș0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ȍ䇨ȍ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ǹ䇨ǹ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸nj䇨nj0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ǵ䇨Ǵ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ȇ䇨Ȇ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ƃ䇨ƃ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸ȁ䇨ȁ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸Ǡ䇨Ǡ0
(C:\ProgramData\????0) -- C:\ProgramData\䔸䇨0
(C:\ProgramData\?(?(0) -- C:\ProgramData\䔸(䇨(0
(C:\ProgramData\?#?#0) -- C:\ProgramData\䔸#䇨#0
(C:\ProgramData\?!?!0) -- C:\ProgramData\䖠ǃ䉐ǃ0
(C:\ProgramData\? ? 0) -- C:\ProgramData\䖠 䉐 0
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Users\aarons\Documents\Imported Photos 00002.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\aarons\Documents\Imported Photos 00001.jpg:Roxio EMC Stream
@Alternate Data Stream - 64 bytes -> C:\Users\aarons\Documents\party 177.AVI:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\aarons\Documents\party 174.AVI:TOC.WMV
@Alternate Data Stream - 166 bytes -> C:\ProgramData\TEMP:FB1B13D8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:466F9D5D
< End of report >