WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Various programs installed; computer not running good performance

Started by cburson1112 , Jan 04 2014 10:26 AM

This topic is locked

10 replies to this topic

#1 cburson1112

New Member

Authentic Member
16 posts

Posted 04 January 2014 - 10:26 AM

Various programs installed; computer not running good performance

OTL

OTL logfile created on: 1/4/2014 10:09:05 AM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ChristiB\Downloads

Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16476)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.45 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 42.55% Memory free

3.65 Gb Paging File | 1.53 Gb Available in Paging File | 41.95% Paging File free

Paging file location(s): c:\pagefile.sys 200 2998 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 455.93 Gb Total Space | 312.02 Gb Free Space | 68.44% Space Free | Partition Type: NTFS

Drive F: | 931.51 Gb Total Space | 405.33 Gb Free Space | 43.51% Space Free | Partition Type: NTFS

Computer Name: CHRISTIB-PC | User Name: ChristiB | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\ChristiB\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Users\ChristiB\Downloads\HiJackThis.exe (Trend Micro Inc.)

PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)

PRC - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)

PRC - C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

PRC - C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe (Apple Inc.)

PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation)

PRC - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe (RealNetworks, Inc.)

PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()

PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

PRC - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Microsoft MapPoint 2011\StreetsOlkShim.exe (Microsoft)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll ()

MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()

MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\libglesv2.dll ()

MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\libegl.dll ()

MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll ()

MOD - C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll ()

MOD - C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll ()

MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()

MOD - C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\Program Files\Microsoft Office\Office14\OUTLCTL.DLL ()

MOD - C:\Windows\System32\wxvault.dll ()

========== Services (SafeList) ==========

SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found

SRV - (CAATT) -- C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe /n CAATT File not found

SRV - (ATTRcAppSvc) -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe /n ATTRcAppSvc File not found

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)

SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)

SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)

SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()

SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (LeapFrog Connect Device Service) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)

SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)

SRV - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)

SRV - (DTSRVC) -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe ()

SRV - (SMManager) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)

SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)

SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\stacsv.exe (IDT, Inc.)

SRV - (dcpsysmgrsvc) -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)

SRV - (PdiService) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)

SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)

SRV - (Credential Vault Host Storage) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)

SRV - (Credential Vault Host Control Service) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)

SRV - (TdmService) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)

SRV - (SecureStorageService) -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)

SRV - (buttonsvc32) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)

SRV - (tcsd_win32.exe) -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()

SRV - (LBTServ) -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)

========== Driver Services (SafeList) ==========

DRV - (tcpipBM) -- C:\Windows\system32\drivers\tcpipBM.sys File not found

DRV - (PCTINDIS5) -- C:\Windows\system32\PCTINDIS5.SYS File not found

DRV - (NvtSp50) -- System32\Drivers\NvtSp50.sys File not found

DRV - (MpKsled7b911f) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{839E37A1-6B14-45E1-A06B-DF2AC1E063AE}\MpKsled7b911f.sys File not found

DRV - (MpKslcde7d9f5) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5414B5DA-1541-4075-AF39-38D77F94074E}\MpKslcde7d9f5.sys File not found

DRV - (MpKslbc4c2182) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FE612EBE-E197-48DD-959D-72CA3B283B47}\MpKslbc4c2182.sys File not found

DRV - (MpKsl9332f2a5) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FE612EBE-E197-48DD-959D-72CA3B283B47}\MpKsl9332f2a5.sys File not found

DRV - (MpKsl9113aa39) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8A99B91A-1326-4886-BF89-BBA3122128AF}\MpKsl9113aa39.sys File not found

DRV - (MpKsl8d329cfd) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FE612EBE-E197-48DD-959D-72CA3B283B47}\MpKsl8d329cfd.sys File not found

DRV - (MpKsl6baef586) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7C71B285-904C-4FD6-AC89-B2DDDC12CC57}\MpKsl6baef586.sys File not found

DRV - (MpKsl575be974) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C0D7941C-B1EF-4971-8F58-F4397E782FEF}\MpKsl575be974.sys File not found

DRV - (MpKsl49c395f4) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5CE8F995-C65E-4E0C-A503-A1521A11F009}\MpKsl49c395f4.sys File not found

DRV - (MpKsl315d7f7b) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC67A18E-AF96-4B94-B9E9-371F0114F100}\MpKsl315d7f7b.sys File not found

DRV - (MpKsl063bae14) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DC1B7ACA-0E24-4F17-9420-C3641F3C3463}\MpKsl063bae14.sys File not found

DRV - (MpKsl054aed27) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36FC2FDB-22BF-450F-AF6A-1E513DF3CB2C}\MpKsl054aed27.sys File not found

DRV - (lmimirr) -- system32\DRIVERS\lmimirr.sys File not found

DRV - (catchme) -- C:\Users\ChristiB\AppData\Local\Temp\catchme.sys File not found

DRV - (BMLoad) -- system32\drivers\BMLoad.sys File not found

DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)

DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)

DRV - (FNETTHJM_152D) -- C:\Windows\System32\drivers\fnetthjm_152D.sys (FNet Co., Ltd.)

DRV - (e1yexpress) -- C:\Windows\System32\drivers\e1y6232.sys (Intel Corporation)

DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)

DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)

DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)

DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)

DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)

DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)

DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)

DRV - (vpcuxd) -- C:\Windows\System32\drivers\vpcuxd.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)

DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)

DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)

DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)

DRV - (Leapfrog-USBLAN) -- C:\Windows\System32\drivers\btblan.sys (Belcarra Technologies)

DRV - (SSLDrv) -- C:\Windows\System32\drivers\SSLDrv.sys (Cavium Networks)

DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group)

DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)

DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)

DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)

DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.)

DRV - (USBPNPA) -- C:\Windows\System32\drivers\CM108.sys (C-Media Electronics Inc)

DRV - (SWNC8U12) -- C:\Windows\System32\drivers\swnc8u12.sys (Sierra Wireless Inc.)

DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)

DRV - (WavxDMgr) -- C:\Windows\System32\drivers\WavxDMgr.sys (Wave Systems Corp.)

DRV - (swumx12) -- C:\Windows\System32\drivers\swumx12.sys (Sierra Wireless Inc.)

DRV - (PdiPorts) -- C:\Windows\System32\drivers\PdiPorts.sys (Portrait Displays, Inc.)

DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)

DRV - (acpials) -- C:\Windows\System32\drivers\acpials.sys (Microsoft Corporation)

DRV - (rixdpcie) -- C:\Windows\System32\drivers\rixdpe86.sys (REDC)

DRV - (rimspci) -- C:\Windows\System32\drivers\rimspe86.sys (REDC)

DRV - (risdpcie) -- C:\Windows\System32\drivers\risdpe86.sys (REDC)

DRV - (cvusbdrv) -- C:\Windows\System32\drivers\cvusbdrv.sys (Broadcom Corporation)

DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)

DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)

DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)

DRV - (HECI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)

DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel® Corporation)

DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)

DRV - (PBADRV) -- C:\Windows\System32\drivers\PBADRV.sys (Dell Inc)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}

IE - HKLM\..\SearchScopes\{2F2C6E1F-FD1F-4A7E-838D-17A8F5231706}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7102}: "URL" = http://search.jzip.c...q={searchTerms}

IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}: "URL" = http://www.searchqu....q={searchTerms}

IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\ChristiB\Downloads

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://rllogin.wal-...me/default.aspx

IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {19747E20-062B-4A42-A97E-D231A90BE1D7}

IE - HKCU\..\SearchScopes\{19747E20-062B-4A42-A97E-D231A90BE1D7}: "URL" = http://www.google.co...utputEncoding?}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: "Conduit Search"

FF - prefs.js..browser.startup.homepage: "http://search.condui...A7CA7720&SSPV="

FF - prefs.js..extensions.enabledAddons: %7B6e84150a-d526-41f1-a480-a67d3fed910d%7D:1.5.6

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0

FF - prefs.js..browser.search.update: false

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ChristiB\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ChristiB\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ChristiB\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ChristiB\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/15 15:04:42 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/05 17:11:30 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/26 14:03:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/26 14:03:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/19 19:19:10 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/18 12:01:40 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/15 15:04:42 | 000,000,000 | ---D | M]

[2012/06/22 12:47:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Extensions

[2014/01/04 09:23:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\extensions

[2014/01/02 18:00:11 | 000,000,000 | ---D | M] (Value Apps) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}

[2012/06/08 09:45:59 | 000,000,000 | ---D | M] (wxDfast) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\extensions\4fce8fe742a1f@4fce8fe742a58.info

[2013/01/26 15:00:59 | 000,003,958 | ---- | M] () (No name found) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\extensions\{062c9079-db58-4492-8589-ca90cd00a2d1}.xpi

[2013/03/24 20:09:53 | 000,111,028 | ---- | M] () (No name found) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}.xpi

[2014/01/04 09:21:40 | 000,000,861 | ---- | M] () -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\searchplugins\conduit-search.xml

[2012/06/05 17:11:15 | 000,002,203 | ---- | M] () -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\searchplugins\MyStart Search.xml

[2013/06/19 19:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2013/06/19 19:18:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

[2013/06/19 19:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

[2013/06/19 19:19:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013/12/23 20:36:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions

[2013/12/23 20:36:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

[2013/12/23 20:36:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions

[2013/12/23 20:37:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013/09/26 14:02:30 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

[2011/03/23 06:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: https://rllogin.wal-...me/default.aspx

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

CHR - plugin: Java™ Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll

CHR - plugin: Windows Live\u00C2\u2122 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: RealNetworks™ RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

CHR - plugin: RealNetworks™ RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

CHR - plugin: RealNetworks™ RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\ChristiB\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\ChristiB\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll

CHR - Extension: Google Docs = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Google Drive = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: Bookmark Sentry (scanner) = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga\1.7.18_0\

CHR - Extension: wxDfast = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgheeokdipjeglcbeilamhlkegaiponb\1.0_0\

CHR - Extension: YouTube = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Google Search = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: Web Assistant = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\

CHR - Extension: iCloud Bookmarks = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.2.12_0\

CHR - Extension: RealDownloader = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\

CHR - Extension: Value apps = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.0.0_0\

CHR - Extension: Google Wallet = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\

CHR - Extension: Gmail = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/01/04 09:25:51 | 000,449,836 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 127.0.0.1 1-2005-search.com

O1 - Hosts: 127.0.0.1 123fporn.info

O1 - Hosts: 15467 more lines...

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll File not found

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll File not found

O3 - HKLM\..\Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll File not found

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll File not found

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [Cm108Sound] RunDll32 cm108.cpl,CMICtrlWnd File not found

O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)

O4 - HKCU..\Run: [ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon] C:\Users\ChristiB\AppData\Roaming\ValueApps\CH\TBVerifier.dll (Conduit Ltd.)

O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)

O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)

O4 - HKLM..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f File not found

O4 - Startup: C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Export to Microsoft Excel - res://C:\Program Files\Microsoft Office\OFFICE12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKCU\..Trusted Domains: 1sync.org ([item.prod] https in Trusted sites)

O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: dns-ok.us ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: dns-ok.us ([www] http in Trusted sites)

O15 - HKCU\..Trusted Domains: doesntexist.com ([fishinco] https in Trusted sites)

O15 - HKCU\..Trusted Domains: google.com ([mail] https in Trusted sites)

O15 - HKCU\..Trusted Domains: google.com ([www] http in Trusted sites)

O15 - HKCU\..Trusted Domains: gotomeeting.com ([www1] https in Trusted sites)

O15 - HKCU\..Trusted Domains: ieframe.dll ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: imdb.com ([www] https in Trusted sites)

O15 - HKCU\..Trusted Domains: logmein.com ([secure] https in Trusted sites)

O15 - HKCU\..Trusted Domains: metrolyrics.com ([www] https in Trusted sites)

O15 - HKCU\..Trusted Domains: npr.org ([www] https in Trusted sites)

O15 - HKCU\..Trusted Domains: pandora.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: pandora.com ([www] https in Trusted sites)

O15 - HKCU\..Trusted Domains: showmypc.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: showmypc.com ([]https in Trusted sites)

O15 - HKCU\..Trusted Domains: signupsecurity.com ([secure] https in Trusted sites)

O15 - HKCU\..Trusted Domains: wal-mart.com ([]* in Trusted sites)

O15 - HKCU\..Trusted Domains: wal-mart.com ([coman] https in Trusted sites)

O15 - HKCU\..Trusted Domains: wal-mart.com ([retaillink] https in Trusted sites)

O15 - HKCU\..Trusted Domains: wal-mart.com ([rllogin] https in Trusted sites)

O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)

O16 - DPF: {19DFFB5D-E30A-4E3B-8524-0AD8F4D88D32} https://fishinco.doe...com/XTunnel.cab (VPLaunch Class)

O16 - DPF: {79D6214F-CFCE-480F-9901-27950E78F1E6} https://fishinco.doe...acheCleaner.cab (WebCacheCleaner Class)

O16 - DPF: {82E5DF24-51E8-47CD-864A-F4BD5005AA73} https://www.icloud.c...stem/iCloud.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)

O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)

O16 - DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_38)

O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_09)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://akamaicdn.we...nt/ieatgpc1.cab (GpcContainer Class)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29465F31-6103-4BD7-B2E6-6C1F1FD0ABC1}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36C51CBC-060C-48AE-ACDA-7D1F0DCF4383}: DhcpNameServer = 172.16.206.215 172.16.206.215

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{790B665E-3AD4-4D0E-9DBF-6C4692B10A23}: NameServer = 172.16.206.215 172.16.206.215

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD12F98D-1D60-45EC-99A6-686024840D22}: NameServer = 172.16.206.215 172.16.206.215

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCE835DB-CE42-49B0-9139-6FD2562B548E}: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/01/02 18:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit

[2014/01/02 18:00:16 | 000,000,000 | ---D | C] -- C:\Users\ChristiB\AppData\Roaming\ValueApps

[2014/01/02 17:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter

[2014/01/02 17:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\InstallConverter

[2013/12/16 14:11:04 | 000,000,000 | ---D | C] -- C:\Users\ChristiB\AppData\Local\{EB3A4E83-FC3D-4514-94E0-D379D4D37336}

[2013/12/12 14:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

[2013/12/12 03:05:25 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2013/12/12 03:05:25 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2013/12/12 03:05:24 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013/12/12 03:05:24 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2013/12/12 03:05:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll

[2013/12/12 03:05:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2013/12/12 03:05:23 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll

[2013/12/12 03:05:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2013/12/12 03:05:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2013/12/12 03:05:22 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2013/12/12 03:05:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe

[2013/12/12 03:05:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll

[2013/12/12 03:05:20 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2013/12/12 03:05:18 | 004,243,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2013/12/12 03:01:28 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL

[2013/12/11 03:08:44 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe

[2013/12/11 03:08:43 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll

[2013/12/11 03:08:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2013/12/11 03:08:39 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2013/12/11 03:08:39 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys

[2013/12/11 03:08:38 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys

[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/04 10:06:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2009092001-3919513084-3943380105-1000UA.job

[2014/01/04 09:58:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2014/01/04 09:25:51 | 000,449,836 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2014/01/04 09:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2014/01/04 09:15:08 | 000,020,720 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2014/01/04 09:15:08 | 000,020,720 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2014/01/04 09:12:27 | 000,369,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2014/01/04 09:12:27 | 000,061,900 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2014/01/04 09:09:47 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2014/01/04 09:09:45 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job

[2014/01/04 09:08:02 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl

[2014/01/04 09:08:02 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2009092001-3919513084-3943380105-1000Core.job

[2014/01/04 09:07:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2014/01/04 09:07:49 | 2780,745,728 | -HS- | M] () -- C:\hiberfil.sys

[2014/01/03 13:47:00 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job

[2014/01/03 10:45:57 | 000,352,256 | ---- | M] () -- C:\Users\ChristiB\Documents\Christi iCloud Calendar.mdb

[2014/01/03 10:45:57 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI

[2014/01/03 10:45:35 | 000,013,044 | ---- | M] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft Access 97-2003.CAL

[2014/01/02 17:59:38 | 000,001,916 | ---- | M] () -- C:\Users\Public\Desktop\InstallConverter.lnk

[2013/12/29 16:40:02 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2013/12/29 16:40:02 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2013/12/27 11:21:27 | 000,027,872 | ---- | M] () -- C:\Windows\UninstallVTPassage.exe

[2013/12/27 11:21:27 | 000,018,656 | ---- | M] (Cavium Networks) -- C:\Windows\ssldrv.sys

[2013/12/27 11:21:27 | 000,010,670 | ---- | M] () -- C:\Windows\ssldrv.cat

[2013/12/24 06:12:30 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2013/12/17 13:59:43 | 000,195,837 | ---- | M] () -- C:\Users\ChristiB\Documents\HoJo Receipt.pdf

[2013/12/12 03:23:03 | 000,465,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013/12/12 03:05:39 | 004,243,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2013/12/12 03:05:39 | 001,928,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2013/12/12 03:05:39 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll

[2013/12/12 03:05:39 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2013/12/12 03:05:39 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe

[2013/12/12 03:05:39 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll

[2013/12/12 03:05:39 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2013/12/12 03:05:39 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll

[2013/12/12 03:05:38 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2013/12/12 03:05:38 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2013/12/12 03:05:38 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013/12/12 03:05:38 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2013/12/12 03:05:38 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2013/12/12 03:05:38 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2013/12/12 03:04:51 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe

[2013/12/12 03:04:48 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll

[2013/12/12 03:04:44 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2013/12/12 03:04:35 | 002,349,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2013/12/12 03:01:39 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL

[2013/12/09 07:34:55 | 000,031,107 | ---- | M] () -- C:\Users\ChristiB\Desktop\Twila Heart of Christmas.png

[2013/12/05 20:14:02 | 000,206,762 | ---- | M] () -- C:\Users\ChristiB\Desktop\Charter Speed Test 12-05-13.png

[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/03 10:45:01 | 000,013,044 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft Access 97-2003.CAL

[2014/01/03 10:44:52 | 000,352,256 | ---- | C] () -- C:\Users\ChristiB\Documents\Christi iCloud Calendar.mdb

[2014/01/02 17:59:38 | 000,001,916 | ---- | C] () -- C:\Users\Public\Desktop\InstallConverter.lnk

[2013/12/17 13:59:43 | 000,195,837 | ---- | C] () -- C:\Users\ChristiB\Documents\HoJo Receipt.pdf

[2013/12/09 07:34:55 | 000,031,107 | ---- | C] () -- C:\Users\ChristiB\Desktop\Twila Heart of Christmas.png

[2013/12/05 20:14:02 | 000,206,762 | ---- | C] () -- C:\Users\ChristiB\Desktop\Charter Speed Test 12-05-13.png

[2013/09/04 09:05:33 | 000,102,248 | ---- | C] () -- C:\Users\ChristiB\GoToAssistDownloadHelper.exe

[2013/05/16 09:11:00 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI

[2012/12/24 14:23:41 | 000,552,960 | -H-- | C] () -- C:\Windows\System32\Cmeau108.exe

[2012/12/24 14:23:41 | 000,143,360 | -H-- | C] () -- C:\Windows\Vmix108.dll

[2012/12/24 14:23:41 | 000,000,237 | ---- | C] () -- C:\Windows\Cm108.ini.cfl

[2012/12/24 14:23:38 | 000,303,104 | -H-- | C] () -- C:\Windows\System32\CmiInstallResAll.dll

[2012/12/24 14:23:38 | 000,007,055 | ---- | C] () -- C:\Windows\Cm108.ini.imi

[2012/12/24 14:23:38 | 000,002,029 | -H-- | C] () -- C:\Windows\Cm108.ini.cfg

[2012/12/24 14:23:37 | 000,001,151 | -H-- | C] () -- C:\Windows\_cm108.ini

[2012/12/24 14:23:37 | 000,001,102 | -H-- | C] () -- C:\Windows\cm108.ini

[2012/07/30 12:34:17 | 000,130,890 | ---- | C] () -- C:\Windows\hpoins18.dat

[2012/07/10 19:07:22 | 000,000,600 | ---- | C] () -- C:\Users\ChristiB\PUTTY.RND

[2012/06/22 13:26:24 | 000,005,115 | ---- | C] () -- C:\Windows\wininit.ini

[2012/06/22 12:54:35 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2012/06/05 17:16:30 | 000,000,953 | ---- | C] () -- C:\Users\ChristiB\wxDownloadFast.ini

[2012/05/04 08:12:31 | 000,038,438 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Comma Separated Values (DOS).ADR

[2012/05/04 08:10:16 | 000,011,413 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Comma Separated Values (DOS).TSK

[2012/05/03 15:01:40 | 000,012,964 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Comma Separated Values (DOS).CAL

[2011/07/07 11:14:37 | 000,012,963 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft Excel 97-2003.CAL

[2011/03/14 07:42:42 | 000,000,600 | ---- | C] () -- C:\Users\ChristiB\AppData\Local\PUTTY.RND

[2010/12/26 17:12:39 | 000,022,711 | ---- | C] () -- C:\Users\ChristiB\Resetting Belkin Router.pdf

[2010/11/02 10:25:31 | 000,038,502 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft Excel 97-2003.ADR

[2010/02/20 11:14:29 | 000,039,019 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Comma Separated Values (Windows).ADR

[2010/02/13 08:35:41 | 000,007,605 | ---- | C] () -- C:\Users\ChristiB\AppData\Local\resmon.resmoncfg

[2010/02/08 17:02:05 | 000,000,000 | ---- | C] () -- C:\Users\ChristiB\AppData\Local\WavXMapDrive.bat

========== ZeroAccess Check ==========

[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/09/11 02:03:41 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

========== LOP Check ==========

[2013/11/30 13:19:35 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\.minecraft

[2013/03/24 21:05:32 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Azureus

[2010/02/08 17:02:04 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Broadcom

[2010/10/22 06:37:02 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Bytemobile

[2012/11/12 16:31:07 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2012/09/19 11:48:44 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Decipher Media

[2011/12/21 14:07:37 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\DisplayTune

[2010/10/29 09:02:53 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Leadertech

[2010/11/22 16:46:48 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\NetDrive

[2012/12/21 17:54:50 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\OpenCandy

[2012/05/10 06:30:51 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\OpenOffice.org

[2011/03/13 15:41:01 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\TightVNC

[2014/01/02 18:00:16 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\ValueApps

[2010/02/08 17:02:05 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Wave Systems Corp

[2012/08/17 09:06:35 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\webex

[2010/12/04 13:56:29 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\WindSolutions

========== Purity Check ==========

========== Custom Scans ==========

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %temp%\smtmp\*.* /s > >

< MD5 for: EXPLORER.ADML >

[2009/07/13 20:07:10 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml

[2009/07/13 20:07:10 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_22d6d5b5cba907ce\Explorer.adml

< MD5 for: EXPLORER.ADMX >

[2009/06/10 15:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx

[2009/06/10 15:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\x86_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_1590ffd752297581\Explorer.admx

< MD5 for: EXPLORER.EXE >

[2010/02/02 21:53:02 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_523cdab8f40fe558\explorer.exe

[2011/02/25 23:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe

[2009/07/13 19:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

[2011/02/25 23:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe

[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe

[2011/02/25 23:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe

[2010/11/20 06:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe

[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

[2010/02/02 21:53:05 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe

[2010/02/02 21:53:05 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe

[2009/10/31 00:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

[2010/02/02 21:53:02 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_51c00e6ddae85c4b\explorer.exe

< MD5 for: EXPLORER.EXE.MUI >

[2009/07/13 20:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\en-US\explorer.exe.mui

[2009/07/13 20:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_05c8dd40d4f56065\explorer.exe.mui

< MD5 for: EXPLORER.EXE-D5E97654.PF >

[2014/01/04 09:11:08 | 000,099,384 | ---- | M] () MD5=8F680328BCE127E3F1D4871D84EF184A -- C:\Windows\Prefetch\EXPLORER.EXE-D5E97654.pf

< MD5 for: IEXPLORE.EXE >

[2012/06/14 02:01:14 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_b12560b1c817cfde\iexplore.exe

[2013/06/12 02:00:55 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_ba6545dc65e543de\iexplore.exe

[2010/09/07 22:36:39 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=14803EA3E5DD7CB37CB446C74CFDA38F -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20795_none_b3c5cc459f4108f2\iexplore.exe

[2012/09/22 02:01:00 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_b1148f09c82553c5\iexplore.exe

[2012/05/17 16:59:46 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=268982F1FD671A077C6A2AF41E351436 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_b19f2c1ee1420ce6\iexplore.exe

[2012/11/16 03:01:46 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_b119907bc820d278\iexplore.exe

[2013/06/11 22:41:27 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=2A5F565327BFD679EC5F790DC15BBF25 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_a38ffdc27f91d847\iexplore.exe

[2009/07/13 19:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_b346f9b4861b55c2\iexplore.exe

[2013/07/11 02:06:58 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_ba672fa865e3902d\iexplore.exe

[2013/04/11 02:03:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_b104f0edc83023b1\iexplore.exe

[2012/07/11 05:45:22 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16447_none_b12660fbc816e935\iexplore.exe

[2013/09/11 02:04:24 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_ba6c1a5265df2881\iexplore.exe

[2013/05/16 19:57:28 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=3902E280F6117A468D5573343A7AA1F6 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_a38c5d6c7f953fa9\iexplore.exe

[2013/05/15 02:07:42 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=3F00BE80B9CEA20B7FE7363D15EDDB94 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16483_none_b0f72023c83af39d\iexplore.exe

[2013/02/21 22:10:31 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=4145E2B5663F6FACC08EFDB17B658BB2 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_b183bdcce155df6c\iexplore.exe

[2013/08/09 23:13:42 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=48A1306191216997F717C451B8D15139 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_a394d1a47f8d8a3c\iexplore.exe

[2010/11/03 23:54:54 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=58CF468D3FF4CF830339FE5E45356355 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16700_none_b3987f3a85deec23\iexplore.exe

[2010/09/07 22:31:24 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=61EDBCE47ADF3E52AB0B9F49EE4AEBB8 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16671_none_b34dce2a8616cbea\iexplore.exe

[2012/08/24 01:49:25 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=62188720CE27B982B4285C03163C9FB3 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20557_none_b1a52ddae13ca4f0\iexplore.exe

[2013/02/14 03:03:36 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_b10dc045c829d512\iexplore.exe

[2010/11/03 23:54:59 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=6B2258FF6D2332073FE9E90122FA4168 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20831_none_b402ac8b9f13f917\iexplore.exe

[2013/08/15 02:01:22 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_ba6aa26e65e05c0d\iexplore.exe

[2011/06/01 17:43:47 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_b135ff17c80c1949\iexplore.exe

[2010/12/17 23:32:25 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=9321CF0D023528C71E3645F8433C86C8 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20861_none_b3e23cc79f2c4cea\iexplore.exe

[2012/08/16 02:01:13 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_b1276145c816028c\iexplore.exe

[2013/10/12 01:16:06 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9DFE1678738DD968D7BA5559B52706D1 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_a384a5267f9a8dfe\iexplore.exe

[2013/02/01 22:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_b17dbc10e15b4762\iexplore.exe

[2010/12/17 23:33:54 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=AA08B68EF4E35EFA170CF85A44B23B70 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16722_none_b384dff685ed56b3\iexplore.exe

[2013/05/25 02:01:35 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_ba75e9f465d7f339\iexplore.exe

[2011/02/23 23:45:11 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=AB2BB40A5FE49AD236791AC22BD08869 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20908_none_b42a203b9ef553cc\iexplore.exe

[2009/04/20 12:56:28 | 000,031,232 | ---- | M] (NirSoft) MD5=AE72E8619CB31D84DA25E2435E55003C -- C:\cf\iexplore.exe

[2012/12/13 03:03:24 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=B201AF83DF2E85323E29EB83E4046810 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_b11b910fc81f0526\iexplore.exe

[2012/06/02 02:51:58 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=BE967C74B89577B78FB57C061E12B04C -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20553_none_b1a12cb2e1403f94\iexplore.exe

[2013/04/04 15:55:02 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=C036AB1ED8BAC04FE4A349BA263077BB -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20593_none_b175ed02e160af58\iexplore.exe

[2012/11/15 21:08:47 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=C0BA71C1B3FB6E3DD432FF3CCAEBDC62 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_b1985d5ae1468e33\iexplore.exe

[2010/11/20 06:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_b5780d7c8309d95c\iexplore.exe

[2011/02/23 23:32:52 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C6697A46554E36541E81182B258A19D6 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16766_none_b35da16e860a2bd3\iexplore.exe

[2013/11/26 03:01:16 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Program Files\Internet Explorer\iexplore.exe

[2013/11/26 03:01:16 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_1eeed3e40a768844\iexplore.exe

[2012/10/08 02:22:05 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=CECB15F834FC2B4B150449717ADE18DD -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_b1955c7ce149422e\iexplore.exe

[2013/10/09 02:07:22 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_ba5bba9265ec2c43\iexplore.exe

[2013/11/14 03:03:41 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_ba5c48f465ebc5bf\iexplore.exe

[2013/09/22 18:01:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=DB352EBF77E8655E0C46B6923F3C9950 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_a38444547f9ac140\iexplore.exe

[2013/03/14 02:01:31 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_b0feef31c8358ba7\iexplore.exe

[2013/07/25 23:09:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=E70D60B3A350BD09D86CDAD9CF55F36B -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_a39175a67f90a4bb\iexplore.exe

[2012/06/28 17:35:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=EB4105348272018D096FEB655CD1608C -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_b1a22cfce13f58eb\iexplore.exe

[2013/01/08 15:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_b18b8cdae1507776\iexplore.exe

< MD5 for: IEXPLORE.EXE.MUI >

[2013/11/26 03:01:16 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui

[2013/11/26 03:01:16 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_189b695b4223c92b\iexplore.exe.mui

[2011/06/01 17:43:47 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_aae2948effb95a30\iexplore.exe.mui

[2013/05/25 02:01:35 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_b41defe19d893548\iexplore.exe.mui

[2009/07/13 20:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_acf38f2bbdc896a9\iexplore.exe.mui

< MD5 for: IEXPLORE.EXE-058FE8F5.PF >

[2014/01/04 09:55:31 | 000,175,390 | ---- | M] () MD5=E098066AB45E1B4BA780555F67EDF0F8 -- C:\Windows\Prefetch\IEXPLORE.EXE-058FE8F5.pf

< MD5 for: SERVICES >

[2009/06/10 15:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services

[2009/06/10 15:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services

< MD5 for: SERVICES.EXE >

[2009/07/13 19:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe

[2009/07/13 19:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SERVICES.EXE.MUI >

[2009/07/13 20:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui

[2009/07/13 20:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui

< MD5 for: SERVICES.LNK >

[2009/07/13 22:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

[2009/07/13 22:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >

[2009/06/10 15:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof

[2009/06/10 15:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof

< MD5 for: SERVICES.MSC >

[2009/07/13 20:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc

[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc

[2009/07/13 20:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc

[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >

[2009/07/13 14:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml

[2009/07/13 14:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml

< MD5 for: SERVICES.RDB >

[2012/08/13 10:51:02 | 000,178,348 | ---- | M] () MD5=039C8CFBD74EE07F38CD9E4C7D95C5C6 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb

[2012/08/13 10:51:02 | 000,000,453 | ---- | M] () MD5=3D2ADA15FEF5B5FF468243161543D610 -- C:\Program Files\OpenOffice.org 3\program\services.rdb

[2012/08/10 15:12:16 | 000,008,060 | ---- | M] () MD5=7CA7D7150EC46321162F932ADCF5F35B -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb

< MD5 for: SERVICES.SBS >

[2013/07/16 12:21:30 | 000,034,818 | ---- | M] () MD5=E2ACBC77020C8D5CE97CA61D0D859A44 -- C:\Program Files\Spybot - Search & Destroy\Includes\Services.sbs

< MD5 for: WINLOGON.ADML >

[2009/07/13 20:05:00 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml

[2009/07/13 20:05:00 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_94da67ab3e358f3a\WinLogon.adml

< MD5 for: WINLOGON.ADMX >

[2009/06/10 15:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx

[2009/06/10 15:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_7ae3b2e5da95d117\WinLogon.admx

< MD5 for: WINLOGON.EXE >

[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe

[2009/10/27 23:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe

[2010/11/20 06:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe

[2010/11/20 06:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

[2009/07/13 19:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WINLOGON.EXE.MUI >

[2010/11/20 06:12:53 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=65C2C2EE8F334EE07F66876551DE1827 -- C:\Windows\System32\en-US\winlogon.exe.mui

[2010/11/20 06:12:53 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=65C2C2EE8F334EE07F66876551DE1827 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_ccfffb7662588b45\winlogon.exe.mui

[2009/07/13 20:05:28 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DB61D28A59DEE68F77811B291D83AD1B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7600.16385_en-us_cacee7ae656a07ab\winlogon.exe.mui

< MD5 for: WINLOGON.MFL >

[2009/07/13 20:09:40 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\System32\wbem\en-US\winlogon.mfl

[2009/07/13 20:09:40 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_2891397980a26140\winlogon.mfl

< MD5 for: WINLOGON.MOF >

[2009/07/13 14:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\System32\wbem\winlogon.mof

[2009/07/13 14:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_800f1ff3d73b72d9\winlogon.mof

< %SYSTEMDRIVE%\*.* >

[2011/02/15 11:36:30 | 000,001,024 | ---- | M] () -- C:\.rnd

[2011/05/04 04:36:09 | 000,020,580 | ---- | M] () -- C:\1020.log

[2009/06/10 15:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat

[2009/06/10 15:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys

[2010/02/02 21:54:56 | 000,004,906 | RH-- | M] () -- C:\dell.sdr

[2014/01/04 09:07:49 | 2780,745,728 | -HS- | M] () -- C:\hiberfil.sys

[2012/06/22 13:28:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS

[2012/03/29 12:09:59 | 1368,072,344 | ---- | M] () -- C:\MP2011.exe

[2012/06/22 13:28:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS

[2011/09/02 10:00:18 | 000,164,940 | ---- | M] () -- C:\ndsvc.log

[2014/01/04 09:07:55 | 209,715,200 | -HS- | M] () -- C:\pagefile.sys

[2012/03/15 09:12:44 | 000,000,510 | ---- | M] () -- C:\settings.ini

[2012/06/05 17:11:40 | 000,000,454 | ---- | M] () -- C:\user.js

< %systemroot%\Fonts\*.com >

[2009/07/13 22:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont

[2009/07/13 22:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont

[2009/07/13 22:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont

[2009/07/13 22:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >

[2009/06/10 15:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

[2009/07/13 19:15:26 | 000,280,064 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\hpzppw71.dll

[2009/07/13 19:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll

[2010/07/09 07:31:14 | 000,082,184 | ---- | M] (Microsoft Corporation.) -- C:\Windows\system32\spool\prtprocs\w32x86\lmdippr8.dll

[2010/11/20 06:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

[2012/03/08 17:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

[2013/01/26 15:15:03 | 000,001,702 | -HS- | M] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft\LastFlashConfig.wfc

< %PROGRAMFILES%\*.* >

[2009/07/13 22:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

[2012/04/20 10:10:39 | 003,723,881 | ---- | M] () -- C:\Program Files\ShilohQuickSQL7617.xls

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< dir "%systemdrive%\*" /S /A:L /C >

Volume in drive C is OS

Volume Serial Number is 9434-A400

Directory of C:\

07/13/2009 10:53 PM <JUNCTION> Documents and Settings [C:\Users]

0 File(s) 0 bytes

Directory of C:\ProgramData

07/13/2009 10:53 PM <JUNCTION> Application Data [C:\ProgramData]

07/13/2009 10:53 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]

07/13/2009 10:53 PM <JUNCTION> Documents [C:\Users\Public\Documents]

07/13/2009 10:53 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]

07/13/2009 10:53 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]

07/13/2009 10:53 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users

07/13/2009 10:53 PM <SYMLINKD> All Users [C:\ProgramData]

07/13/2009 10:53 PM <JUNCTION> Default User [C:\Users\Default]

0 File(s) 0 bytes

Directory of C:\Users\All Users

07/13/2009 10:53 PM <JUNCTION> Application Data [C:\ProgramData]

07/13/2009 10:53 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]

07/13/2009 10:53 PM <JUNCTION> Documents [C:\Users\Public\Documents]

07/13/2009 10:53 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]

07/13/2009 10:53 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]

07/13/2009 10:53 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users\ChristiB

02/08/2010 05:01 PM <JUNCTION> PrintHood [C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]

02/08/2010 05:01 PM <JUNCTION> Recent [C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\Recent]

02/08/2010 05:01 PM <JUNCTION> SendTo [C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\SendTo]

02/08/2010 05:01 PM <JUNCTION> Start Menu [C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\Start Menu]

02/08/2010 05:01 PM <JUNCTION> Templates [C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users\ChristiB\AppData\Local

02/08/2010 05:01 PM <JUNCTION> Application Data [C:\Users\ChristiB\AppData\Local]

02/08/2010 05:01 PM <JUNCTION> History [C:\Users\ChristiB\AppData\Local\Microsoft\Windows\History]

02/08/2010 05:01 PM <JUNCTION> Temporary Internet Files [C:\Users\ChristiB\AppData\Local\Microsoft\Windows\Temporary Internet Files]

0 File(s) 0 bytes

Directory of C:\Users\ChristiB\Documents

02/08/2010 05:01 PM <JUNCTION> My Music [C:\Users\ChristiB\Music]

02/08/2010 05:01 PM <JUNCTION> My Pictures [C:\Users\ChristiB\Pictures]

02/08/2010 05:01 PM <JUNCTION> My Videos [C:\Users\ChristiB\Videos]

0 File(s) 0 bytes

Directory of C:\Users\Default

07/13/2009 10:53 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]

07/13/2009 10:53 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]

07/13/2009 10:53 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]

07/13/2009 10:53 PM <JUNCTION> My Documents [C:\Users\Default\Documents]

07/13/2009 10:53 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]

07/13/2009 10:53 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]

07/13/2009 10:53 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]

07/13/2009 10:53 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]

07/13/2009 10:53 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]

07/13/2009 10:53 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users\Default\AppData\Local

07/13/2009 10:53 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]

07/13/2009 10:53 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]

07/13/2009 10:53 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]

0 File(s) 0 bytes

Directory of C:\Users\Default\Documents

07/13/2009 10:53 PM <JUNCTION> My Music [C:\Users\Default\Music]

07/13/2009 10:53 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]

07/13/2009 10:53 PM <JUNCTION> My Videos [C:\Users\Default\Videos]

0 File(s) 0 bytes

Directory of C:\Users\iTunes Test

01/03/2013 03:19 PM <JUNCTION> Application Data [C:\Users\iTunes Test\AppData\Roaming]

01/03/2013 03:19 PM <JUNCTION> Cookies [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Cookies]

01/03/2013 03:19 PM <JUNCTION> Local Settings [C:\Users\iTunes Test\AppData\Local]

01/03/2013 03:19 PM <JUNCTION> My Documents [C:\Users\iTunes Test\Documents]

01/03/2013 03:19 PM <JUNCTION> NetHood [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Network Shortcuts]

01/03/2013 03:19 PM <JUNCTION> PrintHood [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]

01/03/2013 03:19 PM <JUNCTION> Recent [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Recent]

01/03/2013 03:19 PM <JUNCTION> SendTo [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\SendTo]

01/03/2013 03:19 PM <JUNCTION> Start Menu [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Start Menu]

01/03/2013 03:19 PM <JUNCTION> Templates [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Templates]

0 File(s) 0 bytes

Directory of C:\Users\iTunes Test\AppData\Local

01/03/2013 03:19 PM <JUNCTION> Application Data [C:\Users\iTunes Test\AppData\Local]

01/03/2013 03:19 PM <JUNCTION> History [C:\Users\iTunes Test\AppData\Local\Microsoft\Windows\History]

01/03/2013 03:19 PM <JUNCTION> Temporary Internet Files [C:\Users\iTunes Test\AppData\Local\Microsoft\Windows\Temporary Internet Files]

0 File(s) 0 bytes

Directory of C:\Users\iTunes Test\Documents

01/03/2013 03:19 PM <JUNCTION> My Music [C:\Users\iTunes Test\Music]

01/03/2013 03:19 PM <JUNCTION> My Pictures [C:\Users\iTunes Test\Pictures]

01/03/2013 03:19 PM <JUNCTION> My Videos [C:\Users\iTunes Test\Videos]

0 File(s) 0 bytes

Directory of C:\Users\Public\Documents

07/13/2009 10:53 PM <JUNCTION> My Music [C:\Users\Public\Music]

07/13/2009 10:53 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]

07/13/2009 10:53 PM <JUNCTION> My Videos [C:\Users\Public\Videos]

0 File(s) 0 bytes

Total Files Listed:

0 File(s) 0 bytes

61 Dir(s) 334,913,576,960 bytes free

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >

[2011/04/22 06:16:49 | 000,000,221 | -HS- | M] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-12-12 09:05:48

========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:B7CDF4DB

< End of report >

OTL Extras logfile created on: 1/4/2014 10:09:05 AM - Run 1