Various programs installed; computer not running good performance
OTL
OTL logfile created on: 1/4/2014 10:09:05 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ChristiB\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.45 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 42.55% Memory free
3.65 Gb Paging File | 1.53 Gb Available in Paging File | 41.95% Paging File free
Paging file location(s): c:\pagefile.sys 200 2998 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.93 Gb Total Space | 312.02 Gb Free Space | 68.44% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 405.33 Gb Free Space | 43.51% Space Free | Partition Type: NTFS
Computer Name: CHRISTIB-PC | User Name: ChristiB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\ChristiB\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\ChristiB\Downloads\HiJackThis.exe (Trend Micro Inc.)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
PRC - C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe (Apple Inc.)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe (RealNetworks, Inc.)
PRC - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft MapPoint 2011\StreetsOlkShim.exe (Microsoft)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\libglesv2.dll ()
MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\libegl.dll ()
MOD - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll ()
MOD - C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\Microsoft Office\Office14\OUTLCTL.DLL ()
MOD - C:\Windows\System32\wxvault.dll ()
========== Services (SafeList) ==========
SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found
SRV - (CAATT) -- C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe /n CAATT File not found
SRV - (ATTRcAppSvc) -- C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe /n ATTRcAppSvc File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (IEEtwCollectorService) -- C:\Windows\System32\IEEtwCollector.exe (Microsoft Corporation)
SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (LeapFrog Connect Device Service) -- C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc.)
SRV - (Web Assistant Updater) -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV - (DTSRVC) -- C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe ()
SRV - (SMManager) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe (Smith Micro Software, Inc.)
SRV - (IAANTMON) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\stacsv.exe (IDT, Inc.)
SRV - (dcpsysmgrsvc) -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe (Dell Inc.)
SRV - (PdiService) -- C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Portrait Displays, Inc.)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (Credential Vault Host Storage) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation)
SRV - (Credential Vault Host Control Service) -- C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation)
SRV - (TdmService) -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.)
SRV - (SecureStorageService) -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.)
SRV - (buttonsvc32) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe (Dell Inc.)
SRV - (tcsd_win32.exe) -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe ()
SRV - (LBTServ) -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
========== Driver Services (SafeList) ==========
DRV - (tcpipBM) -- C:\Windows\system32\drivers\tcpipBM.sys File not found
DRV - (PCTINDIS5) -- C:\Windows\system32\PCTINDIS5.SYS File not found
DRV - (NvtSp50) -- System32\Drivers\NvtSp50.sys File not found
DRV - (MpKsled7b911f) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{839E37A1-6B14-45E1-A06B-DF2AC1E063AE}\MpKsled7b911f.sys File not found
DRV - (MpKslcde7d9f5) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5414B5DA-1541-4075-AF39-38D77F94074E}\MpKslcde7d9f5.sys File not found
DRV - (MpKslbc4c2182) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FE612EBE-E197-48DD-959D-72CA3B283B47}\MpKslbc4c2182.sys File not found
DRV - (MpKsl9332f2a5) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FE612EBE-E197-48DD-959D-72CA3B283B47}\MpKsl9332f2a5.sys File not found
DRV - (MpKsl9113aa39) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8A99B91A-1326-4886-BF89-BBA3122128AF}\MpKsl9113aa39.sys File not found
DRV - (MpKsl8d329cfd) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FE612EBE-E197-48DD-959D-72CA3B283B47}\MpKsl8d329cfd.sys File not found
DRV - (MpKsl6baef586) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7C71B285-904C-4FD6-AC89-B2DDDC12CC57}\MpKsl6baef586.sys File not found
DRV - (MpKsl575be974) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C0D7941C-B1EF-4971-8F58-F4397E782FEF}\MpKsl575be974.sys File not found
DRV - (MpKsl49c395f4) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5CE8F995-C65E-4E0C-A503-A1521A11F009}\MpKsl49c395f4.sys File not found
DRV - (MpKsl315d7f7b) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC67A18E-AF96-4B94-B9E9-371F0114F100}\MpKsl315d7f7b.sys File not found
DRV - (MpKsl063bae14) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DC1B7ACA-0E24-4F17-9420-C3641F3C3463}\MpKsl063bae14.sys File not found
DRV - (MpKsl054aed27) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36FC2FDB-22BF-450F-AF6A-1E513DF3CB2C}\MpKsl054aed27.sys File not found
DRV - (lmimirr) -- system32\DRIVERS\lmimirr.sys File not found
DRV - (catchme) -- C:\Users\ChristiB\AppData\Local\Temp\catchme.sys File not found
DRV - (BMLoad) -- system32\drivers\BMLoad.sys File not found
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (FNETTHJM_152D) -- C:\Windows\System32\drivers\fnetthjm_152D.sys (FNet Co., Ltd.)
DRV - (e1yexpress) -- C:\Windows\System32\drivers\e1y6232.sys (Intel Corporation)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (vpcuxd) -- C:\Windows\System32\drivers\vpcuxd.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (Netaapl) -- C:\Windows\System32\drivers\netaapl.sys (Apple Inc.)
DRV - (BCM42RLY) -- C:\Windows\System32\drivers\bcm42rly.sys (Broadcom Corporation)
DRV - (Leapfrog-USBLAN) -- C:\Windows\System32\drivers\btblan.sys (Belcarra Technologies)
DRV - (SSLDrv) -- C:\Windows\System32\drivers\SSLDrv.sys (Cavium Networks)
DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.)
DRV - (USBPNPA) -- C:\Windows\System32\drivers\CM108.sys (C-Media Electronics Inc)
DRV - (SWNC8U12) -- C:\Windows\System32\drivers\swnc8u12.sys (Sierra Wireless Inc.)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (WavxDMgr) -- C:\Windows\System32\drivers\WavxDMgr.sys (Wave Systems Corp.)
DRV - (swumx12) -- C:\Windows\System32\drivers\swumx12.sys (Sierra Wireless Inc.)
DRV - (PdiPorts) -- C:\Windows\System32\drivers\PdiPorts.sys (Portrait Displays, Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (acpials) -- C:\Windows\System32\drivers\acpials.sys (Microsoft Corporation)
DRV - (rixdpcie) -- C:\Windows\System32\drivers\rixdpe86.sys (REDC)
DRV - (rimspci) -- C:\Windows\System32\drivers\rimspe86.sys (REDC)
DRV - (risdpcie) -- C:\Windows\System32\drivers\risdpe86.sys (REDC)
DRV - (cvusbdrv) -- C:\Windows\System32\drivers\cvusbdrv.sys (Broadcom Corporation)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (HECI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel® Corporation)
DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows ® Codename Longhorn DDK provider)
DRV - (PBADRV) -- C:\Windows\System32\drivers\PBADRV.sys (Dell Inc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\ChristiB\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {19747E20-062B-4A42-A97E-D231A90BE1D7}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Conduit Search"
FF - prefs.js..extensions.enabledAddons: %7B6e84150a-d526-41f1-a480-a67d3fed910d%7D:1.5.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.update: false
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.3: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.3.51: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ChristiB\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ChristiB\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ChristiB\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ChristiB\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/15 15:04:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/06/05 17:11:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}: C:\Program Files\Updater By SweetPacks\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/09/26 14:03:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/09/26 14:03:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/06/19 19:19:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/18 12:01:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/15 15:04:42 | 000,000,000 | ---D | M]
[2012/06/22 12:47:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Extensions
[2014/01/04 09:23:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\extensions
[2014/01/02 18:00:11 | 000,000,000 | ---D | M] (Value Apps) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd}
[2012/06/08 09:45:59 | 000,000,000 | ---D | M] (wxDfast) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\extensions\4fce8fe742a1f@4fce8fe742a58.info
[2013/01/26 15:00:59 | 000,003,958 | ---- | M] () (No name found) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\extensions\{062c9079-db58-4492-8589-ca90cd00a2d1}.xpi
[2013/03/24 20:09:53 | 000,111,028 | ---- | M] () (No name found) -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}.xpi
[2014/01/04 09:21:40 | 000,000,861 | ---- | M] () -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\searchplugins\conduit-search.xml
[2012/06/05 17:11:15 | 000,002,203 | ---- | M] () -- C:\Users\ChristiB\AppData\Roaming\Mozilla\Firefox\Profiles\ba9i760v.default\searchplugins\MyStart Search.xml
[2013/06/19 19:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/06/19 19:18:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2013/06/19 19:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/06/19 19:19:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/23 20:36:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions
[2013/12/23 20:36:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2013/12/23 20:36:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions
[2013/12/23 20:37:19 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/09/26 14:02:30 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2011/03/23 06:24:21 | 000,005,529 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00C2\u2122 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\ChristiB\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\ChristiB\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: Google Docs = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Bookmark Sentry (scanner) = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdglbbcbmgnimogcmcdenggkpdmihlga\1.7.18_0\
CHR - Extension: wxDfast = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgheeokdipjeglcbeilamhlkegaiponb\1.0_0\
CHR - Extension: YouTube = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Web Assistant = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\
CHR - Extension: iCloud Bookmarks = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.2.12_0\
CHR - Extension: RealDownloader = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0\
CHR - Extension: Value apps = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcnnhcneegeeojhgpfijnlnocjdmlaon\1.0.0_0\
CHR - Extension: Google Wallet = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\ChristiB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/01/04 09:25:51 | 000,449,836 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15467 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll File not found
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll File not found
O3 - HKLM\..\Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Cm108Sound] RunDll32 cm108.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon] C:\Users\ChristiB\AppData\Roaming\ValueApps\CH\TBVerifier.dll (Conduit Ltd.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - HKLM..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f File not found
O4 - Startup: C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Export to Microsoft Excel - res://C:\Program Files\Microsoft Office\OFFICE12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: 1sync.org ([item.prod] https in Trusted sites)
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: dns-ok.us ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: dns-ok.us ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: doesntexist.com ([fishinco] https in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([mail] https in Trusted sites)
O15 - HKCU\..Trusted Domains: google.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: gotomeeting.com ([www1] https in Trusted sites)
O15 - HKCU\..Trusted Domains: ieframe.dll ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: imdb.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: logmein.com ([secure] https in Trusted sites)
O15 - HKCU\..Trusted Domains: metrolyrics.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: npr.org ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: pandora.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: pandora.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: showmypc.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: showmypc.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: signupsecurity.com ([secure] https in Trusted sites)
O15 - HKCU\..Trusted Domains: wal-mart.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: wal-mart.com ([coman] https in Trusted sites)
O15 - HKCU\..Trusted Domains: wal-mart.com ([retaillink] https in Trusted sites)
O15 - HKCU\..Trusted Domains: wal-mart.com ([rllogin] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{29465F31-6103-4BD7-B2E6-6C1F1FD0ABC1}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36C51CBC-060C-48AE-ACDA-7D1F0DCF4383}: DhcpNameServer = 172.16.206.215 172.16.206.215
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{790B665E-3AD4-4D0E-9DBF-6C4692B10A23}: NameServer = 172.16.206.215 172.16.206.215
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD12F98D-1D60-45EC-99A6-686024840D22}: NameServer = 172.16.206.215 172.16.206.215
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCE835DB-CE42-49B0-9139-6FD2562B548E}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\lvcodec2.dll (Logitech Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/01/02 18:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2014/01/02 18:00:16 | 000,000,000 | ---D | C] -- C:\Users\ChristiB\AppData\Roaming\ValueApps
[2014/01/02 17:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter
[2014/01/02 17:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\InstallConverter
[2013/12/16 14:11:04 | 000,000,000 | ---D | C] -- C:\Users\ChristiB\AppData\Local\{EB3A4E83-FC3D-4514-94E0-D379D4D37336}
[2013/12/12 14:29:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2013/12/12 03:05:25 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/12/12 03:05:25 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/12/12 03:05:24 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/12/12 03:05:24 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/12/12 03:05:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2013/12/12 03:05:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/12/12 03:05:23 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2013/12/12 03:05:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/12/12 03:05:23 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/12/12 03:05:22 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/12/12 03:05:22 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2013/12/12 03:05:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2013/12/12 03:05:20 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/12/12 03:05:18 | 004,243,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/12/12 03:01:28 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2013/12/11 03:08:44 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/12/11 03:08:43 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/12/11 03:08:42 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/12/11 03:08:39 | 002,349,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/12/11 03:08:39 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013/12/11 03:08:38 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/01/04 10:06:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2009092001-3919513084-3943380105-1000UA.job
[2014/01/04 09:58:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/04 09:25:51 | 000,449,836 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/01/04 09:23:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/04 09:15:08 | 000,020,720 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/04 09:15:08 | 000,020,720 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/04 09:12:27 | 000,369,760 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/04 09:12:27 | 000,061,900 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/04 09:09:47 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/04 09:09:45 | 000,000,416 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro startups.job
[2014/01/04 09:08:02 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2014/01/04 09:08:02 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2009092001-3919513084-3943380105-1000Core.job
[2014/01/04 09:07:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/04 09:07:49 | 2780,745,728 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/03 13:47:00 | 000,000,444 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro Updates.job
[2014/01/03 10:45:57 | 000,352,256 | ---- | M] () -- C:\Users\ChristiB\Documents\Christi iCloud Calendar.mdb
[2014/01/03 10:45:57 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/01/03 10:45:35 | 000,013,044 | ---- | M] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft Access 97-2003.CAL
[2014/01/02 17:59:38 | 000,001,916 | ---- | M] () -- C:\Users\Public\Desktop\InstallConverter.lnk
[2013/12/29 16:40:02 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/12/29 16:40:02 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/12/27 11:21:27 | 000,027,872 | ---- | M] () -- C:\Windows\UninstallVTPassage.exe
[2013/12/27 11:21:27 | 000,018,656 | ---- | M] (Cavium Networks) -- C:\Windows\ssldrv.sys
[2013/12/27 11:21:27 | 000,010,670 | ---- | M] () -- C:\Windows\ssldrv.cat
[2013/12/24 06:12:30 | 000,000,971 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/12/17 13:59:43 | 000,195,837 | ---- | M] () -- C:\Users\ChristiB\Documents\HoJo Receipt.pdf
[2013/12/12 03:23:03 | 000,465,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/12/12 03:05:39 | 004,243,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/12/12 03:05:39 | 001,928,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/12/12 03:05:39 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2013/12/12 03:05:39 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/12/12 03:05:39 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2013/12/12 03:05:39 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2013/12/12 03:05:39 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/12/12 03:05:39 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2013/12/12 03:05:38 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/12/12 03:05:38 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2013/12/12 03:05:38 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/12/12 03:05:38 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013/12/12 03:05:38 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013/12/12 03:05:38 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013/12/12 03:04:51 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/12/12 03:04:48 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2013/12/12 03:04:44 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2013/12/12 03:04:35 | 002,349,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/12/12 03:01:39 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2013/12/09 07:34:55 | 000,031,107 | ---- | M] () -- C:\Users\ChristiB\Desktop\Twila Heart of Christmas.png
[2013/12/05 20:14:02 | 000,206,762 | ---- | M] () -- C:\Users\ChristiB\Desktop\Charter Speed Test 12-05-13.png
[4 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/01/03 10:45:01 | 000,013,044 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft Access 97-2003.CAL
[2014/01/03 10:44:52 | 000,352,256 | ---- | C] () -- C:\Users\ChristiB\Documents\Christi iCloud Calendar.mdb
[2014/01/02 17:59:38 | 000,001,916 | ---- | C] () -- C:\Users\Public\Desktop\InstallConverter.lnk
[2013/12/17 13:59:43 | 000,195,837 | ---- | C] () -- C:\Users\ChristiB\Documents\HoJo Receipt.pdf
[2013/12/09 07:34:55 | 000,031,107 | ---- | C] () -- C:\Users\ChristiB\Desktop\Twila Heart of Christmas.png
[2013/12/05 20:14:02 | 000,206,762 | ---- | C] () -- C:\Users\ChristiB\Desktop\Charter Speed Test 12-05-13.png
[2013/09/04 09:05:33 | 000,102,248 | ---- | C] () -- C:\Users\ChristiB\GoToAssistDownloadHelper.exe
[2013/05/16 09:11:00 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2012/12/24 14:23:41 | 000,552,960 | -H-- | C] () -- C:\Windows\System32\Cmeau108.exe
[2012/12/24 14:23:41 | 000,143,360 | -H-- | C] () -- C:\Windows\Vmix108.dll
[2012/12/24 14:23:41 | 000,000,237 | ---- | C] () -- C:\Windows\Cm108.ini.cfl
[2012/12/24 14:23:38 | 000,303,104 | -H-- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2012/12/24 14:23:38 | 000,007,055 | ---- | C] () -- C:\Windows\Cm108.ini.imi
[2012/12/24 14:23:38 | 000,002,029 | -H-- | C] () -- C:\Windows\Cm108.ini.cfg
[2012/12/24 14:23:37 | 000,001,151 | -H-- | C] () -- C:\Windows\_cm108.ini
[2012/12/24 14:23:37 | 000,001,102 | -H-- | C] () -- C:\Windows\cm108.ini
[2012/07/30 12:34:17 | 000,130,890 | ---- | C] () -- C:\Windows\hpoins18.dat
[2012/07/10 19:07:22 | 000,000,600 | ---- | C] () -- C:\Users\ChristiB\PUTTY.RND
[2012/06/22 13:26:24 | 000,005,115 | ---- | C] () -- C:\Windows\wininit.ini
[2012/06/22 12:54:35 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2012/06/05 17:16:30 | 000,000,953 | ---- | C] () -- C:\Users\ChristiB\wxDownloadFast.ini
[2012/05/04 08:12:31 | 000,038,438 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Comma Separated Values (DOS).ADR
[2012/05/04 08:10:16 | 000,011,413 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Comma Separated Values (DOS).TSK
[2012/05/03 15:01:40 | 000,012,964 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Comma Separated Values (DOS).CAL
[2011/07/07 11:14:37 | 000,012,963 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft Excel 97-2003.CAL
[2011/03/14 07:42:42 | 000,000,600 | ---- | C] () -- C:\Users\ChristiB\AppData\Local\PUTTY.RND
[2010/12/26 17:12:39 | 000,022,711 | ---- | C] () -- C:\Users\ChristiB\Resetting Belkin Router.pdf
[2010/11/02 10:25:31 | 000,038,502 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2010/02/20 11:14:29 | 000,039,019 | ---- | C] () -- C:\Users\ChristiB\AppData\Roaming\Comma Separated Values (Windows).ADR
[2010/02/13 08:35:41 | 000,007,605 | ---- | C] () -- C:\Users\ChristiB\AppData\Local\resmon.resmoncfg
[2010/02/08 17:02:05 | 000,000,000 | ---- | C] () -- C:\Users\ChristiB\AppData\Local\WavXMapDrive.bat
========== ZeroAccess Check ==========
[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/09/11 02:03:41 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/11/30 13:19:35 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\.minecraft
[2013/03/24 21:05:32 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Azureus
[2010/02/08 17:02:04 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Broadcom
[2010/10/22 06:37:02 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Bytemobile
[2012/11/12 16:31:07 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/09/19 11:48:44 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Decipher Media
[2011/12/21 14:07:37 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\DisplayTune
[2010/10/29 09:02:53 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Leadertech
[2010/11/22 16:46:48 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\NetDrive
[2012/12/21 17:54:50 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\OpenCandy
[2012/05/10 06:30:51 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\OpenOffice.org
[2011/03/13 15:41:01 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\TightVNC
[2014/01/02 18:00:16 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\ValueApps
[2010/02/08 17:02:05 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\Wave Systems Corp
[2012/08/17 09:06:35 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\webex
[2010/12/04 13:56:29 | 000,000,000 | ---D | M] -- C:\Users\ChristiB\AppData\Roaming\WindSolutions
========== Purity Check ==========
========== Custom Scans ==========
< %USERPROFILE%\..|smtmp;true;true;true /FP >
< %temp%\smtmp\*.* /s > >
< MD5 for: EXPLORER.ADML >
[2009/07/13 20:07:10 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\PolicyDefinitions\en-US\Explorer.adml
[2009/07/13 20:07:10 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\x86_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_22d6d5b5cba907ce\Explorer.adml
< MD5 for: EXPLORER.ADMX >
[2009/06/10 15:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\PolicyDefinitions\Explorer.admx
[2009/06/10 15:34:46 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\x86_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_1590ffd752297581\Explorer.admx
< MD5 for: EXPLORER.EXE >
[2010/02/02 21:53:02 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_523cdab8f40fe558\explorer.exe
[2011/02/25 23:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 19:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/25 23:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/30 23:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/25 23:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 06:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/24 23:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2010/02/02 21:53:05 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2010/02/02 21:53:05 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 00:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2010/02/02 21:53:02 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_51c00e6ddae85c4b\explorer.exe
< MD5 for: EXPLORER.EXE.MUI >
[2009/07/13 20:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\en-US\explorer.exe.mui
[2009/07/13 20:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\x86_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_05c8dd40d4f56065\explorer.exe.mui
< MD5 for: EXPLORER.EXE-D5E97654.PF >
[2014/01/04 09:11:08 | 000,099,384 | ---- | M] () MD5=8F680328BCE127E3F1D4871D84EF184A -- C:\Windows\Prefetch\EXPLORER.EXE-D5E97654.pf
< MD5 for: IEXPLORE.EXE >
[2012/06/14 02:01:14 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_b12560b1c817cfde\iexplore.exe
[2013/06/12 02:00:55 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_ba6545dc65e543de\iexplore.exe
[2010/09/07 22:36:39 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=14803EA3E5DD7CB37CB446C74CFDA38F -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20795_none_b3c5cc459f4108f2\iexplore.exe
[2012/09/22 02:01:00 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_b1148f09c82553c5\iexplore.exe
[2012/05/17 16:59:46 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=268982F1FD671A077C6A2AF41E351436 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_b19f2c1ee1420ce6\iexplore.exe
[2012/11/16 03:01:46 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_b119907bc820d278\iexplore.exe
[2013/06/11 22:41:27 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=2A5F565327BFD679EC5F790DC15BBF25 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_a38ffdc27f91d847\iexplore.exe
[2009/07/13 19:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_b346f9b4861b55c2\iexplore.exe
[2013/07/11 02:06:58 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_ba672fa865e3902d\iexplore.exe
[2013/04/11 02:03:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_b104f0edc83023b1\iexplore.exe
[2012/07/11 05:45:22 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16447_none_b12660fbc816e935\iexplore.exe
[2013/09/11 02:04:24 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_ba6c1a5265df2881\iexplore.exe
[2013/05/16 19:57:28 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=3902E280F6117A468D5573343A7AA1F6 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_a38c5d6c7f953fa9\iexplore.exe
[2013/05/15 02:07:42 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=3F00BE80B9CEA20B7FE7363D15EDDB94 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16483_none_b0f72023c83af39d\iexplore.exe
[2013/02/21 22:10:31 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=4145E2B5663F6FACC08EFDB17B658BB2 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_b183bdcce155df6c\iexplore.exe
[2013/08/09 23:13:42 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=48A1306191216997F717C451B8D15139 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_a394d1a47f8d8a3c\iexplore.exe
[2010/11/03 23:54:54 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=58CF468D3FF4CF830339FE5E45356355 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16700_none_b3987f3a85deec23\iexplore.exe
[2010/09/07 22:31:24 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=61EDBCE47ADF3E52AB0B9F49EE4AEBB8 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16671_none_b34dce2a8616cbea\iexplore.exe
[2012/08/24 01:49:25 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=62188720CE27B982B4285C03163C9FB3 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20557_none_b1a52ddae13ca4f0\iexplore.exe
[2013/02/14 03:03:36 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_b10dc045c829d512\iexplore.exe
[2010/11/03 23:54:59 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=6B2258FF6D2332073FE9E90122FA4168 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20831_none_b402ac8b9f13f917\iexplore.exe
[2013/08/15 02:01:22 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_ba6aa26e65e05c0d\iexplore.exe
[2011/06/01 17:43:47 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_b135ff17c80c1949\iexplore.exe
[2010/12/17 23:32:25 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=9321CF0D023528C71E3645F8433C86C8 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20861_none_b3e23cc79f2c4cea\iexplore.exe
[2012/08/16 02:01:13 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_b1276145c816028c\iexplore.exe
[2013/10/12 01:16:06 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9DFE1678738DD968D7BA5559B52706D1 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_a384a5267f9a8dfe\iexplore.exe
[2013/02/01 22:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_b17dbc10e15b4762\iexplore.exe
[2010/12/17 23:33:54 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=AA08B68EF4E35EFA170CF85A44B23B70 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16722_none_b384dff685ed56b3\iexplore.exe
[2013/05/25 02:01:35 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_ba75e9f465d7f339\iexplore.exe
[2011/02/23 23:45:11 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=AB2BB40A5FE49AD236791AC22BD08869 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20908_none_b42a203b9ef553cc\iexplore.exe
[2009/04/20 12:56:28 | 000,031,232 | ---- | M] (NirSoft) MD5=AE72E8619CB31D84DA25E2435E55003C -- C:\cf\iexplore.exe
[2012/12/13 03:03:24 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=B201AF83DF2E85323E29EB83E4046810 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_b11b910fc81f0526\iexplore.exe
[2012/06/02 02:51:58 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=BE967C74B89577B78FB57C061E12B04C -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20553_none_b1a12cb2e1403f94\iexplore.exe
[2013/04/04 15:55:02 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=C036AB1ED8BAC04FE4A349BA263077BB -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20593_none_b175ed02e160af58\iexplore.exe
[2012/11/15 21:08:47 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=C0BA71C1B3FB6E3DD432FF3CCAEBDC62 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_b1985d5ae1468e33\iexplore.exe
[2010/11/20 06:22:51 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_b5780d7c8309d95c\iexplore.exe
[2011/02/23 23:32:52 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C6697A46554E36541E81182B258A19D6 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16766_none_b35da16e860a2bd3\iexplore.exe
[2013/11/26 03:01:16 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Program Files\Internet Explorer\iexplore.exe
[2013/11/26 03:01:16 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_1eeed3e40a768844\iexplore.exe
[2012/10/08 02:22:05 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=CECB15F834FC2B4B150449717ADE18DD -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_b1955c7ce149422e\iexplore.exe
[2013/10/09 02:07:22 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_ba5bba9265ec2c43\iexplore.exe
[2013/11/14 03:03:41 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_ba5c48f465ebc5bf\iexplore.exe
[2013/09/22 18:01:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=DB352EBF77E8655E0C46B6923F3C9950 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_a38444547f9ac140\iexplore.exe
[2013/03/14 02:01:31 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_b0feef31c8358ba7\iexplore.exe
[2013/07/25 23:09:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=E70D60B3A350BD09D86CDAD9CF55F36B -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_a39175a67f90a4bb\iexplore.exe
[2012/06/28 17:35:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=EB4105348272018D096FEB655CD1608C -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_b1a22cfce13f58eb\iexplore.exe
[2013/01/08 15:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\x86_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_b18b8cdae1507776\iexplore.exe
< MD5 for: IEXPLORE.EXE.MUI >
[2013/11/26 03:01:16 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/11/26 03:01:16 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_189b695b4223c92b\iexplore.exe.mui
[2011/06/01 17:43:47 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_aae2948effb95a30\iexplore.exe.mui
[2013/05/25 02:01:35 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_b41defe19d893548\iexplore.exe.mui
[2009/07/13 20:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_acf38f2bbdc896a9\iexplore.exe.mui
[2009/07/13 20:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\x86_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_af24a2f3bab71a43\iexplore.exe.mui
< MD5 for: IEXPLORE.EXE-058FE8F5.PF >
[2014/01/04 09:55:31 | 000,175,390 | ---- | M] () MD5=E098066AB45E1B4BA780555F67EDF0F8 -- C:\Windows\Prefetch\IEXPLORE.EXE-058FE8F5.pf
< MD5 for: SERVICES >
[2009/06/10 15:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\System32\drivers\etc\services
[2009/06/10 15:39:37 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_045b589158ae90da\services
< MD5 for: SERVICES.EXE >
[2009/07/13 19:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009/07/13 19:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 20:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\System32\en-US\services.exe.mui
[2009/07/13 20:03:06 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=0DA5F221169DEB5AC3A22465CD6F0281 -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_69d39d3a8748c332\services.exe.mui
< MD5 for: SERVICES.LNK >
[2009/07/13 22:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 22:41:45 | 000,001,288 | ---- | M] () MD5=021B1B178776500E54560EDCFFE0EE21 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOF >
[2009/06/10 15:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2009/06/10 15:26:14 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.mof
< MD5 for: SERVICES.MSC >
[2009/07/13 20:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2009/07/13 20:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 15:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc
< MD5 for: SERVICES.PTXML >
[2009/07/13 14:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\System32\wdi\perftrack\Services.ptxml
[2009/07/13 14:20:01 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\Services.ptxml
< MD5 for: SERVICES.RDB >
[2012/08/13 10:51:02 | 000,178,348 | ---- | M] () MD5=039C8CFBD74EE07F38CD9E4C7D95C5C6 -- C:\Program Files\OpenOffice.org 3\Basis\program\services.rdb
[2012/08/13 10:51:02 | 000,000,453 | ---- | M] () MD5=3D2ADA15FEF5B5FF468243161543D610 -- C:\Program Files\OpenOffice.org 3\program\services.rdb
[2012/08/10 15:12:16 | 000,008,060 | ---- | M] () MD5=7CA7D7150EC46321162F932ADCF5F35B -- C:\Program Files\OpenOffice.org 3\URE\misc\services.rdb
< MD5 for: SERVICES.SBS >
[2013/07/16 12:21:30 | 000,034,818 | ---- | M] () MD5=E2ACBC77020C8D5CE97CA61D0D859A44 -- C:\Program Files\Spybot - Search & Destroy\Includes\Services.sbs
< MD5 for: WINLOGON.ADML >
[2009/07/13 20:05:00 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\PolicyDefinitions\en-US\WinLogon.adml
[2009/07/13 20:05:00 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_94da67ab3e358f3a\WinLogon.adml
< MD5 for: WINLOGON.ADMX >
[2009/06/10 15:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\PolicyDefinitions\WinLogon.admx
[2009/06/10 15:43:18 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_7ae3b2e5da95d117\WinLogon.admx
< MD5 for: WINLOGON.EXE >
[2009/10/28 00:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/27 23:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 06:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 06:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 19:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
< MD5 for: WINLOGON.EXE.MUI >
[2010/11/20 06:12:53 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=65C2C2EE8F334EE07F66876551DE1827 -- C:\Windows\System32\en-US\winlogon.exe.mui
[2010/11/20 06:12:53 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=65C2C2EE8F334EE07F66876551DE1827 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_ccfffb7662588b45\winlogon.exe.mui
[2009/07/13 20:05:28 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=DB61D28A59DEE68F77811B291D83AD1B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7600.16385_en-us_cacee7ae656a07ab\winlogon.exe.mui
< MD5 for: WINLOGON.MFL >
[2009/07/13 20:09:40 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\System32\wbem\en-US\winlogon.mfl
[2009/07/13 20:09:40 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_2891397980a26140\winlogon.mfl
< MD5 for: WINLOGON.MOF >
[2009/07/13 14:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\System32\wbem\winlogon.mof
[2009/07/13 14:37:34 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\x86_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_800f1ff3d73b72d9\winlogon.mof
< %SYSTEMDRIVE%\*.* >
[2011/02/15 11:36:30 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011/05/04 04:36:09 | 000,020,580 | ---- | M] () -- C:\1020.log
[2009/06/10 15:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/06/10 15:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/02/02 21:54:56 | 000,004,906 | RH-- | M] () -- C:\dell.sdr
[2014/01/04 09:07:49 | 2780,745,728 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/22 13:28:29 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/03/29 12:09:59 | 1368,072,344 | ---- | M] () -- C:\MP2011.exe
[2012/06/22 13:28:29 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/09/02 10:00:18 | 000,164,940 | ---- | M] () -- C:\ndsvc.log
[2014/01/04 09:07:55 | 209,715,200 | -HS- | M] () -- C:\pagefile.sys
[2012/03/15 09:12:44 | 000,000,510 | ---- | M] () -- C:\settings.ini
[2012/06/05 17:11:40 | 000,000,454 | ---- | M] () -- C:\user.js
< %systemroot%\Fonts\*.com >
[2009/07/13 22:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 22:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 22:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 22:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2009/06/10 15:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/07/13 19:15:26 | 000,280,064 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\hpzppw71.dll
[2009/07/13 19:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2010/07/09 07:31:14 | 000,082,184 | ---- | M] (Microsoft Corporation.) -- C:\Windows\system32\spool\prtprocs\w32x86\lmdippr8.dll
[2010/11/20 06:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2012/03/08 17:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
< %systemroot%\*._sy >
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
[2013/01/26 15:15:03 | 000,001,702 | -HS- | M] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft\LastFlashConfig.wfc
< %PROGRAMFILES%\*.* >
[2009/07/13 22:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
[2012/04/20 10:10:39 | 003,723,881 | ---- | M] () -- C:\Program Files\ShilohQuickSQL7617.xls
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is 9434-A400
Directory of C:\
07/13/2009 10:53 PM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
07/13/2009 10:53 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 10:53 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 10:53 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 10:53 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 10:53 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 10:53 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/13/2009 10:53 PM <SYMLINKD> All Users [C:\ProgramData]
07/13/2009 10:53 PM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/13/2009 10:53 PM <JUNCTION> Application Data [C:\ProgramData]
07/13/2009 10:53 PM <JUNCTION> Desktop [C:\Users\Public\Desktop]
07/13/2009 10:53 PM <JUNCTION> Documents [C:\Users\Public\Documents]
07/13/2009 10:53 PM <JUNCTION> Favorites [C:\Users\Public\Favorites]
07/13/2009 10:53 PM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 10:53 PM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\ChristiB
02/08/2010 05:01 PM <JUNCTION> PrintHood [C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/08/2010 05:01 PM <JUNCTION> Recent [C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\Recent]
02/08/2010 05:01 PM <JUNCTION> SendTo [C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\SendTo]
02/08/2010 05:01 PM <JUNCTION> Start Menu [C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\Start Menu]
02/08/2010 05:01 PM <JUNCTION> Templates [C:\Users\ChristiB\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\ChristiB\AppData\Local
02/08/2010 05:01 PM <JUNCTION> Application Data [C:\Users\ChristiB\AppData\Local]
02/08/2010 05:01 PM <JUNCTION> History [C:\Users\ChristiB\AppData\Local\Microsoft\Windows\History]
02/08/2010 05:01 PM <JUNCTION> Temporary Internet Files [C:\Users\ChristiB\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\ChristiB\Documents
02/08/2010 05:01 PM <JUNCTION> My Music [C:\Users\ChristiB\Music]
02/08/2010 05:01 PM <JUNCTION> My Pictures [C:\Users\ChristiB\Pictures]
02/08/2010 05:01 PM <JUNCTION> My Videos [C:\Users\ChristiB\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/13/2009 10:53 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009 10:53 PM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009 10:53 PM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
07/13/2009 10:53 PM <JUNCTION> My Documents [C:\Users\Default\Documents]
07/13/2009 10:53 PM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009 10:53 PM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009 10:53 PM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009 10:53 PM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009 10:53 PM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009 10:53 PM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/13/2009 10:53 PM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
07/13/2009 10:53 PM <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009 10:53 PM <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/13/2009 10:53 PM <JUNCTION> My Music [C:\Users\Default\Music]
07/13/2009 10:53 PM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
07/13/2009 10:53 PM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\iTunes Test
01/03/2013 03:19 PM <JUNCTION> Application Data [C:\Users\iTunes Test\AppData\Roaming]
01/03/2013 03:19 PM <JUNCTION> Cookies [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Cookies]
01/03/2013 03:19 PM <JUNCTION> Local Settings [C:\Users\iTunes Test\AppData\Local]
01/03/2013 03:19 PM <JUNCTION> My Documents [C:\Users\iTunes Test\Documents]
01/03/2013 03:19 PM <JUNCTION> NetHood [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/03/2013 03:19 PM <JUNCTION> PrintHood [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/03/2013 03:19 PM <JUNCTION> Recent [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Recent]
01/03/2013 03:19 PM <JUNCTION> SendTo [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\SendTo]
01/03/2013 03:19 PM <JUNCTION> Start Menu [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Start Menu]
01/03/2013 03:19 PM <JUNCTION> Templates [C:\Users\iTunes Test\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\iTunes Test\AppData\Local
01/03/2013 03:19 PM <JUNCTION> Application Data [C:\Users\iTunes Test\AppData\Local]
01/03/2013 03:19 PM <JUNCTION> History [C:\Users\iTunes Test\AppData\Local\Microsoft\Windows\History]
01/03/2013 03:19 PM <JUNCTION> Temporary Internet Files [C:\Users\iTunes Test\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\iTunes Test\Documents
01/03/2013 03:19 PM <JUNCTION> My Music [C:\Users\iTunes Test\Music]
01/03/2013 03:19 PM <JUNCTION> My Pictures [C:\Users\iTunes Test\Pictures]
01/03/2013 03:19 PM <JUNCTION> My Videos [C:\Users\iTunes Test\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/13/2009 10:53 PM <JUNCTION> My Music [C:\Users\Public\Music]
07/13/2009 10:53 PM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
07/13/2009 10:53 PM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
61 Dir(s) 334,913,576,960 bytes free
< %systemroot%\System32\config\*.sav >
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/04/22 06:16:49 | 000,000,221 | -HS- | M] () -- C:\Users\ChristiB\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
< %USERPROFILE%\Desktop\*.exe >
< %PROGRAMFILES%\Common Files\*.* >
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-12-12 09:05:48
========== Alternate Data Streams ==========
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:B7CDF4DB
< End of report >
OTL Extras logfile created on: 1/4/2014 10:09:05 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ChristiB\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.45 Gb Total Physical Memory | 1.47 Gb Available Physical Memory | 42.55% Memory free
3.65 Gb Paging File | 1.53 Gb Available in Paging File | 41.95% Paging File free
Paging file location(s): c:\pagefile.sys 200 2998 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.93 Gb Total Space | 312.02 Gb Free Space | 68.44% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 405.33 Gb Free Space | 43.51% Space Free | Partition Type: NTFS
Computer Name: CHRISTIB-PC | User Name: ChristiB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B24CA65-E03D-4382-9AE1-884AFA3E68C3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{0B4395EF-12C0-49D9-BB7F-7398A14774CA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0FCB019A-5959-4394-B7C8-90A4719EB186}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{15FBFF16-8E75-4BD4-8FE2-5A5AD9184344}" = lport=445 | protocol=6 | dir=in | app=system |
"{1A13B4D9-0534-4D39-B6BD-46AFD0227C6F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{1CBE6B56-32A3-41B1-AF90-C8EBD3DFDD55}" = rport=139 | protocol=6 | dir=out | app=system |
"{1CBF01EB-AC5F-4A93-BDE5-F1138A2B9DC1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1DBF12EF-80A8-41DE-B42A-09F75E6A6D8E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{254A58B9-0BC8-4D4E-991A-33C99FD1F241}" = lport=138 | protocol=17 | dir=in | app=system |
"{2C887E9E-518B-495A-9319-D6FE0C7D7986}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4227A9A3-37CF-4984-A22C-380E1A389AA8}" = rport=445 | protocol=6 | dir=out | app=system |
"{476E9786-FBB5-44FA-88B6-1F81425C2520}" = lport=443 | protocol=6 | dir=in | app=system |
"{4A0601B3-00CB-46CE-BDFD-B944EA5B61D0}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4B656E7C-6370-4C5F-834C-CBFCD2231546}" = lport=2869 | protocol=6 | dir=in | app=system |
"{54C45645-7655-4E37-A3FA-6A867F2BEB1D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5FD08F27-E053-4661-B176-2CC7D6FBFE5B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{77936DC6-3ED0-41AB-9B63-5955297B1716}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7F8663CE-647A-41C4-B0FB-7630BE933ECD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8D313597-1446-4DE3-8FA8-5F7CA4570458}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{94D2C909-56BC-481F-9335-BBED0381FF92}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95E2BFE6-6BD4-40F2-B078-6DA19B351CEB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9B494B0C-7638-481C-9301-723729FEE018}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A0F48C79-833B-498E-8A40-5213B31B160C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B9FB94C2-BCF3-4A81-AA8E-B382DC1F6ABF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{C21230A4-C2C1-44B0-8080-6C8A5D9E00E2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CBF9942B-CDA8-4DB9-9DA7-6CE77F9FECAB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD9B2669-0043-4CC6-BF4D-C578F4354326}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D86B7FBA-4607-4E77-BB05-3760F3E48207}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{DF4C7C65-D19D-4460-BCA7-A76A9130AFFA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DF505D5C-C613-4792-B08A-DA8685EB06F4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E135B763-83E8-48F1-B06F-28123733A2AA}" = rport=138 | protocol=17 | dir=out | app=system |
"{F0953EED-30D4-4140-8612-B8B11E411C15}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F2EA6C4C-490F-42CA-A563-02772046E994}" = lport=139 | protocol=6 | dir=in | app=system |
"{F42DBE64-E7C2-4828-9042-A8AAD3551AC3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F8814EC6-D833-4B76-B9BF-864924C98167}" = lport=137 | protocol=17 | dir=in | app=system |
"{F9BCFDC9-CA2F-4772-88F1-7E9CC843B37F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FD4689FB-C2FB-413F-BCE1-D6C2E97F748E}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05A562FE-C230-4FB4-BBC9-E0FCA4A89933}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{08EB1D3D-0300-4543-B1C1-ACD4A7AD72C4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0BA766D2-7C18-4EE0-A340-6CC8C49D47EB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{0C36F3F7-264D-4A04-A589-B0D77AC1D0FF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{0F746589-E227-4D9A-9980-389B3B3928CB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{173B7E4F-D040-4D57-9875-95745F3080A8}" = protocol=6 | dir=in | app=f:\vuze downloads\azureus.exe |
"{1754B462-64E7-4D24-BF18-F657C52ED950}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{180AEBEB-908E-4A43-AEE4-CCE00FED6F9E}" = protocol=6 | dir=in | app=c:\program files\macrodata inc\netdrive\ndsvc.exe |
"{1931DCB8-22CC-4166-9464-472F19C1E3F5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1B94B7CD-0E26-4CE9-AFC9-07C2D316B49A}" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"{23CC44D0-6172-4C2E-9C66-2B354F39E635}" = protocol=17 | dir=in | app=c:\program files\macrodata inc\netdrive\ndsvc.exe |
"{23EB098E-E5DE-4076-9FF4-588DE013F1EB}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{245A0EE2-1CD8-468E-99C0-A8AE554B2680}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{274E38DF-4B25-477A-A38C-3FBD4BC550BA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A12B6BB-E8E9-46FD-839B-D86413922556}" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"{33139A05-705E-4D36-8EF3-598BFFBA990A}" = protocol=17 | dir=in | app=f:\vuze downloads\azureus.exe |
"{36A7F1A1-7960-4B1F-A905-2C610BEB9357}" = protocol=17 | dir=in | app=f:\vuze downloads\azureus.exe |
"{3D16FCBA-FB73-4394-A2F7-151DC6C70F80}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{40F9D9ED-E250-406D-8362-CAA6793CA87E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4385C0B0-768B-4BD3-9F3F-3D1219B9F5E8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{49D11CBA-E6E0-4F00-955A-322827FB645E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E158E6C-7353-4BF0-AED9-1442AE434264}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{5411EF7A-5502-43C9-A95C-20DF9E22DA13}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{58383F55-0047-4CBC-A7FA-3329DCBD8989}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{59A3AD73-3A33-48DC-A9AA-EAFFE947AF4E}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{59D39D3B-5ABF-40FD-A85C-B647AFDA2933}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5D035686-1C81-4DE4-8E08-FE98E75E003E}" = protocol=6 | dir=in | app=f:\appdata\microsoft office\office14\onenote.exe |
"{6369F6E7-E90D-4E97-9AF2-901946A85531}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{6AF2B933-EF9B-46B2-9B1A-6F9D2C9ACCAC}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{70AA0C46-C2C1-43DB-AB75-425BC3062D62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{722DF62D-3069-40DB-AE24-A80A24182A03}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{73463A40-4182-4F62-9869-25EDD7F9C402}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{765B5A2D-D328-4F95-A86C-27E8AF05566F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{76683DD8-D1ED-4859-95FC-503D2D4AC95D}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{7B6B2F61-4111-453A-B0FF-B5C15F273836}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{7D629590-249C-483E-8C70-3A42724F3C7F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{815B323D-4C12-409E-ACA7-FE9D4014E83A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8BAB64F3-C731-45DA-A68A-C3C89C87AECF}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{8D71A413-D824-4BF3-854D-BD98267C8622}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{91A821CD-5904-4FDC-988E-D0C0886AF1F4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{95EE6A22-3784-4107-8E90-87DE905F8CA1}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{96714C7D-7D97-4C2A-BEF1-BF29156401B7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{9B5CDDF8-87C3-49B3-ACD8-B8ABA19965DD}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"{A26673A6-78A1-4CD4-A962-06D0AC4706A4}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{A7831A8A-9F64-4E8A-AFD2-207E205B1BE6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{A89EA446-13B7-4C16-984B-0C6E4D704260}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{ABDA3000-9355-4509-82DA-B597B53D0A29}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{AC0ECC6A-FA14-49F9-A93B-6C8E52E2C505}" = dir=in | app=c:\program files\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{B03688BB-C2F3-42EC-9F32-53708246D716}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{B2248C32-9123-4385-99B9-A632AB32F35F}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{B44DE955-5DFE-4F46-B112-D132272339BC}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"{B7EF0FA4-2ECA-400E-ABA5-3D6577EF3431}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{B89BAAC4-4536-44D5-A55D-915F7983854D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BACB3FF8-9BAD-4222-B1D5-D489D5D8F8C6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BB67BF9D-37E1-4DE5-873D-3C29A8234D65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BFA0CBD7-F157-421B-9541-18ADE04601D6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{C3EFE934-E064-4148-A5DD-A0D9D2F2EA0E}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{C89F2180-E055-431C-997E-3CEC2A5F5994}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CC32498A-54D3-49B9-BE67-4B06379D2950}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CEC0EEE5-ED88-4C2E-AA55-2C50061BF026}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{D025574C-E6B1-471A-8628-F8BAFB9F635F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{D35488B6-0C90-4E07-A03B-369BA4C82B6F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DEFAF4A8-753E-426F-A097-1C5C9D895B42}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1C76EC3-D5C6-49E9-AF3E-7A2324DC3E02}" = protocol=17 | dir=in | app=f:\appdata\microsoft office\office14\onenote.exe |
"{E70C9597-0722-4CD8-99D4-A7EF32AC472E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{E7E2D817-22E3-4473-861A-776804CFB28F}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{EABFCDC6-0F7D-4C80-8D97-90B1C03A655E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{ED5D235E-21FD-4C19-B5D2-06A28ECD4B76}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{F6E76DD2-9AC9-4B88-AB5C-3C15C009DAC4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F7A7C415-6F35-45F7-821A-5FE5CE8C66D0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{F9CDB9E8-61E6-4293-9BE0-A2C02381D0E1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{FCFD92D5-228B-464F-9588-41B1B56319D8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{FE02075C-4071-4E07-BEDC-3153F609E259}" = protocol=6 | dir=in | app=f:\vuze downloads\azureus.exe |
"{FE8BBD98-DB3C-41B4-9F9B-CB657E9A9239}" = protocol=6 | dir=out | app=system |
"TCP Query User{1D95481D-367B-4E61-B3D6-937D4542F0B9}C:\users\christib\appdata\local\temp\ixp002.tmp\smpcsetup.exe" = protocol=6 | dir=in | app=c:\users\christib\appdata\local\temp\ixp002.tmp\smpcsetup.exe |
"TCP Query User{2EB03672-52B0-4542-9A4F-AEB0974B0CEE}C:\program files\microsoft office\live meeting 8\console\pwconsole.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\live meeting 8\console\pwconsole.exe |
"TCP Query User{3107A047-0567-439E-939B-D1C915DD52CB}C:\users\christib\desktop\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\users\christib\desktop\pfportchecker\pfportchecker.exe |
"TCP Query User{51E85174-D027-46CE-84CB-CE4B7053521A}C:\users\christib\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=6 | dir=in | app=c:\users\christib\appdata\local\temp\ixp000.tmp\smpcsetup.exe |
"TCP Query User{5EA00E09-07DB-421F-95F9-8FD4EB487D2A}C:\users\christib\appdata\roaming\allmyapps\allmyapps.exe" = protocol=6 | dir=in | app=c:\users\christib\appdata\roaming\allmyapps\allmyapps.exe |
"TCP Query User{6A5902E0-8345-4CD8-A185-B10B1588B6AC}C:\program files\microsoft office\live meeting 8\console\pwconsole.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\live meeting 8\console\pwconsole.exe |
"TCP Query User{6CFC3D65-E4F2-47FD-9405-0AB4BAC694DF}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{6DB46C57-DB4C-4A2A-97ED-BB130B72E8AC}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{8339EA2D-66FB-4FB7-8019-C27F73A7B9BE}C:\users\christib\appdata\local\temp\showmypc\-----------showmypc3105 (1)\smpcsetup.exe" = protocol=6 | dir=in | app=c:\users\christib\appdata\local\temp\showmypc\-----------showmypc3105 (1)\smpcsetup.exe |
"TCP Query User{86CB4F60-C8CE-4305-95EC-26CC04E1119D}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{8759510F-BD2F-4395-B6D5-3CF83C56663A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{89807D27-8063-4CDE-BA0F-2F2E400376B0}C:\users\christib\appdata\local\temp\ixp002.tmp\smwinvnc.exe" = protocol=6 | dir=in | app=c:\users\christib\appdata\local\temp\ixp002.tmp\smwinvnc.exe |
"TCP Query User{8F215471-AD2A-401C-86F4-5835540144B9}C:\users\christib\appdata\local\temp\ixp001.tmp\smpcsetup.exe" = protocol=6 | dir=in | app=c:\users\christib\appdata\local\temp\ixp001.tmp\smpcsetup.exe |
"TCP Query User{905F4568-7A2E-446B-A058-277BB2C8FADE}C:\users\christib\appdata\local\temp\showmypc\-----------showmypc3105\smpcsetup.exe" = protocol=6 | dir=in | app=c:\users\christib\appdata\local\temp\showmypc\-----------showmypc3105\smpcsetup.exe |
"TCP Query User{AE787BD3-8BC0-489E-AB0B-B1A818AFF078}C:\users\christib\appdata\roaming\allmyapps\allmyapps.exe" = protocol=6 | dir=in | app=c:\users\christib\appdata\roaming\allmyapps\allmyapps.exe |
"TCP Query User{B49DB89F-4396-4437-A39F-D494AD357FB6}C:\program files\showmypcservice\tvnserver.exe" = protocol=6 | dir=in | app=c:\program files\showmypcservice\tvnserver.exe |
"TCP Query User{DD79FBAB-469C-4AC6-836E-D287CAC3A42B}C:\users\christib\appdata\local\temp\ixp001.tmp\smwinvnc.exe" = protocol=6 | dir=in | app=c:\users\christib\appdata\local\temp\ixp001.tmp\smwinvnc.exe |
"TCP Query User{E26088F1-8BA5-4773-BF15-B8240DD44FF2}C:\users\christib\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=6 | dir=in | app=c:\users\christib\appdata\local\temp\ixp000.tmp\smwinvnc.exe |
"TCP Query User{F48DFFE5-447C-4BD4-B552-7B89FE7D13E0}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{02BE26B2-5F8C-4637-9CE4-7BEC8F0B7C5C}C:\users\christib\appdata\local\temp\ixp001.tmp\smwinvnc.exe" = protocol=17 | dir=in | app=c:\users\christib\appdata\local\temp\ixp001.tmp\smwinvnc.exe |
"UDP Query User{0DD1555C-E4D1-430D-88A4-A69EA63C95BE}C:\users\christib\appdata\local\temp\showmypc\-----------showmypc3105\smpcsetup.exe" = protocol=17 | dir=in | app=c:\users\christib\appdata\local\temp\showmypc\-----------showmypc3105\smpcsetup.exe |
"UDP Query User{10ECA6A1-002D-49FF-80F5-DBEEF733FC49}C:\users\christib\appdata\local\temp\ixp000.tmp\smwinvnc.exe" = protocol=17 | dir=in | app=c:\users\christib\appdata\local\temp\ixp000.tmp\smwinvnc.exe |
"UDP Query User{1288E1F1-A5D0-493F-88D3-3C0E60DF4A63}C:\users\christib\appdata\local\temp\ixp002.tmp\smpcsetup.exe" = protocol=17 | dir=in | app=c:\users\christib\appdata\local\temp\ixp002.tmp\smpcsetup.exe |
"UDP Query User{12CF8E52-FAE7-4B5E-9DEF-15D4D769DEF1}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2FF49E0D-1261-4754-A434-57C72B46A04E}C:\program files\microsoft office\live meeting 8\console\pwconsole.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\live meeting 8\console\pwconsole.exe |
"UDP Query User{5A748F38-21E4-46D9-BB90-81BE9F1B952D}C:\users\christib\appdata\local\temp\ixp000.tmp\smpcsetup.exe" = protocol=17 | dir=in | app=c:\users\christib\appdata\local\temp\ixp000.tmp\smpcsetup.exe |
"UDP Query User{6355CDBC-69EB-49EE-A7A8-B3F9E126D0BE}C:\users\christib\desktop\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\users\christib\desktop\pfportchecker\pfportchecker.exe |
"UDP Query User{6E79C2E9-519D-4BA8-9A3D-9E3319532F84}C:\users\christib\appdata\local\temp\showmypc\-----------showmypc3105 (1)\smpcsetup.exe" = protocol=17 | dir=in | app=c:\users\christib\appdata\local\temp\showmypc\-----------showmypc3105 (1)\smpcsetup.exe |
"UDP Query User{82C6068D-8078-4D7A-BDBB-E101AF5A4F0A}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{860BB5FC-E13C-4B35-A212-6134116C2788}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{87F44E3C-B3E0-49FC-B393-49033C916D01}C:\users\christib\appdata\local\temp\ixp001.tmp\smpcsetup.exe" = protocol=17 | dir=in | app=c:\users\christib\appdata\local\temp\ixp001.tmp\smpcsetup.exe |
"UDP Query User{90A7E8EE-5B1F-402A-824B-8E6F52D2D3A0}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{98B95B61-96E2-4B40-BD77-D8A6F56A89D1}C:\program files\showmypcservice\tvnserver.exe" = protocol=17 | dir=in | app=c:\program files\showmypcservice\tvnserver.exe |
"UDP Query User{A6E21A8A-A152-43EA-B969-EDA0C4591312}C:\program files\microsoft office\live meeting 8\console\pwconsole.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\live meeting 8\console\pwconsole.exe |
"UDP Query User{AF0FA806-3C85-43F5-9052-C2EB87FCF256}C:\users\christib\appdata\roaming\allmyapps\allmyapps.exe" = protocol=17 | dir=in | app=c:\users\christib\appdata\roaming\allmyapps\allmyapps.exe |
"UDP Query User{CC5DDC73-1D80-4BD3-A3D0-1C579D398BA9}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{DD30A043-E861-4790-9B0B-8C68D171D053}C:\users\christib\appdata\roaming\allmyapps\allmyapps.exe" = protocol=17 | dir=in | app=c:\users\christib\appdata\roaming\allmyapps\allmyapps.exe |
"UDP Query User{EEBFA3DF-FEF7-4C7A-AA29-B39548926CA5}C:\users\christib\appdata\local\temp\ixp002.tmp\smwinvnc.exe" = protocol=17 | dir=in | app=c:\users\christib\appdata\local\temp\ixp002.tmp\smwinvnc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00A61104-74B5-4056-AD00-4397EF4FB141}" = iCloud
"{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}" = Pivot Software
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0CD47142-BA4F-46B0-AA92-2675864928B8}" = Microsoft Security Client
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11DB380B-48CF-46EA-8B03-51874E2733C9}" = Dell Control Point
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{12E25026-B99F-451C-9D41-2B8FD19F6050}" = Shiloh
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{2220CF3A-EBD6-4070-94D0-0C7337B537A7}" = All Day Battery Life Configuration
"{26A24AE4-039D-4CA4-87B4-2F83216024F0}" = Java 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83216038FF}" = Java 6 Update 38
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3237887D-8AC4-4C27-BDF4-57D7CB0351D6}" = SO32MMWrapper
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.439
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.9
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{685B0843-6C8D-4E42-B60D-2B86B45526E0}" = PS_AIO_02_Software_Min
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{71084075-ABA7-48BC-9733-F56A9ABD184D}" = DCP32MMWrapper
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{730E03E4-350E-48E5-9D3E-4329903D454D}" = Itibiti RTC
"{731B0E4D-F4C7-450C-95B0-E1A3176B1C75}" = Dell Backup and Recovery Manager
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79B520D5-CE72-4661-A054-804BC3412516}" = Wave Infrastructure Installer
"{81860953-8A77-4ED5-B57C-F35D703D9489}" = Dell ControlVault Host Components Installer
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00D1-0409-0000-0000000FF1CE}" = Microsoft Access database engine 2010 (English)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{907611B4-1B1B-4810-88CD-965FA49F35F6}" = C5200
"{9143F2FA-BF20-4311-8618-4CCF51B1B80C}" = Dell ControlPoint System Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94F8D42D-BB31-4858-9705-7D756D8D9655}" = PS_AIO_02_Software
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{988329F4-A1A1-4D51-803C-EF2725A97627}" = HP Photosmart All-In-One Driver Software 13.0 Rel. 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9EDA3DD1-130D-4EE1-A3D2-5A3D795CC8C9}" = MFCLOC
"{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}" = OpenOffice.org 3.4.1
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A066194B-DC8F-449A-8E0F-B57BDD3A2072}" = SyncToy 2.1 (x86)
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}_955" = Adobe Acrobat 9.5.5 - CPSID_83708
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat 9 Standard - English, Français, Deutsch
"{ACA283A7-AE25-4D18-BACE-6145DD847D50}" = PerfectSuite Plus
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B2096B-B13E-408E-8985-BD07463D5487}" = PS_AIO_02_ProductContext
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{BC52E419-B185-488F-9973-049A88E5DCBE}" = Gemalto
"{BCC7E198-1D10-4B55-956E-550A196F8056}" = Microsoft Office Live Meeting 2007
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C197BC08-3D82-4651-8886-E68C21578A38}" = iTunes
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C82185E8-C27B-4EF4-2011-1111BC2C2B6D}" = Microsoft MapPoint North America 2011
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}" = RealDownloader
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCC68887-6E07-4438-A035-7C22EFBDC15E}" = Intel® Network Connections 14.6.9.0
"{CCF13D13-A87B-34E8-B689-1896D0C2DBA2}" = Google Talk Plugin
"{CD41B576-4787-4D5C-95EE-24A4ABD89CD3}" = System Requirements Lab for Intel
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{cef78f86-19a8-4bbd-91fa-e9b6b2d37348}" = C5200_Help
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E63A7E64-AD93-47E7-AC5C-BA042AA740CA}" = Dell ControlPoint Connection Manager
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU
"1SYNC Spreadsheet Load Tool_is1" = 1SYNC-SLT v7.5
"8461-7759-5462-8226" = Vuze
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CCleaner" = CCleaner
"C-Media CM108 Like Sound Driver" = SteelSeries USB Sound Card Win7 v1.10
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DW WLAN Card Utility" = DW WLAN Card Utility
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"InstallConverter" = InstallConverter
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.7.0 (Standard)
"LeapsterExplorerPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"Minecraft_is1" = Minecraft version 1.4.6
"Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PROSetDX" = Intel® Network Connections 14.6.9.0
"RealPlayer 16.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"UPCShell" = LeapFrog Connect
"Verbatim Turbo USB 2.0_is1" = Verbatim Turbo USB 2.0
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"bd4d3a0508d364f5" = Dell Driver Download Manager
"GoToMeeting" = GoToMeeting 4.5.0.457
"WinDirStat" = WinDirStat 1.1.2
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 1/3/2014 9:01:50 AM | Computer Name = ChristiB-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ValueApps.exe, version: 1.3.1.1, time stamp:
0x52b6c58f Faulting module name: ValueApps.exe, version: 1.3.1.1, time stamp: 0x52b6c58f
Exception
code: 0xc0000005 Fault offset: 0x00032e83 Faulting process id: 0x5b88 Faulting application
start time: 0x01cf0881c2ffbbcd Faulting application path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Faulting
module path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Report
Id: 357c1be8-7477-11e3-95fd-0026b9a2ddc6
Error - 1/3/2014 9:05:54 AM | Computer Name = ChristiB-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ValueApps.exe, version: 1.3.1.1, time stamp:
0x52b6c58f Faulting module name: ValueApps.exe, version: 1.3.1.1, time stamp: 0x52b6c58f
Exception
code: 0xc0000005 Fault offset: 0x00032e91 Faulting process id: 0x5ce8 Faulting application
start time: 0x01cf08841778fe0c Faulting application path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Faulting
module path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Report
Id: c6ba1b29-7477-11e3-95fd-0026b9a2ddc6
Error - 1/3/2014 9:12:47 AM | Computer Name = ChristiB-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ValueApps.exe, version: 1.3.1.1, time stamp:
0x52b6c58f Faulting module name: ValueApps.exe, version: 1.3.1.1, time stamp: 0x52b6c58f
Exception
code: 0xc0000005 Fault offset: 0x00032e91 Faulting process id: 0x5ce8 Faulting application
start time: 0x01cf0884d0d8c16d Faulting application path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Faulting
module path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Report
Id: bd1a3977-7478-11e3-95fd-0026b9a2ddc6
Error - 1/3/2014 9:13:41 AM | Computer Name = ChristiB-PC | Source = Application Hang | ID = 1002
Description = The program OUTLOOK.EXE version 14.0.7109.5000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1784 Start
Time: 01cf07b80677a399 Termination Time: 20 Application Path: C:\Program Files\Microsoft
Office\Office14\OUTLOOK.EXE Report Id: d4516f2f-7478-11e3-95fd-0026b9a2ddc6
Error - 1/3/2014 9:20:17 AM | Computer Name = ChristiB-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ValueApps.exe, version: 1.3.1.1, time stamp:
0x52b6c58f Faulting module name: ValueApps.exe, version: 1.3.1.1, time stamp: 0x52b6c58f
Exception
code: 0xc0000005 Fault offset: 0x00032e91 Faulting process id: 0x5b68 Faulting application
start time: 0x01cf0886504ff605 Faulting application path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Faulting
module path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Report
Id: c92894c6-7479-11e3-95fd-0026b9a2ddc6
Error - 1/3/2014 9:22:37 AM | Computer Name = ChristiB-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ValueApps.exe, version: 1.3.1.1, time stamp:
0x52b6c58f Faulting module name: ValueApps.exe, version: 1.3.1.1, time stamp: 0x52b6c58f
Exception
code: 0xc0000005 Fault offset: 0x00032e91 Faulting process id: 0x10b8 Faulting application
start time: 0x01cf0886c9c71e52 Faulting application path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Faulting
module path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Report
Id: 1caf2d7b-747a-11e3-95fd-0026b9a2ddc6
Error - 1/3/2014 9:30:53 AM | Computer Name = ChristiB-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ValueApps.exe, version: 1.3.1.1, time stamp:
0x52b6c58f Faulting module name: ValueApps.exe, version: 1.3.1.1, time stamp: 0x52b6c58f
Exception
code: 0xc0000005 Fault offset: 0x00032e91 Faulting process id: 0x5950 Faulting application
start time: 0x01cf088759981156 Faulting application path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Faulting
module path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Report
Id: 4463d460-747b-11e3-95fd-0026b9a2ddc6
Error - 1/3/2014 10:59:37 AM | Computer Name = ChristiB-PC | Source = Application Hang | ID = 1002
Description = The program OUTLOOK.EXE version 14.0.7109.5000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 66a8 Start
Time: 01cf0885cd69533a Termination Time: 31 Application Path: C:\Program Files\Microsoft
Office\Office14\OUTLOOK.EXE Report Id: 3562c5e5-7487-11e3-95fd-0026b9a2ddc6
Error - 1/4/2014 11:06:36 AM | Computer Name = ChristiB-PC | Source = Application Error | ID = 1000
Description = Faulting application name: ValueApps.exe, version: 1.3.1.1, time stamp:
0x52b6c58f Faulting module name: ValueApps.exe, version: 1.3.1.1, time stamp: 0x52b6c58f
Exception
code: 0xc0000005 Fault offset: 0x00032e91 Faulting process id: 0xe54c Faulting application
start time: 0x01cf095da950930b Faulting application path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Faulting
module path: C:\Users\ChristiB\AppData\Local\Conduit\ValueApps\IE\ValueApps.exe
Report
Id: cdb68990-7551-11e3-95fd-0026b9a2ddc6
Error - 1/4/2014 12:01:09 PM | Computer Name = ChristiB-PC | Source = Windows Backup | ID = 4103
Description =
[ Media Center Events ]
Error - 3/4/2011 5:25:58 AM | Computer Name = ChristiB-PC | Source = MCUpdate | ID = 0
Description = 3:25:58 AM - Error connecting to the internet. 3:25:58 AM - Unable
to contact server..
Error - 3/11/2011 8:42:55 AM | Computer Name = ChristiB-PC | Source = MCUpdate | ID = 0
Description = 6:42:55 AM - Error connecting to the internet. 6:42:55 AM - Unable
to contact server..
Error - 12/12/2011 5:12:29 AM | Computer Name = ChristiB-PC | Source = MCUpdate | ID = 0
Description = 3:12:28 AM - Error connecting to the internet. 3:12:28 AM - Unable
to contact server..
Error - 12/12/2011 6:12:36 AM | Computer Name = ChristiB-PC | Source = MCUpdate | ID = 0
Description = 4:12:36 AM - Error connecting to the internet. 4:12:36 AM - Unable
to contact server..
Error - 12/12/2011 7:17:41 AM | Computer Name = ChristiB-PC | Source = MCUpdate | ID = 0
Description = 5:17:41 AM - Error connecting to the internet. 5:17:41 AM - Unable
to contact server..
Error - 12/12/2011 8:17:49 AM | Computer Name = ChristiB-PC | Source = MCUpdate | ID = 0
Description = 6:17:49 AM - Error connecting to the internet. 6:17:49 AM - Unable
to contact server..
Error - 7/27/2012 11:19:26 PM | Computer Name = ChristiB-PC | Source = MCUpdate | ID = 0
Description = 10:19:26 PM - Error connecting to the internet. 10:19:26 PM - Unable
to contact server..
Error - 7/27/2012 11:19:33 PM | Computer Name = ChristiB-PC | Source = MCUpdate | ID = 0
Description = 10:19:31 PM - Error connecting to the internet. 10:19:31 PM - Unable
to contact server..
Error - 7/28/2012 9:24:14 AM | Computer Name = ChristiB-PC | Source = MCUpdate | ID = 0
Description = 8:24:14 AM - Error connecting to the internet. 8:24:14 AM - Unable
to contact server..
Error - 8/9/2012 7:36:41 AM | Computer Name = ChristiB-PC | Source = MCUpdate | ID = 0
Description = 6:36:40 AM - Error connecting to the internet. 6:36:40 AM - Unable
to contact server..
[ System Events ]
Error - 12/12/2013 7:54:14 AM | Computer Name = ChristiB-PC | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk0\DR0.
Error - 12/12/2013 6:24:44 PM | Computer Name = ChristiB-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM
Error - 12/18/2013 7:57:38 PM | Computer Name = ChristiB-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM
Error - 12/19/2013 10:40:40 PM | Computer Name = ChristiB-PC | Source = Microsoft Antimalware | ID = 2001
Description = %%860 has encountered an error trying to update signatures. New Signature
Version: Previous Signature Version: 1.165.174.0 Update Source: %%859 Update Stage:
User:
NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.10201.0
Error
code: 0x8024402c Error description: An unexpected problem occurred while checking
for updates. For information on installing or troubleshooting updates, see Help
and Support.
Error - 12/25/2013 4:19:12 AM | Computer Name = ChristiB-PC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.
Error - 12/27/2013 1:21:47 PM | Computer Name = ChristiB-PC | Source = Server | ID = 2505
Description = The server could not bind to the transport \Device\NetBT_Tcpip_{72E5DA0B-80DE-4465-95A8-05A97BBB089A}
because another computer on the network has the same name. The server could not
start.
Error - 12/29/2013 6:37:33 PM | Computer Name = ChristiB-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM
Error - 12/31/2013 12:00:26 PM | Computer Name = ChristiB-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM
Error - 1/4/2014 11:08:01 AM | Computer Name = ChristiB-PC | Source = volsnap | ID = 393222
Description = The shadow copy of volume F: could not create a new paged heap. The
system may be low on virtual memory.
Error - 1/4/2014 11:08:07 AM | Computer Name = ChristiB-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
tcpipBM
< End of report >
HijackThis Log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:05:55 AM, on 1/4/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files\Microsoft MapPoint 2011\StreetsOlkShim.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\ChristiB\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (file missing)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (file missing)
O3 - Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O3 - Toolbar: (no name) - !{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
O3 - Toolbar: (no name) - !{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Cm108Sound] RunDll32 cm108.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon] "C:\Windows\system32\Rundll32.exe" "C:\Users\ChristiB\AppData\Roaming\ValueApps\CH\TBVerifier.dll",RunConduitFloatingPlugin lcnnhcneegeeojhgpfijnlnocjdmlaon
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Export to Microsoft Excel - res://C:\Program Files\Microsoft Office\OFFICE12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O15 - Trusted Zone: *.dns-ok.us
O15 - Trusted Zone: *.ieframe.dll
O15 - Trusted Zone: *.pandora.com
O15 - Trusted Zone: *.showmypc.com
O15 - Trusted Zone: *.wal-mart.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{790B665E-3AD4-4D0E-9DBF-6C4692B10A23}: NameServer = 172.16.206.215 172.16.206.215
O17 - HKLM\System\CCS\Services\Tcpip\..\{CD12F98D-1D60-45EC-99A6-686024840D22}: NameServer = 172.16.206.215 172.16.206.215
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - Unknown owner - C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: AT&T Con App Svc (CAATT) - Unknown owner - C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 11526 bytes