WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

OTL report help - Thank you! [Closed]

Started by jcordova1 , Jan 10 2014 03:43 PM

This topic is locked

4 replies to this topic

#1 jcordova1

New Member

New Member
3 posts

Posted 10 January 2014 - 03:43 PM

Hello,

Thanks for the easy to follow steps and the time you put into this.

Below is the OLT.txt. Extra.txt will be in the next post, thanks again!

OTL logfile created on: 1/10/2014 1:25:49 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Rachel\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 49.27% Memory free
7.81 Gb Paging File | 5.58 Gb Available in Paging File | 71.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 186.30 Gb Total Space | 126.46 Gb Free Space | 67.88% Space Free | Partition Type: NTFS
Drive D: | 254.46 Gb Total Space | 136.99 Gb Free Space | 53.84% Space Free | Partition Type: NTFS

Computer Name: RACHEL-PC | User Name: Rachel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Rachel\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\SaltarSmart\updateSaltarSmart.exe ()
PRC - C:\Users\Rachel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bg.exe (weDownload)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Users\Rachel\AppData\Local\Smartbar\Application\SnapDo.exe (Smartbar)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll ()
MOD - C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\srut.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\srsbs.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\srns.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\srpdm.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\srau.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\sppsm.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\spbl.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\siem.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\sgml.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\MACTrackBarLib.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\sgmu.dll ()
MOD - C:\Users\Rachel\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\3d075c3b7d099aca217beecac1f66b4b\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5970036570c1e44e8ae0f6f94c1039aa\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4ada2213cefea889a5ed6e2fb6839b93\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\de6ee26de5e4f343509de7e92ab48ba6\CustomMarshalers.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (FileOpenManagerService) -- C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe (FileOpen Systems Inc.)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (Update SaltarSmart) -- C:\Program Files (x86)\SaltarSmart\updateSaltarSmart.exe ()
SRV - (Util SaltarSmart) -- C:\Program Files (x86)\SaltarSmart\bin\utilSaltarSmart.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (vToolbarUpdater17.1.2) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe (AVG Secure Search)
SRV - (SoftshieldService) -- C:\Program Files (x86)\ExamSoft\SofTest 11.0\Examsoft.ShieldRunner.exe (Hewlett-Packard)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com/...50H3P5XDH3P5XDX
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aartemis.com/...50H3P5XDH3P5XDX
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.aartemis....q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com/...50H3P5XDH3P5XDX
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis....q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aartemis.com/...50H3P5XDH3P5XDX
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.aartemis....q={searchTerms}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://aartemis.com/...50H3P5XDH3P5XDX
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.c...s}&installDate=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.c...s}&installDate=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.c...s}&installDate=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.c...s}&installDate=
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.c...s}&installDate=
IE - HKCU\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcas...q={searchTerms}
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://www.aartemis....q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{E1B278C0-083D-4EDF-8D20-4E880DED678A}: "URL" = http://search.condui...&ctid=CT2790392
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..browser.startup.homepage: "http://feed.snapdo.c...p&installDate="
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..keyword.URL: "http://feed.snapdo.c...nstallDate=&q="
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/11/26 09:52:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel\AppData\Roaming\Mozilla\Extensions
[2012/01/30 17:22:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\extensions
[2012/01/30 17:22:38 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2014/01/06 19:09:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\58yvgmj7.default\extensions
[2014/01/03 13:15:41 | 000,000,000 | ---D | M] ("weDownload Manager Pro") -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\58yvgmj7.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com
[2014/01/05 09:10:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\58yvgmj7.default\extensions\staged
[2014/01/03 13:15:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\58yvgmj7.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData
[2014/01/03 13:15:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\58yvgmj7.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\plugins
[2014/01/03 13:15:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\58yvgmj7.default\extensions\008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com\extensionData\userCode
[2014/01/10 11:46:04 | 000,002,419 | ---- | M] () -- C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\58yvgmj7.default\searchplugins\Web Search.xml
[2013/11/26 09:52:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/26 09:52:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (weDownload Manager Pro) - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho64.dll (weDownload)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (weDownload Manager Pro) - {11111111-1111-1111-1111-110411361128} - C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho.dll (weDownload)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [FileOpenBroker] C:\Program Files\FileOpen\Services\FileOpenBroker64.exe (FileOpen Systems Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED File not found
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Rachel\AppData\Local\Smartbar\Application\SnapDo.exe (Smartbar)
O4 - HKCU..\Run: [HijackThis startup scan] C:\Users\Rachel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3TA0D90S\HijackThis.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Rachel\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61974A22-67D6-4D09-B197-D9BB73BE4250}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/01/10 12:35:07 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/01/10 12:25:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\surfkeeipito
[2014/01/10 12:22:48 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Roaming\OpenWebKitSharp Strings
[2014/01/10 12:22:06 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Local\ApplicationHistory
[2014/01/10 12:15:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\easytoshop
[2014/01/09 09:44:11 | 000,000,000 | ---D | C] -- C:\Users\Rachel\Documents\Spring 2014
[2014/01/05 09:10:45 | 000,000,000 | ---D | C] -- C:\ProgramData\surfkeeipito
[2014/01/05 09:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\iieoebdkbclojmjfbelodpeencoepgae
[2014/01/05 09:10:35 | 000,000,000 | ---D | C] -- C:\ProgramData\23bbdd05ffdf2e16
[2014/01/05 09:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\easytoshop
[2014/01/03 12:09:30 | 000,000,000 | ---D | C] -- C:\Users\Rachel\Documents\Stuff to Keep
[2013/12/31 04:51:29 | 000,000,000 | ---D | C] -- C:\Users\Rachel\AppData\Local\{7B557115-8C72-427C-868A-BA0CD9CC02EA}
[2013/12/11 13:50:08 | 000,000,000 | ---D | C] -- C:\temp
[3 C:\Users\Rachel\Documents\*.tmp files -> C:\Users\Rachel\Documents\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/10 13:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/10 13:10:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/10 12:51:21 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/10 12:51:21 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/10 12:42:36 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2014/01/10 12:42:35 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/10 12:42:22 | 000,002,014 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-chromeinstaller.job
[2014/01/10 12:42:21 | 000,001,938 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-firefoxinstaller.job
[2014/01/10 12:42:20 | 000,001,382 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-updater.job
[2014/01/10 12:42:17 | 000,001,284 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-codedownloader.job
[2014/01/10 12:42:17 | 000,001,184 | ---- | M] () -- C:\Windows\tasks\weDownload Manager Pro-enabler.job
[2014/01/10 12:42:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/10 12:41:49 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/10 12:36:22 | 000,412,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/10 12:33:13 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini
[2014/01/10 12:17:46 | 000,000,866 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/01/10 11:54:05 | 000,001,793 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2014/01/03 12:25:03 | 000,807,562 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/03 12:25:03 | 000,680,498 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/03 12:25:03 | 000,128,992 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/03 12:18:43 | 000,001,971 | ---- | M] () -- C:\Users\Rachel\Desktop\Stuff to Keep - Shortcut.lnk
[2014/01/02 08:38:45 | 002,012,669 | ---- | M] () -- C:\Users\Rachel\Desktop\OF-306new.pdf
[2013/12/31 04:53:04 | 001,217,039 | ---- | M] () -- C:\Users\Rachel\Desktop\image (2).jpg
[2013/12/27 13:43:17 | 000,188,459 | ---- | M] () -- C:\Users\Rachel\Desktop\TSA doc.pdf
[2013/12/20 15:42:40 | 002,001,850 | ---- | M] () -- C:\Users\Rachel\Desktop\OF-306.pdf
[3 C:\Users\Rachel\Documents\*.tmp files -> C:\Users\Rachel\Documents\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/10 12:41:17 | 000,002,617 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
[2014/01/10 12:41:17 | 000,002,058 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
[2014/01/10 12:33:13 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2014/01/03 12:18:43 | 000,001,971 | ---- | C] () -- C:\Users\Rachel\Desktop\Stuff to Keep - Shortcut.lnk
[2013/12/31 04:53:40 | 001,217,039 | ---- | C] () -- C:\Users\Rachel\Desktop\image (2).jpg
[2013/12/27 13:43:17 | 000,188,459 | ---- | C] () -- C:\Users\Rachel\Desktop\TSA doc.pdf
[2013/12/20 15:51:47 | 002,012,669 | ---- | C] () -- C:\Users\Rachel\Desktop\OF-306new.pdf
[2013/12/20 15:41:46 | 002,001,850 | ---- | C] () -- C:\Users\Rachel\Desktop\OF-306.pdf
[2012/08/21 08:39:50 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/08/18 12:26:54 | 000,801,714 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/13 19:40:14 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/08/07 20:11:29 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\ASUS WebStorage
[2013/04/23 12:00:14 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\BitTorrent
[2012/10/26 12:45:34 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\Dropbox
[2012/08/07 11:47:59 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\Nuance
[2014/01/10 12:22:48 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\OpenWebKitSharp Strings
[2013/04/23 10:57:44 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\SoftGrid Client
[2014/01/10 13:22:03 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\Spotify
[2012/08/18 12:27:50 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\TP
[2012/08/07 11:47:55 | 000,000,000 | ---D | M] -- C:\Users\Rachel\AppData\Roaming\Zeon

========== Purity Check ==========

========== Custom Scans ==========

< %USERPROFILE%\..|smtmp;true;true;true /FP >

< %temp%\smtmp\*.* /s > >

< MD5 for: EXPLORER.ADML >
[2009/07/13 18:30:02 | 000,003,695 | ---- | M] () MD5=7A4C7F3CB156543113596988479CAFCE -- C:\Windows\winsxs\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.1.7600.16385_en-us_7ef5713984067904\Explorer.adml

< MD5 for: EXPLORER.ADMX >
[2009/06/10 12:53:55 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\winsxs\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.1.7600.16385_none_71af9b5b0a86e6b7\Explorer.admx

< MD5 for: EXPLORER.EXE >
[2011/02/25 22:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/25 21:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 17:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/25 21:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011/02/25 21:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/24 22:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/24 22:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/25 22:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/24 21:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 05:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/07/13 17:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011/02/25 22:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: EXPLORER.EXE.CONFIG >
[2009/02/25 22:50:32 | 000,000,176 | ---- | M] () MD5=E1FD9DE48AF5D7652AA31BBE914F54B8 -- C:\Windows\explorer.exe.config

< MD5 for: EXPLORER.EXE.MUI >
[2009/07/13 18:26:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\en-US\explorer.exe.mui
[2009/07/13 18:26:48 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=4B87EEFDC8E253F846A7DFB49A8E6C70 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_61e778c48d52d19b\explorer.exe.mui
[2009/07/13 18:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2009/07/13 18:06:56 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=B9F4B1CA23D60775736059D72BA48526 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.1.7600.16385_en-us_6c3c2316c1b39396\explorer.exe.mui

< MD5 for: IEXPLORE.EXE >
[2012/06/02 03:47:54 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=004640AB259C1572EBD5FB0A32F63686 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20553_none_0dbfc836999db0ca\iexplore.exe
[2013/01/08 17:53:45 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=0100BCF23941C83462E4A70F94C3392E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_0d2c5bc980874648\iexplore.exe
[2012/05/17 15:21:54 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=0129BB16161C2FD9A6B19111AB047198 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_1798a687b4d6030f\iexplore.exe
[2013/12/03 08:10:59 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Program Files\Internet Explorer\iexplore.exe
[2013/12/03 08:10:59 | 000,804,560 | ---- | M] (Microsoft Corporation) MD5=0685765C0CBE095BA0C6C8790BAE21EF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_7b0d6f67c2d3f97a\iexplore.exe
[2013/05/16 18:32:12 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=07DFD28E57879554D054464EE4A5662D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_20d88bb252a3770f\iexplore.exe
[2012/11/13 18:56:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=0D286C0FE561D1A7EB30E83A0FF305B2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_178ed6e5b4dd3857\iexplore.exe
[2012/06/28 21:02:52 | 000,754,784 | ---- | M] (Microsoft Corporation) MD5=1223ACBFC1093852DFF039E189599BBD -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_0d45fcc9807373c2\iexplore.exe
[2013/07/25 22:23:39 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=133CEF30905806A35606652D409EEEBA -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_16893df21e3dcd43\iexplore.exe
[2013/08/09 22:31:28 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=1F3B062444AD6F667B5336E78D5A02B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_ffb36d2837eafb72\iexplore.exe
[2012/08/23 23:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_1787d4dfb4e386f6\iexplore.exe
[2013/02/21 23:04:50 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=25B53709A37C3FD814B68EA0A92D18F9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_0d238c71808d94e7\iexplore.exe
[2012/05/17 14:59:46 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=268982F1FD671A077C6A2AF41E351436 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_181271f4ce004017\iexplore.exe
[2012/10/08 00:37:24 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=270A1342BD5AF95CA25A586B4C2F1522 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_178cd651b4df05a9\iexplore.exe
[2013/06/11 20:41:27 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=2A5F565327BFD679EC5F790DC15BBF25 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_0a0343986c500b78\iexplore.exe
[2009/07/13 17:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_19ba3f8a72d988f3\iexplore.exe
[2012/08/24 03:23:44 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=2D53C5F71653EF94E7829846405D4ED2 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16450_none_0d332a8d8082c4fb\iexplore.exe
[2013/04/04 21:55:38 | 000,770,624 | ---- | M] (Microsoft Corporation) MD5=2DC6BD1047553611DAEF97C751131A5D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20681_none_0a122b746c443b42\iexplore.exe
[2013/06/11 16:23:57 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=30E7CA4620500FE012EB464F0E1DE91E -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_20da757e52a1c35e\iexplore.exe
[2013/02/21 20:10:00 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16476_none_177836c3b4ee56e2\iexplore.exe
[2012/06/02 01:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16447_none_1799a6d1b4d51c66\iexplore.exe
[2013/08/09 22:10:22 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=351657C79B62B91E16A95AD23EA3710D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_168ab5d61e3c99b7\iexplore.exe
[2013/08/09 20:18:11 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=37287D98A1BF5D56AA729CEB9B27C6B1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16686_none_20df6028529d5bb2\iexplore.exe
[2013/05/16 17:57:28 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=3902E280F6117A468D5573343A7AA1F6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_09ffa3426c5372da\iexplore.exe
[2013/10/12 13:42:28 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=39D0074C59F6D1A62731942C7FA8B60B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_167ae4781e4936f5\iexplore.exe
[2013/10/12 01:49:48 | 000,775,344 | ---- | M] (Microsoft Corporation) MD5=3C8C00380462B1023C9F8EA2A9A7A137 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_ffa340aa37f7ff34\iexplore.exe
[2013/02/21 20:10:31 | 000,757,360 | ---- | M] (Microsoft Corporation) MD5=4145E2B5663F6FACC08EFDB17B658BB2 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_17f703a2ce14129d\iexplore.exe
[2013/08/09 21:13:42 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=48A1306191216997F717C451B8D15139 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20794_none_0a08177a6c4bbd6d\iexplore.exe
[2012/10/08 04:29:46 | 000,754,848 | ---- | M] (Microsoft Corporation) MD5=49442BA6DCE4B4E3C1CB0AB193FE29AD -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16455_none_0d382bff807e43ae\iexplore.exe
[2012/05/17 18:51:05 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=4E99F42504A99D5024C2EFA015001937 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16446_none_0d43fc3580754114\iexplore.exe
[2012/08/24 02:49:07 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=5A150AFABB25BEA50CEDC8650A7B8A9E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20557_none_0dc3c95e999a1626\iexplore.exe
[2012/06/28 18:45:31 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=5D03518409F37D1483C98869D86E23FF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_0dc0c880999cca21\iexplore.exe
[2012/06/02 04:52:21 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=610F6596921C4BAA8834ADBB9BE272EE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16447_none_0d44fc7f80745a6b\iexplore.exe
[2012/08/23 23:49:25 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=62188720CE27B982B4285C03163C9FB3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20557_none_181873b0cdfad821\iexplore.exe
[2013/04/23 09:49:21 | 000,775,216 | ---- | M] (Microsoft Corporation) MD5=6554208814632C25C77EE02355EB8E95 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16540_none_16920d4a1e377ea4\iexplore.exe
[2013/01/08 14:42:06 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=698EB1E5F8C66344D97C00B5699E871D -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16464_none_1781061bb4e80843\iexplore.exe
[2011/04/01 20:16:10 | 000,696,592 | ---- | M] (Microsoft Corporation) MD5=700B40EA39DFB25517A81032F03D6D20 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16722_none_0fa37b7a3e4ac7e9\iexplore.exe
[2013/07/25 19:49:06 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=7BA1862B8A5698DC5FCFDFF3BC359DE9 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16660_none_20dde844529e8f3e\iexplore.exe
[2013/02/02 00:09:12 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=7C2923004FFC497E54F38E835F108EE8 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_0d9c579499b8b898\iexplore.exe
[2010/11/20 05:28:26 | 000,695,056 | ---- | M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe
[2011/04/01 20:16:10 | 000,696,592 | ---- | M] (Microsoft Corporation) MD5=8C6C32E4AF8A3D7155656F5897C504E0 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20861_none_1000d84b5789be20\iexplore.exe
[2013/07/25 21:47:06 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=8D805B4EEEE0ECF6B604BE284978F135 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_ffb0112a37ee15f1\iexplore.exe
[2013/05/16 19:02:08 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=8F00471CA24ADF8D2AFAACF856EB70A4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20719_none_ffaaf8f037f2b0df\iexplore.exe
[2011/03/28 15:24:08 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_17a944edb4ca4c7a\iexplore.exe
[2011/04/01 20:16:10 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=9321CF0D023528C71E3645F8433C86C8 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20861_none_1a55829d8bea801b\iexplore.exe
[2012/06/28 17:00:47 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=93569D46D79F9756ED077156496AFE23 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16448_none_179aa71bb4d435bd\iexplore.exe
[2013/06/11 18:28:00 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=98C6F2A9A981A54222602B87C6310BDE -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16635_none_1685cb2c1e410163\iexplore.exe
[2013/10/11 23:16:06 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=9DFE1678738DD968D7BA5559B52706D1 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20848_none_09f7eafc6c58c12f\iexplore.exe
[2013/02/01 20:19:03 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=A285E1965C115031DA02B777EE9D7689 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20580_none_17f101e6ce197a93\iexplore.exe
[2013/02/01 23:37:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=A8EBEBCD9F5C49475194099FCD276992 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_0d1d8ab58092fcdd\iexplore.exe
[2011/04/01 20:16:10 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=AA08B68EF4E35EFA170CF85A44B23B70 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16722_none_19f825cc72ab89e4\iexplore.exe
[2013/04/04 22:02:26 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_20e92fca5296266a\iexplore.exe
[2011/05/04 01:29:52 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=AB2BB40A5FE49AD236791AC22BD08869 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20908_none_1a9d66118bb386fd\iexplore.exe
[2012/11/15 19:08:58 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=AC4957E154F750DF54F36ADC8E3E040D -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_0db6f8de99a3ff69\iexplore.exe
[2013/02/21 23:17:45 | 000,763,520 | ---- | M] (Microsoft Corporation) MD5=B21A57AA4CB928059A0C0C58A9E77A02 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20586_none_0da2595099b350a2\iexplore.exe
[2011/05/04 01:29:52 | 000,696,592 | ---- | M] (Microsoft Corporation) MD5=B4881B8F6EDB48CABD44BCC9FB5475C4 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20908_none_1048bbbf5752c502\iexplore.exe
[2012/06/02 00:51:58 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=BE967C74B89577B78FB57C061E12B04C -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20553_none_18147288cdfe72c5\iexplore.exe
[2010/11/20 04:22:52 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
[2011/05/04 01:29:52 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C6697A46554E36541E81182B258A19D6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16766_none_19d0e74472c85f04\iexplore.exe
[2013/12/03 08:11:04 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2013/12/03 08:11:04 | 000,806,096 | ---- | M] (Microsoft Corporation) MD5=C8A8321292A459B0A17FB39A782A5C74 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.16428_none_856219b9f734bb75\iexplore.exe
[2013/06/11 23:51:43 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=CA88A25280B1D85ED0BC26B042ABBCCF -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20742_none_ffae994637ef497d\iexplore.exe
[2013/04/04 23:53:33 | 000,775,232 | ---- | M] (Microsoft Corporation) MD5=CEA304830B4770BDA3572B87D0841848 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16576_none_169485781e35646f\iexplore.exe
[2012/10/08 00:22:05 | 000,748,704 | ---- | M] (Microsoft Corporation) MD5=CECB15F834FC2B4B150449717ADE18DD -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_1808a252ce07755f\iexplore.exe
[2013/09/22 15:54:30 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=D6B7DDB68436F13C3CAE2B92524F1FEC -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_20cf006852aa5f74\iexplore.exe
[2013/10/11 23:44:13 | 000,770,736 | ---- | M] (Microsoft Corporation) MD5=D7D5768B8A697FCBAEE2CFE137070F02 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16736_none_20cf8eca52a9f8f0\iexplore.exe
[2013/09/22 16:01:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=DB352EBF77E8655E0C46B6923F3C9950 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_09f78a2a6c58f471\iexplore.exe
[2013/02/01 20:19:04 | 000,757,296 | ---- | M] (Microsoft Corporation) MD5=DDE5A0DFAF7C6370FB36402D7A746ED3 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16470_none_17723507b4f3bed8\iexplore.exe
[2013/04/04 23:23:03 | 000,775,216 | ---- | M] (Microsoft Corporation) MD5=DE751E18F8DBF7BCCE46989CBA4A9828 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20681_none_ffbd812237e37947\iexplore.exe
[2011/05/04 01:29:52 | 000,696,592 | ---- | M] (Microsoft Corporation) MD5=E1BBDE0F187194D4B08335234A4B9FC7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16766_none_0f7c3cf23e679d09\iexplore.exe
[2013/04/23 09:49:23 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=E4F6125ED5185F8FA37CC4F449B85526 -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16540_none_20e6b79c5298409f\iexplore.exe
[2013/07/25 21:09:39 | 000,770,648 | ---- | M] (Microsoft Corporation) MD5=E70D60B3A350BD09D86CDAD9CF55F36B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20768_none_0a04bb7c6c4ed7ec\iexplore.exe
[2013/09/22 17:55:58 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=E9F843E7E412AE9A507FD5ABBBD06462 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.20831_none_ffa2dfd837f83276\iexplore.exe
[2012/06/28 15:35:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=EB4105348272018D096FEB655CD1608C -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20554_none_181572d2cdfd8c1c\iexplore.exe
[2013/05/16 19:30:45 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=EDC77CF787FA015205936C9A3228486E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16614_none_1683e1601e42b514\iexplore.exe
[2013/01/08 16:51:57 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=EF1F6F41FB2C9BBB484B21017F380201 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_0daa285e99ade8ac\iexplore.exe
[2013/01/08 13:32:42 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F05982E56ABD835AA8DF260EEC873E5B -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20573_none_17fed2b0ce0eaaa7\iexplore.exe
[2011/03/28 15:24:08 | 000,754,480 | ---- | M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_0d549a9b80698a7f\iexplore.exe
[2009/07/13 17:43:43 | 000,696,600 | ---- | M] (Microsoft Corporation) MD5=F2B0D41E1D08D0B2006DF5AA2E74C81E -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_0f6595383e78c6f8\iexplore.exe
[2012/10/08 03:09:10 | 000,754,824 | ---- | M] (Microsoft Corporation) MD5=F61714ABCF9BF0CEF0A6249AD4FD490B -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20562_none_0db3f80099a6b364\iexplore.exe
[2012/11/13 18:19:28 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=F691418EE9A6344AEB5C1B0518FBF8AE -- C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20565_none_180ba330ce04c164\iexplore.exe
[2013/09/22 17:25:59 | 000,775,256 | ---- | M] (Microsoft Corporation) MD5=F6A7D9C0BC326F695526069C1DA1E8B7 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.2.9200.16721_none_167a56161e499d79\iexplore.exe
[2012/05/17 17:37:57 | 000,754,808 | ---- | M] (Microsoft Corporation) MD5=F8B2D47ED17C1D087D14EC747E5AC57A -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.20551_none_0dbdc7a2999f7e1c\iexplore.exe
[2012/11/13 23:11:18 | 000,763,424 | ---- | M] (Microsoft Corporation) MD5=FD0D2E1FAEBAE5031BE2EB8000D973F1 -- C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16457_none_0d3a2c93807c765c\iexplore.exe

< MD5 for: IEXPLORE.EXE.MUI >
[2011/04/01 20:55:58 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=01E762F8A9ADD0EB536BBD0B1A9EE761 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_zh-cn_70dc44d2d3996773\iexplore.exe.mui
[2013/12/03 08:11:04 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2013/12/03 08:10:59 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2013/12/03 08:11:04 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Users\Rachel\AppData\Local\Temp\iexplore.exe.mui
[2013/12/03 08:10:59 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_74ba04defa813a61\iexplore.exe.mui
[2013/12/03 08:11:04 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=0B33787AB6EE3BB5FDB0C7C52E4E06A6 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_11.2.9600.16428_en-us_7f0eaf312ee1fc5c\iexplore.exe.mui
[2011/03/28 15:24:08 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=17FAE936C452188D05852DE8D1082013 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_07013012b816cb66\iexplore.exe.mui
[2011/04/01 20:55:01 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=1E6D15389084E185432C95038F6A5F44 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_zh-tw_74d88228d10a43e3\iexplore.exe.mui
[2011/04/01 20:53:09 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=490CD18CE5FB8C3CBFFD63A5314250D9 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_es-es_06cc8cf6b83dbd0b\iexplore.exe.mui
[2011/03/28 15:24:08 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C71CCB3C8817185E67210856778831F -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_en-us_1155da64ec778d61\iexplore.exe.mui
[2013/04/23 09:49:21 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_103c8b6555e6a67e\iexplore.exe.mui
[2013/04/23 09:49:23 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=8EDDC50FD07326E7DF9C4EEA422F0918 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.2.9200.16521_en-us_1a9135b78a476879\iexplore.exe.mui
[2011/04/01 20:54:05 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=9C0D0AE99FF3BECAD98CE0D329087D87 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_pt-pt_13d3e055589afadc\iexplore.exe.mui
[2011/04/01 20:52:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=B5ED0B02C0CF0B9B72801814688D5A00 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_fr-fr_a98402f5ab0fd36d\iexplore.exe.mui
[2009/07/13 18:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_09122aaf762607df\iexplore.exe.mui
[2009/07/13 18:29:20 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=C29BCFB504E33FEADDFA2D0183CEF62F -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_0b433e7773148b79\iexplore.exe.mui
[2011/04/01 20:53:09 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=CF5D2D3D54DE91D2C66796D33E4D6431 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_es-es_11213748ec9e7f06\iexplore.exe.mui
[2011/04/01 20:54:05 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=D07D3ED57DBEE3B8F4172C5FAFF5DB0E -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_pt-pt_097f3603243a38e1\iexplore.exe.mui
[2011/04/01 20:55:58 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=D69A495BB30EAFC1B11218D5204BE291 -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_zh-cn_66879a809f38a578\iexplore.exe.mui
[2011/04/01 20:55:01 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=DC0612AB746CD754ABEC33385CEBD43A -- C:\Windows\winsxs\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_zh-tw_6a83d7d69ca981e8\iexplore.exe.mui
[2011/04/01 20:52:15 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=F19C598721DC3B8FC08EF800D7F9C1AF -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_9.4.8112.16421_fr-fr_b3d8ad47df709568\iexplore.exe.mui
[2009/07/13 18:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7600.16385_en-us_1366d501aa86c9da\iexplore.exe.mui
[2009/07/13 18:05:06 | 000,005,120 | ---- | M] (Microsoft Corporation) MD5=FBA4CD95930248053A2C3F43CA70B986 -- C:\Windows\winsxs\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_8.0.7601.17514_en-us_1597e8c9a7754d74\iexplore.exe.mui

< MD5 for: IEXPLORE.EXE-4B6C9213.PF >
[2014/01/10 13:24:30 | 000,451,992 | ---- | M] () MD5=E02C4A84786382B05A451B38F2536957 -- C:\Windows\Prefetch\IEXPLORE.EXE-4B6C9213.pf

< MD5 for: IEXPLORE.EXE-908C99F8.PF >
[2014/01/10 13:24:30 | 000,121,790 | ---- | M] () MD5=074491DD50459E1E12DEF14EADA9CE57 -- C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf

< MD5 for: SERVICES >
[2009/06/10 13:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.CFG >
[2012/09/23 19:43:36 | 000,603,848 | R--- | M] () MD5=81B120EAEE296F0E54F66C16C5A21367 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744BA0000000010\11.0.0\services.cfg
[2013/09/05 06:04:00 | 000,559,090 | ---- | M] () MD5=8ADD48E413D05BF2E7AEC00173DDFABC -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Services\Services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 17:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 17:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2009/07/13 18:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2009/07/13 18:25:40 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 20:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 20:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 12:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 12:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2009/07/13 18:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 12:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2009/07/13 18:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 13:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2009/07/13 18:23:30 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 12:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2009/07/13 18:08:50 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 13:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 12:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 12:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: WINLOGON.ADML >
[2009/07/13 18:25:22 | 000,008,013 | ---- | M] () MD5=CED0EAD8D152B3D0F114698DE2316C5E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_f0f9032ef6930070\WinLogon.adml

< MD5 for: WINLOGON.ADMX >
[2009/06/10 13:04:41 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.1.7600.16385_none_d7024e6992f3424d\WinLogon.admx

< MD5 for: WINLOGON.EXE >
[2010/11/20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 05:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 17:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe

< MD5 for: WINLOGON.EXE.MUI >
[2010/11/20 05:00:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\SysNative\en-US\winlogon.exe.mui
[2010/11/20 05:00:26 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=34C7D2E30868EDAFB191341D963ABA5F -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7601.17514_en-us_291e96fa1ab5fc7b\winlogon.exe.mui
[2009/07/13 18:29:52 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=56D03B64B8C483C1D12A8E4577B3B332 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.1.7600.16385_en-us_26ed83321dc778e1\winlogon.exe.mui

< MD5 for: WINLOGON.MFL >
[2009/07/13 18:27:22 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\SysNative\wbem\en-US\winlogon.mfl
[2009/07/13 18:27:22 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.1.7600.16385_en-us_84afd4fd38ffd276\winlogon.mfl

< MD5 for: WINLOGON.MOF >
[2009/07/13 12:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\SysNative\wbem\winlogon.mof
[2009/07/13 12:30:01 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.1.7600.16385_none_dc2dbb778f98e40f\winlogon.mof

< %SYSTEMDRIVE%\*.* >
[2009/07/13 17:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009/07/28 22:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2013/10/08 21:02:25 | 000,012,730 | ---- | M] () -- C:\comcastrelease.log
[2011/10/26 19:26:11 | 000,013,026 | ---- | M] () -- C:\devlist.txt
[2011/10/26 04:26:11 | 000,000,009 | ---- | M] () -- C:\Finish.log
[2014/01/10 12:41:49 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/05 18:55:32 | 002,621,440 | -H-- | M] () -- C:\K54L.BIN
[2011/07/19 20:45:49 | 000,000,019 | ---- | M] () -- C:\K54L_WIN7.30
[2012/08/18 18:46:41 | 000,017,630 | ---- | M] () -- C:\P1005.log
[2014/01/10 12:41:52 | 4194,435,072 | -HS- | M] () -- C:\pagefile.sys
[2011/10/26 05:28:19 | 000,000,233 | ---- | M] () -- C:\Pass.txt
[2011/07/19 20:45:49 | 000,000,006 | ---- | M] () -- C:\RECOVERY.DAT
[2011/10/26 19:07:18 | 000,002,500 | ---- | M] () -- C:\RHDSetup.log
[2011/06/06 04:13:52 | 000,000,644 | ---- | M] () -- C:\setup.iss
[2011/10/26 19:13:36 | 000,000,168 | ---- | M] () -- C:\setup.log

< %systemroot%\Fonts\*.com >
[2009/07/13 21:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/13 21:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/13 21:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/13 21:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 12:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2012/03/08 17:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/13 20:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is DCC9-FF5C
Directory of C:\
07/13/2009 09:08 PM    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
Directory of C:\ProgramData
07/13/2009 09:08 PM    <JUNCTION>     Application Data [C:\ProgramData]
07/13/2009 09:08 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/13/2009 09:08 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/13/2009 09:08 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/13/2009 09:08 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 09:08 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users
07/13/2009 09:08 PM    <SYMLINKD>     All Users [C:\ProgramData]
07/13/2009 09:08 PM    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
Directory of C:\Users\All Users
07/13/2009 09:08 PM    <JUNCTION>     Application Data [C:\ProgramData]
07/13/2009 09:08 PM    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
07/13/2009 09:08 PM    <JUNCTION>     Documents [C:\Users\Public\Documents]
07/13/2009 09:08 PM    <JUNCTION>     Favorites [C:\Users\Public\Favorites]
07/13/2009 09:08 PM    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/13/2009 09:08 PM    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Default
07/13/2009 09:08 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
07/13/2009 09:08 PM    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/13/2009 09:08 PM    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
07/13/2009 09:08 PM    <JUNCTION>     My Documents [C:\Users\Default\Documents]
07/13/2009 09:08 PM    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/13/2009 09:08 PM    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/13/2009 09:08 PM    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/13/2009 09:08 PM    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/13/2009 09:08 PM    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/13/2009 09:08 PM    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Default\AppData\Local
07/13/2009 09:08 PM    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
07/13/2009 09:08 PM    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/13/2009 09:08 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\Default\Documents
07/13/2009 09:08 PM    <JUNCTION>     My Music [C:\Users\Default\Music]
07/13/2009 09:08 PM    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
07/13/2009 09:08 PM    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\Me
10/26/2012 12:49 PM    <JUNCTION>     Application Data [C:\Users\Me\AppData\Roaming]
10/26/2012 12:49 PM    <JUNCTION>     Cookies [C:\Users\Me\AppData\Roaming\Microsoft\Windows\Cookies]
10/26/2012 12:49 PM    <JUNCTION>     Local Settings [C:\Users\Me\AppData\Local]
10/26/2012 12:49 PM    <JUNCTION>     My Documents [C:\Users\Me\Documents]
10/26/2012 12:49 PM    <JUNCTION>     NetHood [C:\Users\Me\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
10/26/2012 12:49 PM    <JUNCTION>     PrintHood [C:\Users\Me\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
10/26/2012 12:49 PM    <JUNCTION>     Recent [C:\Users\Me\AppData\Roaming\Microsoft\Windows\Recent]
10/26/2012 12:49 PM    <JUNCTION>     SendTo [C:\Users\Me\AppData\Roaming\Microsoft\Windows\SendTo]
10/26/2012 12:49 PM    <JUNCTION>     Start Menu [C:\Users\Me\AppData\Roaming\Microsoft\Windows\Start Menu]
10/26/2012 12:49 PM    <JUNCTION>     Templates [C:\Users\Me\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Me\AppData\Local
10/26/2012 12:49 PM    <JUNCTION>     Application Data [C:\Users\Me\AppData\Local]
10/26/2012 12:49 PM    <JUNCTION>     History [C:\Users\Me\AppData\Local\Microsoft\Windows\History]
10/26/2012 12:49 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Me\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\Me\AppData\LocalLow
11/14/2012 08:57 PM    <JUNCTION>     PlayReady [C:\ProgramData\Microsoft\PlayReady]
               0 File(s)              0 bytes
Directory of C:\Users\Me\Documents
10/26/2012 12:49 PM    <JUNCTION>     My Music [C:\Users\Me\Music]
10/26/2012 12:49 PM    <JUNCTION>     My Pictures [C:\Users\Me\Pictures]
10/26/2012 12:49 PM    <JUNCTION>     My Videos [C:\Users\Me\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\Public\Documents
07/13/2009 09:08 PM    <JUNCTION>     My Music [C:\Users\Public\Music]
07/13/2009 09:08 PM    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
07/13/2009 09:08 PM    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
Directory of C:\Users\Rachel
12/28/2011 08:17 PM    <JUNCTION>     Application Data [C:\Users\Rachel\AppData\Roaming]
12/28/2011 08:17 PM    <JUNCTION>     Cookies [C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Cookies]
12/28/2011 08:17 PM    <JUNCTION>     Local Settings [C:\Users\Rachel\AppData\Local]
12/28/2011 08:17 PM    <JUNCTION>     My Documents [C:\Users\Rachel\Documents]
12/28/2011 08:17 PM    <JUNCTION>     NetHood [C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/28/2011 08:17 PM    <JUNCTION>     PrintHood [C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/28/2011 08:17 PM    <JUNCTION>     Recent [C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Recent]
12/28/2011 08:17 PM    <JUNCTION>     SendTo [C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\SendTo]
12/28/2011 08:17 PM    <JUNCTION>     Start Menu [C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Start Menu]
12/28/2011 08:17 PM    <JUNCTION>     Templates [C:\Users\Rachel\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
Directory of C:\Users\Rachel\AppData\Local
12/28/2011 08:17 PM    <JUNCTION>     Application Data [C:\Users\Rachel\AppData\Local]
12/28/2011 08:17 PM    <JUNCTION>     History [C:\Users\Rachel\AppData\Local\Microsoft\Windows\History]
12/28/2011 08:17 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Rachel\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
Directory of C:\Users\Rachel\AppData\LocalLow
06/06/2012 07:13 PM    <JUNCTION>     PlayReady [C:\ProgramData\Microsoft\PlayReady]
               0 File(s)              0 bytes
Directory of C:\Users\Rachel\Documents
12/28/2011 08:17 PM    <JUNCTION>     My Music [C:\Users\Rachel\Music]
12/28/2011 08:17 PM    <JUNCTION>     My Pictures [C:\Users\Rachel\Pictures]
12/28/2011 08:17 PM    <JUNCTION>     My Videos [C:\Users\Rachel\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              68 Dir(s) 136,086,888,448 bytes free

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >
[2009/02/25 22:50:32 | 000,000,176 | ---- | M] () -- C:\Windows\explorer.exe.config

< %systemroot%\system32\*.db >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/12/28 20:20:09 | 000,000,221 | -HS- | M] () -- C:\Users\Rachel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs                                                               >

< End of report >

Attached Files

OTL.Txt 181.23KB 249 downloads

Advertisements

Register to Remove

#2 jcordova1

New Member

New Member
3 posts

Posted 10 January 2014 - 03:43 PM

Extra.txt

Thanks!

OTL Extras logfile created on: 1/10/2014 1:25:49 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rachel\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16428)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.91 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 49.27% Memory free

7.81 Gb Paging File | 5.58 Gb Available in Paging File | 71.48% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 186.30 Gb Total Space | 126.46 Gb Free Space | 67.88% Space Free | Partition Type: NTFS

Drive D: | 254.46 Gb Total Space | 136.99 Gb Free Space | 53.84% Space Free | Partition Type: NTFS

Computer Name: RACHEL-PC | User Name: Rachel | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- Reg Error: Key error.

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [print] -- Reg Error: Key error.

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{009E9122-8840-4AC7-85B0-DDF56C382845}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{0E24E6FA-5C01-4609-8BA0-48395ACEC336}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{17288063-64BD-46A3-8357-1AAF625C0548}" = rport=137 | protocol=17 | dir=out | app=system |

"{17CE57F9-1E4B-4A79-A82A-6BCD3AA65A7A}" = rport=445 | protocol=6 | dir=out | app=system |

"{19B143B2-7769-4A98-8BC1-F77F3BA458E5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{1A165FF4-80F7-488F-A0ED-2A89D740AF12}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{1DC848DB-82DE-4A72-9432-EAC112985611}" = lport=2869 | protocol=6 | dir=in | app=system |

"{2CE2C232-DEBE-48D9-BAB6-AFF70DA911C3}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{32CA6032-93C4-4472-A793-FC6A795651DE}" = lport=5353 | protocol=17 | dir=in | name=java™ platform se binary |

"{37D53C84-48C1-4C31-AE43-8A14ECF8F129}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{3B125738-51A6-46B9-A456-0AAE2847240E}" = lport=138 | protocol=17 | dir=in | app=system |

"{42297949-EC7A-414C-8587-891A12916D0F}" = rport=138 | protocol=17 | dir=out | app=system |

"{45AEC623-52AD-4161-8F7F-11A7553E43C2}" = rport=139 | protocol=6 | dir=out | app=system |

"{5DF74A52-92FC-4B6D-83C9-1692ABDCF4AD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{69C403A5-1D5C-4313-80FB-582507580EDB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{69F80E21-4B4A-4E56-ABF5-287C1F2FE362}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{74135A76-FAC3-4574-A42E-9F7BD440DF9F}" = rport=10243 | protocol=6 | dir=out | app=system |

"{7B899C44-F52B-43C0-B924-1BE5CCB1ECAE}" = lport=10243 | protocol=6 | dir=in | app=system |

"{86315A17-DE80-44ED-9DB5-8C8C466070A4}" = lport=8182 | protocol=6 | dir=in | name=java™ platform se binary |

"{8732623B-2FAB-4ABC-A43B-F2F0CE5374FA}" = lport=139 | protocol=6 | dir=in | app=system |

"{91C96A65-0C03-4FF0-BAD5-371F5363E719}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{940013BD-8D05-4E01-878F-AC1E9C96643D}" = lport=137 | protocol=17 | dir=in | app=system |

"{C3881C0E-7300-407F-9772-F38A4F5A3676}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{C518CFDC-BD92-42DF-B12A-65A9CF49F5A8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{E45532C6-747B-4FE4-88D9-383FAE3C111A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{EAB2BA62-4A9B-437E-A2A0-491D391E7E27}" = lport=445 | protocol=6 | dir=in | app=system |

"{F9B909B6-330C-4601-985B-274545553D97}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{03E847F1-48EC-4639-BB7C-8565F4DD16FB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{0DF9B931-6B6E-4C2B-9AD4-5D7DA01081A0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{0F83D81C-B1F9-45AC-BA59-323A68DC13CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{1A9035DD-97FA-42C9-886E-02C44F95D811}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgwdsvc.exe |

"{2B0A300F-2FA9-4EE6-98F0-44D93A1F0EB4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{3181E0C9-3FD1-42BA-AF58-CC52B5086ABE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |

"{332385EE-5838-4584-AA7C-F7030E7A015C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{33C444CE-78CA-48BA-9B71-77635FF6B3E5}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |

"{3E0EBEFD-E07F-4AA6-86A0-5D45C1A34BD9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{48E81BA0-37E7-455C-BD58-CD17B4FD0FED}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{492BBF0D-95FB-4989-BAA8-3199219DCD9A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{4ECC7116-06A8-4AD3-B53B-6A7C69C8BB26}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |

"{4FFF87D2-F575-46E6-A303-BFE9EB35017E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |

"{552A062D-9986-455C-A0F2-F226B213BF58}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgwdsvc.exe |

"{5AB80250-560E-4D5F-89D3-05CE983EAE41}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |

"{5AF90E48-7F37-424B-BCBB-654FDAEB5300}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |

"{5FA2E897-850F-4FC6-BED0-68ABD8A275FF}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |

"{6AB74A7A-C910-4BDB-B6E0-4A8358100572}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\hp1006mc.exe |

"{76AA1C19-28AB-49AE-94AF-6949DBAAFE52}" = protocol=6 | dir=out | app=system |

"{791077C2-119B-483E-ACC9-A0ED846C0768}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"{80723A3C-56B2-4D17-901D-F26021DF74EB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{8A421771-B16D-412A-B0D0-4F1CDC64D3F9}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{8E19941E-C780-4747-B236-7D8A252ECF2E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{8EB61F1F-5E7B-4516-B8D8-4A3D5468152E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{9AC22229-9491-4F00-9D48-28D0DFFD56FF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{9EF2CD73-07DD-4D32-B3BF-9DDC99A34755}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{9F6C8F33-04D3-4F16-802B-A68035ACB81A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{A22C21E3-8426-46E3-A67C-66B3A83193C8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{B318DA9B-B7F7-420A-8328-DED1A0B909EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{B7994288-5D28-4EB0-B798-3B1E3DD2CC1D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |

"{C1348C6B-B868-4615-A1D3-ED3EB2AD4FAB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{C4331C0D-8FCE-4A62-8897-55E71DFA1B6B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{CCD0A4EE-3BE0-40F6-8970-5CF2461BA265}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{D1E43120-0845-49B9-B362-F7BCE990D709}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |

"{D3A9FDCF-3E02-4B93-BBAA-E04FFE734B18}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\hp1006mc.exe |

"{D7DEB149-FC0F-409E-A11E-6151C9ABEBF4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{D9C978A4-F7B4-4954-B7CA-7A054FB7AA74}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{E6B0EF51-00A0-4BC8-8249-D6D366A96D6E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{F1FA89FA-9FCE-43E4-8BDE-72C4FB606EDE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |

"{F3FF6779-ACFA-4B63-AA5D-9FFE37F36DD5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{FB65EDA5-CD02-4DEF-B0DF-95D4E3AB33B6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |

"{FCDBF784-CE60-4795-8CA4-79EE97141828}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"TCP Query User{71FB58AB-4503-4F38-A159-CB483571717D}C:\users\rachel\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\rachel\appdata\roaming\spotify\spotify.exe |

"TCP Query User{7F4F390C-6D31-4EF7-B359-93FDD3236BE1}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |

"TCP Query User{D9B8E7CC-EE67-4409-930E-F9A91DA368C9}C:\users\rachel\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\rachel\appdata\roaming\spotify\spotify.exe |

"UDP Query User{227B11F3-1D07-403F-ADB6-FD0277194917}C:\users\rachel\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\rachel\appdata\roaming\spotify\spotify.exe |

"UDP Query User{528AA01F-6227-44A4-970C-DF174F0BFA90}C:\users\rachel\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\rachel\appdata\roaming\spotify\spotify.exe |

"UDP Query User{90AAE4DB-F6B5-4EA5-9385-4FFF83F55682}C:\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety

"{02E5BCCA-317C-418F-9E06-42526E050829}" = Windows Live Family Safety

"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety

"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources

"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources

"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes

"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources

"{698EAE05-09DE-47D0-9586-29E41A0934DD}" = Windows Live Family Safety

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{8832CAA2-4934-4916-A8BF-A9A51C6B58B3}" = Windows Live Family Safety

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid

"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources

"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources

"{BFBE6E95-5724-47EC-85A0-74D436AD938F}" = Windows Live Family Safety

"{C61D639C-3A1B-4654-901F-08927C804321}" = Windows Live Family Safety

"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources

"FileOpenClient_is1" = FileOpen Client version B925

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"SaltarSmart" = SaltarSmart 2013.11.07.203707

"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common

"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包

"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas

"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack

"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger

"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology

"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail

"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail

"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart

"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh

"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger

"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack

"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common

"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer

"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack

"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh

"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker

"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources

"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail

"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh

"{7B8060A0-DAB9-45DD-900D-A52B9C327047}" = LexisNexis NoteMap 2

"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库

"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash

"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker

"{92109C97-2662-4353-9386-B64309F595C9}" = Snap.Do

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR

"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package

"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger

"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)

"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader

"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials

"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver

"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer

"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources

"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live

"{EC327490-F425-4974-A1B3-4695201ABD26}" = SofTest v11

"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera

"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心

"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)

"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update

"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables

"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"AmUStor" = Alcor Micro USB Card Reader

"Asus Vibe2.0" = AsusVibe2.0

"ASUS WebStorage" = ASUS WebStorage

"ASUS_Screensaver" = ASUS_Screensaver

"HijackThis" = HijackThis 1.99.1

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"InstallShield_{EC327490-F425-4974-A1B3-4695201ABD26}" = SofTest v11

"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"weDownload Manager Pro" = weDownload Manager Pro

"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 12/24/2013 2:17:44 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 3307

Error - 12/24/2013 2:17:44 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 3307

Error - 12/24/2013 2:17:45 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/24/2013 2:17:45 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 4415

Error - 12/24/2013 2:17:45 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 4415

Error - 12/24/2013 3:07:51 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/24/2013 3:07:51 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 1139

Error - 12/24/2013 3:07:51 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 1139

Error - 12/24/2013 3:07:52 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

Error - 12/24/2013 3:07:52 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 2199

Error - 12/24/2013 3:07:52 AM | Computer Name = Rachel-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 2199

[ System Events ]

Error - 1/28/2013 11:10:47 PM | Computer Name = Rachel-PC | Source = Server | ID = 2505

Description = The server could not bind to the transport \Device\NetBT_Tcpip_{61974A22-67D6-4D09-B197-D9BB73BE4250}

because another computer on the network has the same name. The server could not

start.

Error - 1/30/2013 12:33:28 PM | Computer Name = Rachel-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 8:23:12 PM on ?1/?29/?2013 was unexpected.

Error - 1/31/2013 12:32:58 PM | Computer Name = Rachel-PC | Source = Service Control Manager | ID = 7011

Description = A timeout (30000 milliseconds) was reached while waiting for a transaction

response from the Wlansvc service.

Error - 2/11/2013 11:25:50 PM | Computer Name = Rachel-PC | Source = DCOM | ID = 10016

Description =

Error - 2/12/2013 12:52:41 PM | Computer Name = Rachel-PC | Source = DCOM | ID = 10010

Description =

Error - 2/13/2013 12:29:34 PM | Computer Name = Rachel-PC | Source = EventLog | ID = 6008

Description = The previous system shutdown at 8:58:48 PM on ?2/?12/?2013 was unexpected.

Error - 2/13/2013 12:30:37 PM | Computer Name = Rachel-PC | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the ExamsoftSoftShield

service to connect.

Error - 2/13/2013 12:30:37 PM | Computer Name = Rachel-PC | Source = Service Control Manager | ID = 7000

Description = The ExamsoftSoftShield service failed to start due to the following

error: %%1053

< End of report >

Attached Files

Extras.Txt 64.55KB 259 downloads

#3 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 14 January 2014 - 10:51 AM

Hi and Welcome!!

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

The fixes are specific to your problem and should only be used for the issues on this machine.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

Having said that.... Let's get going!!
----------

Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

Disable any antivirus programs during the scan (If you have difficulty properly disabling your protective programs, refer to this link here )
Double click dds to run the tool.
When done, two DDS.txt's will open.
Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt

Attach.txt
----------

Please download TDSSKiller

Double click TDSSKiller.exe
Press Start Scan but do nothing else as we are just looking for what is there.
If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
Attach the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)

AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------

#4 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 16 January 2014 - 06:07 PM

Need help???

#5 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 18 January 2014 - 09:55 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

Body Background

skin color theme

OTL report help - Thank you! [Closed]

#1 jcordova1

Attached Files

Advertisements

Register to Remove

#2 jcordova1

Attached Files

#3 jeffce

#4 jeffce

#5 jeffce

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

OTL report help - Thank you! [Closed]

#1 jcordova1

Attached Files

Advertisements Register to Remove

#2 jcordova1

Attached Files

#3 jeffce

#4 jeffce

#5 jeffce

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove