would love some more advice

Compton856 · #1 June 14th, 2012, 11:33 PM

i recently had a post here regarding my Gfs infected computer..... well she was so happy with the results of her computer she decided to tell my mother all about it. Well now i have another troubled laptop on my hands lol. started off by uninstalling what was on here that i knew didnt belong such as toolbars and "PC Cleaner" UGGGHH such a scam cant believe people actually believe this stuff. i have downloaded some of the programs used to resolve the issues on my gfs computer and will start this post with posting the loggs. my mother dosent use her computer for anything but browsing internet so anything that dosent belong lets get rid of it! thank you in advance you people are always great online here, ive reccommended this site to many poeple!!

Compton856 · #2 June 14th, 2012, 11:34 PM

OTL logfile created on: 6/14/2012 3:19:03 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Owner\Links\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 46.57% Memory free
4.11 Gb Paging File | 3.00 Gb Available in Paging File | 72.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.84 Gb Total Space | 111.02 Gb Free Space | 62.78% Space Free | Partition Type: NTFS
Drive D: | 9.47 Gb Total Space | 1.18 Gb Free Space | 12.44% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Processes (SafeList) ==========

PRC - [2012/06/14 15:09:17 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Links\Downloads\OTL.exe
PRC - [2011/04/30 08:02:41 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/15 05:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/02 18:38:38 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2009/12/02 18:38:37 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 00:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/05/18 19:23:00 | 000,106,593 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
PRC - [2007/05/18 19:22:58 | 000,266,339 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

========== Modules (No Company Name) ==========

MOD - [2009/12/02 18:38:38 | 000,060,544 | ---- | M] () -- C:\Program Files\ESET\nodshex.dll
MOD - [2007/05/18 19:23:00 | 000,339,968 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
MOD - [2007/05/18 19:22:48 | 000,245,869 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
MOD - [2007/05/18 19:22:48 | 000,114,787 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
MOD - [2007/05/18 19:22:48 | 000,032,768 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
MOD - [2007/05/18 19:22:00 | 000,061,440 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dl l
MOD - [2007/02/16 17:40:42 | 005,521,408 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/02/16 17:40:40 | 001,466,368 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/01/15 05:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/02 18:38:37 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\ESET\nod32krn.exe -- (NOD32krn)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/18 19:23:00 | 000,106,593 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/05/18 19:22:58 | 000,266,339 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007/01/09 14:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/12/02 18:38:38 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\amon.sys -- (AMON)
DRV - [2009/12/02 18:38:37 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2008/03/03 11:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/11/29 12:30:00 | 000,149,000 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmx00.sys -- (SWMX00) Sierra Wireless USB MUX Driver (#00)
DRV - [2007/11/02 13:44:04 | 000,164,480 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV - [2007/07/10 16:03:00 | 007,595,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/07/06 22:58:56 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/04/29 21:59:30 | 000,160,768 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/03/21 00:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/06 06:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/23 16:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 01:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/22 18:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/30 10:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/27 17:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/28 09:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{294F5F7D-0CF9-4F45-BD05-87E8D8A9E393}: "URL" = http://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{2C060C23-7967-4500-BBE1-298EF82D4F0E}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={refer rer:source?}&FORM=HVDCS7
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{F04F4BE8-AECE-42FC-AEEA-5B060BC08BEA}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://cf.rd.yahoo.com/customize/yco...//cf.yahoo.com
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\SearchScopes,DefaultScope = {5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}&pr=prov&client_id=8894CC6001CC 0CC71FD3DC51&install_time=2011-05-07T15:00:38Z&src_id=11603&camp_id=1912&tb_version= 2.5.20000.3
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7&rlz=1I7ADFA_enCA472
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\SearchScopes\{F6EAF300-22D7-4ABC-994D-78A0DB1132C8}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@ei.FilmFanatic.com/Plugin: C:\Program Files\FilmFanaticEI\Installr\1.bin\NPpaEISB.dll (FilmFanatic)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 08:03:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 08:03:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Ex tensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009/06/19 16:40:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2009/06/19 16:40:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\kemfebha.default\extensions
[2012/06/14 15:11:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\z9j6o5tq.default\extensions
[2012/06/14 15:11:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\z9j6o5tq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/09 09:19:09 | 000,001,840 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\z9j6o5tq.default\searchplugins\bing.xml
[2011/01/02 18:26:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/02 18:26:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/07/08 04:14:35 | 000,000,000 | ---D | M] (Finbu.com) -- C:\Program Files\Mozilla Firefox\extensions\info@finbu.com
[2011/01/02 18:26:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (NOW!Imaging) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Netscape Accelerator\components\NOWImaging.dll File not found
O3 - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3591641004-896156848-2460439210-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10h_Pl ugin.exe (Adobe Systems, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{0A3B72FF-96B7-4E36-A277-15A07F808092}: DhcpNameServer = 64.59.144.16 64.59.144.17 64.59.150.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{40D311A4-6200-45EA-84A1-0085018823A2}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Des ktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Des ktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/19 09:53:11 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 08:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 360 Days ==========

[2012/06/13 15:45:03 | 000,000,000 | ---D | C] -- C:\49e71a78e76b5e6f31f0
[2012/06/13 15:34:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/13 15:34:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/13 15:34:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/13 15:34:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/13 15:34:11 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/13 15:34:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/13 15:34:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/12 18:47:45 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/12 18:34:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D41CC1FD-848B-4C55-BF99-EDFECE8E8B1D}
[2012/06/12 18:32:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{49082498-2E23-4A30-8434-2C979E477C0E}
[2012/06/06 20:20:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3CEB7A53-312A-417D-8130-44CFDDC87B5B}
[2012/06/06 20:19:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{73E87FE1-F6B2-42B5-902D-5A19C7A662D8}
[2012/06/05 09:22:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A20015CA-2D4A-4950-B6F6-8F2574CF35B6}
[2012/06/05 09:21:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{80FD89EA-02B1-4A0B-AC0C-7E56C767ED03}
[2012/05/31 11:01:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A73532F6-7581-49AC-B4A6-0223CA9D4D7A}
[2012/05/31 11:00:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BEF14667-5794-4610-9691-D543ADAB8913}
[2012/05/30 19:01:02 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/05/30 19:01:02 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/30 19:01:02 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/05/30 19:01:01 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/05/30 19:01:01 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/05/30 19:00:32 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/30 19:00:30 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/30 18:49:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7559C965-13F3-403F-8676-AF640E557359}
[2012/05/30 18:48:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BF98C6C9-9A95-4FF1-951B-38F4B30D658E}
[2012/05/21 18:33:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B822C21A-5D31-4E36-A920-24038540CFF2}
[2012/05/04 07:38:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2F503FAF-9F7C-45B1-B827-AD1B9F8B2D5D}
[2012/05/04 07:37:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8016016F-32F4-43DC-8EC8-05F7B5A10866}
[2012/05/01 07:50:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{972F7DD2-AB6F-490D-9893-74D551618F1B}
[2012/05/01 07:50:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D4E017AC-B3EA-4BFB-976E-13D11F0C50E6}
[2012/04/30 07:44:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F6DAC117-5001-4053-85AE-C73F9FB01760}
[2012/04/30 07:44:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{288B91AE-0A85-4D04-83DA-A71A484628A5}
[2012/04/27 07:50:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BAB730FA-7DD7-4A47-B2DE-243E2F3D8E68}
[2012/04/27 07:49:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B1500349-CCB8-4ADB-A427-D6FF00FD6AD2}
[2012/04/26 07:51:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{581D58EC-1E0C-4939-97EF-46DD48B43173}
[2012/04/26 07:51:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E71938B4-5CB0-4C25-A4BD-3269F8A60A46}
[2012/04/24 08:23:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C4517C5F-D3C6-4EBE-9CE5-095CF3DD2CF3}
[2012/04/24 08:22:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F291DDA2-40DB-42C5-81FF-70730BE159E7}
[2012/04/20 08:12:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{230CFF88-1A68-4C6C-B2B5-5F2770CF672A}
[2012/04/19 10:14:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FD9C5AF4-8955-4FEF-98E9-28869CC583C2}
[2012/04/19 10:13:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3592A739-A934-4E96-B858-705C1FD87DF1}
[2012/04/19 07:49:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4B4413A8-7D46-4A64-A060-0B6217C03015}
[2012/04/19 07:48:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E4A056E6-1B19-4173-9560-E9E57B22ADC1}
[2012/04/18 07:56:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D4036BCF-F0B0-4860-BE71-8B32F7393EB1}
[2012/04/18 07:56:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{384037DE-0016-4251-9AE4-4585C11A2A2D}
[2012/04/18 07:53:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3D34A6BB-F512-41D8-BBC2-D49D2538C353}
[2012/04/17 08:52:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8560511F-ECDA-485F-8B37-F0E77EE6E506}
[2012/04/17 08:52:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6BF221BA-D995-4CCA-8E6C-6C742062820B}
[2012/04/16 08:19:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C53D934B-B2E8-4CF4-AA47-4F2110188028}
[2012/04/16 08:18:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{19D20467-ECBB-4774-893B-CDDF922C2E7A}
[2012/04/14 10:14:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B1F95E27-D972-4E80-B807-B4E528C68A15}
[2012/04/14 10:13:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{40530649-88A5-41C3-93E9-D719FDF013F1}
[2012/04/13 07:46:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{86246A97-E3C1-4B92-AB1F-4330B57C82BE}
[2012/04/13 07:45:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A69D8BEC-8219-4D2C-B3AE-C7AB3A5CFADF}
[2012/04/12 07:44:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9C559D07-11A2-4A95-B7A9-1D5F39BE112A}
[2012/04/12 07:43:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4C2748B7-70C7-45D4-85FC-9C2ADB0565E1}
[2012/04/11 07:54:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E21FE129-2839-49A3-A8D5-03E8BFDABCB4}
[2012/04/11 07:53:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E1300FC5-F10C-4B73-8FA1-67F8A6115ABB}
[2012/04/10 08:06:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9D08F264-59C4-4814-918C-87578B8D8CB6}
[2012/04/10 08:06:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FB6561CC-94BB-43AC-ADA2-7086E8EF0DB1}
[2012/04/09 07:53:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9535D15A-8101-4760-99BB-F7E61344ADFF}
[2012/04/09 07:53:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FC42FB4C-16AA-4C65-95E7-ECC924D51BD7}
[2012/04/06 07:53:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FD577E9B-E1F3-4587-BAEF-3453E0A05802}
[2012/04/06 07:53:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{120BC948-3880-4F86-8C6F-131BABCDD6C3}
[2012/04/05 08:00:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2C65AF3D-5FF6-4DBD-85E4-5C235517869E}
[2012/04/04 07:41:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1118A00F-5C90-416E-BAB4-DD94BEFBC8E2}
[2012/04/04 07:40:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{26347B04-3358-43B5-8C62-93AD1E11DB72}
[2012/04/03 08:48:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B3C9665A-87B8-495E-B9E2-BE00F64688C7}
[2012/04/03 08:48:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D9F77ED3-040D-4D14-97C7-817C6234BAA0}
[2012/04/03 07:47:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F332D755-492D-4F5F-98D4-9EA05FD41845}
[2012/04/03 07:46:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3698C648-917A-4B7E-B5C8-C940004CB471}
[2012/04/02 08:51:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6E7AB4F4-8E60-4722-A8FC-133BC471EE5A}
[2012/04/02 07:55:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{98E25007-4958-4A2E-A06F-42C3C67247E2}
[2012/04/02 07:55:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7E6FD317-7E71-48F5-9CF3-83288A17BF4D}
[2012/03/30 08:05:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A8C8B4C0-E844-4D30-84BC-BEE9B9670D09}
[2012/03/30 08:04:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{83CBDA66-EC77-4823-B7C5-7E09EA2BA525}
[2012/03/29 07:31:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{65181FAF-6E07-47E6-91CB-31001F76C99A}
[2012/03/27 07:30:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B08C7E4C-D4D7-4FF2-AA4D-AD60385E2DCA}
[2012/03/27 07:30:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E8D7F42E-32E3-4CDD-B54D-156F23A9D60A}
[2012/03/26 07:42:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B83E5095-E89E-4552-AC03-F27A3F5CD283}
[2012/03/26 07:42:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8E85DCE5-F196-4CB0-B387-5FEA821F9616}
[2012/03/24 08:22:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5E1343EF-5C48-461F-9771-FD6B3179092E}
[2012/03/24 08:20:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D6BDC841-392F-4ACE-A172-4D98E6FAE4C3}
[2012/03/23 08:14:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E50B3A67-020F-4BE5-B90C-552D63798D1E}
[2012/03/23 08:13:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{70B111C6-2678-4754-BECC-16B4C95D4721}
[2012/03/22 07:43:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{018E7DB2-ABF4-4B8E-A940-58E5ACBB5067}
[2012/03/22 07:42:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FB911B02-FCC2-47C1-A0D3-BD665FD193BB}
[2012/03/21 08:21:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D02731DB-9481-41DF-A8B8-D87A517DED99}
[2012/03/21 08:21:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C2A79998-020C-492D-AAD5-8EE3D19CF72A}
[2012/03/20 07:53:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A1F2AE41-7116-47F3-8B26-5564FD5A8550}
[2012/03/20 07:53:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6D3DBD8C-82DF-4709-9AD8-F9AE5033D00B}
[2012/03/19 08:19:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FCF27907-5BC0-4346-80BA-BF37C5B56101}
[2012/03/19 08:19:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{580C76E6-AE39-4B1A-B7D3-A0C4B05B6C65}
[2012/03/16 08:50:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{14ED2F61-11FD-432D-9BD0-35D75F4CD79D}
[2012/03/16 08:50:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A2730E87-4098-4307-BD98-12BB9CCAA06A}
[2012/03/15 08:48:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{44271E26-20FE-41D2-A89A-6EA54099967A}
[2012/03/15 08:47:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EF1BF568-DBD4-4A13-88B5-13FFDD6E6DFE}
[2012/03/14 08:26:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{76BFEB8B-2672-4E6E-ADCC-BF8F095C1CFD}
[2012/03/14 08:26:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F614B3D3-31E4-4305-81B8-E3C40783DE2D}
[2012/03/14 08:16:59 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/03/13 08:16:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A1C8E6B5-360B-4E40-BFFE-99CE5E09250B}
[2012/03/13 08:15:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{911270F0-3E68-4BA6-AA34-31EFCAAC9833}
[2012/03/12 08:32:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EBBF459C-847D-478B-BAD7-EF3F4D9790EF}
[2012/03/12 08:32:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D31DDCD8-6039-4274-8476-DB838216F626}
[2012/03/09 11:32:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F85F200D-3757-43FE-8CD7-0C37DE3B9230}
[2012/03/09 11:32:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0C9B1089-48F7-4B4A-8E44-2C1FEEAA086A}
[2012/03/08 08:43:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{81D8A27A-6FEB-4D8A-B521-D5A0B3DC12FD}
[2012/03/08 08:42:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CE02C8A8-797D-44CD-BB66-ED3C7E48F5B3}
[2012/03/07 08:40:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{10EF14C4-1434-44EE-8B0A-5B464E8605AC}
[2012/03/07 08:39:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{395AF0B6-0199-44CA-875B-8B1289A7A3D9}
[2012/03/06 08:25:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{62B0F73E-028C-49B8-AAD2-277DD90752EF}
[2012/03/06 08:25:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{462C0419-980C-476F-A886-A6EDEC329CDE}
[2012/03/05 08:42:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{40966F5E-7C2C-41A3-B27C-1A3791CE7E58}
[2012/03/05 08:41:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B13B3291-CCE2-4465-9BCF-C39BB1BF6DDD}
[2012/03/02 10:14:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B39EB164-610C-4279-9B29-081663383414}
[2012/03/02 10:13:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{17010039-5361-4574-9121-ADCEB7D528FA}
[2012/03/01 10:51:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0F986BEA-C071-4AC0-8C27-CCB196A9FDA1}
[2012/03/01 10:51:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CBDC5D82-480B-49AC-85D1-D7CB084B013B}
[2012/02/29 08:28:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B3057787-86FB-458E-BEA1-D9A8DBF67BA5}
[2012/02/29 08:28:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E99F738E-F83D-4A1D-86FA-4E6B0ACA0607}
[2012/02/28 09:22:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4D69AD55-CCD9-4D5D-81B9-8B4E57214C87}
[2012/02/28 09:21:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{743BFD96-A637-490A-B7F8-95E81B63D83E}
[2012/02/27 08:47:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D349E1DC-BC9D-466B-BF0B-97E23B4E6AA9}
[2012/02/27 08:47:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4686C5DE-F6E9-4BFD-88E4-4656D499973E}
[2012/02/25 13:48:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3B644CBC-A5FC-41E2-9065-7888DBFF961C}
[2012/02/25 13:47:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1F8485D1-89E0-4A19-A274-22F52E5AA95C}
[2012/02/24 09:09:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{603C3125-DDFA-4B02-8CC7-5A6ACA28775F}
[2012/02/24 09:09:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D64BD389-EBFA-4954-AFDB-CF22E2ABA08D}
[2012/02/23 10:09:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9A33ED69-E709-4D46-9DBD-91B08517BA59}
[2012/02/23 10:08:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FE0FC19B-EAAB-4B2E-88B5-ED91FC88D6F6}
[2012/02/22 10:30:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Google
[2012/02/22 10:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/02/22 10:19:17 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/02/22 08:30:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F8E7D5D6-9FBA-4028-9FF5-CB666D843BB9}
[2012/02/22 08:30:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{172CED29-A12B-4B5A-B050-B94CFDA3D391}
[2012/02/21 09:07:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4841BD45-D610-4F1A-BC68-3BD8E6AFA325}
[2012/02/21 09:05:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FD45174B-9606-4468-9A3D-2212F1BAB56B}
[2012/02/20 09:00:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{96C1A1E0-635B-439F-A5C8-9FD599B2FD2D}
[2012/02/20 09:00:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{55410700-F00D-4A59-A07F-E051A056A247}
[2012/02/17 09:29:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7ECE3583-9FDD-4899-88C6-7C94BDB0F242}
[2012/02/17 09:29:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{72596E39-F5CB-4DF0-89C2-FD96D61B8BEF}
[2012/02/16 08:34:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D3A25EAA-8B44-40BD-8274-5E2D8AB8DC29}
[2012/02/16 08:32:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{26EAEBB0-B778-4062-8802-2A0FEBEC8E82}
[2012/02/15 08:49:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{87136A6B-94FB-4D51-BAC8-47445D43F301}
[2012/02/15 08:49:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{16C7A64B-B9ED-4D3D-95A9-A31A1971522F}
[2012/02/14 09:46:54 | 000,000,000 | ---D | C] -- C:\Program Files\FilmFanaticEI
[2012/02/14 08:39:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7241BDBA-F809-4F76-9621-A180A7642509}
[2012/02/14 08:39:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2D80D22E-416E-413D-8B2F-137A0095D436}
[2012/02/13 08:21:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F4BDA8B3-9B45-4C9C-973A-3507CBEA185D}
[2012/02/13 08:21:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7DC52E55-EA9F-4E79-8BB2-9C587B799F4F}
[2012/02/11 20:35:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5633D473-91C4-413D-93DC-7EB5081AD292}
[2012/02/11 20:34:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{78B8B660-354C-47DF-BE48-97457FE87DEE}
[2012/02/10 08:29:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{25820C28-26CC-4D9E-8B4F-BD9AA03DD2AB}
[2012/02/10 08:29:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EDE28777-737E-4734-9280-D0215B3099F1}
[2012/02/09 08:31:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{66C64D32-0B73-49AC-BE81-A7D579EE53BB}
[2012/02/09 08:31:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9C77A8FC-CA12-4DC5-92C9-7D2B9A220EE6}
[2012/02/07 11:02:40 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2012/02/07 10:19:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FE165E88-1920-4E8C-9D22-76FEE0441184}
[2012/02/07 10:18:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CC5E8BA7-9308-4C51-81D7-B6FD91CC3838}
[2012/02/06 11:28:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A0582F52-D690-4AA9-9248-A95B53E24A40}
[2012/02/06 11:28:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6307B57D-0021-469B-B4DF-9211450FC857}
[2012/02/03 08:39:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FE505C5B-9EB5-40BC-B029-7AF08CA3D2C0}
[2012/02/03 08:39:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C84EF928-17F4-42CA-9E94-6F4CC6388CBE}
[2012/02/02 09:25:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{86DA114B-48AD-4086-A143-484222C5467F}
[2012/02/02 09:25:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EDB0875F-A5C5-4B1B-88AD-3887B59CE729}
[2012/01/31 09:16:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3CDE7D02-B771-4B05-AD60-049D7DC5C6DB}
[2012/01/31 09:15:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4688727F-DFA5-4BDE-BF33-D15A7CAE0E06}
[2012/01/31 08:21:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\PackageAware
[2012/01/30 08:49:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B6981648-F6E3-4277-A956-23359D21B09E}
[2012/01/30 08:49:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{83F1544B-3813-4961-89D2-5B998449CF70}
[2012/01/27 09:16:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{ABAAA023-A723-4F5D-B47B-537BAC542C1E}
[2012/01/27 09:15:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7496266A-C62C-41F1-B56C-2C630537078A}
[2012/01/26 11:35:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{502AC229-2A85-428F-98A0-69A77A01A1F5}
[2012/01/26 11:35:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9C097F13-81D2-4E98-84F8-FA3A44BCCA4E}
[2012/01/25 09:00:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C1F02FD6-1FBF-4024-A794-C6A9A4857DEF}
[2012/01/25 08:59:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BADA1666-5EA0-4867-BB90-3B79404E21A7}
[2012/01/24 09:23:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5F1934E3-6965-4F20-9BE9-89A86E533C6E}
[2012/01/24 09:23:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DAFD4686-085A-4374-8FA0-1E0FFAE73601}
[2012/01/23 09:10:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A7A534BE-A479-4D77-9C0F-9D117C115D4E}
[2012/01/23 09:10:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{88897919-72E0-499D-9138-18856C5653E7}
[2012/01/20 08:39:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{682287DB-DD26-4150-A37C-58CF1DCB8159}
[2012/01/20 08:39:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7018BDD8-126A-4C95-A44D-4E74FF0F5329}
[2012/01/19 09:41:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{43747CE5-C833-4B59-81FD-F05388CFDAA2}
[2012/01/19 09:40:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3B8C2016-6988-42C0-A324-7B63A77985B3}
[2012/01/18 09:07:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6168458C-EB4D-4FAF-82CC-5117CB9214BC}
[2012/01/18 09:07:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{83A85FFE-3F33-4DFC-BA4A-AB34430BFEEF}
[2012/01/17 09:37:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1FA2CE7A-D66B-4116-A32E-0D65BC7F1E98}
[2012/01/17 09:37:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{89CFD93C-4996-4600-BEF3-6C615AFA5811}
[2012/01/16 10:03:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{865DBAAF-CD74-4154-AEA3-EF220B249B4D}
[2012/01/16 10:03:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{496D31B5-2762-47CA-BFEE-093E94471DB8}
[2012/01/13 09:56:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{50A50633-3C84-42A4-999C-ECD7C669DA5C}
[2012/01/13 09:56:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9F84568D-A81F-4BF1-A7F6-5598EDD7C7D5}
[2012/01/12 09:15:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F3EA726B-E657-491D-B429-7212CF414002}
[2012/01/12 09:15:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{13F1C265-A693-4BBC-A964-AF8C62BB6A00}
[2012/01/11 10:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\RecipeHub_2jEI
[2012/01/11 09:23:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BF172775-9DF1-41AB-AD85-576AEA73FDC4}
[2012/01/11 09:23:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2CDFB088-7CB7-4DD7-993B-B9059094F46C}
[2012/01/11 08:47:16 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/11 08:47:15 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/11 08:47:14 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/11 08:47:08 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/11 08:47:08 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/10 08:41:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BF3185B2-0941-450D-BC2B-3568924F927C}
[2012/01/10 08:41:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D3CC0719-0CCB-4F51-8316-48E691DCA8C4}
[2012/01/09 10:20:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DAC4B835-F0FE-4ABE-AE21-FC9D4D034C13}
[2012/01/09 10:20:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6074E124-9963-44B8-98AD-7B2715B05C21}
[2012/01/06 08:48:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5ACFDF41-DDE7-45EB-8550-D907981369A3}
[2012/01/06 08:48:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2A0ACBDF-9D20-4875-9A29-4EB53658DA12}
[2012/01/04 10:13:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C920D255-4354-4739-A2BD-80818951000F}
[2012/01/04 10:12:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B180EE59-C808-4F92-AFBE-1768BAD48DA7}
[2012/01/04 10:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

Compton856 · #3 June 14th, 2012, 11:35 PM

OTL logfile created on: 6/14/2012 3:19:03 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Owner\Links\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 46.57% Memory free
4.11 Gb Paging File | 3.00 Gb Available in Paging File | 72.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.84 Gb Total Space | 111.02 Gb Free Space | 62.78% Space Free | Partition Type: NTFS
Drive D: | 9.47 Gb Total Space | 1.18 Gb Free Space | 12.44% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Processes (SafeList) ==========

PRC - [2012/06/14 15:09:17 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Links\Downloads\OTL.exe
PRC - [2011/04/30 08:02:41 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/01/15 05:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/12/02 18:38:38 | 000,949,376 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2009/12/02 18:38:37 | 000,552,064 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/19 00:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/05/18 19:23:00 | 000,106,593 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
PRC - [2007/05/18 19:22:58 | 000,266,339 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe

========== Modules (No Company Name) ==========

MOD - [2009/12/02 18:38:38 | 000,060,544 | ---- | M] () -- C:\Program Files\ESET\nodshex.dll
MOD - [2007/05/18 19:23:00 | 000,339,968 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
MOD - [2007/05/18 19:22:48 | 000,245,869 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
MOD - [2007/05/18 19:22:48 | 000,114,787 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
MOD - [2007/05/18 19:22:48 | 000,032,768 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
MOD - [2007/05/18 19:22:00 | 000,061,440 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dl l
MOD - [2007/02/16 17:40:42 | 005,521,408 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/02/16 17:40:40 | 001,466,368 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/01/15 05:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/12/02 18:38:37 | 000,552,064 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\ESET\nod32krn.exe -- (NOD32krn)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/18 19:23:00 | 000,106,593 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2007/05/18 19:22:58 | 000,266,339 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2007/01/09 14:55:34 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/12/02 18:38:38 | 000,512,096 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\amon.sys -- (AMON)
DRV - [2009/12/02 18:38:37 | 000,015,424 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\nod32drv.sys -- (nod32drv)
DRV - [2008/03/03 11:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/11/29 12:30:00 | 000,149,000 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmx00.sys -- (SWMX00) Sierra Wireless USB MUX Driver (#00)
DRV - [2007/11/02 13:44:04 | 000,164,480 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV - [2007/07/10 16:03:00 | 007,595,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/07/06 22:58:56 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/04/29 21:59:30 | 000,160,768 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/03/21 00:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/06 06:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/23 16:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 01:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/22 18:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/30 10:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/27 17:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/06/28 09:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{294F5F7D-0CF9-4F45-BD05-87E8D8A9E393}: "URL" = http://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{2C060C23-7967-4500-BBE1-298EF82D4F0E}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={refer rer:source?}&FORM=HVDCS7
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{F04F4BE8-AECE-42FC-AEEA-5B060BC08BEA}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVer sion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Inter net Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...lion&pf=laptop
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://cf.rd.yahoo.com/customize/yco...//cf.yahoo.com
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\SearchScopes,DefaultScope = {5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\SearchScopes\{105E99FF-8B9A-4492-B155-06194B9056D2}: "URL" = http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}&pr=prov&client_id=8894CC6001CC 0CC71FD3DC51&install_time=2011-05-07T15:00:38Z&src_id=11603&camp_id=1912&tb_version= 2.5.20000.3
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language }:{referrer:source?}&ie={inputEncoding}&oe={output Encoding}&sourceid=ie7&rlz=1I7ADFA_enCA472
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\SearchScopes\{F6EAF300-22D7-4ABC-994D-78A0DB1132C8}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@ei.FilmFanatic.com/Plugin: C:\Program Files\FilmFanaticEI\Installr\1.bin\NPpaEISB.dll (FilmFanatic)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/04/30 08:03:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/04/30 08:03:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Ex tensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009/06/19 16:40:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2009/06/19 16:40:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\kemfebha.default\extensions
[2012/06/14 15:11:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\z9j6o5tq.default\extensions
[2012/06/14 15:11:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\z9j6o5tq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/04/09 09:19:09 | 000,001,840 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Pro files\z9j6o5tq.default\searchplugins\bing.xml
[2011/01/02 18:26:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/02 18:26:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009/07/08 04:14:35 | 000,000,000 | ---D | M] (Finbu.com) -- C:\Program Files\Mozilla Firefox\extensions\info@finbu.com
[2011/01/02 18:26:30 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (NOW!Imaging) - {9AA2F14F-E956-44B8-8694-A5B615CDF341} - C:\Program Files\Netscape Accelerator\components\NOWImaging.dll File not found
O3 - HKU\S-1-5-21-3591641004-896156848-2460439210-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset )
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3591641004-896156848-2460439210-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10h_Pl ugin.exe (Adobe Systems, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{0A3B72FF-96B7-4E36-A277-15A07F808092}: DhcpNameServer = 64.59.144.16 64.59.144.17 64.59.150.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfac es\{40D311A4-6200-45EA-84A1-0085018823A2}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Des ktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Des ktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/12/19 09:53:11 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 08:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 360 Days ==========

[2012/06/13 15:45:03 | 000,000,000 | ---D | C] -- C:\49e71a78e76b5e6f31f0
[2012/06/13 15:34:16 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/13 15:34:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/13 15:34:13 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/13 15:34:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/13 15:34:11 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/13 15:34:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/13 15:34:10 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/12 18:47:45 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/12 18:34:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D41CC1FD-848B-4C55-BF99-EDFECE8E8B1D}
[2012/06/12 18:32:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{49082498-2E23-4A30-8434-2C979E477C0E}
[2012/06/06 20:20:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3CEB7A53-312A-417D-8130-44CFDDC87B5B}
[2012/06/06 20:19:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{73E87FE1-F6B2-42B5-902D-5A19C7A662D8}
[2012/06/05 09:22:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A20015CA-2D4A-4950-B6F6-8F2574CF35B6}
[2012/06/05 09:21:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{80FD89EA-02B1-4A0B-AC0C-7E56C767ED03}
[2012/05/31 11:01:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A73532F6-7581-49AC-B4A6-0223CA9D4D7A}
[2012/05/31 11:00:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BEF14667-5794-4610-9691-D543ADAB8913}
[2012/05/30 19:01:02 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/05/30 19:01:02 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/30 19:01:02 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/05/30 19:01:01 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/05/30 19:01:01 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/05/30 19:00:32 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/30 19:00:30 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/30 18:49:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7559C965-13F3-403F-8676-AF640E557359}
[2012/05/30 18:48:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BF98C6C9-9A95-4FF1-951B-38F4B30D658E}
[2012/05/21 18:33:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B822C21A-5D31-4E36-A920-24038540CFF2}
[2012/05/04 07:38:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2F503FAF-9F7C-45B1-B827-AD1B9F8B2D5D}
[2012/05/04 07:37:54 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8016016F-32F4-43DC-8EC8-05F7B5A10866}
[2012/05/01 07:50:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{972F7DD2-AB6F-490D-9893-74D551618F1B}
[2012/05/01 07:50:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D4E017AC-B3EA-4BFB-976E-13D11F0C50E6}
[2012/04/30 07:44:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F6DAC117-5001-4053-85AE-C73F9FB01760}
[2012/04/30 07:44:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{288B91AE-0A85-4D04-83DA-A71A484628A5}
[2012/04/27 07:50:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BAB730FA-7DD7-4A47-B2DE-243E2F3D8E68}
[2012/04/27 07:49:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B1500349-CCB8-4ADB-A427-D6FF00FD6AD2}
[2012/04/26 07:51:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{581D58EC-1E0C-4939-97EF-46DD48B43173}
[2012/04/26 07:51:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E71938B4-5CB0-4C25-A4BD-3269F8A60A46}
[2012/04/24 08:23:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C4517C5F-D3C6-4EBE-9CE5-095CF3DD2CF3}
[2012/04/24 08:22:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F291DDA2-40DB-42C5-81FF-70730BE159E7}
[2012/04/20 08:12:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{230CFF88-1A68-4C6C-B2B5-5F2770CF672A}
[2012/04/19 10:14:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FD9C5AF4-8955-4FEF-98E9-28869CC583C2}
[2012/04/19 10:13:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3592A739-A934-4E96-B858-705C1FD87DF1}
[2012/04/19 07:49:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4B4413A8-7D46-4A64-A060-0B6217C03015}
[2012/04/19 07:48:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E4A056E6-1B19-4173-9560-E9E57B22ADC1}
[2012/04/18 07:56:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D4036BCF-F0B0-4860-BE71-8B32F7393EB1}
[2012/04/18 07:56:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{384037DE-0016-4251-9AE4-4585C11A2A2D}
[2012/04/18 07:53:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3D34A6BB-F512-41D8-BBC2-D49D2538C353}
[2012/04/17 08:52:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8560511F-ECDA-485F-8B37-F0E77EE6E506}
[2012/04/17 08:52:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6BF221BA-D995-4CCA-8E6C-6C742062820B}
[2012/04/16 08:19:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C53D934B-B2E8-4CF4-AA47-4F2110188028}
[2012/04/16 08:18:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{19D20467-ECBB-4774-893B-CDDF922C2E7A}
[2012/04/14 10:14:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B1F95E27-D972-4E80-B807-B4E528C68A15}
[2012/04/14 10:13:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{40530649-88A5-41C3-93E9-D719FDF013F1}
[2012/04/13 07:46:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{86246A97-E3C1-4B92-AB1F-4330B57C82BE}
[2012/04/13 07:45:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A69D8BEC-8219-4D2C-B3AE-C7AB3A5CFADF}
[2012/04/12 07:44:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9C559D07-11A2-4A95-B7A9-1D5F39BE112A}
[2012/04/12 07:43:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4C2748B7-70C7-45D4-85FC-9C2ADB0565E1}
[2012/04/11 07:54:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E21FE129-2839-49A3-A8D5-03E8BFDABCB4}
[2012/04/11 07:53:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E1300FC5-F10C-4B73-8FA1-67F8A6115ABB}
[2012/04/10 08:06:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9D08F264-59C4-4814-918C-87578B8D8CB6}
[2012/04/10 08:06:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FB6561CC-94BB-43AC-ADA2-7086E8EF0DB1}
[2012/04/09 07:53:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9535D15A-8101-4760-99BB-F7E61344ADFF}
[2012/04/09 07:53:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FC42FB4C-16AA-4C65-95E7-ECC924D51BD7}
[2012/04/06 07:53:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FD577E9B-E1F3-4587-BAEF-3453E0A05802}
[2012/04/06 07:53:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{120BC948-3880-4F86-8C6F-131BABCDD6C3}
[2012/04/05 08:00:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2C65AF3D-5FF6-4DBD-85E4-5C235517869E}
[2012/04/04 07:41:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1118A00F-5C90-416E-BAB4-DD94BEFBC8E2}
[2012/04/04 07:40:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{26347B04-3358-43B5-8C62-93AD1E11DB72}
[2012/04/03 08:48:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B3C9665A-87B8-495E-B9E2-BE00F64688C7}
[2012/04/03 08:48:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D9F77ED3-040D-4D14-97C7-817C6234BAA0}
[2012/04/03 07:47:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F332D755-492D-4F5F-98D4-9EA05FD41845}
[2012/04/03 07:46:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3698C648-917A-4B7E-B5C8-C940004CB471}
[2012/04/02 08:51:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6E7AB4F4-8E60-4722-A8FC-133BC471EE5A}
[2012/04/02 07:55:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{98E25007-4958-4A2E-A06F-42C3C67247E2}
[2012/04/02 07:55:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7E6FD317-7E71-48F5-9CF3-83288A17BF4D}
[2012/03/30 08:05:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A8C8B4C0-E844-4D30-84BC-BEE9B9670D09}
[2012/03/30 08:04:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{83CBDA66-EC77-4823-B7C5-7E09EA2BA525}
[2012/03/29 07:31:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{65181FAF-6E07-47E6-91CB-31001F76C99A}
[2012/03/27 07:30:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B08C7E4C-D4D7-4FF2-AA4D-AD60385E2DCA}
[2012/03/27 07:30:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E8D7F42E-32E3-4CDD-B54D-156F23A9D60A}
[2012/03/26 07:42:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B83E5095-E89E-4552-AC03-F27A3F5CD283}
[2012/03/26 07:42:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8E85DCE5-F196-4CB0-B387-5FEA821F9616}
[2012/03/24 08:22:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5E1343EF-5C48-461F-9771-FD6B3179092E}
[2012/03/24 08:20:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D6BDC841-392F-4ACE-A172-4D98E6FAE4C3}
[2012/03/23 08:14:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E50B3A67-020F-4BE5-B90C-552D63798D1E}
[2012/03/23 08:13:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{70B111C6-2678-4754-BECC-16B4C95D4721}
[2012/03/22 07:43:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{018E7DB2-ABF4-4B8E-A940-58E5ACBB5067}
[2012/03/22 07:42:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FB911B02-FCC2-47C1-A0D3-BD665FD193BB}
[2012/03/21 08:21:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D02731DB-9481-41DF-A8B8-D87A517DED99}
[2012/03/21 08:21:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C2A79998-020C-492D-AAD5-8EE3D19CF72A}
[2012/03/20 07:53:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A1F2AE41-7116-47F3-8B26-5564FD5A8550}
[2012/03/20 07:53:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6D3DBD8C-82DF-4709-9AD8-F9AE5033D00B}
[2012/03/19 08:19:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FCF27907-5BC0-4346-80BA-BF37C5B56101}
[2012/03/19 08:19:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{580C76E6-AE39-4B1A-B7D3-A0C4B05B6C65}
[2012/03/16 08:50:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{14ED2F61-11FD-432D-9BD0-35D75F4CD79D}
[2012/03/16 08:50:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A2730E87-4098-4307-BD98-12BB9CCAA06A}
[2012/03/15 08:48:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{44271E26-20FE-41D2-A89A-6EA54099967A}
[2012/03/15 08:47:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EF1BF568-DBD4-4A13-88B5-13FFDD6E6DFE}
[2012/03/14 08:26:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{76BFEB8B-2672-4E6E-ADCC-BF8F095C1CFD}
[2012/03/14 08:26:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F614B3D3-31E4-4305-81B8-E3C40783DE2D}
[2012/03/14 08:16:59 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/03/13 08:16:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A1C8E6B5-360B-4E40-BFFE-99CE5E09250B}
[2012/03/13 08:15:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{911270F0-3E68-4BA6-AA34-31EFCAAC9833}
[2012/03/12 08:32:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EBBF459C-847D-478B-BAD7-EF3F4D9790EF}
[2012/03/12 08:32:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D31DDCD8-6039-4274-8476-DB838216F626}
[2012/03/09 11:32:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F85F200D-3757-43FE-8CD7-0C37DE3B9230}
[2012/03/09 11:32:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0C9B1089-48F7-4B4A-8E44-2C1FEEAA086A}
[2012/03/08 08:43:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{81D8A27A-6FEB-4D8A-B521-D5A0B3DC12FD}
[2012/03/08 08:42:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CE02C8A8-797D-44CD-BB66-ED3C7E48F5B3}
[2012/03/07 08:40:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{10EF14C4-1434-44EE-8B0A-5B464E8605AC}
[2012/03/07 08:39:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{395AF0B6-0199-44CA-875B-8B1289A7A3D9}
[2012/03/06 08:25:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{62B0F73E-028C-49B8-AAD2-277DD90752EF}
[2012/03/06 08:25:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{462C0419-980C-476F-A886-A6EDEC329CDE}
[2012/03/05 08:42:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{40966F5E-7C2C-41A3-B27C-1A3791CE7E58}
[2012/03/05 08:41:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B13B3291-CCE2-4465-9BCF-C39BB1BF6DDD}
[2012/03/02 10:14:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B39EB164-610C-4279-9B29-081663383414}
[2012/03/02 10:13:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{17010039-5361-4574-9121-ADCEB7D528FA}
[2012/03/01 10:51:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0F986BEA-C071-4AC0-8C27-CCB196A9FDA1}
[2012/03/01 10:51:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CBDC5D82-480B-49AC-85D1-D7CB084B013B}
[2012/02/29 08:28:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B3057787-86FB-458E-BEA1-D9A8DBF67BA5}
[2012/02/29 08:28:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E99F738E-F83D-4A1D-86FA-4E6B0ACA0607}
[2012/02/28 09:22:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4D69AD55-CCD9-4D5D-81B9-8B4E57214C87}
[2012/02/28 09:21:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{743BFD96-A637-490A-B7F8-95E81B63D83E}
[2012/02/27 08:47:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D349E1DC-BC9D-466B-BF0B-97E23B4E6AA9}
[2012/02/27 08:47:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4686C5DE-F6E9-4BFD-88E4-4656D499973E}
[2012/02/25 13:48:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3B644CBC-A5FC-41E2-9065-7888DBFF961C}
[2012/02/25 13:47:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1F8485D1-89E0-4A19-A274-22F52E5AA95C}
[2012/02/24 09:09:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{603C3125-DDFA-4B02-8CC7-5A6ACA28775F}
[2012/02/24 09:09:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D64BD389-EBFA-4954-AFDB-CF22E2ABA08D}
[2012/02/23 10:09:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9A33ED69-E709-4D46-9DBD-91B08517BA59}
[2012/02/23 10:08:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FE0FC19B-EAAB-4B2E-88B5-ED91FC88D6F6}
[2012/02/22 10:30:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Google
[2012/02/22 10:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/02/22 10:19:17 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/02/22 08:30:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F8E7D5D6-9FBA-4028-9FF5-CB666D843BB9}
[2012/02/22 08:30:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{172CED29-A12B-4B5A-B050-B94CFDA3D391}
[2012/02/21 09:07:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4841BD45-D610-4F1A-BC68-3BD8E6AFA325}
[2012/02/21 09:05:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FD45174B-9606-4468-9A3D-2212F1BAB56B}
[2012/02/20 09:00:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{96C1A1E0-635B-439F-A5C8-9FD599B2FD2D}
[2012/02/20 09:00:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{55410700-F00D-4A59-A07F-E051A056A247}
[2012/02/17 09:29:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7ECE3583-9FDD-4899-88C6-7C94BDB0F242}
[2012/02/17 09:29:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{72596E39-F5CB-4DF0-89C2-FD96D61B8BEF}
[2012/02/16 08:34:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D3A25EAA-8B44-40BD-8274-5E2D8AB8DC29}
[2012/02/16 08:32:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{26EAEBB0-B778-4062-8802-2A0FEBEC8E82}
[2012/02/15 08:49:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{87136A6B-94FB-4D51-BAC8-47445D43F301}
[2012/02/15 08:49:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{16C7A64B-B9ED-4D3D-95A9-A31A1971522F}
[2012/02/14 09:46:54 | 000,000,000 | ---D | C] -- C:\Program Files\FilmFanaticEI
[2012/02/14 08:39:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7241BDBA-F809-4F76-9621-A180A7642509}
[2012/02/14 08:39:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2D80D22E-416E-413D-8B2F-137A0095D436}
[2012/02/13 08:21:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F4BDA8B3-9B45-4C9C-973A-3507CBEA185D}
[2012/02/13 08:21:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7DC52E55-EA9F-4E79-8BB2-9C587B799F4F}
[2012/02/11 20:35:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5633D473-91C4-413D-93DC-7EB5081AD292}
[2012/02/11 20:34:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{78B8B660-354C-47DF-BE48-97457FE87DEE}
[2012/02/10 08:29:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{25820C28-26CC-4D9E-8B4F-BD9AA03DD2AB}
[2012/02/10 08:29:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EDE28777-737E-4734-9280-D0215B3099F1}
[2012/02/09 08:31:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{66C64D32-0B73-49AC-BE81-A7D579EE53BB}
[2012/02/09 08:31:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9C77A8FC-CA12-4DC5-92C9-7D2B9A220EE6}
[2012/02/07 11:02:40 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2012/02/07 10:19:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FE165E88-1920-4E8C-9D22-76FEE0441184}
[2012/02/07 10:18:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CC5E8BA7-9308-4C51-81D7-B6FD91CC3838}
[2012/02/06 11:28:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A0582F52-D690-4AA9-9248-A95B53E24A40}
[2012/02/06 11:28:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6307B57D-0021-469B-B4DF-9211450FC857}
[2012/02/03 08:39:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FE505C5B-9EB5-40BC-B029-7AF08CA3D2C0}
[2012/02/03 08:39:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C84EF928-17F4-42CA-9E94-6F4CC6388CBE}
[2012/02/02 09:25:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{86DA114B-48AD-4086-A143-484222C5467F}
[2012/02/02 09:25:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EDB0875F-A5C5-4B1B-88AD-3887B59CE729}
[2012/01/31 09:16:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3CDE7D02-B771-4B05-AD60-049D7DC5C6DB}
[2012/01/31 09:15:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4688727F-DFA5-4BDE-BF33-D15A7CAE0E06}
[2012/01/31 08:21:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\PackageAware
[2012/01/30 08:49:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B6981648-F6E3-4277-A956-23359D21B09E}
[2012/01/30 08:49:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{83F1544B-3813-4961-89D2-5B998449CF70}
[2012/01/27 09:16:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{ABAAA023-A723-4F5D-B47B-537BAC542C1E}
[2012/01/27 09:15:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7496266A-C62C-41F1-B56C-2C630537078A}
[2012/01/26 11:35:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{502AC229-2A85-428F-98A0-69A77A01A1F5}
[2012/01/26 11:35:20 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9C097F13-81D2-4E98-84F8-FA3A44BCCA4E}
[2012/01/25 09:00:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C1F02FD6-1FBF-4024-A794-C6A9A4857DEF}
[2012/01/25 08:59:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BADA1666-5EA0-4867-BB90-3B79404E21A7}
[2012/01/24 09:23:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5F1934E3-6965-4F20-9BE9-89A86E533C6E}
[2012/01/24 09:23:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DAFD4686-085A-4374-8FA0-1E0FFAE73601}
[2012/01/23 09:10:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A7A534BE-A479-4D77-9C0F-9D117C115D4E}
[2012/01/23 09:10:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{88897919-72E0-499D-9138-18856C5653E7}
[2012/01/20 08:39:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{682287DB-DD26-4150-A37C-58CF1DCB8159}
[2012/01/20 08:39:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7018BDD8-126A-4C95-A44D-4E74FF0F5329}
[2012/01/19 09:41:47 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{43747CE5-C833-4B59-81FD-F05388CFDAA2}
[2012/01/19 09:40:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3B8C2016-6988-42C0-A324-7B63A77985B3}
[2012/01/18 09:07:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6168458C-EB4D-4FAF-82CC-5117CB9214BC}
[2012/01/18 09:07:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{83A85FFE-3F33-4DFC-BA4A-AB34430BFEEF}
[2012/01/17 09:37:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1FA2CE7A-D66B-4116-A32E-0D65BC7F1E98}
[2012/01/17 09:37:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{89CFD93C-4996-4600-BEF3-6C615AFA5811}
[2012/01/16 10:03:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{865DBAAF-CD74-4154-AEA3-EF220B249B4D}
[2012/01/16 10:03:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{496D31B5-2762-47CA-BFEE-093E94471DB8}
[2012/01/13 09:56:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{50A50633-3C84-42A4-999C-ECD7C669DA5C}
[2012/01/13 09:56:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9F84568D-A81F-4BF1-A7F6-5598EDD7C7D5}
[2012/01/12 09:15:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F3EA726B-E657-491D-B429-7212CF414002}
[2012/01/12 09:15:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{13F1C265-A693-4BBC-A964-AF8C62BB6A00}
[2012/01/11 10:36:07 | 000,000,000 | ---D | C] -- C:\Program Files\RecipeHub_2jEI
[2012/01/11 09:23:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BF172775-9DF1-41AB-AD85-576AEA73FDC4}
[2012/01/11 09:23:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2CDFB088-7CB7-4DD7-993B-B9059094F46C}
[2012/01/11 08:47:16 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2012/01/11 08:47:15 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/01/11 08:47:14 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012/01/11 08:47:08 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012/01/11 08:47:08 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012/01/10 08:41:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BF3185B2-0941-450D-BC2B-3568924F927C}
[2012/01/10 08:41:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D3CC0719-0CCB-4F51-8316-48E691DCA8C4}
[2012/01/09 10:20:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DAC4B835-F0FE-4ABE-AE21-FC9D4D034C13}
[2012/01/09 10:20:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6074E124-9963-44B8-98AD-7B2715B05C21}
[2012/01/06 08:48:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5ACFDF41-DDE7-45EB-8550-D907981369A3}
[2012/01/06 08:48:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2A0ACBDF-9D20-4875-9A29-4EB53658DA12}
[2012/01/04 10:13:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C920D255-4354-4739-A2BD-80818951000F}
[2012/01/04 10:12:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B180EE59-C808-4F92-AFBE-1768BAD48DA7}
[2012/01/04 10:11:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

Compton856 · #4 June 14th, 2012, 11:37 PM

[2012/01/04 10:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/01/04 10:10:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Google
[2012/01/04 09:12:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\OneNote Notebooks
[2012/01/03 10:11:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FCE63289-1A8F-4D30-91ED-6976856E214A}
[2012/01/03 10:11:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{15386612-C1A8-4798-A2D7-3E8D87AC35C3}
[2012/01/01 10:47:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5C6FEC54-DF89-49A2-8CDB-0DBEC1AC0500}
[2011/12/30 10:06:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{86D628FA-710F-4AEF-9FF5-E1BFFBDF8B19}
[2011/12/30 10:05:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{00235409-9B9A-4F9D-BE69-6A518D222F12}
[2011/12/29 08:58:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{17AD2680-88BA-4E24-8996-6DE8F231268D}
[2011/12/29 08:58:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9F0742D0-2384-4D97-8DEA-200DD4BC12C7}
[2011/12/28 08:39:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0DD75293-8C25-4575-A366-B8DD96DD1013}
[2011/12/28 08:39:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2F8160EC-0468-42D2-8BB7-971F34321AF3}
[2011/12/27 08:48:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B12F8B42-2D84-499F-A175-0DA9F2B1FC53}
[2011/12/27 08:48:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4166C83B-1FF9-4394-9862-4B2EBEAECB85}
[2011/12/23 08:51:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{33BA7ECA-2E9A-4D53-82FF-4BDF38F8BFAC}
[2011/12/23 08:51:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{61B61D37-011D-4FD8-8710-199B0EE848DD}
[2011/12/22 08:55:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DE62D4D5-4BC3-4C70-8A0F-20C1FE35CFB5}
[2011/12/22 08:55:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{742F4E6D-0542-4A5E-870D-211964AFED1D}
[2011/12/21 10:21:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BA61C9F5-83C9-4B2F-9398-76771FDE40AA}
[2011/12/21 10:21:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DB287190-7B6C-4F3C-B694-4960FC6C2700}
[2011/12/21 07:11:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{15B23244-91F6-4C85-A025-5AF6718015AA}
[2011/12/20 09:00:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{779B9829-2D41-40BB-92C8-A7367CA5B503}
[2011/12/20 09:00:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{66742976-A82E-432C-AE15-DCE014F088D1}
[2011/12/19 08:58:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{140ACFB1-2D96-4502-875C-15E306170BD5}
[2011/12/19 08:58:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{48C8E694-CEF0-4DD2-99D6-28AC9FF128F4}
[2011/12/18 14:46:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1241D615-7982-4FA5-BDEC-2DB87FCEDF93}
[2011/12/18 14:45:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F2D12ABE-1B02-4A60-B96F-EE193240217A}
[2011/12/16 10:29:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CFD5E1F5-39F5-4707-A513-9265CB3594E8}
[2011/12/16 10:28:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E15CA57A-0CEA-4982-8937-3473CFEBDAA8}
[2011/12/15 10:45:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{40E32317-10BA-4FAA-BDDB-AED0AACD4947}
[2011/12/15 10:45:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{936EDB94-A02C-477C-9059-122D08BFBC7F}
[2011/12/15 09:08:06 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/12/15 09:08:03 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/12/15 09:07:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/12/14 09:34:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D3181623-8AB3-4D33-8E33-16E79A10F3B5}
[2011/12/13 10:34:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EA4FD9AB-6508-4D9C-BF5D-A28D55CB82C6}
[2011/12/13 10:33:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E7FB7FBA-A244-44E8-9FCC-79A20AC6B16F}
[2011/12/09 11:19:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6684F05F-5AE0-40C8-9BBE-FEBFDC227619}
[2011/12/09 11:19:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{31AA01C0-847F-4149-8CFC-7DA2E6943527}
[2011/12/08 09:20:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A90C4392-965C-4FB0-9F06-398900AE6AFD}
[2011/12/08 09:19:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3D18BD1C-5060-46B5-9F64-D62584F0DC30}
[2011/12/08 09:02:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{36EE1E87-95C1-486D-8B88-E63A3B962792}
[2011/12/07 09:35:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CA41B2A4-618F-4201-A16E-93ACCBFD486D}
[2011/12/07 09:35:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6F306727-35AF-480C-A7E0-D33C3726D1B9}
[2011/12/06 10:34:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2AF8228A-C143-4595-A709-8C8783459628}
[2011/12/06 10:32:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{86B0095C-7DD8-4244-A6C5-379C3DD855E6}
[2011/12/05 09:30:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D4B14771-5807-4F9E-8FBB-51DCD6EE395C}
[2011/12/05 09:30:15 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0BDC013E-554C-4CE0-8039-6BBC68EBA2FA}
[2011/12/02 08:56:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{11C635B0-8780-4A68-BBFC-59E3C563437C}
[2011/12/02 08:56:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C3A02EB9-E9B4-49C6-8306-73C6B09A0DB3}
[2011/12/01 10:17:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EBF9A8EA-9E4C-4027-834A-5B1B4F6985D4}
[2011/12/01 10:16:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4AF8D0A1-9A21-4243-B11E-8585B4576671}
[2011/11/29 10:31:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0F602407-55C7-4937-BA1C-B539F725D663}
[2011/11/29 10:31:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3CDB61F0-24DD-4BED-8423-70469E6FDD49}
[2011/11/28 10:23:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E3FB33CD-492B-4914-B4C0-238FB23A7439}
[2011/11/28 10:23:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BE487A06-1CBF-4417-9B6D-43F3D5BEE176}
[2011/11/25 10:31:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2F82E40D-7420-47DD-A493-D4A3F509921F}
[2011/11/25 10:02:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E8DAB9A7-7165-4C8B-8F32-C8BCE144A45D}
[2011/11/25 10:02:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{89ACC9FC-A028-44D9-AC07-C01627A674F3}
[2011/11/24 08:39:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D63DDFCB-4ACF-4ECF-B6F9-DAE2EA3AA873}
[2011/11/24 08:39:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FC302BC5-118E-479D-ACA1-E6F9B38ABAE0}
[2011/11/22 10:22:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F99040BD-7653-44F4-A537-B408A1F38ADD}
[2011/11/22 10:22:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0E3BFCC4-875C-4555-877E-93E17C3C06B2}
[2011/11/21 10:58:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F9F022EC-7A2A-40EF-8368-D5066E928F4C}
[2011/11/21 10:58:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FAA99A74-DD86-4FBF-A142-D2A0B3288DA5}
[2011/11/18 09:31:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E35A0D17-32C8-4434-845C-3EF99B9BEC6E}
[2011/11/18 09:31:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5E639B99-BCBA-4E57-BE27-BEE4B65C4D07}
[2011/11/17 08:50:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F6849C2E-A5DD-420D-913B-BCDE3FC236D9}
[2011/11/17 08:50:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EDDA2630-CA26-41D1-8E67-5344705507CA}
[2011/11/16 08:44:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A6AB1E51-A982-4862-BBB1-0AA1DB70C4CC}
[2011/11/16 08:44:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8E653D43-C257-46B3-8582-4EF9E606C433}
[2011/11/15 09:22:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{ECFA4032-B43B-447C-8BA0-A55A7E360E8A}
[2011/11/15 09:22:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CB9BA8E1-1C32-4EA9-B25E-214D3F8CA9AA}
[2011/11/14 09:18:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{359F7243-8D99-42DF-895A-1300B77D5642}
[2011/11/14 09:18:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{57AB3ED8-83C0-46DD-A6B3-85ACA30611B4}
[2011/11/10 09:37:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9EBBE814-1310-42F0-9090-ABD8623F5CE5}
[2011/11/10 09:37:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4E17C1CA-B7CD-4D00-846E-D755C759C691}
[2011/11/10 09:28:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0FB8E558-B7E7-4E99-ACEE-B5B8C2F71B96}
[2011/11/10 09:27:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C7501861-465A-4679-B411-A684D019B696}
[2011/11/09 09:51:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{25F2CBFF-560E-4933-8783-EF4D23A61F17}
[2011/11/09 09:51:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B96DEC15-80FA-4C36-B826-173EA7A2270B}
[2011/11/08 09:50:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F05C7661-D825-4BA4-8EDE-252A2FE43223}
[2011/11/08 09:50:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{78A084CB-ACB8-4AD6-B1AE-79E2ED963CDA}
[2011/11/07 09:48:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{706291DF-934A-407E-8376-F9C85636A081}
[2011/11/07 09:48:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{AC50474B-C36C-4E42-83B1-056A006E9A3D}
[2011/11/04 08:35:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{77E9E710-69C8-4B47-94D6-457AAC3E455B}
[2011/11/04 08:34:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{89F2784F-F135-464B-8EEF-240508DA0BE2}
[2011/11/03 08:29:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8FBAA3C7-AA82-409F-B0EC-CC7A0ED3D4C6}
[2011/11/03 08:29:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{449042DA-A457-4B64-95F1-54D0A169F272}
[2011/11/02 07:58:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C4213422-A997-41D1-8AC1-DD33334B5BD4}
[2011/11/02 07:58:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4C8C17CD-5A23-45D6-9D63-1FE13ADE8ED1}
[2011/10/31 09:04:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A5CFB3B6-8A12-4E3C-9109-AE57CDD949A2}
[2011/10/31 09:04:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{002725E2-4578-4E5B-9215-8CD02C0C3A32}
[2011/10/27 09:32:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FE02E3AA-09C4-4047-80FE-6A3CB9152F63}
[2011/10/27 09:32:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CB1AA2D8-F0CC-4A4B-941A-8B5BCFBB8585}
[2011/10/24 08:12:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8726EA94-AD8A-4147-8D55-C892C0BA5D31}
[2011/10/21 08:27:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{68DE2B6D-B435-4B43-95D5-D6F1BD19D9A5}
[2011/10/21 08:27:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3D4755CD-6208-4968-A65C-535C491BBA82}
[2011/10/20 08:53:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{865E8A7E-CAE2-41BB-ACDD-560AC0B7EA03}
[2011/10/20 08:53:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7061DB0C-BFB2-4A7B-A6E4-77C7B39D8897}
[2011/10/19 09:07:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C0D81688-C88E-4FFC-A30F-01BF7E08A815}
[2011/10/19 09:06:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3AB2293E-CB2D-48D9-AEE0-273628E3B637}
[2011/10/14 08:40:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2E21DAA2-4B70-4F07-9DE8-994F4F0FFB50}
[2011/10/14 08:39:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{075877CA-80A0-463B-84FB-E380B7E1D41F}
[2011/10/13 07:33:04 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/13 07:33:04 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/13 07:33:04 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/13 07:33:03 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/13 07:32:29 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/10/13 07:32:28 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/10/12 08:33:07 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{532E25D3-8529-44EF-84A7-A5036A50B65C}
[2011/10/11 09:14:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3C461D47-FA61-4C57-872D-0D0B461D10F6}
[2011/10/11 09:14:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{770BB1A8-D824-4CEA-B5BF-5210F5C358B3}
[2011/10/11 09:07:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2A8D80C2-DC5D-41C9-8527-E45E807406E1}
[2011/10/11 09:06:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{667C3DAF-933D-4F60-A4FF-DF0903B7931D}
[2011/10/06 08:19:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4BD8C562-4422-4533-9F76-CC2810983ED7}
[2011/10/06 08:18:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{95B8252E-F2C6-4921-AFDF-B661E20A833B}
[2011/10/04 08:37:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EF2A7396-D261-470F-BC38-F817B3D1BBB0}
[2011/10/04 08:37:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2656D05D-AA44-4820-BEF8-AA472E5D6D55}
[2011/09/29 08:15:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4F099236-743B-4986-AB71-B683BB85B80A}
[2011/09/29 08:15:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FB2F608F-AD42-44D1-952A-CA83417BD63B}
[2011/09/28 08:25:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{34E50BEC-4FF6-479A-8CAD-A373DBCC717E}
[2011/09/28 08:25:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{12140D10-043E-4A13-9232-593C89F0195A}
[2011/09/27 08:13:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{038CAD71-00BC-4213-AD73-8E8EA566C211}
[2011/09/27 08:13:06 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D06CDDC6-4C4E-45F0-BE5F-41F54848818F}
[2011/09/23 07:45:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8782ACC0-BFAC-4499-A4D7-A244CBBF851C}
[2011/09/23 07:44:55 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7198FFBA-B3A0-42CC-A8F3-02F5EA888A0B}
[2011/09/22 07:33:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F82FC639-B7C7-4486-9CB8-0F29DEB478D4}
[2011/09/22 07:33:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{924F26BE-6A45-4347-9BA3-4EB1BFA8B80C}
[2011/09/21 10:30:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{E131407A-8A36-4A35-A250-7F1E1AB9A6DB}
[2011/09/20 08:08:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{195C9183-0D3E-4867-BA18-3D1C7BA2262A}
[2011/09/20 08:08:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5E91BB0E-4C72-4151-BCFB-1DEF2B713870}
[2011/09/19 07:56:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0555D41E-C4F3-4371-83CF-1E4CCAD3D753}
[2011/09/16 08:01:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C5E6FB74-F79D-43FA-8295-10C445122EF7}
[2011/09/16 08:01:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{015217D2-4544-4417-AB3F-D627D3E85F1E}
[2011/09/14 08:05:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{35D6D9C9-1288-4CC0-9115-A4A17E11343F}
[2011/09/14 08:03:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C8AA9F97-22AB-4347-BCE0-993C48699C36}
[2011/09/09 11:04:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{75D09C84-CD38-4FAA-B43B-F5F2F20062A2}
[2011/09/09 11:03:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F2578818-9E81-4793-96F6-44FB43CEBE40}
[2011/09/08 09:52:01 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C62DB1AC-9427-4E16-899C-3847D6A65F09}
[2011/09/08 09:51:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DBE45EE7-5D65-40F1-A1B9-2344256D09A1}
[2011/09/07 09:32:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{65CA9847-5E20-42E1-868A-E7AFC6F5043C}
[2011/09/07 09:32:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{ACD8BA21-62A5-4B61-B286-4AC278DC4759}
[2011/08/31 07:54:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{17329359-CD55-4786-9A03-96A66A2422A7}
[2011/08/30 08:07:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{24167EA5-16EA-4E46-8188-1B3E878D3398}
[2011/08/30 08:07:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{877A5E89-448A-4EE5-9E5B-2B46C98B3456}
[2011/08/25 07:45:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A3E0164B-FACE-4FBF-B68D-7283CC96B231}
[2011/08/25 07:45:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{78E27F96-B381-41F8-84F0-063548FD8702}
[2011/08/24 07:42:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{31BC8373-AE9B-4F00-989E-A366105FF20D}
[2011/08/24 07:42:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3A497407-9968-4A40-A009-39E0D16B157A}
[2011/08/23 08:57:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CA6CE946-DD61-4FC5-87E3-57D326C82C25}
[2011/08/23 08:56:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A600CB24-C420-4A47-9303-CAE71FDAEB9A}
[2011/08/23 07:54:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{903DF953-B14A-4CA2-BF79-A205FD772E67}
[2011/08/23 07:54:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1A1E04C7-DEC1-4D16-BB33-972EFBA785BA}
[2011/08/22 07:34:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{891D72D1-0F7F-4A40-86D8-41D91C4D435F}
[2011/07/25 11:16:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B0DF878B-0E6D-4B8B-835E-E2616D1456AF}
[2011/07/19 08:21:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BF0285F0-8FFB-4CA2-BE7D-9E03ADB6224D}
[2011/07/18 07:47:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BAAF1225-FCC3-4FF7-9BCE-68EDD61AA596}
[2011/07/16 07:48:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C6259007-60E0-4753-83FB-3BB1D455D09D}
[2011/07/15 03:00:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{84E103A7-D0A8-48F2-952F-E2C2501B5CD5}
[2011/07/14 03:00:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{909148AB-6AC8-44CB-86DB-0C749A7053FD}
[2011/07/13 07:42:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{25BF5621-892D-472C-9ED4-F6B73ECE50C5}
[2011/07/12 07:22:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EDA2B561-4625-4D22-AF82-1853A699D638}
[2011/07/08 05:08:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{76464A8E-02CB-4551-839B-1A5978907DDF}
[2011/07/07 08:12:36 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6DCA1D5A-BB69-42EA-88CD-A33064C01EED}
[2011/07/07 03:28:22 | 001,193,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FM20.DLL
[2011/06/29 08:08:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FCB81A0E-5E12-4ABD-B98C-8F4E2D61F539}
[2011/06/28 09:08:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{6F2C5A24-0E50-4C1F-AC4C-FD29B7DF18EB}
[2011/06/22 16:32:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4520627F-3511-4228-8D4D-EBF666F225FD}
[2011/06/21 06:41:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4D04DCD9-8083-4297-A547-2778B027447D}

========== Files - Modified Within 360 Days ==========

[2012/06/14 15:07:47 | 000,029,184 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/14 14:38:20 | 000,027,335 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\nvModes.001
[2012/06/14 14:38:17 | 000,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012/06/14 14:36:39 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/14 14:36:00 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/14 14:36:00 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/14 14:35:57 | 000,326,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/14 14:35:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/14 14:33:57 | 2079,129,600 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/14 14:30:59 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/06/13 15:40:52 | 000,617,702 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/13 15:40:52 | 000,108,772 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/03 13:43:17 | 000,007,268 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2012/05/30 21:07:04 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[2012/05/21 18:35:52 | 000,002,627 | ---- | M] () -- C:\Users\Owner\Desktop\Microsoft Office Word 2007.lnk
[2012/05/17 15:45:37 | 001,800,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/05/17 15:35:39 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/05/17 15:33:08 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/05/17 15:31:16 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/05/17 15:29:45 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/05/17 15:24:45 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/05/17 15:20:42 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/05/15 12:51:08 | 002,045,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/04/10 10:17:56 | 000,027,335 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\nvModes.dat
[2012/04/10 09:26:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/03 01:16:12 | 003,602,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/04/03 01:16:11 | 003,550,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/03/01 07:46:01 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012/03/01 07:46:01 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012/02/29 07:08:47 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012/02/29 06:44:50 | 000,683,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012/02/29 06:41:40 | 001,069,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/02/23 10:18:36 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/02/22 10:19:17 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/02/07 11:02:40 | 001,070,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2012/01/18 08:22:12 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_ 07_00.Wdf
[2012/01/09 08:54:08 | 000,613,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2012/01/04 09:12:57 | 000,001,111 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2011/11/25 08:59:48 | 000,376,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/11/22 09:31:32 | 000,024,206 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\UserTile.png
[2011/11/18 10:47:03 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2011/11/08 07:42:19 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/10/25 08:56:04 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/10/14 09:00:23 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll
[2011/08/25 09:15:04 | 000,555,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll
[2011/08/25 06:31:01 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll
[2011/08/22 09:54:08 | 000,040,192 | ---- | M] () -- C:\Users\Owner\Desktop\Resume.rtf
[2011/07/29 09:01:34 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/07/29 09:01:33 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/07/29 09:00:14 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/07/29 09:00:05 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/07/07 03:28:22 | 001,193,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FM20.DLL

========== Files Created - No Company Name ==========

[2012/01/18 08:22:12 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_ 07_00.Wdf
[2012/01/04 10:10:32 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/04 10:10:30 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/04 09:12:57 | 000,001,111 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2010/06/21 19:46:03 | 000,029,184 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:A6CD15C3

< End of report >

Compton856 · #5 June 14th, 2012, 11:38 PM

OTL Extras logfile created on: 6/14/2012 3:19:03 PM - Run 1
OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\Owner\Links\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 46.57% Memory free
4.11 Gb Paging File | 3.00 Gb Available in Paging File | 72.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 176.84 Gb Total Space | 111.02 Gb Free Space | 62.78% Space Free | Partition Type: NTFS
Drive D: | 9.47 Gb Total Space | 1.18 Gb Free Space | 12.44% Space Free | Partition Type: NTFS

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3591641004-896156848-2460439210-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{0EEBEC2B-05CA-4DDB-A8D0-CBE6D4D8498C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1DC8E91A-F484-4A7A-9503-21F48D75C463}" = lport=137 | protocol=17 | dir=in | app=system |
"{222CB6C7-1432-4387-8666-D659547AFE89}" = lport=2869 | protocol=6 | dir=in | app=system |
"{27520251-71DF-45A2-A9C6-58E365C2D4E6}" = lport=139 | protocol=6 | dir=in | app=system |
"{2F27F13B-33DB-4451-B190-AA269749025E}" = lport=445 | protocol=6 | dir=in | app=system |
"{3E22FCE5-8D1B-4BF3-B903-6BCBC721A31F}" = lport=138 | protocol=17 | dir=in | app=system |
"{4303B910-E1FD-460F-8E58-280E04245F57}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{49D52699-FD29-4C10-90B4-0CEAA03CC23C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5587A199-525B-4535-8EDB-2E2A4DBEF568}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5D694917-4C37-4E42-BE30-A2464BA1B8E7}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{89ABEED7-3A78-466F-A584-47D8E05B6B85}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A9D7A234-F0E7-46DC-BC71-2E6A3A2F9FF2}" = rport=138 | protocol=17 | dir=out | app=system |
"{AA5C5C49-C92A-4C19-9BEE-2CE35984E33E}" = rport=139 | protocol=6 | dir=out | app=system |
"{C224D743-A28F-401E-B1AB-60A4B618A064}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C8A3E61E-61CD-4400-964C-309BD3B797B5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CD712CEE-3803-409B-A58C-CC9A3D204752}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D5428D1F-A7C3-4B51-A018-A1C752BB35ED}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F1ACEDC8-7828-473E-9657-384FE033078D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F305CB6A-8C8E-41FC-A285-C155E938F1E5}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F4194C6C-34B2-4C9C-BCB7-47BEE97E057E}" = rport=137 | protocol=17 | dir=out | app=system |
"{F5D68BE9-7E87-4243-A549-D68E1DC90318}" = rport=445 | protocol=6 | dir=out | app=system |
"{F9A3CF1F-F2E1-4F16-92D0-6EDB83BC6DE9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
"{03B35F94-EC1A-463A-9DCF-897AFA860F1B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{47D79403-27D3-4FEC-B6DD-BD89738B28B5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5CD9F849-C031-4DF7-84A5-DF756E19F5B3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5E6B9F0C-BD02-40D0-A284-706058435EC2}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{6136936E-AE74-4959-8ADC-C826EA3896D8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{804EC039-C7CE-4E45-83AB-2230DECBA603}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{925297E4-CDC4-4162-974B-B74F88A3F4AF}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{A1706AD4-1648-4FE2-BD67-F5A1DD33EDC6}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{D3F4D802-95A0-4D61-8913-2BE17CF9ABE8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D5E8BF52-31DF-40F4-B63D-7A3134B37D90}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F97855D5-126A-480A-BED5-E9AD5EC28E8E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{2F123EBA-2CAD-4565-A978-48799C1B0B6C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{521F3B19-B320-4263-8EDE-4B5B58B38642}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
"{0289B18A-F99F-423F-B79F-1150D0F85492}" = HP Wireless Assistant
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40385AA8-F33A-4E8E-BCAB-DF94A6AF7D51}" = HP User Guides 0060
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.3
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{48903BD9-1C48-47BF-85CB-ED7514823992}" = HP Active Support Library
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50681864-CDFD-4F11-9169-FD81A368E758}" = ESU for Microsoft Vista
"{53933198-468C-437C-B8D8-1150B3102196}" = HP QuickTouch 1.00 C1
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{755C609D-5792-4136-A0D8-0513E04D4EBE}" = HP Help and Support
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D9B4D7EE-481C-4C36-86AB-A8F7417725FF}" = LightScribe 1.6.43.1
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7F3B252-E772-48AA-93EB-7964BC326067}" = MSCU for Microsoft Vista
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C3 0B7" = HDAUDIO Soft Data Fax Modem with SmartCP
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.18)" = Mozilla Firefox (3.5.18)
"NOD32" = NOD32 antivirus system
"NVIDIA Drivers" = NVIDIA Drivers
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.3.0
"WildTangent hplaptop Master Uninstall" = My HP Games
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/30/2012 2:30:16 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/31/2012 11:16:33 AM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/31/2012 11:16:33 AM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/31/2012 11:16:33 AM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/31/2012 11:16:34 AM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/31/2012 11:16:34 AM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/31/2012 11:16:34 AM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/31/2012 11:32:51 AM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/31/2012 12:14:06 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/31/2012 12:15:22 PM | Computer Name = Owner-PC | Source = Windows Search Service | ID = 3013
Description =

[ Media Center Events ]
Error - 5/29/2008 11:48:11 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

[ System Events ]
Error - 6/13/2012 6:26:32 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/13/2012 6:27:01 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 6/13/2012 6:27:01 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 6/13/2012 6:28:00 PM | Computer Name = Owner-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 001A737B1105 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 6/13/2012 6:44:18 PM | Computer Name = Owner-PC | Source = DCOM | ID = 10010
Description =

Error - 6/14/2012 1:21:48 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7043
Description =

Error - 6/14/2012 5:30:42 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7043
Description =

Error - 6/14/2012 5:35:48 PM | Computer Name = Owner-PC | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description =

Error - 6/14/2012 5:36:22 PM | Computer Name = Owner-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/14/2012 5:39:41 PM | Computer Name = Owner-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.100 for the Network Card with network
address 001A737B1105 has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

< End of report >

Compton856 · #6 June 15th, 2012, 12:15 AM

GMER SCAN

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-14 16:15:34
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 TOSHIBA_MK2035GSS rev.DK020C
Running: 8rbfipjr.exe; Driver: C:\Users\Owner\AppData\Local\Temp\kgloapow.sys

---- Kernel code sections - GMER 1.0.15 ----

.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8BC0A380, 0x354CE2, 0xE8000020]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 eabfiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Development Company, L.P.)

Device \Driver\BTHUSB \Device\0000006d bthport.sys (Bluetooth Bus Driver/Microsoft Corporation)
Device \Driver\BTHUSB \Device\0000006d bthport.sys (Bluetooth Bus Driver/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Par ameters\Keys\001e37074ec2
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Paramet ers\Keys\001e37074ec2 (not active ControlSet)

---- Files - GMER 1.0.15 ----

File C:\Windows\SoftwareDistribution\DataStore\Logs\tmp .edb 65536 bytes

---- EOF - GMER 1.0.15 ----

Compton856 · #7 June 15th, 2012, 06:15 AM

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-06-14 16:16:35
-----------------------------
16:16:35.680 OS Version: Windows 6.0.6002 Service Pack 2
16:16:35.680 Number of processors: 2 586 0x6801
16:16:35.680 ComputerName: OWNER-PC UserName: Owner
16:16:37.599 Initialize success
16:19:34.151 AVAST engine defs: 12061401
16:20:32.245 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
16:20:32.245 Disk 0 Vendor: TOSHIBA_MK2035GSS DK020C Size: 190782MB BusType: 3
16:20:32.479 Disk 0 MBR read successfully
16:20:32.479 Disk 0 MBR scan
16:20:32.526 Disk 0 unknown MBR code
16:20:32.573 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 181084 MB offset 63
16:20:32.666 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9695 MB offset 370860525
16:20:32.776 Disk 0 scanning sectors +390716865
16:20:33.384 Disk 0 scanning C:\Windows\system32\drivers
16:22:23.130 Service scanning
16:23:00.227 Modules scanning
16:25:16.774 Disk 0 trace - called modules:
16:25:16.867 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
16:25:16.867 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85260a78]
16:25:16.867 3 CLASSPNP.SYS[87dac8b3] -> nt!IofCallDriver -> [0x8420f950]
16:25:16.883 5 acpi.sys[8060a6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x84ba28d8]
16:25:17.678 AVAST engine scan C:\Windows
16:26:50.296 AVAST engine scan C:\Windows\system32
16:43:19.856 AVAST engine scan C:\Windows\system32\drivers
16:43:45.284 AVAST engine scan C:\Users\Owner
17:30:54.672 AVAST engine scan C:\ProgramData
17:35:38.930 Scan finished successfully
21:58:40.232 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Links\Downloads\MBR.dat"
21:58:40.232 The log file has been saved successfully to "C:\Users\Owner\Links\Downloads\aswMBR.txt"

**Jintan** · #8 June 18th, 2012, 12:13 AM

Hello Compton856,

One big issue when you start a new request, and then pile into it a lot of extra posts, is that helpers then assume someone has replied, and there are active repairs underway. So a delay, until one of us gets curious about why a thread seems to not be getting replies. If you look here, and look under the Replies column, you'll get an idea what occurs.

Not seeing anything bad here, though assuming you have already made changes there/ What issues are still needing corrections there please?