[code] OTS logfile created on: 11/11/2009 10:13:21 PM - Run 1 OTS by OldTimer - Version 3.1.5.0 Folder = C:\Users\Owner\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.87 Gb Total Physical Memory | 1.45 Gb Available Physical Memory | 50.58% Memory free 4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.94 Gb Total Space | 62.38 Gb Free Space | 21.82% Space Free | Partition Type: NTFS Drive D: | 12.15 Gb Total Space | 1.65 Gb Free Space | 13.57% Space Free | Partition Type: NTFS Drive E: | 4.36 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Drive J: | 243.73 Mb Total Space | 242.13 Mb Free Space | 99.35% Space Free | Partition Type: FAT Computer Name: OWNER-PC Current User Name: Owner Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\Owner\Downloads\OTS.exe -> [2009/11/11 22:07:31 | 00,525,824 | ---- | M] (OldTimer Tools) ots.exe -> C:\Users\Owner\Downloads\OTS.exe -> [2009/11/11 22:07:31 | 00,525,824 | ---- | M] (OldTimer Tools) avgtray.exe -> C:\Program Files (x86)\AVG\AVG9\avgtray.exe -> [2009/11/11 20:57:56 | 02,016,536 | ---- | M] (AVG Technologies CZ, s.r.o.) avgtray.exe -> C:\Program Files (x86)\AVG\AVG9\avgtray.exe -> [2009/11/11 20:57:56 | 02,016,536 | ---- | M] (AVG Technologies CZ, s.r.o.) avgtray.exe -> C:\Program Files (x86)\AVG\AVG9\avgtray.exe -> [2009/11/11 20:57:56 | 02,016,536 | ---- | M] (AVG Technologies CZ, s.r.o.) avgtray.exe -> C:\Program Files (x86)\AVG\AVG9\avgtray.exe -> [2009/11/11 20:57:56 | 02,016,536 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -> [2009/11/11 20:57:53 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) avgwdsvc.exe -> C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -> [2009/11/11 20:57:53 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) msa.exe -> C:\Windows\msa.exe -> [2009/11/11 18:11:43 | 00,163,328 | ---- | M] () msa.exe -> C:\Windows\msa.exe -> [2009/11/11 18:11:43 | 00,163,328 | ---- | M] () msa.exe -> C:\Windows\msa.exe -> [2009/11/11 18:11:43 | 00,163,328 | ---- | M] () msa.exe -> C:\Windows\msa.exe -> [2009/11/11 18:11:43 | 00,163,328 | ---- | M] () msa.exe -> C:\Windows\msa.exe -> [2009/11/11 18:11:43 | 00,163,328 | ---- | M] () c.exe -> C:\Users\Owner\AppData\Local\Temp\c.exe -> [2009/11/11 18:11:40 | 00,156,672 | ---- | M] () btdna.exe -> C:\Users\Owner\Program Files (x86)\DNA\btdna.exe -> [2009/11/07 11:32:12 | 00,323,392 | ---- | M] (BitTorrent, Inc.) firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> [2009/10/28 11:22:02 | 00,307,704 | ---- | M] (Mozilla Corporation) firefox.exe -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe -> [2009/10/28 11:22:02 | 00,307,704 | ---- | M] (Mozilla Corporation) jusched.exe -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe -> [2009/07/31 14:23:21 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) applemobiledeviceservice.exe -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) firedogadvisorsrvhost.exe -> C:\Program Files (x86)\firedog advisor\firedogAdvisorSrvHost.exe -> [2007/12/24 15:27:24 | 00,312,328 | ---- | M] () firedogadvisorsrvhost.exe -> C:\Program Files (x86)\firedog advisor\firedogAdvisorSrvHost.exe -> [2007/12/24 15:27:24 | 00,312,328 | ---- | M] () firedogadvisorsrvhost.exe -> C:\Program Files (x86)\firedog advisor\firedogAdvisorSrvHost.exe -> [2007/12/24 15:27:24 | 00,312,328 | ---- | M] () firedogadvisorsrvhost.exe -> C:\Program Files (x86)\firedog advisor\firedogAdvisorSrvHost.exe -> [2007/12/24 15:27:24 | 00,312,328 | ---- | M] () firedogadvisorsrvhost.exe -> C:\Program Files (x86)\firedog advisor\firedogAdvisorSrvHost.exe -> [2007/12/24 15:27:24 | 00,312,328 | ---- | M] () faagnt.exe -> C:\Program Files (x86)\firedog advisor\faAgnt.exe -> [2007/11/11 16:47:28 | 00,522,760 | ---- | M] (Microsoft Corporation) faagnt.exe -> C:\Program Files (x86)\firedog advisor\faAgnt.exe -> [2007/11/11 16:47:28 | 00,522,760 | ---- | M] (Microsoft Corporation) nmindexstoresvr.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe -> [2007/06/27 19:04:00 | 01,213,736 | ---- | M] (Nero AG) nmindexingservice.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -> [2007/06/27 19:04:00 | 00,279,848 | ---- | M] (Nero AG) nmbgmonitor.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe -> [2007/06/27 19:03:40 | 00,152,872 | ---- | M] (Nero AG) nmbgmonitor.exe -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe -> [2007/06/27 19:03:40 | 00,152,872 | ---- | M] (Nero AG) viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) viewpointservice.exe -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) kbd.exe -> C:\hp\KBD\kbd.exe -> [2005/02/02 11:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) [Modules - Safe List] ots.exe -> C:\Users\Owner\Downloads\OTS.exe -> [2009/11/11 22:07:31 | 00,525,824 | ---- | M] (OldTimer Tools) wininet.dll -> C:\Windows\SysWOW64\wininet.dll -> [2009/08/27 08:32:41 | 00,833,024 | ---- | M] (Microsoft Corporation) atl.dll -> C:\Windows\SysWOW64\atl.dll -> [2009/07/17 09:35:11 | 00,071,680 | ---- | M] (Microsoft Corporation) srclient.dll -> C:\Windows\SysWOW64\srclient.dll -> [2008/07/31 20:41:52 | 00,040,960 | ---- | M] (Microsoft Corporation) spp.dll -> C:\Windows\SysWOW64\spp.dll -> [2008/01/20 21:52:09 | 00,142,336 | ---- | M] (Microsoft Corporation) xmllite.dll -> C:\Windows\SysWOW64\xmllite.dll -> [2008/01/20 21:50:01 | 00,183,296 | ---- | M] (Microsoft Corporation) vssapi.dll -> C:\Windows\SysWOW64\vssapi.dll -> [2008/01/20 21:49:43 | 01,076,224 | ---- | M] (Microsoft Corporation) vsstrace.dll -> C:\Windows\SysWOW64\vsstrace.dll -> [2008/01/20 21:49:43 | 00,069,120 | ---- | M] (Microsoft Corporation) authz.dll -> C:\Windows\SysWOW64\authz.dll -> [2008/01/20 21:49:32 | 00,079,360 | ---- | M] (Microsoft Corporation) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll -> [2008/01/20 21:48:06 | 01,684,480 | ---- | M] (Microsoft Corporation) normaliz.dll -> C:\Windows\SysWOW64\normaliz.dll -> [2006/11/02 03:33:06 | 00,002,560 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] 64bit-(WMPNetworkSvc) [On_Demand | Running] -> C:\Program Files\Windows Media Player\wmpnetwk.exe -> [2008/01/20 21:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) 64bit-(WinDefend) [Auto | Stopped] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 21:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) 64bit-(XAudioService) [Auto | Running] -> C:\Windows\SysNative\DRIVERS\xaudio64.exe -> [2007/10/18 10:37:22 | 00,412,672 | ---- | M] () (avg9wd) AVG Free WatchDog [Auto | Running] -> C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -> [2009/11/11 20:57:53 | 00,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) (Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.) (clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/27 13:03:13 | 00,069,632 | ---- | M] (Microsoft Corporation) (clr_optimization_v2.0.50727_64) Microsoft .NET Framework NGEN v2.0.50727_X64 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -> [2008/07/27 13:01:49 | 00,093,184 | ---- | M] (Microsoft Corporation) (FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -> [2008/06/19 20:17:12 | 00,046,104 | ---- | M] (Microsoft Corporation) (idsvc) Windows CardSpace [Unknown | Stopped] -> C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -> [2008/06/19 20:16:53 | 00,859,648 | ---- | M] (Microsoft Corporation) (LightScribeService) LightScribeService Direct Disc Labeling Service [On_Demand | Stopped] -> c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -> [2008/06/09 12:21:58 | 00,073,728 | ---- | M] (Hewlett-Packard Company) (HP Health Check Service) HP Health Check Service [On_Demand | Stopped] -> c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe -> [2008/06/02 17:09:18 | 00,094,208 | ---- | M] (Hewlett-Packard) (GameConsoleService) GameConsoleService [On_Demand | Stopped] -> C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe -> [2008/03/28 18:04:58 | 00,165,416 | ---- | M] (WildTangent, Inc.) (ehRecvr) Windows Media Center Receiver Service [On_Demand | Stopped] -> C:\Windows\ehome\ehrecvr.exe -> [2008/01/20 21:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) (ehSched) Windows Media Center Scheduler Service [On_Demand | Stopped] -> C:\Windows\ehome\ehsched.exe -> [2008/01/20 21:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) (firedogAdvisorSrvHost) firedogAdvisorSrvHost [Auto | Running] -> C:\Program Files (x86)\firedog advisor\firedogAdvisorSrvHost.exe -> [2007/12/24 15:27:24 | 00,312,328 | ---- | M] () (NBService) NBService [On_Demand | Stopped] -> C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe -> [2007/06/29 19:16:56 | 00,800,040 | ---- | M] (Nero AG) (NMIndexingService) NMIndexingService [On_Demand | Running] -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe -> [2007/06/27 19:04:00 | 00,279,848 | ---- | M] (Nero AG) (Viewpoint Manager Service) Viewpoint Manager Service [Auto | Running] -> C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) (ehstart) Windows Media Center Service Launcher [Auto | Stopped] -> C:\Windows\ehome\ehstart.dll -> [2006/11/02 10:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) (MSDTC) Distributed Transaction Coordinator [Unknown | Stopped] -> C:\Windows\SysWOW64\Msdtc -> [2006/11/02 08:34:14 | 00,000,000 | ---D | M] (vds) Virtual Disk [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vds.mof -> [2006/11/02 01:35:15 | 00,060,994 | ---- | M] () (VSS) Volume Shadow Copy [On_Demand | Stopped] -> C:\Windows\SysWOW64\wbem\vss.mof -> [2006/11/02 01:35:15 | 00,055,846 | ---- | M] () (Microsoft Office Groove Audit Service) Microsoft Office Groove Audit Service [On_Demand | Stopped] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -> [2006/10/27 00:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) (odserv) Microsoft Office Diagnostics Service [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) (ose) Office Source Engine [On_Demand | Stopped] -> C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [Driver Services - Safe List] 64bit-(AvgTdiA) AVG8 Network Redirector [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\avgtdia.sys -> [2009/11/11 20:58:42 | 00,470,024 | ---- | M] () 64bit-(AvgLdx64) AVG Free AVI Loader Driver x64 [Kernel | System | Running] -> C:\Windows\SysNative\Drivers\avgldx64.sys -> [2009/11/11 20:58:42 | 00,422,920 | ---- | M] () 64bit-(AvgMfx64) AVG Free On-access Scanner Minifilter Driver x64 [File_System | System | Running] -> C:\Windows\SysNative\Drivers\avgmfx64.sys -> [2009/11/11 20:58:42 | 00,034,248 | ---- | M] () 64bit-(pcouffin) VSO Software pcouffin [Kernel | On_Demand | Running] -> C:\Windows\SysNative\Drivers\pcouffin.sys -> [2008/12/22 13:46:23 | 00,082,816 | ---- | M] () 64bit-(CAXHWBS2) CAXHWBS2 [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -> [2008/05/08 08:27:00 | 00,411,136 | ---- | M] () 64bit-(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -> [2008/05/08 08:25:12 | 00,740,864 | ---- | M] () 64bit-(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> C:\Windows\SysNative\DRIVERS\CAX_DP.sys -> [2008/05/08 08:24:08 | 01,487,872 | ---- | M] () 64bit-(WpdUsb) WpdUsb [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\DRIVERS\wpdusb.sys -> [2008/01/20 21:47:28 | 00,046,080 | ---- | M] () 64bit-(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\drivers\usbaudio.sys -> [2008/01/20 21:47:04 | 00,098,816 | ---- | M] () 64bit-(faproct) Circuit City Firedog Advisor ProcessTriggerDriver [Kernel | Auto | Running] -> C:\Windows\SysNative\DRIVERS\faproc64.sys -> [2007/11/28 17:28:02 | 00,009,216 | --S- | M] () 64bit-(XAudio) XAudio [Kernel | Auto | Running] -> C:\Windows\SysNative\DRIVERS\xaudio64.sys -> [2007/10/18 10:37:10 | 00,010,240 | ---- | M] () 64bit-(faunidrv) UniDriver for Firedog Advisor [Kernel | Auto | Running] -> C:\Windows\SysNative\DRIVERS\faunid64.sys -> [2007/09/23 16:43:12 | 00,008,704 | --S- | M] () 64bit-(JLTECH0227) Dual Mode Camera [Kernel | On_Demand | Stopped] -> C:\Windows\SysNative\Drivers\jl2005c.sys -> [2007/08/29 11:30:52 | 00,080,176 | ---- | M] () 64bit-(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -> [2006/06/19 09:27:24 | 00,017,024 | ---- | M] () (Tcpip) TCP/IP Protocol Driver [Kernel | Boot | Running] -> C:\Windows\SysWOW64\wbem\tcpip.mof -> [2006/09/18 16:36:40 | 00,003,066 | ---- | M] () (mpsdrv) Windows Firewall Authorization Driver [Kernel | On_Demand | Running] -> C:\Windows\SysWOW64\wbem\mpsdrv.mof -> [2006/09/18 16:35:23 | 00,001,088 | ---- | M] () (mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> C:\Windows\SysWOW64\mdmxsdk.dll -> [2006/06/19 09:26:50 | 00,094,208 | ---- | M] (Conexant) [Registry - Safe List] < 64bit-Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt -> < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt -> HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> [binary data] -> HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://broadband.zoomtown.com -> HKEY_LOCAL_MACHINE\: URLSearchHooks\\"{03402f96-3dc7-4285-bc50-9e81fefafe43}" [HKLM] -> C:\Program Files (x86)\AIM Toolbar\aimtb.dll [AIM Toolbar Search Class] -> [2009/08/28 12:33:14 | 01,303,912 | ---- | M] (AOL LLC.) < Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> < Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> < Internet Explorer Settings [HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\] > -> -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\: Main\\"Default_Page_URL" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=84&bd=Pavilion&pf=cndt -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\: Main\\"Local Page" -> C:\Windows\system32\blank.htm -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\: Main\\"Start Page" -> http://broadband.zoomtown.com -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\: Main\\"StartPageCache" -> 1 -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\: URLSearchHooks\\"{03402f96-3dc7-4285-bc50-9e81fefafe43}" [HKLM] -> C:\Program Files (x86)\AIM Toolbar\aimtb.dll [AIM Toolbar Search Class] -> [2009/08/28 12:33:14 | 01,303,912 | ---- | M] (AOL LLC.) HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\: "ProxyEnable" -> 0 -> < FireFox Settings [Prefs.js] > -> C:\Users\Owner\AppData\Roaming\Mozilla\FireFox\Profiles\6qyz629f.default\prefs.js -> browser.search.defaultenginename -> "AIM Search" -> browser.search.defaulturl -> "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us" -> browser.search.selectedEngine -> "GoogIe" -> browser.search.useDBForOrder -> true -> browser.startup.homepage -> "http://www.yahoo.com/" -> extensions.enabledItems -> {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1 -> extensions.enabledItems -> {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.701 -> extensions.enabledItems -> {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1 -> extensions.enabledItems -> {3112ca9c-de6d-4884-a869-9855de68056c}:3.1.20081127W -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13 -> extensions.enabledItems -> {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 -> extensions.enabledItems -> {20a82645-c095-46ed-80e3-08825760534b}:0.0.0 -> extensions.enabledItems -> moveplayer@movenetworks.com:7 -> extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15 -> keyword.URL -> "http://www.offos.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=URFsKIxb&q=" -> < FireFox Settings [User.js] > -> C:\Users\Owner\AppData\Roaming\Mozilla\FireFox\Profiles\6qyz629f.default\user.js -> browser.search.selectedEngine -> "GoogIe" -> keyword.URL -> "http://www.offos.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&rls=URFsKIxb&q=" -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71} -> C:\Program Files (x86)\AVG\AVG9\Firefox [C:\PROGRAM FILES (X86)\AVG\AVG9\FIREFOX] -> [2009/11/11 20:57:53 | 00,000,000 | ---D | M] HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/09/15 02:02:50 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components -> C:\Program Files (x86)\Mozilla Firefox\components [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS] -> [2009/10/28 11:22:04 | 00,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins -> C:\Program Files (x86)\Mozilla Firefox\plugins [C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS] -> [2009/11/01 21:58:12 | 00,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\Owner\AppData\Roaming\Mozilla\Extensions -> [2009/05/22 23:58:35 | 00,000,000 | ---D | M] -> C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} -> [2008/12/05 19:39:34 | 00,000,000 | ---D | M] -> C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org -> [2009/05/22 23:58:35 | 00,000,000 | ---D | M] -> C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6qyz629f.default\extensions -> [2009/11/11 21:05:22 | 00,000,000 | ---D | M] -> C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6qyz629f.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} -> [2008/12/05 22:46:20 | 00,000,000 | ---D | M] -> C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6qyz629f.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} -> [2009/09/14 18:05:51 | 00,000,000 | ---D | M] -> C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6qyz629f.default\extensions\firefox@tvunetworks.com -> [2009/09/19 14:29:07 | 00,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> aim-search.xml -> C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6qyz629f.default\searchplugins\aim-search.xml -> [2009/09/26 14:57:28 | 00,004,546 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files (x86)\Mozilla Firefox\extensions -> [2009/09/27 18:11:55 | 00,000,000 | ---D | M] -> C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} -> [2009/10/28 11:22:04 | 00,000,000 | ---D | M] -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} -> [2009/03/08 10:55:03 | 00,000,000 | ---D | M] -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} -> [2009/03/27 10:15:51 | 00,000,000 | ---D | M] -> C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} -> [2009/09/13 17:48:24 | 00,000,000 | ---D | M] < FireFox Components [Program Folders] > -> browserdirprovider.dll -> C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll -> [2009/10/28 11:22:02 | 00,023,032 | ---- | M] (Mozilla Foundation) brwsrcmp.dll -> C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll -> [2009/10/28 11:22:02 | 00,134,648 | ---- | M] (Mozilla Foundation) < HOSTS File > (761 bytes and 20 lines) -> C:\Windows\SysNative\Drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost ::1 localhost < 64bit-BHO's [HKEY_LOCAL_MACHINE] > -> 64bit-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG9\avgssiea.dll [AVG Safe Search] -> [2009/11/11 20:58:03 | 02,118,424 | ---- | M] (AVG Technologies CZ, s.r.o.) < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [&Yahoo! Toolbar Helper] -> [2007/10/19 16:56:50 | 00,817,936 | ---- | M] (Yahoo! Inc.) {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated) {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files (x86)\AVG\AVG9\avgssie.dll [AVG Safe Search] -> [2009/11/11 20:57:59 | 01,475,864 | ---- | M] (AVG Technologies CZ, s.r.o.) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2006/10/27 00:48:42 | 02,210,608 | ---- | M] (Microsoft Corporation) {b0cda128-b425-4eef-a174-61a11ac5dbf8} [HKLM] -> C:\Program Files (x86)\AIM Toolbar\aimtb.dll [AIM Toolbar Loader] -> [2009/08/28 12:33:14 | 01,303,912 | ---- | M] (AOL LLC.) {DBAF53D4-11FE-482D-B516-B3103BC71F87} [HKLM] -> C:\Program Files (x86)\linksador\ShowInfo\IeShowInfo.dll [ReceiverBho Class] -> [2009/08/22 10:37:14 | 00,053,248 | ---- | M] (IeShowInfo) {DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/07/31 14:23:13 | 00,041,760 | ---- | M] (Sun Microsystems, Inc.) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{61539ecd-cc67-4437-a03c-9aaccbd14326}" [HKLM] -> C:\Program Files (x86)\AIM Toolbar\aimtb.dll [AIM Toolbar] -> [2009/08/28 12:33:14 | 01,303,912 | ---- | M] (AOL LLC.) "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2007/10/19 16:56:50 | 00,817,936 | ---- | M] (Yahoo! Inc.) < Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\] > -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{61539ECD-CC67-4437-A03C-9AACCBD14326}" [HKLM] -> C:\Program Files (x86)\AIM Toolbar\aimtb.dll [AIM Toolbar] -> [2009/08/28 12:33:14 | 01,303,912 | ---- | M] (AOL LLC.) < 64bit-Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "CanonMyPrinter" -> C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon] -> [2007/09/13 20:50:00 | 01,840,720 | ---- | M] (CANON INC.) "CanonSolutionMenu" -> C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe ["C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" /logon] -> [2007/10/25 20:10:00 | 00,652,624 | ---- | M] (CANON INC.) "NvCplDaemon" -> C:\Windows\SysNative\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2008/05/22 09:49:00 | 15,851,040 | ---- | M] () "NvMediaCenter" -> C:\Windows\SysNative\NvMcTray.DLL [RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit] -> [2008/05/22 09:49:00 | 00,082,464 | ---- | M] () "Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/20 21:47:32 | 01,584,184 | ---- | M] (Microsoft Corporation) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe ARM" -> C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"] -> [2009/09/04 11:08:30 | 00,935,288 | R--- | M] (Adobe Systems Incorporated) "Adobe Reader Speed Launcher" -> C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2009/10/03 04:45:05 | 00,039,792 | ---- | M] (Adobe Systems Incorporated) "AVG9_TRAY" -> C:\Program Files (x86)\AVG\AVG9\avgtray.exe [C:\PROGRA~2\AVG\AVG9\avgtray.exe] -> [2009/11/11 20:57:56 | 02,016,536 | ---- | M] (AVG Technologies CZ, s.r.o.) "GrooveMonitor" -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe ["C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"] -> [2006/10/27 00:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) "KBD" -> C:\hp\KBD\KbdStub.exe [C:\HP\KBD\KbdStub.EXE] -> [2006/12/08 11:16:56 | 00,065,536 | ---- | M] () "SunJavaUpdateSched" -> C:\Program Files (x86)\Java\jre6\bin\jusched.exe ["C:\Program Files (x86)\Java\jre6\bin\jusched.exe"] -> [2009/07/31 14:23:21 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) < Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2008/01/20 21:47:33 | 01,233,920 | ---- | M] (Microsoft Corporation) "WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2008/01/20 21:47:52 | 02,153,472 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Sidebar" -> C:\Program Files (x86)\Windows Sidebar\sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2008/01/20 21:47:33 | 01,233,920 | ---- | M] (Microsoft Corporation) "WindowsWelcomeCenter" -> C:\Windows\SysWow64\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2008/01/20 21:47:52 | 02,153,472 | ---- | M] (Microsoft Corporation) < Run [HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\] > -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" -> C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe ["C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"] -> [2007/06/27 19:03:40 | 00,152,872 | ---- | M] (Nero AG) "BitTorrent DNA" -> C:\Users\Owner\Program Files (x86)\DNA\btdna.exe ["C:\Users\Owner\Program Files (x86)\DNA\btdna.exe"] -> [2009/11/07 11:32:12 | 00,323,392 | ---- | M] (BitTorrent, Inc.) "ehTray.exe" -> C:\Windows\ehome\ehtray.exe [C:\Windows\ehome\ehTray.exe] -> [2008/01/20 21:51:33 | 00,138,240 | ---- | M] (Microsoft Corporation) "firedogadvisor" -> C:\Program Files (x86)\firedog advisor\faAgnt.exe [C:\Program Files (x86)\firedog advisor\faAgnt.exe /startup] -> [2007/11/11 16:47:28 | 00,522,760 | ---- | M] (Microsoft Corporation) "PopUpStopperFreeEdition" -> C:\PROGRA~2\Panicware\Pop-Up Stopper Free Edition\PSFree.exe ["C:\PROGRA~2\Panicware\Pop-Up Stopper Free Edition\PSFree.exe"] -> File not found "Sidebar" -> C:\Program Files\Windows Sidebar\sidebar.exe [C:\Program Files\Windows Sidebar\sidebar.exe] -> [2008/01/20 21:47:57 | 01,555,968 | ---- | M] (Microsoft Corporation) "TurboNet" -> C:\Users\Owner\AppData\Local\Temp\c.exe [C:\Users\Owner\AppData\Local\Temp\c.exe] -> [2009/11/11 18:11:40 | 00,156,672 | ---- | M] () "WMPNSCFG" -> C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe] -> File not found < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoActiveDesktop" -> [1] -> File not found \\"NoActiveDesktopChanges" -> [1] -> File not found \\"ForceActiveDesktopOn" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [2] -> File not found \\"ConsentPromptBehaviorUser" -> [1] -> File not found \\"EnableInstallerDetection" -> [1] -> File not found \\"EnableLUA" -> [1] -> File not found \\"EnableSecureUIAPaths" -> [1] -> File not found \\"EnableVirtualization" -> [1] -> File not found \\"PromptOnSecureDesktop" -> [1] -> File not found \\"ValidateAdminCodeSignatures" -> [0] -> File not found \\"dontdisplaylastusername" -> [0] -> File not found \\"legalnoticecaption" -> [] -> File not found \\"legalnoticetext" -> [] -> File not found \\"scforceoption" -> [0] -> File not found \\"shutdownwithoutlogon" -> [1] -> File not found \\"undockwithoutlogon" -> [1] -> File not found \\"FilterAdministratorToken" -> [0] -> File not found \\"EnableUIADesktopToggle" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats \UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" -> [1] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" -> [2] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" -> [7] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_DIB" -> [8] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" -> [9] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" -> [13] -> File not found \UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" -> [17] -> File not found < 64bit-Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\] > -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000] -> [2006/10/27 15:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation) < Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\] > -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> E&xport to Microsoft Excel -> C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000] -> [2006/10/27 15:07:36 | 17,891,112 | ---- | M] (Microsoft Corporation) E&xport to Microsoft Office Excel -> C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE [res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000] -> File not found < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2006/10/26 20:32:42 | 00,604,000 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2006/10/26 20:32:42 | 00,604,000 | ---- | M] (Microsoft Corporation) {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF}:Exec [HKLM] -> C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe [Button: PokerStars] -> [2009/03/27 19:39:04 | 00,603,416 | ---- | M] (PokerStars) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/26 20:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation) < 64bit-Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> < 64bit-Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < 64bit-Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < 64bit-Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. -> Range1 [:Range = 127.0.0.1] -> http = Local intranet | -> < Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. -> Range1 [:Range = 127.0.0.1] -> http = Local intranet | -> < Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> < Trusted Sites Domains [HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\] > -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> < Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\] > -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_USERS\S-1-5-21-1081535202-3391449866-3827389450-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. -> Range1 [:Range = 127.0.0.1] -> http = Local intranet | -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab [QuickTime Plugin Control] -> {67DABFBF-D0AB-41FA-9C46-CC0F21721616} [HKLM] -> http://download.divx.com/player/DivXBrowserPlugin.cab [DivXBrowserPlugin Object] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] -> {A3256902-51FA-45A0-8A97-FC1143C169D9} [HKLM] -> http://support.microsoft.com/mats/DiagWebControl.cab [Diagnostics ActiveX WebControl] -> {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab [Java Plug-in 1.6.0_01] -> {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab [Java Plug-in 1.6.0_16] -> {F27237D7-93C8-44C2-AC6E-D6057B9A918F} [HKLM] -> https://juniper.net/dana-cached/sc/JuniperSetupClient.cab [JuniperSetupClientControl Class] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {EDD7762A-4484-4E11-B5DD-8941532B0891}\\DhcpNameServer -> 192.168.1.1 (NVIDIA nForce 10/100 Mbps Ethernet ) -> < 64bit-AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs -> 64bit-*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls -> avgrssta.dll -> C:\Windows\SysNative\avgrssta.dll -> [2009/11/11 20:58:07 | 00,012,464 | ---- | M] () *MultiFile Done* -> -> < 64bit-Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 64bit-*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\explorer.exe -> [2008/10/29 01:49:22 | 03,080,704 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> explorer.exe -> C:\Windows\SysWow64\explorer.exe -> [2008/10/29 01:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2006/10/27 00:48:42 | 02,210,608 | ---- | M] (Microsoft Corporation) < Vista Public Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications -> < Vista Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications -> 64bit-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List \List\\"C:\Program Files (x86)\BitTorrent\bittorrent.exe" -> C:\Program Files (x86)\BitTorrent\bittorrent.exe [C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] -> [2009/09/09 21:30:45 | 00,653,104 | ---- | M] (BitTorrent, Inc.) < Vista Active Firewall Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {2B8E8D9A-B241-4EFA-81D4-3A4467F2A234} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32809 | app=%systemroot%\system32\svchost.exe | svc=fdrespub | {3564371A-0F4E-48B0-A094-4FDC2C9043EF} -> lport=rpc | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28535 | app=%systemroot%\system32\spoolsv.exe | svc=spooler | {483410E1-1168-4538-8F0C-D397AC47B576} -> lport=6004 | profile=private | protocol=17 | dir=in | action=allow | name=microsoft office outlook | app=c:\program files (x86)\microsoft office\office12\outlook.exe | {4890C079-FFD2-4B07-82BC-F10987D88115} -> lport=137 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28519 | app=system | {4AED949A-B880-43E4-8570-62933639D82B} -> rport=1900 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32757 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {55C9F25E-68B4-46C2-B2DF-63E1F24CB1FB} -> lport=rpc-epmap | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28539 | svc=rpcss | {5A8E73B8-9CB4-4506-A678-A20AE4947D3E} -> rport=5355 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32805 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {65E85A7E-BC69-46B8-86DF-C05CDF4BFF67} -> rport=445 | profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28515 | app=system | {73F4C254-B56A-4DA3-9FA3-A5A3331EA7C5} -> lport=5355 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32801 | app=%systemroot%\system32\svchost.exe | svc=dnscache | {7F21130D-0076-459D-93E4-71EDD912ADF6} -> lport=445 | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28511 | app=system | {8811A040-AC6A-40A6-825A-213F562F0975} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32789 | app=%systemroot%\system32\svchost.exe | svc=fdphost | {923294E4-584E-4859-A234-C0932E15CA07} -> lport=138 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-28527 | app=system | {92F83282-32FE-4B51-96AA-CE1D6DB99DF7} -> rport=3702 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-32811 | app=%systemroot%\system32\svchost.exe | svc=fdrespub | {B4D3BFF5-486F-482A-B2BC-9A036B4D8647} -> lport=3702 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32785 | app=%systemroot%\system32\svchost.exe | svc=fdphost | {B70897C6-7451-4D3F-B0AD-A7180356E191} -> lport=1900 | profile=public | protocol=17 | dir=in | action=allow | name=@firewallapi.dll,-32753 | app=%systemroot%\system32\svchost.exe | svc=ssdpsrv | {BAF8797B-7512-466B-A297-24771A2EE28D} -> lport=139 | profile=public | protocol=6 | dir=in | action=allow | name=@firewallapi.dll,-28503 | app=system | {CF03311E-55C9-4825-9E1D-224997784FF9} -> rport=138 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28531 | app=system | {DD11151B-0293-4929-A9FD-6FF0EBE0EE75} -> rport=139 | profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-28507 | app=system | {EB4AFD80-B959-4C47-82E4-2ADA81725DBE} -> rport=137 | profile=public | protocol=17 | dir=out | action=allow | name=@firewallapi.dll,-28523 | app=system | < Vista Active Application Exception Rules > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules -> {00D88320-4C4B-49E6-8A3F-54DF121A0E53} -> dir=in | action=allow | name=cyberlink powerdirector | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | {1BE2DAD6-9DDD-4B9D-A73A-F53E8AC3129A} -> profile=private | protocol=6 | dir=in | action=allow | name=aim | app=c:\program files (x86)\aim6\aim6.exe | {3021D738-E54A-4B5A-8266-7D818E9616AD} -> profile=private | protocol=17 | dir=in | action=allow | name=aim | app=c:\program files (x86)\aim\aim.exe | {3BCB80BF-E9D3-42E2-9301-E96E3E67AA82} -> profile=private | protocol=17 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | {3F13DC07-B5FD-4F7D-A241-E41E13576B94} -> profile=private | protocol=6 | dir=in | action=allow | name=microsoft office groove | app=c:\program files (x86)\microsoft office\office12\groove.exe | {3F61463D-7A7E-4C43-B286-9811377A73F5} -> profile=public | protocol=1 | dir=out | action=allow | name=@firewallapi.dll,-28544 | {51E82984-BBFC-4365-B6DC-E3DC99CF432E} -> profile=private | protocol=17 | dir=in | action=allow | name=aim | app=c:\program files (x86)\aim6\aim6.exe | {589E8B01-5B33-434B-863F-2B191BBF2938} -> profile=private | protocol=6 | dir=in | action=allow | name=aol loader | app=c:\program files (x86)\common files\aol\loader\aolload.exe | {74884FD6-04A9-4C2E-BF8A-8DF43DCE89FB} -> profile=private | protocol=6 | dir=in | action=allow | name=aim | app=c:\program files (x86)\aim\aim.exe | {77C5A639-CC89-4FA3-A93A-7C3DD9600D94} -> profile=public | protocol=58 | dir=out | action=allow | name=@firewallapi.dll,-28546 | {8B8DD6BC-FA85-40A2-9569-AD82FBD00106} -> profile=private | protocol=17 | dir=in | action=allow | name=dna (udp-in) | app=c:\program files (x86)\dna\btdna.exe | {8C23E98F-BF11-4FA4-8960-A5DD4FF42072} -> profile=private | dir=in | action=allow | name=avgnsa.exe | app=c:\program files (x86)\avg\avg8\avgnsa.exe | {903099E9-8BC7-45B7-9D2C-771A797AB62D} -> profile=private | protocol=6 | dir=in | action=allow | name=dna (tcp-in) | app=c:\program files (x86)\dna\btdna.exe | {93F6E771-75E7-4EF8-ACD5-A4D13E284F6D} -> profile=private | protocol=6 | dir=in | action=allow | name=microsoft office onenote | app=c:\program files (x86)\microsoft office\office12\onenote.exe | {9F6C1462-18D3-49E8-BD94-987C34E732A1} -> profile=private | protocol=17 | dir=in | action=allow | name=aol loader | app=c:\program files (x86)\common files\aol\loader\aolload.exe | {E68A21AD-4A02-4777-B402-EFE4C44091F1} -> profile=public | protocol=6 | dir=out | action=allow | name=@firewallapi.dll,-32821 | app=%systemroot%\system32\svchost.exe | svc=upnphost | {EB2133AA-A0FD-4098-A5FD-1913BE3C281D} -> profile=private | protocol=6 | dir=in | action=allow | name=veoh web player | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe | {EEA1948C-ABD0-4D3D-BFED-EE9267DB1F4F} -> profile=public | protocol=58 | dir=in | action=allow | name=@firewallapi.dll,-28545 | {F482DA80-8F63-4D73-AF9F-A88B8783F016} -> profile=public | protocol=1 | dir=in | action=allow | name=@firewallapi.dll,-28543 | {F6EBEE29-8BDE-4743-AE6E-F10389B2DDDE} -> profile=private | protocol=17 | dir=in | action=allow | name=microsoft office groove | app=c:\program files (x86)\microsoft office\office12\groove.exe | {FA118685-7EAB-4E06-B416-F220F0563570} -> profile=private | protocol=17 | dir=in | action=allow | name=veoh web player | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe | {FC489CA7-13E4-40F9-A51A-A036A2DE3C7D} -> profile=private | dir=in | action=allow | name=avgupd.exe | app=c:\program files (x86)\avg\avg8\avgupd.exe | TCP Query User{259F1607-B8EC-45D2-BD67-071DEA67EAD6}C:\users\owner\program files (x86)\dna\btdna.exe -> profile=public | protocol=6 | dir=in | action=block | name=btdna.exe | app=c:\users\owner\program files (x86)\dna\btdna.exe | TCP Query User{8DC51065-BD62-4CC8-92AA-31948BB91C0A}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe -> profile=public | protocol=6 | dir=in | action=block | name=veoh web player beta | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe | TCP Query User{8E36F269-75D7-4E9E-B69B-D6B08921F5A3}C:\program files (x86)\ares\ares.exe -> profile=private | protocol=6 | dir=in | action=allow | name=ares p2p for windows | app=c:\program files (x86)\ares\ares.exe | TCP Query User{AD1C3454-721D-414F-9046-12F1474B9410}C:\program files (x86)\mozilla firefox\firefox.exe -> profile=private | protocol=6 | dir=in | action=allow | name=firefox | app=c:\program files (x86)\mozilla firefox\firefox.exe | TCP Query User{AD7404CA-7C1A-45B4-AEE3-58CDBF3E4123}C:\program files (x86)\internet explorer\iexplore.exe -> profile=private | protocol=6 | dir=in | action=allow | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe | TCP Query User{D0E027F3-B27A-4DA7-A5FF-8E7109473565}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe -> profile=private | protocol=6 | dir=in | action=allow | name=streamtorrent p2p media player | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe | TCP Query User{DD58C251-6FF8-4A03-BAB8-2FEB73DD5684}C:\program files (x86)\limewire\limewire.exe -> profile=private | protocol=6 | dir=in | action=allow | name=limewire | app=c:\program files (x86)\limewire\limewire.exe | TCP Query User{E8F9A882-D82F-4246-A91B-6D0D252B0700}C:\program files (x86)\bittorrent\bittorrent.exe -> profile=public | protocol=6 | dir=in | action=allow | name=bittorrent | app=c:\program files (x86)\bittorrent\bittorrent.exe | TCP Query User{EF3DF0F0-DC2C-45B3-9C80-B2E1B6E805C6}C:\users\owner\program files (x86)\dna\btdna.exe -> profile=private | protocol=6 | dir=in | action=allow | name=btdna.exe | app=c:\users\owner\program files (x86)\dna\btdna.exe | TCP Query User{EFDED7BC-10E4-4CDF-9718-5C1B692D0932}C:\program files (x86)\bittorrent\bittorrent.exe -> profile=private | protocol=6 | dir=in | action=allow | name=bittorrent | app=c:\program files (x86)\bittorrent\bittorrent.exe | UDP Query User{10F33FE5-8789-43A2-B093-B67ED4FC6E1B}C:\program files (x86)\internet explorer\iexplore.exe -> profile=private | protocol=17 | dir=in | action=allow | name=internet explorer | app=c:\program files (x86)\internet explorer\iexplore.exe | UDP Query User{1AEBAB16-894A-487F-B525-DE0BDAC5BFF8}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe -> profile=public | protocol=17 | dir=in | action=block | name=veoh web player beta | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe | UDP Query User{20D8C674-D52C-4FE4-BCC9-CA689D18AD69}C:\program files (x86)\limewire\limewire.exe -> profile=private | protocol=17 | dir=in | action=allow | name=limewire | app=c:\program files (x86)\limewire\limewire.exe | UDP Query User{3117AB7F-BDBB-4ACF-A338-74D161181134}C:\users\owner\program files (x86)\dna\btdna.exe -> profile=public | protocol=17 | dir=in | action=block | name=btdna.exe | app=c:\users\owner\program files (x86)\dna\btdna.exe | UDP Query User{418C5EA0-EB09-4170-A894-BF711B7372B6}C:\program files (x86)\mozilla firefox\firefox.exe -> profile=private | protocol=17 | dir=in | action=allow | name=firefox | app=c:\program files (x86)\mozilla firefox\firefox.exe | UDP Query User{89CD399E-58BB-4B40-AF39-C1570CAC2925}C:\program files (x86)\bittorrent\bittorrent.exe -> profile=private | protocol=17 | dir=in | action=allow | name=bittorrent | app=c:\program files (x86)\bittorrent\bittorrent.exe | UDP Query User{B11A05F1-2076-4D2E-A6D0-580833927D76}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe -> profile=private | protocol=17 | dir=in | action=allow | name=streamtorrent p2p media player | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe | UDP Query User{D4F806EC-12B9-4C81-9CE1-36C73B67CB96}C:\program files (x86)\ares\ares.exe -> profile=private | protocol=17 | dir=in | action=allow | name=ares p2p for windows | app=c:\program files (x86)\ares\ares.exe | UDP Query User{E4E0EF54-989C-451B-BE9F-A01548CCC52D}C:\users\owner\program files (x86)\dna\btdna.exe -> profile=private | protocol=17 | dir=in | action=allow | name=btdna.exe | app=c:\users\owner\program files (x86)\dna\btdna.exe | UDP Query User{ED3459F3-7E23-447B-8071-E03151F12A62}C:\program files (x86)\bittorrent\bittorrent.exe -> profile=public | protocol=17 | dir=in | action=allow | name=bittorrent | app=c:\program files (x86)\bittorrent\bittorrent.exe | < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> "C:\Program Files (x86)\BitTorrent\bittorrent.exe" -> C:\Program Files (x86)\BitTorrent\bittorrent.exe [C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent] -> [2009/09/09 21:30:45 | 00,653,104 | ---- | M] (BitTorrent, Inc.) < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> "AlternateShell" -> cmd.exe -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> C:\Windows\SysNative\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/01/20 21:46:54 | 00,079,872 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> 64bit-comfile [open] -> "%1" %* -> File not found 64bit-exefile [open] -> "%1" %* -> File not found comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> [Files/Folders - Created Within 30 Days] $AVG -> C:\$AVG -> [2009/11/11 20:59:09 | 00,000,000 | -H-D | C] avg9 -> C:\ProgramData\avg9 -> [2009/11/11 20:57:51 | 00,000,000 | ---D | C] C:\ProgramData\avg9 -> C:\ProgramData\avg9 -> [2009/11/11 20:57:51 | 00,000,000 | ---D | C] C:\Program Files (x86)\linksador -> C:\Program Files (x86)\linksador -> [2009/11/07 11:59:17 | 00,000,000 | ---D | C] C:\Program Files (x86)\linksadoor -> C:\Program Files (x86)\linksadoor -> [2009/11/07 11:59:10 | 00,000,000 | ---D | C] C:\Program Files (x86)\playerinstall -> C:\Program Files (x86)\playerinstall -> [2009/11/07 11:58:41 | 00,000,000 | ---D | C] wuapi.dll -> C:\Windows\SysWow64\wuapi.dll -> [2009/11/06 12:21:53 | 00,575,704 | ---- | C] (Microsoft Corporation) wudriver.dll -> C:\Windows\SysWow64\wudriver.dll -> [2009/11/06 12:21:53 | 00,087,552 | ---- | C] (Microsoft Corporation) wups.dll -> C:\Windows\SysWow64\wups.dll -> [2009/11/06 12:21:53 | 00,035,552 | ---- | C] (Microsoft Corporation) wuwebv.dll -> C:\Windows\SysWow64\wuwebv.dll -> [2009/11/06 12:21:43 | 00,171,608 | ---- | C] (Microsoft Corporation) wuapp.exe -> C:\Windows\SysWow64\wuapp.exe -> [2009/11/06 12:21:43 | 00,033,792 | ---- | C] (Microsoft Corporation) mshtml.dll -> C:\Windows\SysWow64\mshtml.dll -> [2009/11/03 09:28:21 | 03,584,000 | ---- | C] (Microsoft Corporation) unregmp2.exe -> C:\Windows\SysWow64\unregmp2.exe -> [2009/10/28 11:24:33 | 00,310,784 | ---- | C] (Microsoft Corporation) wmp.dll -> C:\Windows\SysWow64\wmp.dll -> [2009/10/28 11:24:31 | 10,624,000 | ---- | C] (Microsoft Corporation) wmploc.DLL -> C:\Windows\SysWow64\wmploc.DLL -> [2009/10/28 11:24:29 | 08,147,456 | ---- | C] (Microsoft Corporation) EncDec.dll -> C:\Windows\SysWow64\EncDec.dll -> [2009/10/15 00:07:20 | 00,428,544 | ---- | C] (Microsoft Corporation) psisrndr.ax -> C:\Windows\SysWow64\psisrndr.ax -> [2009/10/15 00:07:19 | 00,217,088 | ---- | C] (Microsoft Corporation) psisdecd.dll -> C:\Windows\SysWow64\psisdecd.dll -> [2009/10/15 00:07:14 | 00,293,376 | ---- | C] (Microsoft Corporation) mpg2splt.ax -> C:\Windows\SysWow64\mpg2splt.ax -> [2009/10/15 00:07:13 | 00,177,664 | ---- | C] (Microsoft Corporation) MSNP.ax -> C:\Windows\SysWow64\MSNP.ax -> [2009/10/15 00:07:12 | 00,080,896 | ---- | C] (Microsoft Corporation) WMSPDMOD.DLL -> C:\Windows\SysWow64\WMSPDMOD.DLL -> [2009/10/15 00:06:48 | 00,604,672 | ---- | C] (Microsoft Corporation) msv1_0.dll -> C:\Windows\SysWow64\msv1_0.dll -> [2009/10/15 00:04:00 | 00,213,504 | ---- | C] (Microsoft Corporation) wdigest.dll -> C:\Windows\SysWow64\wdigest.dll -> [2009/10/15 00:04:00 | 00,175,104 | ---- | C] (Microsoft Corporation) secur32.dll -> C:\Windows\SysWow64\secur32.dll -> [2009/10/15 00:03:59 | 00,076,800 | ---- | C] (Microsoft Corporation) occache.dll -> C:\Windows\SysWow64\occache.dll -> [2009/10/15 00:03:17 | 00,146,432 | ---- | C] (Microsoft Corporation) wininet.dll -> C:\Windows\SysWow64\wininet.dll -> [2009/10/15 00:03:15 | 00,833,024 | ---- | C] (Microsoft Corporation) urlmon.dll -> C:\Windows\SysWow64\urlmon.dll -> [2009/10/15 00:03:14 | 01,174,528 | ---- | C] (Microsoft Corporation) ieframe.dll -> C:\Windows\SysWow64\ieframe.dll -> [2009/10/15 00:03:11 | 06,069,248 | ---- | C] (Microsoft Corporation) ieapfltr.dll -> C:\Windows\SysWow64\ieapfltr.dll -> [2009/10/15 00:03:08 | 00,380,928 | ---- | C] (Microsoft Corporation) iertutil.dll -> C:\Windows\SysWow64\iertutil.dll -> [2009/10/15 00:03:05 | 00,270,848 | ---- | C] (Microsoft Corporation) iedkcs32.dll -> C:\Windows\SysWow64\iedkcs32.dll -> [2009/10/15 00:03:03 | 00,389,120 | ---- | C] (Microsoft Corporation) msfeeds.dll -> C:\Windows\SysWow64\msfeeds.dll -> [2009/10/15 00:03:01 | 00,458,240 | ---- | C] (Microsoft Corporation) ieaksie.dll -> C:\Windows\SysWow64\ieaksie.dll -> [2009/10/15 00:02:59 | 00,230,400 | ---- | C] (Microsoft Corporation) ieUnatt.exe -> C:\Windows\SysWow64\ieUnatt.exe -> [2009/10/15 00:02:58 | 00,026,624 | ---- | C] (Microsoft Corporation) html.iec -> C:\Windows\SysWow64\html.iec -> [2009/10/15 00:02:57 | 00,389,632 | ---- | C] (Microsoft Corporation) ieencode.dll -> C:\Windows\SysWow64\ieencode.dll -> [2009/10/15 00:02:55 | 00,078,336 | ---- | C] (Microsoft Corporation) mstime.dll -> C:\Windows\SysWow64\mstime.dll -> [2009/10/15 00:02:53 | 00,671,232 | ---- | C] (Microsoft Corporation) jsproxy.dll -> C:\Windows\SysWow64\jsproxy.dll -> [2009/10/15 00:02:49 | 00,028,160 | ---- | C] (Microsoft Corporation) msasn1.dll -> C:\Windows\SysWow64\msasn1.dll -> [2009/10/14 23:59:09 | 00,061,440 | ---- | C] (Microsoft Corporation) C:\Program Files (x86)\Combined Community Codec Pack -> C:\Program Files (x86)\Combined Community Codec Pack -> [2009/10/13 22:12:03 | 00,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] NTUSER.DAT -> C:\Users\Owner\NTUSER.DAT -> [2009/11/11 22:17:47 | 03,145,728 | -HS- | M] () {66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job -> C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job -> [2009/11/11 22:14:25 | 00,000,282 | -H-- | M] () PerfStringBackup.INI -> C:\Windows\SysNative\PerfStringBackup.INI -> [2009/11/11 22:10:13 | 00,694,964 | ---- | M] () perfh009.dat -> C:\Windows\SysNative\perfh009.dat -> [2009/11/11 22:10:13 | 00,598,350 | ---- | M] () perfc009.dat -> C:\Windows\SysNative\perfc009.dat -> [2009/11/11 22:10:13 | 00,101,988 | ---- | M] () POL 007.docx -> C:\Users\Owner\Documents\POL 007.docx -> [2009/11/11 22:00:46 | 00,011,186 | ---- | M] () {35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job -> C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job -> [2009/11/11 21:19:06 | 00,000,240 | -H-- | M] () incavi.avm -> C:\Windows\SysNative\drivers\Avg\incavi.avm -> [2009/11/11 21:07:06 | 44,967,493 | ---- | M] () microavi.avg -> C:\Windows\SysNative\drivers\Avg\microavi.avg -> [2009/11/11 21:06:23 | 00,089,173 | ---- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/11/11 21:02:50 | 00,003,616 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/11/11 21:02:48 | 00,003,616 | -H-- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2009/11/11 21:02:25 | 00,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2009/11/11 21:02:20 | 00,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2009/11/11 21:02:04 | 30,840,50432 | -HS- | M] () NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Owner\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms -> [2009/11/11 21:01:13 | 00,524,288 | -HS- | M] () NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> C:\Users\Owner\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf -> [2009/11/11 21:01:13 | 00,065,536 | -HS- | M] () IconCache.db -> C:\Users\Owner\AppData\Local\IconCache.db -> [2009/11/11 21:00:39 | 06,291,456 | -H-- | M] () avgtdia.sys -> C:\Windows\SysNative\drivers\avgtdia.sys -> [2009/11/11 20:58:42 | 00,470,024 | ---- | M] () avgldx64.sys -> C:\Windows\SysNative\drivers\avgldx64.sys -> [2009/11/11 20:58:42 | 00,422,920 | ---- | M] () avgmfx64.sys -> C:\Windows\SysNative\drivers\avgmfx64.sys -> [2009/11/11 20:58:42 | 00,034,248 | ---- | M] () AVG Free 9.0.lnk -> C:\Users\Public\Desktop\AVG Free 9.0.lnk -> [2009/11/11 20:58:17 | 00,001,691 | ---- | M] () iavichjw.avm -> C:\Windows\SysNative\drivers\Avg\iavichjw.avm -> [2009/11/11 20:58:07 | 00,113,461 | ---- | M] () avgrssta.dll -> C:\Windows\SysNative\avgrssta.dll -> [2009/11/11 20:58:07 | 00,012,464 | ---- | M] () msa.exe -> C:\Windows\msa.exe -> [2009/11/11 18:11:43 | 00,163,328 | ---- | M] () Homework11.doc -> C:\Users\Owner\Documents\Homework11.doc -> [2009/11/11 01:53:52 | 00,522,240 | ---- | M] () HPCeeScheduleForOwner.job -> C:\Windows\tasks\HPCeeScheduleForOwner.job -> [2009/11/08 00:32:10 | 00,000,334 | ---- | M] () Output.doc -> C:\Users\Owner\Documents\Output.doc -> [2009/11/05 00:08:53 | 00,111,616 | ---- | M] () HWchp 8,9,10.docx -> C:\Users\Owner\Documents\HWchp 8,9,10.docx -> [2009/11/04 02:46:50 | 00,013,127 | ---- | M] () Mid Term.docx -> C:\Users\Owner\Documents\Mid Term.docx -> [2009/11/03 11:22:54 | 00,026,661 | ---- | M] () Mid Term-POL.docx -> C:\Users\Owner\Documents\Mid Term-POL.docx -> [2009/11/03 01:50:26 | 00,022,318 | ---- | M] () MpSigStub.exe -> C:\Windows\SysNative\MpSigStub.exe -> [2009/11/02 20:42:06 | 00,226,688 | ---- | M] () Adobe Reader 8.lnk -> C:\Users\Public\Desktop\Adobe Reader 8.lnk -> [2009/11/01 21:58:12 | 00,001,919 | ---- | M] () Resume2.docx -> C:\Users\Owner\Documents\Resume2.docx -> [2009/10/30 18:09:38 | 00,013,074 | ---- | M] () In Simple Random Sampling a researcher randomly chooses who to select out of an entire population.doc -> C:\Users\Owner\Documents\In Simple Random Sampling a researcher randomly chooses who to select out of an entire population.doc -> [2009/10/25 18:23:22 | 00,047,616 | ---- | M] () Terror Research.docx -> C:\Users\Owner\Documents\Terror Research.docx -> [2009/10/20 23:55:45 | 00,010,423 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/10/20 17:00:27 | 00,127,488 | ---- | M] () mshtml.dll -> C:\Windows\SysNative\mshtml.dll -> [2009/10/19 10:20:48 | 05,685,760 | ---- | M] () mshtml.dll -> C:\Windows\SysWow64\mshtml.dll -> [2009/10/19 09:25:09 | 03,584,000 | ---- | M] (Microsoft Corporation) 56 C:\Users\Owner\AppData\Local\Temp\*.tmp files -> C:\Users\Owner\AppData\Local\Temp\*.tmp -> 56 C:\Users\Owner\AppData\Local\Temp\*.tmp files -> C:\Users\Owner\AppData\Local\Temp\*.tmp -> 56 C:\Users\Owner\AppData\Local\Temp\*.tmp files -> C:\Users\Owner\AppData\Local\Temp\*.tmp -> [Files - No Company Name] POL 007.docx -> C:\Users\Owner\Documents\POL 007.docx -> [2009/11/11 21:14:38 | 00,011,186 | ---- | C] () AVG Free 9.0.lnk -> C:\Users\Public\Desktop\AVG Free 9.0.lnk -> [2009/11/11 20:58:17 | 00,001,691 | ---- | C] () {66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job -> C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job -> [2009/11/11 18:45:03 | 00,000,282 | -H-- | C] () msa.exe -> C:\Windows\msa.exe -> [2009/11/11 18:11:50 | 00,163,328 | ---- | C] () {35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job -> C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job -> [2009/11/11 18:11:45 | 00,000,240 | -H-- | C] () Homework11.doc -> C:\Users\Owner\Documents\Homework11.doc -> [2009/11/11 01:53:49 | 00,522,240 | ---- | C] () wucltux.dll -> C:\Windows\SysNative\wucltux.dll -> [2009/11/06 12:22:13 | 02,621,440 | ---- | C] () wuaueng.dll -> C:\Windows\SysNative\wuaueng.dll -> [2009/11/06 12:22:13 | 02,424,024 | ---- | C] () wuauclt.exe -> C:\Windows\SysNative\wuauclt.exe -> [2009/11/06 12:22:13 | 00,057,560 | ---- | C] () wups2.dll -> C:\Windows\SysNative\wups2.dll -> [2009/11/06 12:22:13 | 00,043,744 | ---- | C] () wuapi.dll -> C:\Windows\SysNative\wuapi.dll -> [2009/11/06 12:21:53 | 00,700,640 | ---- | C] () wudriver.dll -> C:\Windows\SysNative\wudriver.dll -> [2009/11/06 12:21:53 | 00,098,816 | ---- | C] () wups.dll -> C:\Windows\SysNative\wups.dll -> [2009/11/06 12:21:53 | 00,038,112 | ---- | C] () wuwebv.dll -> C:\Windows\SysNative\wuwebv.dll -> [2009/11/06 12:21:43 | 00,185,416 | ---- | C] () wuapp.exe -> C:\Windows\SysNative\wuapp.exe -> [2009/11/06 12:21:43 | 00,036,864 | ---- | C] () Output.doc -> C:\Users\Owner\Documents\Output.doc -> [2009/11/05 00:08:52 | 00,111,616 | ---- | C] () HWchp 8,9,10.docx -> C:\Users\Owner\Documents\HWchp 8,9,10.docx -> [2009/11/04 02:01:55 | 00,013,127 | ---- | C] () Mid Term.docx -> C:\Users\Owner\Documents\Mid Term.docx -> [2009/11/03 11:11:40 | 00,026,661 | ---- | C] () mshtml.dll -> C:\Windows\SysNative\mshtml.dll -> [2009/11/03 09:28:22 | 05,685,760 | ---- | C] () Mid Term-POL.docx -> C:\Users\Owner\Documents\Mid Term-POL.docx -> [2009/11/01 22:29:55 | 00,022,318 | ---- | C] () wmp.dll -> C:\Windows\SysNative\wmp.dll -> [2009/10/28 11:24:33 | 13,426,176 | ---- | C] () unregmp2.exe -> C:\Windows\SysNative\unregmp2.exe -> [2009/10/28 11:24:33 | 00,372,736 | ---- | C] () wmploc.DLL -> C:\Windows\SysNative\wmploc.DLL -> [2009/10/28 11:24:28 | 08,147,968 | ---- | C] () In Simple Random Sampling a researcher randomly chooses who to select out of an entire population.doc -> C:\Users\Owner\Documents\In Simple Random Sampling a researcher randomly chooses who to select out of an entire population.doc -> [2009/10/24 23:04:14 | 00,047,616 | ---- | C] () Terror Research.docx -> C:\Users\Owner\Documents\Terror Research.docx -> [2009/10/20 23:55:44 | 00,010,423 | ---- | C] () ntoskrnl.exe -> C:\Windows\SysNative\ntoskrnl.exe -> [2009/10/15 00:07:55 | 04,691,016 | ---- | C] () psisrndr.ax -> C:\Windows\SysNative\psisrndr.ax -> [2009/10/15 00:07:21 | 00,289,792 | ---- | C] () EncDec.dll -> C:\Windows\SysNative\EncDec.dll -> [2009/10/15 00:07:20 | 00,558,592 | ---- | C] () psisdecd.dll -> C:\Windows\SysNative\psisdecd.dll -> [2009/10/15 00:07:16 | 00,375,808 | ---- | C] () mpg2splt.ax -> C:\Windows\SysNative\mpg2splt.ax -> [2009/10/15 00:07:14 | 00,227,328 | ---- | C] () MSNP.ax -> C:\Windows\SysNative\MSNP.ax -> [2009/10/15 00:07:13 | 00,101,376 | ---- | C] () WMSPDMOD.DLL -> C:\Windows\SysNative\WMSPDMOD.DLL -> [2009/10/15 00:06:47 | 00,818,688 | ---- | C] () lsasrv.dll -> C:\Windows\SysNative\lsasrv.dll -> [2009/10/15 00:04:02 | 01,692,160 | ---- | C] () msv1_0.dll -> C:\Windows\SysNative\msv1_0.dll -> [2009/10/15 00:04:01 | 00,268,800 | ---- | C] () ksecdd.sys -> C:\Windows\SysNative\drivers\ksecdd.sys -> [2009/10/15 00:04:00 | 00,515,656 | ---- | C] () wdigest.dll -> C:\Windows\SysNative\wdigest.dll -> [2009/10/15 00:04:00 | 00,205,312 | ---- | C] () secur32.dll -> C:\Windows\SysNative\secur32.dll -> [2009/10/15 00:03:59 | 00,094,720 | ---- | C] () lsass.exe -> C:\Windows\SysNative\lsass.exe -> [2009/10/15 00:03:59 | 00,011,264 | ---- | C] () ieframe.dll -> C:\Windows\SysNative\ieframe.dll -> [2009/10/15 00:03:28 | 07,005,184 | ---- | C] () wininet.dll -> C:\Windows\SysNative\wininet.dll -> [2009/10/15 00:03:26 | 01,032,704 | ---- | C] () urlmon.dll -> C:\Windows\SysNative\urlmon.dll -> [2009/10/15 00:03:18 | 01,426,432 | ---- | C] () occache.dll -> C:\Windows\SysNative\occache.dll -> [2009/10/15 00:03:17 | 00,208,896 | ---- | C] () ieapfltr.dll -> C:\Windows\SysNative\ieapfltr.dll -> [2009/10/15 00:03:09 | 00,422,400 | ---- | C] () msfeeds.dll -> C:\Windows\SysNative\msfeeds.dll -> [2009/10/15 00:03:05 | 00,580,608 | ---- | C] () iedkcs32.dll -> C:\Windows\SysNative\iedkcs32.dll -> [2009/10/15 00:03:04 | 00,480,256 | ---- | C] () iertutil.dll -> C:\Windows\SysNative\iertutil.dll -> [2009/10/15 00:03:04 | 00,375,296 | ---- | C] () ieaksie.dll -> C:\Windows\SysNative\ieaksie.dll -> [2009/10/15 00:03:00 | 00,267,776 | ---- | C] () ieUnatt.exe -> C:\Windows\SysNative\ieUnatt.exe -> [2009/10/15 00:02:58 | 00,032,768 | ---- | C] () html.iec -> C:\Windows\SysNative\html.iec -> [2009/10/15 00:02:57 | 00,485,376 | ---- | C] () ieencode.dll -> C:\Windows\SysNative\ieencode.dll -> [2009/10/15 00:02:55 | 00,086,528 | ---- | C] () mstime.dll -> C:\Windows\SysNative\mstime.dll -> [2009/10/15 00:02:54 | 01,129,984 | ---- | C] () jsproxy.dll -> C:\Windows\SysNative\jsproxy.dll -> [2009/10/15 00:02:49 | 00,032,256 | ---- | C] () srv2.sys -> C:\Windows\SysNative\drivers\srv2.sys -> [2009/10/14 23:59:14 | 00,174,592 | ---- | C] () msasn1.dll -> C:\Windows\SysNative\msasn1.dll -> [2009/10/14 23:59:10 | 00,082,944 | ---- | C] () clauth2.dll -> C:\Windows\SysWow64\clauth2.dll -> [2009/09/29 20:19:41 | 00,001,024 | ---- | C] () clauth1.dll -> C:\Windows\SysWow64\clauth1.dll -> [2009/09/29 20:19:41 | 00,001,024 | ---- | C] () serauth2.dll -> C:\Windows\SysWow64\serauth2.dll -> [2009/09/29 20:19:41 | 00,000,000 | ---- | C] () serauth1.dll -> C:\Windows\SysWow64\serauth1.dll -> [2009/09/29 20:19:41 | 00,000,000 | ---- | C] () nsprs.dll -> C:\Windows\SysWow64\nsprs.dll -> [2009/09/29 20:19:41 | 00,000,000 | ---- | C] () PerfStringBackup.INI -> C:\Windows\SysWow64\PerfStringBackup.INI -> [2009/09/27 21:47:18 | 00,708,868 | ---- | C] () dec_jl6.dll -> C:\Windows\SysWow64\dec_jl6.dll -> [2009/09/11 16:32:22 | 00,049,152 | ---- | C] () vidx16.dll -> C:\Windows\SysWow64\vidx16.dll -> [2009/09/07 22:54:47 | 00,010,240 | ---- | C] () disney.ini -> C:\Windows\disney.ini -> [2009/09/07 22:53:18 | 00,001,489 | ---- | C] () ODBC.INI -> C:\Windows\ODBC.INI -> [2009/01/02 18:56:45 | 00,000,376 | ---- | C] () dmcrypto.dll -> C:\Windows\SysWow64\dmcrypto.dll -> [2008/12/05 15:21:52 | 00,065,536 | ---- | C] () pythoncom25.dll -> C:\Windows\SysWow64\pythoncom25.dll -> [2008/07/31 19:53:24 | 00,327,680 | ---- | C] () pywintypes25.dll -> C:\Windows\SysWow64\pywintypes25.dll -> [2008/07/31 19:53:24 | 00,102,400 | ---- | C] () tcpmon.ini -> C:\Windows\SysWow64\tcpmon.ini -> [2008/01/20 21:50:05 | 00,060,124 | ---- | C] () msjetoledb40.dll -> C:\Windows\SysWow64\msjetoledb40.dll -> [2008/01/20 21:49:49 | 00,368,640 | ---- | C] () win.ini -> C:\Windows\win.ini -> [2006/11/02 07:34:27 | 00,000,240 | ---- | C] () system.ini -> C:\Windows\system.ini -> [2006/11/02 07:34:27 | 00,000,219 | ---- | C] () < End of report > [/code]