Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

HMLXKN.DLL - slow internet - Trojan.Agent.GMAgen ? [Solved]

Started by ReaMea , May 10 2012 05:35 AM

  • This topic is locked This topic is locked

#1
ReaMea
Posted 10 May 2012 - 05:35 AM

ReaMea

    New Member

  • Member
  • Pip
  • 8 posts
Hi,

I think I have a virus on my computer. My internet access has slowed to a crawl. Often sites are timing out or not responding at all.
When I start the computer I am now getting an error box with the title "RunDLL". The error message says "There was a problem starting C:\USERS\Ahokas\Appdata\Roaming\AOL\AOL\hmlxkn.dll The specified module could not be found". A google search indicates that this DLL is always associated with a virus. The virus Trojan.Agent.GMAgen is frequently mentioned. I have not noticed a browser redirect problem but can barely browse at all to begin with.
All the other devices in my home(second computer, Ipad, Smartphones, etc.) are also having internet issues. However when I disconnect this computer from the router they all return to functioning normally. I suspect this computer is hogging the bandwidth? Please help.

OTL log results:

OTL logfile created on: 5/10/2012 6:43:29 AM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Ahokas\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.89 Gb Total Physical Memory | 5.51 Gb Available Physical Memory | 69.79% Memory free
15.78 Gb Paging File | 13.13 Gb Available in Paging File | 83.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 745.22 Gb Total Space | 551.78 Gb Free Space | 74.04% Space Free | Partition Type: NTFS
Drive D: | 1101.79 Gb Total Space | 788.93 Gb Free Space | 71.61% Space Free | Partition Type: NTFS
Drive L: | 149.01 Gb Total Space | 5.07 Gb Free Space | 3.40% Space Free | Partition Type: FAT32
Drive X: | 931.51 Gb Total Space | 317.94 Gb Free Space | 34.13% Space Free | Partition Type: NTFS

Computer Name: ASUS_DESKTOP | User Name: Ahokas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 180 Days

========== Processes (SafeList) ==========

PRC - [2012/05/08 10:21:30 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Ahokas\Desktop\OTL.exe
PRC - [2012/03/11 13:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2012/01/14 08:27:46 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2012/01/14 08:27:46 | 001,187,072 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2012/01/06 16:30:00 | 001,446,760 | ---- | M] (Garmin) -- C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
PRC - [2011/06/01 12:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 12:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccsvchst.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/19 07:48:49 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Users\Ahokas\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2011/02/07 11:56:11 | 000,138,192 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2011/01/24 14:36:28 | 000,085,272 | ---- | M] (Memeo Inc.) -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoUpdater.exe
PRC - [2011/01/24 14:35:30 | 000,324,320 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
PRC - [2011/01/13 07:20:00 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.6\waol.exe
PRC - [2011/01/13 07:19:58 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.6\shellmon.exe
PRC - [2010/12/01 10:26:42 | 000,574,216 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.exe
PRC - [2010/11/19 14:38:08 | 000,193,880 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
PRC - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
PRC - [2010/03/30 16:13:06 | 000,389,120 | R--- | M] (Teleca) -- C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
PRC - [2010/03/17 17:22:52 | 001,019,904 | R--- | M] (Teleca Sweden AB) -- C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
PRC - [2010/03/17 17:08:22 | 000,253,952 | R--- | M] (TODO: <Company name>) -- C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
PRC - [2010/03/17 17:08:04 | 000,462,848 | R--- | M] (Teleca AB) -- C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\Common Files\aol\1275526946\ee\aolsoftware.exe
PRC - [2009/12/11 16:50:34 | 000,557,056 | R--- | M] (Teleca AB) -- C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
PRC - [2009/11/19 18:19:48 | 000,598,016 | R--- | M] (Teleca Sweden AB) -- C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe
PRC - [2009/10/16 19:42:54 | 000,904,840 | ---- | M] (Acronis) -- C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
PRC - [2009/10/16 19:39:32 | 000,136,544 | ---- | M] (Seagate) -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
PRC - [2009/10/16 19:37:22 | 001,325,936 | ---- | M] (Seagate) -- C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
PRC - [2009/08/20 01:55:40 | 000,196,608 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Windows\SysWOW64\AsHookDevice.exe
PRC - [2009/06/04 19:10:56 | 005,777,408 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
PRC - [2009/06/03 11:25:16 | 000,106,496 | R--- | M] (Popwire AB) -- C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
PRC - [2009/04/14 14:14:26 | 000,139,264 | ---- | M] (Teleca Sweden AB) -- C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/13 04:14:02 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3ce70b84dbb9970e1893672c5d430c80\Microsoft.VisualBasic.ni.dll
MOD - [2012/04/13 04:08:53 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c2c7f68605a42caef1b7a19c51de58b4\System.ServiceProcess.ni.dll
MOD - [2012/04/13 04:08:47 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\507b4ca18da9d2fde2e51a1f04593443\System.Web.ni.dll
MOD - [2012/04/13 04:06:05 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll
MOD - [2012/04/13 04:06:00 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll
MOD - [2012/04/13 03:36:24 | 018,000,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7786f3e95a399a8b6691170ae2fe0e1c\PresentationFramework.ni.dll
MOD - [2012/04/13 03:36:13 | 013,197,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\0b36565a61f83137806e71b287d81042\System.Windows.Forms.ni.dll
MOD - [2012/04/13 03:36:11 | 011,450,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\239eba799555dbe10760ee80c8c8df7c\PresentationCore.ni.dll
MOD - [2012/04/13 03:36:02 | 001,665,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c02325260bdcecd695a87bbb24547df2\System.Drawing.ni.dll
MOD - [2012/04/13 03:35:55 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\02ea3ff3b5908b51da47e1aeb9e75b04\WindowsBase.ni.dll
MOD - [2012/03/06 04:31:59 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\295b3156b838ca161a64a5456522438b\System.Xml.Linq.ni.dll
MOD - [2012/03/06 04:31:57 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\ae31d46211440b11a9e66c3ba1a4e7ff\System.Xaml.ni.dll
MOD - [2012/03/06 04:17:41 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\8b8a5c194aacfb2102d4e26b75a84e03\PresentationFramework.Aero.ni.dll
MOD - [2012/03/06 04:17:34 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\7292b3e639a6202cf7eaf1f7ed271249\System.Core.ni.dll
MOD - [2012/03/06 04:17:34 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\19e79fc0f95c93b0244c7b287e254871\System.Xml.ni.dll
MOD - [2012/03/06 04:17:34 | 000,736,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\c1127f26363bea39c40707b9ddb6bbb9\System.Security.ni.dll
MOD - [2012/03/06 04:17:27 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\2c59490afc22def906d3ca96e1207ff9\System.ni.dll
MOD - [2012/03/06 04:17:20 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\44ae9f9afb2373055136d57ac6db3f96\mscorlib.ni.dll
MOD - [2012/02/16 04:33:58 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\a1c4a635721f85bef0ea4194b888b871\System.Runtime.Remoting.ni.dll
MOD - [2012/02/16 04:33:55 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\79f80214eded08cc047324ffc7486bb8\System.Data.ni.dll
MOD - [2012/02/16 04:33:06 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll
MOD - [2012/02/16 04:33:04 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/16 04:32:59 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011/10/13 03:34:47 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\31fce331fded94dd06627603f6fe4562\Accessibility.ni.dll
MOD - [2011/10/13 03:34:22 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/01 12:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 12:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 12:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 12:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2011/01/27 13:00:26 | 003,622,128 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\libbizlplugin.dll
MOD - [2011/01/24 14:35:58 | 002,896,608 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2011/01/24 14:35:54 | 000,026,848 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2011/01/24 14:35:30 | 000,324,320 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
MOD - [2011/01/13 07:20:01 | 000,048,640 | ---- | M] () -- C:\Program Files (x86)\AOL Desktop 9.6\zlib.dll
MOD - [2010/12/01 10:26:40 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
MOD - [2010/12/01 10:26:38 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
MOD - [2010/12/01 10:26:38 | 000,375,808 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
MOD - [2010/12/01 10:26:38 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
MOD - [2010/12/01 10:26:38 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
MOD - [2010/12/01 10:26:36 | 002,452,992 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
MOD - [2010/12/01 10:26:36 | 001,008,640 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
MOD - [2010/12/01 10:26:36 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
MOD - [2010/11/04 21:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/03/31 11:08:50 | 000,240,552 | R--- | M] () -- C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\fsync.dll
MOD - [2010/03/31 11:08:50 | 000,240,552 | R--- | M] () -- C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\fsync.dll
MOD - [2010/03/22 18:59:46 | 000,504,293 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.dll
MOD - [2010/03/17 17:20:30 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\tcpsock_object.dll
MOD - [2010/01/31 23:52:12 | 008,347,648 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
MOD - [2010/01/31 23:52:12 | 002,244,608 | ---- | M] () -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
MOD - [2009/10/16 18:59:30 | 001,328,480 | ---- | M] () -- C:\Program Files (x86)\Seagate\DiscWizard\fox.dll
MOD - [2009/09/29 23:33:07 | 000,024,576 | ---- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009/06/04 19:10:56 | 005,777,408 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
MOD - [2009/03/25 20:53:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\AsSpindownTimeout.dll
MOD - [2009/01/15 18:55:10 | 000,565,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\EPU-4 Engine\pngio.dll
MOD - [2007/01/11 19:33:20 | 000,106,496 | R--- | M] () -- C:\Program Files (x86)\Common Files\Teleca Shared\boost_log-vc80-mt-1_33.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/08/11 19:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2010/09/24 14:17:16 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV:64bit: - [2010/09/24 14:17:16 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV:64bit: - [2010/09/24 14:17:10 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/06 13:03:05 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/11 13:48:36 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2012/01/14 08:27:46 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/06/01 12:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ccSvcHst.exe -- (N360)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011/02/07 11:56:11 | 000,138,192 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2011/01/24 14:35:36 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/11/19 14:29:00 | 004,916,568 | ---- | M] (LeapFrog Enterprises, Inc.) [Auto | Running] -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe -- (LeapFrog Connect Device Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/16 19:39:50 | 000,606,048 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2009/08/20 01:55:40 | 000,196,608 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysWOW64\AsHookDevice.exe -- (Device Handle Service)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/01/29 16:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/11 13:48:52 | 000,063,760 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/04 08:32:16 | 000,711,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012/03/04 08:32:16 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2012/03/04 08:31:46 | 000,235,040 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012/03/04 08:31:11 | 000,593,952 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/12/23 08:12:12 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/06 12:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2011/06/01 13:10:01 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/04/20 21:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\symds64.sys -- (SymDS)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/15 21:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0502010.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/07/21 17:59:28 | 000,045,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2010/07/21 17:59:28 | 000,023,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2010/07/12 14:49:14 | 000,072,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2010/07/12 14:48:50 | 000,085,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2010/07/01 18:52:18 | 000,051,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2010/06/09 19:09:08 | 000,024,576 | ---- | M] (LeapFrog) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FlyUsb.sys -- (FlyUsb)
DRV:64bit: - [2009/11/05 14:15:40 | 000,291,328 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/10/26 17:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009/09/25 19:42:58 | 000,233,984 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2009/07/17 18:14:50 | 000,095,744 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2009/07/16 07:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:35:35 | 000,620,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/11/11 14:42:00 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008/11/11 14:42:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008/11/11 14:42:00 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2008/10/24 06:55:28 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)
DRV:64bit: - [2008/10/24 06:55:28 | 000,043,008 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)
DRV:64bit: - [2007/12/11 06:49:54 | 000,026,624 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2007/12/03 06:20:54 | 000,024,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.0)
DRV:64bit: - [2006/11/29 18:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wanatw64.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2012/04/27 20:18:20 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120509.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/04/02 19:38:04 | 001,160,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120507.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/03/11 13:53:24 | 000,397,520 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_34302.sys -- (RapportCerberus_34302)
DRV - [2012/03/11 13:48:52 | 000,061,712 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2012/03/11 13:48:52 | 000,055,056 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2012/02/04 00:13:50 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/02/04 00:13:50 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/01/14 08:27:52 | 000,017,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2011/11/24 08:39:08 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120509.032\EX64.SYS -- (NAVEX15)
DRV - [2011/11/24 08:39:08 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20120509.032\ENG64.SYS -- (NAVENG)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/01/04 17:34:48 | 000,011,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys -- (ASInsHelp)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {92AB1B10-8654-482F-AE2A-63107B5AC3CE}
IE - HKCU\..\SearchScopes\{2AB1040D-0D52-46BE-BA54-6E09CDE355F5}: "URL" = http://search.aol.co...ionType=msie70a
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{92AB1B10-8654-482F-AE2A-63107B5AC3CE}: "URL" = http://www.google.co...1I7ADFA_enUS388
IE - HKCU\..\SearchScopes\{A04FB62C-0DD2-43B8-93E2-ACAD21506E0A}: "URL" = http://www.bing.com/...ms}&form=OSDSRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ahokas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2012/02/15 12:12:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_7_5 [2012/05/09 22:55:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/06 13:03:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/03/18 12:12:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ahokas\AppData\Roaming\Mozilla\Extensions
[2012/05/03 07:39:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ahokas\AppData\Roaming\Mozilla\Firefox\Profiles\lrc40jog.default\extensions
[2012/03/20 06:54:31 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Ahokas\AppData\Roaming\Mozilla\Firefox\Profiles\lrc40jog.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2012/03/18 12:11:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/05/06 13:03:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/13 00:38:32 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/13 00:38:32 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2010/11/08 12:04:31 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.2.1.3\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Seagate Scheduler2 Service] C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe (Seagate)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [DiscWizardMonitor.exe] C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe (Seagate)
O4 - HKLM..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\aol\1275526946\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk ()
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [Monitor] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (LeapFrog Enterprises, Inc.)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files (x86)\AOL Desktop 9.6\AOL.EXE (AOL Inc.)
O4 - HKCU..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe (Garmin)
O4 - HKCU..\Run: [SansaDispatch] C:\Users\Ahokas\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [Update] rundll32.exe "C:\Users\Ahokas\AppData\Roaming\AOL\AOL\hmlxkn.dll",DllRegisterServer File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.su...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {10000000-1000-1000-1000-100000000000} http://cdn.betteradv...ll/ghostery.cab (Reg Error: Key error.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {16F67783-7E72-4C39-99C4-4780A8335484} http://www.syncmyrid...pplets/sync.cab (SyncXfer Class)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://mypoints.worl...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {445F47D7-E043-4BD6-82EB-7A1BD0EBA773} http://www.psapoll.com/CopyGuardIE.cab (CopyGuardCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8C279F4E-917E-4CD2-8DF0-D9C73C0CE763} http://zone.msn.com/...of.cab55579.cab (ZPA_WheelOfFortune Object)
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} http://173.14.149.98...hecker_8000.cab (OCXDownloadChecker Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_19)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Garmin Communicator Plug-In https://static.garmi...inAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1B335FBF-C82D-48E9-8322-622D5FEDDD4B}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/15 00:53:50 | 000,000,027 | ---- | M] () - X:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 180 Days ==========

[2012/05/09 18:18:45 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Roaming\SUPERAntiSpyware.com
[2012/05/09 18:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/05/09 18:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/05/09 18:18:23 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/05/09 18:01:37 | 002,075,184 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Ahokas\Desktop\tdsskiller.exe
[2012/05/09 18:01:36 | 016,337,024 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Ahokas\Desktop\SUPERAntiSpyware.exe
[2012/05/09 18:01:36 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Ahokas\Desktop\OTL.exe
[2012/05/09 18:01:35 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Ahokas\Desktop\aswMBR.exe
[2012/05/09 16:47:58 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{19EFFC10-B5B8-4398-A108-062ED4AB4B64}
[2012/05/09 16:47:44 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1D8CE974-2EE8-4EFA-93AB-062B2BC1F35F}
[2012/05/08 10:31:36 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{063EEA09-4903-478A-B550-8E11E592DB6D}
[2012/05/08 10:31:09 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{04177C9E-2FC5-4E1D-8E43-ABF4FD6FC086}
[2012/05/07 20:32:08 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{47A68877-EFB1-4331-AD0F-3C4570B0C4F2}
[2012/05/07 20:31:55 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{00A14652-7DEE-4430-986A-AA98A2E40102}
[2012/05/07 08:18:43 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{DB33B995-2BA7-4B4C-9634-17E5E85D3D5F}
[2012/05/07 08:18:28 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B4BA00F3-95FB-404B-99F9-A3912854616B}
[2012/05/06 13:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/06 13:03:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/05/06 08:04:53 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2247A0B9-1356-495E-BDA1-0B2FE7435C4B}
[2012/05/06 08:04:34 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7FEC67B1-3717-4D02-BB03-9B2667634DB4}
[2012/05/05 07:52:53 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{72F240B9-9F77-489B-8159-EEC3C967CCF1}
[2012/05/05 07:52:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B31B564D-71E1-44BD-9153-F24865F22AA3}
[2012/05/04 08:30:10 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{03CDF1D0-5950-439C-B192-83A7B89249C2}
[2012/05/04 08:29:57 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1D6A25BE-599B-4232-9A34-8BFB49D54662}
[2012/05/03 08:12:33 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1175493C-4D7F-42DA-A830-9FBAFAAE7F4A}
[2012/05/03 08:12:20 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1BB4348A-C80B-4EB8-9452-9BBCAF7D7216}
[2012/05/02 07:11:05 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{816CDFC3-31F8-43AE-B8D5-0DDECFBB95E8}
[2012/05/02 07:10:45 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7556440E-E994-4C78-BCAB-1B8822769E57}
[2012/05/01 06:40:26 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{FFDD8394-E4FE-4A5D-BD93-FA95341AAADF}
[2012/05/01 06:40:13 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D3A7374B-22ED-40E6-BC57-DEF4393698A3}
[2012/04/30 07:14:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{99DEA861-9677-4BFB-9338-D7BC9B12A112}
[2012/04/30 07:14:16 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{802650A7-FC5C-4ED4-89BE-33A5EF8F6C32}
[2012/04/29 19:08:31 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8027A734-1E99-48E2-B2F7-DCFC9E438C23}
[2012/04/29 19:08:18 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8605F828-177F-442A-951B-E242846110A3}
[2012/04/29 17:07:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\My Birthday 2012
[2012/04/29 17:00:51 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Olivia's First Communion
[2012/04/28 22:14:51 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B2E3D45B-3623-4D29-B339-2D63FC3E72EE}
[2012/04/28 22:14:37 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{F0D65422-CCD8-4F02-9DEC-A09A803AE89A}
[2012/04/28 08:31:12 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6FCF928A-99D5-4F44-AC8E-23DB3B12DE3D}
[2012/04/28 08:30:57 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8F95F4CF-F2C9-4FC6-861D-DC7B8256CF66}
[2012/04/27 10:47:17 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7ECEFCB8-698D-46D3-84CD-DC61AE19813B}
[2012/04/27 10:47:04 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A9C5FCDB-07C0-46D4-93E5-B07CE85C2607}
[2012/04/26 19:25:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9089C3B7-FE79-414B-B684-AAA37B0E3913}
[2012/04/26 19:25:20 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1619ABB8-B1A7-4C0A-A441-41CECBB738E8}
[2012/04/26 07:24:45 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{58DC934A-AD81-4A05-B65A-012653E935E6}
[2012/04/26 07:24:31 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{10DEE985-24F4-48FF-8DFC-049E8420336B}
[2012/04/25 07:49:37 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C630AB2D-F9F2-4FFC-912B-9A8177704EC9}
[2012/04/25 07:49:24 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B951241B-2780-4464-89A4-56C8423CD1CC}
[2012/04/24 07:46:26 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{09E1F8C5-ECAD-422A-A5CB-653EDDEE120B}
[2012/04/24 07:46:11 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2B15CDE7-8268-4BA4-A47E-3974E5F26CCE}
[2012/04/23 07:31:45 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8501331B-779F-4013-98E5-667CCBDDC84F}
[2012/04/23 07:31:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2A6D213D-D553-4904-81A0-285BA6C414D4}
[2012/04/22 19:14:36 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{AD0D458B-E05C-45A9-AC0F-73127A5EE74A}
[2012/04/22 19:14:22 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{EF6F9977-E210-475B-9966-D9A8896228AE}
[2012/04/21 20:58:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1637545C-E5BB-4540-8427-3C5E75178D9C}
[2012/04/21 20:58:29 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{F69E6B45-630B-4CF3-8695-C5408D014F2F}
[2012/04/21 08:57:52 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8C0711D0-03BF-40A3-A607-4C78D324E0FF}
[2012/04/21 08:57:39 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{80665D6C-E5DC-49B0-8243-07385FF51F07}
[2012/04/20 07:22:22 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{98DE919F-E26A-4827-A177-A11A1A71952F}
[2012/04/20 07:22:10 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4135A5E5-2D12-4CF8-9D15-3547EAFDE3A5}
[2012/04/19 07:08:25 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6F8F18D4-4DA0-40F8-ADAA-DD074B5133B2}
[2012/04/19 07:08:11 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{86FEB8C9-A527-476C-92D4-EF8D0AC62D09}
[2012/04/18 08:51:08 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{58DE962C-427F-40E2-A215-F4B2FE410BDB}
[2012/04/18 08:50:53 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{44DB7686-3D42-4829-BBA3-241A179D8246}
[2012/04/17 17:54:40 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D30ADA43-6BD7-4839-A94A-69D18F1E7BAD}
[2012/04/17 17:54:26 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8D35F527-A776-413D-8081-83A1578E2834}
[2012/04/17 05:11:04 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{95F85259-5F76-4314-93D0-0B5E577A434B}
[2012/04/17 05:10:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E9CDA238-4509-48D1-B473-37D342289902}
[2012/04/16 07:06:18 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{55E8290F-3AB2-46BB-89D4-C66FEED671DE}
[2012/04/16 07:06:02 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{EDF18088-C3E5-4845-A147-921F7348CD0C}
[2012/04/16 06:49:43 | 000,063,760 | ---- | C] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[2012/04/16 06:49:17 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\Trusteer
[2012/04/16 06:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Rapport
[2012/04/16 06:48:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trusteer
[2012/04/16 06:47:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Trusteer
[2012/04/15 15:28:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Liv's classmate Alia party
[2012/04/15 09:11:35 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C9B636BB-39AC-4CDD-B05B-94F652306510}
[2012/04/15 09:11:17 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0DB20C91-2ACE-4837-87B0-92E027ADC8E1}
[2012/04/14 20:46:44 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5ABCFE21-B0C1-478F-91B4-41CA6B797317}
[2012/04/14 20:46:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D061C4DC-08C5-4FDA-AFD6-6E0CE732B858}
[2012/04/14 08:45:36 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8F9DEA16-353C-4157-AEE3-76ADE2CF60EC}
[2012/04/14 08:45:12 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1DDEB3B7-947B-42DD-B89A-101CCDA21232}
[2012/04/13 17:45:34 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{22413720-11E6-472A-823A-12368D9A17D5}
[2012/04/13 17:45:02 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{38696EB2-3B41-444C-8679-B7E43010FD57}
[2012/04/13 17:17:13 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/13 17:11:53 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2012/04/13 17:07:06 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{093F5D9D-1B32-4CCF-BA03-3B08F7ADAE8E}
[2012/04/13 17:06:53 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{DCD8CBD1-5B44-4317-AA65-BA5AED1005B4}
[2012/04/13 14:27:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7A555367-EE5F-4865-BC17-035FA6CB5CD3}
[2012/04/13 14:27:35 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{17C826FD-5584-40DA-BD41-2D7A97DDA60D}
[2012/04/13 07:51:49 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1B5FC3CB-09F9-4B23-BE17-9D8131666F24}
[2012/04/13 07:20:03 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{96CA2707-930A-4ECB-9AC3-60B805D92196}
[2012/04/13 03:07:07 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/13 03:07:07 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/13 03:07:06 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/13 03:07:06 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/13 03:07:06 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/13 03:07:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/13 03:07:05 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/13 03:07:05 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/13 03:07:05 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/13 03:07:05 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/13 03:07:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/13 03:05:45 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/13 03:05:44 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/13 03:05:44 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/13 03:01:38 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/13 03:01:37 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/13 03:01:35 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/12 10:12:24 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{107B6D9C-673F-4719-BC5D-26CCBD082D9D}
[2012/04/11 21:13:22 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{299140F6-7251-4244-BB82-0C228AAEA7C2}
[2012/04/11 07:34:16 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8BD03C11-C893-4E37-9FA1-0C35B8B64DD5}
[2012/04/10 07:57:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{02DC9219-B4AE-4221-98E3-60E52860CC17}
[2012/04/09 19:22:59 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8ECE1F05-108F-44CC-8572-E2A140B22D34}
[2012/04/09 07:21:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E90E486C-EFF0-4544-8607-545618A77017}
[2012/04/08 14:26:05 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4C7F6762-630A-416A-8C3B-50E9A325204C}
[2012/04/08 11:14:30 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Easter 2012
[2012/04/07 09:38:16 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B495AAFF-04A1-4C31-9D3B-0822848E4D3E}
[2012/04/06 09:02:22 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6ACE6CEC-D81A-4F66-AB50-B850AB98D098}
[2012/04/05 21:01:56 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{69FE7AC0-5815-4D22-B562-7FDEFF7C2B7B}
[2012/04/05 08:39:58 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{FC8A7085-DC21-4085-AEA2-F68B180A0C29}
[2012/04/04 08:59:46 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{61BD67B1-6271-4AA6-A3AB-AF088BF857A6}
[2012/04/03 07:17:26 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{32C24815-0B94-457B-A481-143BDCCD9E63}
[2012/04/02 09:04:11 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E10E6674-3F58-4B1E-B0F3-10E9084D607A}
[2012/04/01 17:51:37 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{81099A7E-461A-470F-ABE8-0B39077314F7}
[2012/04/01 17:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/04/01 17:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/04/01 17:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/04/01 17:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/04/01 10:10:53 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Grampa 75th bday
[2012/04/01 10:05:12 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Vacation
[2012/04/01 09:59:40 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Jen-G Birthday
[2012/04/01 09:59:22 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Jen foot
[2012/04/01 09:58:38 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Cameron Funky Hair
[2012/04/01 09:58:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\LIV Dress
[2012/04/01 09:51:50 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Gotcha 4112
[2012/03/31 21:53:02 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{588B492C-42D9-4AAB-92D9-13EF8F6930E8}
[2012/03/31 19:17:30 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Communion Dresses
[2012/03/31 08:34:43 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{EA8CA37F-7AB2-49B8-AB27-19A1DBE5906E}
[2012/03/30 10:32:02 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{3B595BC8-CF2F-48C9-9AB6-7D0FEE536A79}
[2012/03/29 08:52:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{45EA8A22-E845-4CA3-88FD-968679D4C871}
[2012/03/28 08:36:44 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{46F4020E-23B6-4524-93E7-94C11239031E}
[2012/03/28 08:36:28 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E868D6AF-9DBB-40BA-A514-10CBD286B8F8}
[2012/03/27 09:11:17 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{43F30651-752B-4008-9869-2016254CA880}
[2012/03/27 09:10:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6D15CAD6-DBBC-4C56-97E7-F9EC47648DB7}
[2012/03/26 08:38:05 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{025DA568-80F5-4861-82F1-3375AE5B4CAC}
[2012/03/26 08:37:50 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9ABA5AEE-9E5B-4F09-8020-D0E6ADDB89D7}
[2012/03/25 08:24:10 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{14E3BDA7-A319-4E3A-9767-89C77BA19740}
[2012/03/25 08:23:57 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{662C3614-D7A1-4329-BC24-C16D83000B1F}
[2012/03/24 19:22:50 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\carabiners
[2012/03/24 11:19:57 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B7F789C8-E242-41DD-9B9E-7F3B94D8D6ED}
[2012/03/24 11:19:45 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4DEA40AA-DD17-4EED-9541-CADACB7AEF25}
[2012/03/23 07:24:29 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{07AD7923-FDFA-4B67-A794-2525BB3888B0}
[2012/03/23 07:24:14 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{170BC6E6-47BD-40B6-93DD-5A8E72F9B7F3}
[2012/03/22 12:20:25 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{DE48297E-7A31-4619-B089-7510A479AF7D}
[2012/03/22 12:20:13 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6E10149B-127F-4777-9C78-16E6D80CA92D}
[2012/03/21 22:39:59 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E31FC8DA-C2EC-4217-9206-6A45B72E6C0F}
[2012/03/21 22:39:46 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{F58F9A26-6A07-4761-874A-259825512F38}
[2012/03/21 07:25:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0ADEF63D-F744-43ED-9DDE-4C8BB4479D82}
[2012/03/21 07:25:28 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E7261CC6-14A5-44A1-9B7B-8698722347AE}
[2012/03/20 13:45:45 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8A5CEFC3-5942-407B-9CF2-8874EB1D91A3}
[2012/03/20 13:45:31 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4260CF6A-8EDD-4586-AA84-132BCA21EB92}
[2012/03/19 20:17:13 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0C437F52-7AD8-4FBB-9D23-1B6D77C18E93}
[2012/03/19 20:16:59 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{EB2605B3-4985-4B40-905D-DF98DAC2B5BF}
[2012/03/19 02:06:39 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8B03D5DE-F390-4959-9653-4719948C2A4B}
[2012/03/19 02:06:21 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C5C02917-6D9A-47A0-BFC6-7E065D705DFF}
[2012/03/18 12:12:08 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Roaming\Mozilla
[2012/03/18 12:12:08 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\Mozilla
[2012/03/18 12:11:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/03/18 09:28:39 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{532596C8-5567-4BA7-B7F3-4815B3343992}
[2012/03/18 09:28:25 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{25A37F65-1388-4CA6-824E-B35B0C414CE1}
[2012/03/17 15:40:59 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{85C642CA-2659-4890-AAFF-204ACEF18A65}
[2012/03/17 15:40:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B0841668-A8BE-42CC-87B4-6D9B0F1FE3B8}
[2012/03/16 21:13:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{AB285F9C-B4EB-44A5-BED9-DE80EBB0B762}
[2012/03/16 21:13:19 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{771E38DA-B5F7-45A1-B33C-B041A1EA8506}
[2012/03/16 08:26:34 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{84F6CCC0-FD30-41ED-A3DB-D84735DFB2D7}
[2012/03/16 08:26:17 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{28CED2DA-31C1-4528-8294-C5F93746DBD7}
[2012/03/15 13:23:48 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{FE0B0C76-DEF1-4938-AE3B-6EF547A1D88A}
[2012/03/15 13:23:33 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{F8C20376-2DB9-4D1F-ACC1-DAEB4F48484F}
[2012/03/14 19:45:07 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{32A17B75-99FD-4747-BCA6-71E27F8FA031}
[2012/03/14 19:44:55 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{06BF0520-20C6-4903-A6B1-11FAB79DB9B5}
[2012/03/14 07:39:56 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C93644B0-A66C-42D2-9402-202794583DE7}
[2012/03/14 07:39:39 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{71C9917A-1490-4CAC-B260-6B4182A9F06A}
[2012/03/13 15:07:43 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/13 15:07:43 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/13 15:07:43 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/13 15:07:42 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/13 15:07:01 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/13 15:07:01 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/13 09:37:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{240EF16F-4936-4F5F-ADE9-0B90A88A4BCD}
[2012/03/13 09:37:28 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{22005F61-E6FA-4EE9-B503-4068F382FE25}
[2012/03/12 07:55:36 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C91C0C11-31F9-4DA3-B4E6-619EE6BCE890}
[2012/03/12 07:55:21 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D9471AE3-3EA5-47CC-8BFB-BD622A29DF0E}
[2012/03/11 13:36:54 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A2829845-FD7C-4B03-A22F-8AC0DA74BA55}
[2012/03/11 13:36:40 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{60C918BF-A2C1-4C82-A4C8-F0C315446513}
[2012/03/10 21:12:33 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2A61D8FE-569C-4174-881F-3F792292588F}
[2012/03/10 21:12:21 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{617664BA-2EFA-4449-95EB-0391DAFE2DCF}
[2012/03/10 08:33:29 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5B967A39-D0C7-424F-B7E2-CB1872722004}
[2012/03/10 08:33:16 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0D5E3149-82EB-433C-BCDE-25971F972A80}
[2012/03/09 20:32:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{54CE4519-A8E9-4ABE-89CF-06C8D4497427}
[2012/03/09 20:32:35 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D87E4C08-A7B9-4173-99CB-C767EBAD2C9C}
[2012/03/09 08:31:48 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{08390661-4161-4E9C-8095-B6DE29FD39C5}
[2012/03/09 08:31:16 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{13C0A21B-CDC9-4855-A8EA-420BE98E80A3}
[2012/03/08 20:23:44 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A040A818-CEF2-415C-9684-8F54A8CA9BEE}
[2012/03/08 20:23:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4CE74F4E-4631-4C16-ADC4-CC562114E136}
[2012/03/08 18:37:20 | 000,302,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/03/08 08:23:01 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2F629C3E-7C50-456F-9191-EABA920E1625}
[2012/03/08 08:22:45 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{BA63E582-43F1-4FAC-A4D7-5B958B32C510}
[2012/03/07 19:32:05 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{563B7924-38C5-4FAD-BAD1-0F3E21544A05}
[2012/03/07 19:31:51 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{67B7913D-0C10-4865-802A-0E346A1564DE}
[2012/03/07 07:28:22 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9423048C-BDFE-45EA-A135-628D3A101905}
[2012/03/07 07:28:01 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C885762E-C006-4444-B752-F69601F90894}
[2012/03/06 13:05:33 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{750D300E-DCE9-41C4-8AF6-A48A41E4D685}
[2012/03/06 13:05:12 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{905D84C7-9CAB-47ED-AFA7-766EC3DD1D3C}
[2012/03/06 13:04:18 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9E069D56-3ED7-4285-8A08-9B8A8E4AD111}
[2012/03/06 13:04:04 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5DB46A82-736C-43B8-B32B-FDD9A3336EC5}
[2012/03/05 12:19:31 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E00F2FEE-4652-4000-9F6B-1677C0F7A8CB}
[2012/03/05 12:19:18 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{3B5AD224-8F6F-4DB2-8BD9-7224F38D4963}
[2012/03/04 22:45:23 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E945480A-0B24-4892-B442-9561A0D01C56}
[2012/03/04 22:45:05 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{00927FB1-4FD0-41E3-ABF5-7BE50067CA68}
[2012/03/04 09:13:00 | 002,824,032 | ---- | C] (Acronis) -- C:\Windows\SysNative\AutoPartNt.exe
[2012/03/04 08:43:53 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{393A64C4-FE98-4340-B551-9B9AAC05306E}
[2012/03/04 08:43:08 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{686B185F-113C-4D1B-A5E0-04DB275CE187}
[2012/03/04 08:32:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Seagate
[2012/03/04 08:32:16 | 000,711,712 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2012/03/04 08:32:16 | 000,081,952 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tifsfilt.sys
[2012/03/04 08:32:00 | 000,011,264 | ---- | C] (Acronis) -- C:\Windows\SysNative\relog_ap.dll
[2012/03/04 08:31:46 | 000,235,040 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2012/03/04 08:31:11 | 000,593,952 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\tdrpman.sys
[2012/03/04 08:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2012/03/04 08:30:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Seagate
[2012/03/03 22:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Macrium
[2012/03/03 21:18:55 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{966810A5-99B7-4923-874B-B45270318A4C}
[2012/03/03 21:17:57 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6896125E-C80E-472D-AD55-E4B5E70CDCB1}
[2012/02/28 16:19:07 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{888EEAD7-EBB4-4FD0-8D91-95897FDDC3C3}
[2012/02/28 16:18:33 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2A52D140-7123-4363-B47A-2417EEEF07B2}
[2012/02/21 12:39:48 | 000,536,576 | ---- | C] (Ford Motor Company) -- C:\Windows\SysWow64\SyncActiveX2.dll
[2012/02/20 07:01:30 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{EA53E2A7-90E9-42F5-AD45-9DDD5F0CDC98}
[2012/02/20 07:01:03 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{26BD9254-5821-4222-A430-C4A16B761E0D}
[2012/02/19 12:26:28 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{45BFA91B-56DA-4C93-8913-B21E54256B2D}
[2012/02/19 12:24:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E9A99DF9-CD5E-4462-B3A9-6BCE615814DC}
[2012/02/18 21:56:04 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E8A63E65-722B-4576-AA72-1CDDC89036F9}
[2012/02/18 21:55:50 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E310E87C-D3C7-4435-94E4-0216580949D0}
[2012/02/17 15:57:27 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{72CA6970-479C-45D0-96DE-E37C5D26E25D}
[2012/02/17 15:57:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{787D84CB-C5E7-402E-A0F1-BA51554983DB}
[2012/02/17 03:56:49 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{23BCB0E5-F0D0-469C-9924-8E013C7BCCEC}
[2012/02/17 03:56:36 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2CCCE6C0-1BCE-4C3D-9BE7-604F7421C164}
[2012/02/16 13:02:49 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4CE57DF9-2431-4F23-8D55-44BE1958E7C2}
[2012/02/16 13:02:35 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A549E668-9EF7-45FF-AB47-F6A3A38EBF04}
[2012/02/16 02:47:08 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/16 02:47:03 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/16 02:47:03 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/16 02:47:00 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/15 22:19:50 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{314E6EEE-8C7F-4C1A-89F6-B0050E420A1F}
[2012/02/15 22:19:37 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2E6D65CD-6DF8-457F-B685-B31CFD452867}
[2012/02/15 12:01:50 | 004,547,944 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2012/02/15 12:01:50 | 000,052,736 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2012/02/15 10:01:05 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2CE7FD57-A92C-40ED-BD48-5E448E22F0DE}
[2012/02/15 10:00:49 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0F1D0A70-15D8-4C16-BE9D-A56251E7144C}
[2012/02/14 10:56:21 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{52926882-2025-495F-8431-C49E60947469}
[2012/02/14 10:56:07 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{116E2691-4AC5-4818-8D0F-9D6BDF960178}
[2012/02/13 21:58:03 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9164005A-BB6C-40C7-BCA9-80F0F9860F9D}
[2012/02/13 21:57:50 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1015B6E7-30C3-4DF5-AE9F-EE8BC2144627}
[2012/02/13 09:14:19 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1085DF53-1050-47A7-AEA6-75641B0B7793}
[2012/02/13 09:14:03 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{62EB5FF5-A95E-4890-959F-43C4AFC16CCA}
[2012/02/12 09:18:20 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{19072AD0-A578-4590-A4B0-D9A04F820469}
[2012/02/12 09:18:05 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7BA3325E-E082-455A-9E04-687FE26F19A6}
[2012/02/11 08:50:55 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{432AD0C8-3680-4CCC-90E4-F5DAD464D861}
[2012/02/11 08:50:44 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{79F819F2-B7C5-4DE1-A1E4-7736956C7797}
[2012/02/10 17:18:34 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C7290E53-FDE6-4AAF-91D8-ABF995020FD0}
[2012/02/10 17:18:22 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5610E905-0F0A-4137-84F5-AAB9FD289C30}
[2012/02/09 21:37:50 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5A68FB70-7944-4FF5-8157-42935357FC8E}
[2012/02/09 21:37:38 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E7E8EC66-9C9F-4921-BD25-AE506B030AEC}
[2012/02/09 09:37:09 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4215B565-3EE4-4C50-ABCB-BE4C3085F817}
[2012/02/09 09:36:53 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{CD5E61F4-CEC8-4535-81AC-3846BCE1FB28}
[2012/02/08 08:14:27 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{202E16D0-DDB5-4D0B-8BE1-3486AEAA7208}
[2012/02/08 08:14:16 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{960F9D09-E1C2-474F-809D-7F8C20268E5F}
[2012/02/07 11:02:40 | 001,070,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012/02/07 09:54:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5E6A858E-831B-4614-97B8-8F0FB1031627}
[2012/02/07 09:54:28 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{3CFC5732-0BAB-4E25-AB23-148AE45715A9}
[2012/02/06 10:42:25 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{BE98962C-F6C3-4692-83E7-F09B7E8D1C71}
[2012/02/06 10:42:13 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{761D1A55-F8A3-4AAC-9735-0F627C108696}
[2012/02/05 14:22:43 | 000,962,560 | ---- | C] (GeoVision) -- C:\Windows\SysWow64\GXAMP4.dll
[2012/02/05 14:22:43 | 000,716,800 | ---- | C] (GeoVision) -- C:\Windows\SysWow64\GX264.dll
[2012/02/05 14:22:43 | 000,528,384 | R--- | C] (GeoVision) -- C:\Windows\GeoCodec.dll
[2012/02/05 14:22:43 | 000,528,384 | ---- | C] (GeoVision) -- C:\Windows\SysWow64\GeoCodec.dll
[2012/02/05 14:22:43 | 000,147,519 | ---- | C] (GeoVision Inc.) -- C:\Windows\SysWow64\GeoADPCM.acm
[2012/02/05 14:22:38 | 000,000,000 | ---D | C] -- C:\Windows\v8100
[2012/02/05 11:02:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A807F7A4-1CEB-4B1C-B589-BD408678FA5E}
[2012/02/05 11:02:29 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0412DF36-CEC3-417B-B617-62C7E1A40BFF}
[2012/02/04 09:55:02 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{259E6CB7-DEA2-485D-B3D9-1C50A308CF34}
[2012/02/04 09:54:42 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{55BBF9BB-3DA9-45ED-A577-B146F2E741EA}
[2012/02/03 13:01:21 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{F1E0EE5C-4050-4226-A363-284678C430E8}
[2012/02/03 13:01:01 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7EE1EF37-5106-4990-99E6-CD893DA31F09}
[2012/02/02 12:42:52 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{197C5981-23AE-4192-86BE-6F9FBD8034B5}
[2012/02/02 12:42:39 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{BE19BFEB-A659-4148-8550-5B56EE520978}
[2012/02/01 09:49:00 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1B9EC305-0BEF-44CB-A4FA-537A9C8E451A}
[2012/02/01 09:48:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{871372D2-B0E5-40D1-A772-E12AD63E24F8}
[2012/01/31 10:10:40 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{3A5F4C8A-2361-4909-89DA-C7497E57385B}
[2012/01/31 10:10:27 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C335E4F3-C3F0-49A2-8F03-7B32A1D14B80}
[2012/01/30 08:39:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{82A60D9A-26CB-4130-9C5E-9842B8FEF490}
[2012/01/30 08:39:20 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D33F9E60-6A4D-4F25-80BE-5F45449BABD2}
[2012/01/29 10:00:30 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{855ACE61-BE92-4EC6-8502-8BC65D86EC26}
[2012/01/29 10:00:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8741D839-9213-4610-8577-48550FEF9712}
[2012/01/28 10:18:31 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2D89FEF2-C7DA-42F0-B284-9C9908D14C22}
[2012/01/28 10:18:19 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9BE1EA55-6CF8-48AF-B5EC-5554BB1CA8DB}
[2012/01/27 09:01:24 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7FA3BCA8-FD7E-46A3-BACD-AC9BB1490629}
[2012/01/27 09:01:12 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5C0B67CD-A85E-490C-B598-4820B2119A36}
[2012/01/26 17:10:37 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E83438F6-6DE8-498F-AC95-AFF0C826B093}
[2012/01/26 17:10:24 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E8A146B6-B881-4B4C-AEFB-A9EBF7BEDD89}
[2012/01/26 04:22:16 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D0EC567A-7C9F-4190-8758-BD29C87BEB39}
[2012/01/26 04:21:11 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{18045186-B564-490F-B449-5A2AA9269397}
[2012/01/25 17:49:09 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/25 17:49:09 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2012/01/25 17:49:09 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2012/01/25 17:49:09 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2012/01/25 17:49:08 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2012/01/25 17:49:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/25 10:37:08 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9EAD39E9-D65A-4062-BF4C-143FE783EE46}
[2012/01/25 10:36:52 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C7A9F82E-C6A8-4645-850E-1213C006F11E}
[2012/01/24 21:27:25 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{FE1FCD38-2CFB-4D13-9D63-5BC60C198204}
[2012/01/24 21:27:11 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{77F978F7-A2CE-4914-AF93-8CEB8C66100E}
[2012/01/24 08:44:12 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6192C44C-978A-46A7-AECB-692C943382D2}
[2012/01/24 08:43:58 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6100EC27-BE78-470B-9483-2AE698F2B4FE}
[2012/01/23 11:41:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\Spotify
[2012/01/23 10:02:11 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C62F66FE-80C6-480F-97D5-6FB715BE4372}
[2012/01/23 10:01:53 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{DB758600-31E8-4EEC-9588-00C961AD41B6}
[2012/01/22 08:22:00 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{781C8083-368C-45B2-9A3B-BFC35D115DA6}
[2012/01/22 08:20:52 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{CAFEEDCF-E098-43FB-AA8D-6DBCC1A0516C}
[2012/01/21 09:24:21 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6B6C2580-39CE-4551-AAC2-B6D3DF5DAEE4}
[2012/01/21 09:24:09 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7AA652F0-12DA-4F51-9180-58B2C0F579F2}
[2012/01/20 11:00:06 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D261F2E8-661C-4EC6-B3AF-99B441FFABE6}
[2012/01/20 10:59:54 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A73E2211-88D8-4B54-AECE-F8BE7EDB2CFD}
[2012/01/19 11:33:51 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D50D82DD-1732-40B7-92BD-00C910CBF51B}
[2012/01/19 11:33:38 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{CE9ACE67-2A97-461C-AB3A-75BAE5563A55}
[2012/01/18 09:40:58 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{F521A843-C088-4BDC-B582-CF60E36EEEEA}
[2012/01/18 09:40:45 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4BE7FBA4-144B-4A22-B433-0F1BC37442DC}
[2012/01/17 11:01:36 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{43F1F11B-5115-4EB7-83D6-95F79361A18D}
[2012/01/17 11:01:22 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7A7B0CFB-FABF-46A1-A7B5-E2143FA123C0}
[2012/01/16 09:45:35 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{374DA202-FAA1-4928-A70D-05827AA2A5F6}
[2012/01/16 09:45:17 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{FD67EC98-E08E-458C-B1D0-03D9DCA957FD}
[2012/01/15 19:55:20 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Desktop\Liv's new camera
[2012/01/15 12:16:35 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5C0E5222-6EBF-4D29-8911-7954D2E187AC}
[2012/01/15 12:16:22 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6539F494-4713-495B-AC6A-FAE5D6C2502C}
[2012/01/14 08:49:02 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{774CB80A-3CD3-4A8F-A7A3-11489060F30F}
[2012/01/14 08:48:48 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2C4D9796-6214-4752-A749-76A8D20D3E2D}
[2012/01/14 08:26:03 | 000,069,376 | ---- | C] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2012/01/14 08:25:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2012/01/14 08:25:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2012/01/13 17:49:58 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{56EFE3D1-A417-4DD0-8D21-248CEAD5ED8A}
[2012/01/13 17:49:46 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D063F2EC-A305-4763-84DD-5CCF2B57906A}
[2012/01/12 21:39:40 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D48C3CEA-7DE9-41CE-B98A-89BB0BF2F71F}
[2012/01/12 21:39:24 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C5DF58C3-931E-4F6C-B061-59111E727BB1}
[2012/01/12 08:27:25 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{BFB6906E-A81B-4D56-8417-D63AAE9E2675}
[2012/01/12 08:27:01 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1C1070F6-4A69-4D9E-9FF9-B973A690BA61}
[2012/01/11 19:01:14 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\Documents\My Weblog Posts
[2012/01/11 19:00:51 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9103929B-4948-4D6C-8A66-86C25B09858F}
[2012/01/11 19:00:31 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5B259B2D-AF87-46EF-93D4-C80A29BC788C}
[2012/01/11 04:27:58 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{97434D06-2DAD-421B-A777-9537E638788B}
[2012/01/11 04:26:08 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{019CFA78-5CE2-4703-9C87-1882CCDFB5A5}
[2012/01/11 01:19:19 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/11 01:19:18 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/11 01:19:18 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/11 01:19:18 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/11 01:19:16 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/11 01:19:14 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/11 01:19:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/01/10 09:16:03 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{02517E5A-E465-4693-AA2F-07A096D19E82}
[2012/01/10 09:15:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{938DABFD-C552-417F-B978-E3EFA2425AF8}
[2012/01/09 11:02:18 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{713B167A-CBC8-4B8B-872D-00F34DB4FCF9}
[2012/01/09 11:02:03 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{30538E64-9969-4942-83C2-615CEB56D4C3}
[2012/01/08 10:20:12 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{57826155-8082-4C60-885B-28D86BB35D52}
[2012/01/08 10:19:49 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9B0A5375-6E12-4D19-BE77-482BABF5B38D}
[2012/01/07 11:50:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D2022E6F-A6A0-484B-9B60-D19616971AC4}
[2012/01/07 11:50:28 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5C1B573B-24A4-412B-9C8D-159933A41C58}
[2012/01/06 11:10:10 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{05BC9C67-7215-4972-8F86-138B7F93B8A4}
[2012/01/06 11:09:57 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{F1A82063-9B76-4E9C-A0C7-795A80CB3908}
[2012/01/05 08:19:51 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B854319D-FA1D-4190-9CB3-77DEFC61451F}
[2012/01/05 08:19:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C968EEAB-B59E-449F-B0AB-6B31A4E7E022}
[2012/01/04 10:00:21 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7C86454A-412E-4F02-9265-C9C93227303E}
[2012/01/04 10:00:06 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2FE4B955-62F7-4C60-B6E4-FE15286B860C}
[2012/01/03 09:54:45 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{AA55C58A-BEE8-40EC-96AF-E9CEB05B43B0}
[2012/01/03 09:54:29 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{CC0C236B-033B-46E4-91E5-181EBE5A4703}
[2012/01/02 10:38:59 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8406A4B7-087B-44AE-B433-4CC0E2ECEF5B}
[2012/01/02 10:38:45 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{EB9A336A-7B41-4E25-8296-C9E1E5BCCCA0}
[2012/01/01 21:25:27 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4B767262-64C5-4BC7-B377-4A90BEDB4B16}
[2012/01/01 21:25:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{49A38077-350D-4389-AAA9-D9E69A97C6EB}
[2012/01/01 09:03:59 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{487569F2-2F23-4EF8-AD57-AF210FF59F40}
[2012/01/01 09:03:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E357E20D-8671-42D4-8D6D-E59BDA9DB3BC}
[2011/12/31 11:32:24 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9A06B183-062C-4908-A618-A6EE5F9AEC75}
[2011/12/31 11:32:11 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{26240FB6-2FD1-4E19-A316-8B351F832926}
[2011/12/30 20:17:44 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{16C18820-10B7-4FFE-AE0C-11867CAE7F4F}
[2011/12/30 20:17:31 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7193B20C-16AA-41D8-AB8C-3632F67F7DB7}
[2011/12/30 11:34:53 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Roaming\Spotify
[2011/12/30 07:57:31 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B28DB44E-C60E-4A18-AEAF-D7065F969996}
[2011/12/30 07:56:59 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8C9B18AA-487C-4B09-A509-8CF5B394910B}
[2011/12/30 06:38:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USAPhotoMaps
[2011/12/29 11:23:08 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9DBFFCA7-713F-41B2-9620-F0B885197686}
[2011/12/29 11:22:52 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B4FDD054-5FA8-4A41-8161-5319F9F84D96}
[2011/12/28 14:21:04 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9D9BBE63-C5F5-456C-96A7-4B116D69EB1B}
[2011/12/28 14:20:49 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B66F1539-3A7C-412B-B5F5-AE8B991C28FB}
[2011/12/27 10:37:40 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{DC91FA54-5FFB-46AF-A4E3-F4AB2998DC7B}
[2011/12/27 10:37:25 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0A55C585-F821-44DA-AB12-7506D2F2FB7B}
[2011/12/26 19:14:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{34CAE2E0-6D39-4B9F-86D6-3276F8A0211C}
[2011/12/26 19:13:56 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6A50D095-5E4E-43C9-ABA6-EDE03D74EF00}
[2011/12/25 14:27:54 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0DCA5B0F-30CD-4240-8BF7-C8B50AB989D4}
[2011/12/25 14:27:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{3111D162-02DB-4E7F-8E43-2B4746080B81}
[2011/12/24 19:41:13 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4C845089-5CAB-46E1-8FB5-20F8222BB118}
[2011/12/24 19:41:01 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{94F6AB7F-0A4B-4B43-B137-B524E71C4E2F}
[2011/12/24 07:39:56 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{BFE8411E-3CF0-4C8A-AB43-011674FF4152}
[2011/12/24 07:39:26 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C2D8EA71-9025-4D11-8DDF-7D5BD7E7522A}
[2011/12/23 09:38:34 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C0990A2B-6DE0-4697-B5B2-4DACABA35807}
[2011/12/23 09:38:21 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7705182E-2A50-49CD-BF7C-6DB3DF02D79A}
[2011/12/22 15:39:09 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{BBF1F8E4-88FF-4D96-BB33-EB31B708C000}
[2011/12/22 15:38:56 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D245F2FC-5E08-497D-AD4B-161D35043B4C}
[2011/12/21 09:39:04 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D5735B27-17DD-4CF5-AE38-EB06DD66A237}
[2011/12/21 09:38:51 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{DB7B721E-D5E1-460D-93BE-4343BA0A1553}
[2011/12/20 20:38:39 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D1720826-5D6D-4672-9C5C-E8428DFEAECF}
[2011/12/20 20:38:27 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{61E2C553-C05B-49DF-A66A-BD1294FA1F16}
[2011/12/20 08:25:20 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{32230959-E335-4A29-BED2-8397F050649E}
[2011/12/20 08:24:58 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8B494317-28A6-425A-8FE0-4C2CB3D10E6E}
[2011/12/19 09:36:27 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C3025AC9-F106-4834-982E-64977A33B17B}
[2011/12/19 09:36:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{603E6FB7-143D-4407-ACEF-F21603677F58}
[2011/12/18 21:35:49 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D45B1CB6-61B3-4113-A6C7-3456061896D8}
[2011/12/18 21:35:37 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{360B9D96-04A4-499F-9036-491039092EFA}
[2011/12/18 09:35:07 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9F76FC39-7C13-413C-96E9-6CE4A6267C17}
[2011/12/18 09:34:53 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9A2C0F3B-A632-4A92-A396-8680969E2EC1}
[2011/12/17 09:12:23 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4794AB6E-6AD9-4005-A9D5-BBA54063C228}
[2011/12/17 09:12:10 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{17766001-76ED-4F6D-90C3-712196E18F45}
[2011/12/16 21:10:23 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8E8296D4-091F-4369-BAAA-88C15C7E9CEC}
[2011/12/16 21:10:09 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{575D06F1-B156-4177-B53D-CE1679AE8080}
[2011/12/16 08:55:38 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A43B2ED6-63D8-4239-918B-F5631AC8B7AD}
[2011/12/16 08:55:20 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{11F41C49-84BE-40B5-9F8C-96B10C998384}
[2011/12/15 20:51:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0D332360-59F5-4FDB-8057-97C2D0908CD9}
[2011/12/15 20:51:29 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1707DEF7-41B8-412D-9651-170CE72F2589}
[2011/12/15 16:04:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011/12/15 16:03:59 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011/12/15 16:03:59 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011/12/15 07:49:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{EBC7D47E-D135-4395-A7D4-1103BC51A6D1}
[2011/12/15 07:49:12 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{F2C1389D-9FFD-492B-BD91-CF1D8A33C64F}
[2011/12/14 09:43:41 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B25B42CC-12B8-41BC-9A84-4C8A8E210AA3}
[2011/12/14 09:43:07 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9CD59B32-CBC7-4C70-88C5-0149DCBC8C77}
[2011/12/13 21:42:38 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{FAD963E3-D592-49B5-9981-80622F93CCFD}
[2011/12/13 21:42:26 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0055767A-AAB1-4164-820A-3B285A4434CD}
[2011/12/13 09:12:58 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5905991B-6D60-4A0C-A8DE-DDB169CC18AA}
[2011/12/13 09:12:40 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D8AD30F8-07CF-4607-B161-6824DAF13A33}
[2011/12/12 10:45:01 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{B15AC5EA-6CD8-4F98-9769-4966A78E318A}
[2011/12/12 10:44:49 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{65E45A62-DA97-47A2-9C59-E279017C67EA}
[2011/12/11 08:48:16 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5704DC73-FD10-4CB6-98AF-20E30E6A09F3}
[2011/12/11 08:47:59 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9E0C341E-4A7B-43E3-947A-5C36334DB6DC}
[2011/12/10 17:29:58 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D2B53059-9B99-4A51-A9E3-3A6FD6E099D0}
[2011/12/10 17:29:33 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{DFABD6D5-C2D9-44C3-A2AB-7244546EF268}
[2011/12/09 16:27:22 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{12343397-1F55-44EC-BE3C-6881A335DEE1}
[2011/12/09 16:27:09 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D42A8557-18D7-4393-B841-192F71D9D38E}
[2011/12/08 12:05:30 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{53293662-53A9-4139-BA46-A1924570B8C0}
[2011/12/08 12:05:18 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{088C023D-0C29-47DE-88EE-69483CF29C37}
[2011/12/07 09:05:46 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{38752E43-3293-4DCE-924B-21B5079DB30E}
[2011/12/07 09:05:23 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{39659256-99C4-4B7E-AA13-4FB5AD88BC7F}
[2011/12/06 09:07:38 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6216D5AB-757C-4E04-83A8-3FD810D724C3}
[2011/12/06 09:07:25 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8C42EB90-50EA-4186-897E-A9469ACF1263}
[2011/12/05 21:06:56 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4C10E76B-0367-46D7-B2FE-3B5903F8F73C}
[2011/12/05 21:06:44 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{8B4B9195-921C-458A-B823-EB40B8697350}
[2011/12/05 09:05:54 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5B83FFCA-FDC9-42CC-89E3-4EB37AB0C331}
[2011/12/05 09:05:39 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{555275C7-0AE6-4607-BD20-C9843D6ADC4B}
[2011/12/04 10:07:13 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C81AF12A-1813-4715-99C2-6B75894FB364}
[2011/12/04 10:06:58 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D905B02A-D35B-40C3-BAA0-7A5015EB40A8}
[2011/12/03 09:15:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0A48AD3F-1412-4FB7-840C-75FC528E6A6A}
[2011/12/03 09:15:17 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{75C7A87A-C7C7-4AF7-A2B1-E9284F6AE94C}
[2011/12/02 08:33:02 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{737368A8-80E6-4E8E-AB00-BCEBF9C06AEB}
[2011/12/02 08:32:49 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A7E54D31-3E64-464A-86B4-25E127974A06}
[2011/12/01 13:00:04 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{3C0685F8-41D4-41FF-A8E1-A8C84F32C047}
[2011/12/01 12:59:49 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D7104943-6798-4D7C-BB52-C0997F20F1A0}
[2011/11/30 18:50:33 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A9030F31-27C5-4DD0-A911-A946677B2A5A}
[2011/11/30 18:50:04 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{F18C82DA-671B-477D-95B7-DB1FF2FA94F9}
[2011/11/30 06:18:05 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{916A5D0D-63FA-407D-B471-B2BFDE5FCF4A}
[2011/11/30 06:17:52 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{BC9D7794-4E1E-470E-B071-FE81B78CB8BA}
[2011/11/29 14:34:33 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{AA161111-2E84-4D6A-8FC0-114BC5B70179}
[2011/11/29 14:34:20 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{32386BE6-BA34-4BE0-B92E-836DB0D126F1}
[2011/11/28 08:19:18 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{1DF5AE22-0494-4E69-88DD-275A5AB8B287}
[2011/11/28 08:19:05 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{18684650-01B2-43A1-ADD0-58A1BBE2C6AB}
[2011/11/27 20:18:39 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{F924C149-84EA-4C78-9920-8ECCCBD51C73}
[2011/11/27 20:18:26 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{5B687B00-89B4-442E-98E6-DDB4D910D15F}
[2011/11/27 07:32:50 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A86700F4-EC80-40BD-B252-C468ABBA1DE7}
[2011/11/27 07:32:32 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E6F023F4-A94A-491A-ABE3-13B6A14A426C}
[2011/11/26 16:07:36 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4B7011F0-6C68-4FDA-B433-2DC95DC6F191}
[2011/11/26 16:07:24 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{30FA9F0F-891E-4818-B393-FB5D52AB61D9}
[2011/11/26 09:27:18 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7A85D092-22FE-41AE-AE1E-2F7EBBB0F168}
[2011/11/25 08:28:42 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{DCC9DEC0-3418-4886-80A1-686EDDADA71C}
[2011/11/25 08:28:30 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0F4D6B6F-3B43-44ED-8E81-19E6FDE11A86}
[2011/11/24 08:25:21 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4542E903-33DE-42BD-8E27-78080EA7BD1F}
[2011/11/24 08:25:09 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{24B82520-595B-4369-B5AD-D22A2F1AD9EE}
[2011/11/24 07:04:13 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2F50F1FB-8901-44C6-BFF2-DCE67146C5B7}
[2011/11/24 07:04:01 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{463212C2-BCB3-45D8-A040-B98164047396}
[2011/11/23 11:38:59 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{405B95DD-CED7-4C0C-A5EB-81682F1314B6}
[2011/11/23 11:38:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D891D2F3-018B-4C85-90E5-59A846DF25EA}
[2011/11/22 21:30:17 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenu
[2011/11/22 21:30:16 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJ
[2011/11/22 08:32:15 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E72FB8D3-312B-4D98-B8DD-62D4601D9C3C}
[2011/11/22 08:31:55 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{E2312D08-A31B-4822-AAA3-3FAE73C5B2E0}
[2011/11/21 09:25:07 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{C08C1B5D-B694-4126-910B-A02CC3D3C392}
[2011/11/21 09:24:55 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{D9BB5ECE-05F3-41F1-A763-071A18569C76}
[2011/11/20 12:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/11/20 12:52:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/11/20 08:31:34 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{07223213-463F-46CA-8BB0-6D18B3E9A1E3}
[2011/11/20 08:31:08 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{BAD3DF41-75EB-4461-A9FF-46AE6C807E13}
[2011/11/19 10:33:36 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{AEC1B79A-D36E-4412-B01B-29F8B58986B6}
[2011/11/19 10:33:24 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{668D1C2F-9F0E-4C63-9858-2C854BF02431}
[2011/11/18 20:58:25 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{0AC87AC8-7A31-4277-868E-5AAB05990ADB}
[2011/11/18 20:58:13 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{224565AF-FA14-4C47-BB7A-2B0438D566B0}
[2011/11/18 08:38:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{44067E45-F6EF-42E1-9759-99816D8B1EA1}
[2011/11/18 08:38:34 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{33D38B4A-D3B4-4D10-AD40-106B92406D92}
[2011/11/17 13:31:55 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A394FE0F-9682-4604-BCA6-4BD1F2FDAEDE}
[2011/11/17 13:31:42 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{FFDA36E6-D259-433A-8580-7C2BD95203A8}
[2011/11/16 20:59:17 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2D9B14A2-5588-4798-8792-175ABA7FD053}
[2011/11/16 20:59:05 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{6CA51E60-9F71-44F5-B1F5-7CA41B8DE294}
[2011/11/16 08:58:38 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{AE1E4A7A-9CFD-4436-9DBB-D5CF82C1CEEC}
[2011/11/16 08:58:26 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{BABAD403-3E10-4E35-84F1-A74E737BEDB8}
[2011/11/15 20:58:00 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{4CE01D0E-AFED-4D7D-B960-5F9EBFD31F6A}
[2011/11/15 20:57:48 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{7FB9BCAF-E3E9-4EB1-BC2D-0DCB83278729}
[2011/11/15 08:26:34 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{06A2FF73-8DAF-45F8-8FC4-CAD3DD1DA249}
[2011/11/15 08:26:20 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{A09FD181-4789-44C2-AC5C-6E300C06F3E7}
[2011/11/15 04:11:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/14 08:12:47 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{905AB293-6ADD-4426-9DD6-3EF7790FCC95}
[2011/11/14 08:12:34 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{65466CBB-CB92-4468-8001-D6A1F24D7957}
[2011/11/13 09:18:28 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{9E4E4AC0-4105-43AB-840A-22C10411B2DF}
[2011/11/13 09:18:12 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{3856F645-E222-48C6-83DF-61BD1EC3AF19}
[2011/11/12 10:12:10 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{2DFCE08A-8D9C-4959-8547-408C3EB1CE53}
[2011/11/12 10:11:57 | 000,000,000 | ---D | C] -- C:\Users\Ahokas\AppData\Local\{48539115-16A7-41C9-84E7-5520AE556CDB}

========== Files - Modified Within 180 Days ==========

[2012/05/10 06:22:26 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/10 06:22:26 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/10 06:22:26 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/10 06:20:01 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/10 03:20:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/09 23:05:43 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/09 23:05:43 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/09 22:55:59 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012/05/09 22:53:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/09 22:53:45 | 2058,657,791 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/09 18:18:26 | 000,001,812 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/09 06:21:24 | 000,007,604 | ---- | M] () -- C:\Users\Ahokas\AppData\Local\Resmon.ResmonCfg
[2012/05/08 23:16:59 | 000,001,984 | ---- | M] () -- C:\{6724C1D0-7F98-4760-80BC-FFE26E23C75E}
[2012/05/08 19:03:13 | 000,003,264 | ---- | M] () -- C:\{F2BC21F2-E97C-4C33-A7D1-A2D5D158C450}
[2012/05/08 11:17:40 | 016,337,024 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Ahokas\Desktop\SUPERAntiSpyware.exe
[2012/05/08 10:21:30 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Ahokas\Desktop\OTL.exe
[2012/05/08 08:09:20 | 000,302,592 | ---- | M] () -- C:\Users\Ahokas\Desktop\idtzzg6n.exe
[2012/05/08 08:08:52 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Ahokas\Desktop\aswMBR.exe
[2012/05/08 08:07:52 | 002,075,184 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Ahokas\Desktop\tdsskiller.exe
[2012/05/07 06:55:59 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/05/07 06:55:59 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/05/07 06:52:54 | 000,002,502 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2012/05/07 06:52:21 | 001,953,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0502010.003\Cat.DB
[2012/05/06 16:06:41 | 000,034,329 | ---- | M] () -- C:\Users\Ahokas\Desktop\crayon wreath.jpg
[2012/04/29 19:04:15 | 000,000,848 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012/04/27 16:46:52 | 000,014,413 | ---- | M] () -- C:\Users\Ahokas\Desktop\dragonflylifecycle.gif
[2012/04/22 07:36:35 | 000,004,382 | ---- | M] () -- C:\Users\Ahokas\Documents\Liv Vision Statement third grade.wpd
[2012/04/16 17:34:33 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0502010.003\isolate.ini
[2012/04/15 06:19:07 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/04/06 09:31:04 | 000,002,164 | -H-- | M] () -- C:\Users\Ahokas\Desktop\ZbThumbnail.info
[2012/04/01 17:19:48 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/19 08:28:17 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/03/18 12:11:57 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/03/14 03:21:48 | 000,422,504 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/11 13:48:52 | 000,063,760 | ---- | M] (Trusteer Ltd.) -- C:\Windows\SysNative\drivers\RapportKE64.sys
[2012/03/11 09:56:40 | 000,103,965 | ---- | M] () -- C:\Users\Ahokas\Documents\MA_Safety_Agreement_Registration_Form.pdf
[2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2012/03/06 02:53:37 | 005,559,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/06 01:59:47 | 003,968,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/06 01:59:41 | 003,913,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/05 13:01:59 | 000,001,365 | ---- | M] () -- C:\Users\Ahokas\Desktop\2012 Vacation - Shortcut.lnk
[2012/03/04 17:00:22 | 000,001,024 | ---- | M] () -- C:\Windows\SysNative\AutoPartNt.let
[2012/03/04 16:53:45 | 002,824,032 | ---- | M] (Acronis) -- C:\Windows\SysNative\AutoPartNt.exe
[2012/03/04 08:32:16 | 000,711,712 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys
[2012/03/04 08:32:16 | 000,081,952 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tifsfilt.sys
[2012/03/04 08:31:46 | 000,235,040 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys
[2012/03/04 08:31:11 | 000,593,952 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpman.sys
[2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/03/01 02:38:27 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/03/01 02:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/02/28 16:12:05 | 985,894,458 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/28 02:56:48 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/28 02:48:57 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/28 02:48:36 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/28 02:45:47 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/28 02:43:16 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/28 02:39:50 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/27 21:11:21 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/27 21:09:51 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/27 21:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/27 21:03:31 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/27 20:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/21 12:39:48 | 000,536,576 | ---- | M] (Ford Motor Company) -- C:\Windows\SysWow64\SyncActiveX2.dll
[2012/02/17 02:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/02/17 01:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/02/15 12:01:50 | 004,547,944 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\usbaaplrc.dll
[2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys
[2012/02/12 14:25:22 | 000,001,338 | ---- | M] () -- C:\Users\Ahokas\Desktop\TUBING Gunstock- Shortcut.lnk
[2012/02/12 13:48:09 | 000,370,906 | ---- | M] () -- C:\Users\Ahokas\Desktop\Cam tubing.jpg
[2012/02/12 13:47:27 | 000,052,224 | ---- | M] () -- C:\Users\Ahokas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/12 13:44:58 | 000,360,586 | ---- | M] () -- C:\Users\Ahokas\Desktop\IMG_6147.JPG
[2012/02/12 13:41:14 | 001,049,059 | ---- | M] () -- C:\Users\Ahokas\Desktop\Troop photo2.jpg
[2012/02/12 13:40:38 | 001,011,552 | ---- | M] () -- C:\Users\Ahokas\Desktop\Cam and troop.jpg
[2012/02/12 13:36:34 | 000,455,811 | ---- | M] () -- C:\Users\Ahokas\Desktop\Cam Ben snow angels.jpg
[2012/02/10 02:36:07 | 001,544,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/02/07 11:02:40 | 001,070,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012/01/25 02:38:39 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/01/25 02:38:38 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/01/25 02:33:30 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/01/22 09:04:17 | 000,002,515 | ---- | M] () -- C:\Users\Ahokas\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2012/01/22 09:04:13 | 000,002,491 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2012/01/22 08:58:06 | 000,001,245 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
[2012/01/14 08:27:50 | 000,016,432 | ---- | M] () -- C:\Windows\SysNative\lsdelete.exe
[2012/01/04 06:44:20 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2011/12/30 11:35:11 | 000,001,818 | ---- | M] () -- C:\Users\Ahokas\Desktop\Spotify.lnk
[2011/12/30 06:38:16 | 000,001,059 | ---- | M] () -- C:\Users\Ahokas\Desktop\USAPhotoMaps.lnk
[2011/12/30 02:26:08 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2011/12/30 01:27:56 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2011/12/26 20:11:15 | 000,442,694 | ---- | M] () -- C:\Users\Ahokas\Desktop\GGtable.jpg
[2011/12/23 08:12:12 | 000,069,376 | ---- | M] (Lavasoft AB) -- C:\Windows\SysNative\drivers\Lbd.sys
[2011/12/20 17:59:02 | 000,004,019 | ---- | M] () -- C:\Users\Ahokas\Documents\classlist.wpd
[2011/12/16 04:46:06 | 000,634,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2011/12/01 08:07:55 | 000,004,143 | ---- | M] () -- C:\Users\Ahokas\Documents\Vision Statement 2011.wpd
[2011/11/19 10:58:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2011/11/19 10:01:00 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2011/11/17 02:41:18 | 001,731,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011/11/17 02:35:28 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2011/11/17 02:35:26 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2011/11/17 02:35:26 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2011/11/17 02:35:25 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2011/11/17 02:35:19 | 001,447,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2011/11/17 01:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2011/11/15 04:11:35 | 000,002,216 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

========== Files Created - No Company Name ==========

[2012/05/09 18:18:26 | 000,001,812 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/05/09 18:01:36 | 000,302,592 | ---- | C] () -- C:\Users\Ahokas\Desktop\idtzzg6n.exe
[2012/05/08 23:16:59 | 000,001,984 | ---- | C] () -- C:\{6724C1D0-7F98-4760-80BC-FFE26E23C75E}
[2012/05/08 19:03:12 | 000,003,264 | ---- | C] () -- C:\{F2BC21F2-E97C-4C33-A7D1-A2D5D158C450}
[2012/05/08 16:53:18 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012/05/06 16:06:37 | 000,034,329 | ---- | C] () -- C:\Users\Ahokas\Desktop\crayon wreath.jpg
[2012/04/27 16:46:50 | 000,014,413 | ---- | C] () -- C:\Users\Ahokas\Desktop\dragonflylifecycle.gif
[2012/04/22 07:36:35 | 000,004,382 | ---- | C] () -- C:\Users\Ahokas\Documents\Liv Vision Statement third grade.wpd
[2012/04/15 06:19:07 | 000,002,018 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/04/06 09:28:46 | 000,002,164 | -H-- | C] () -- C:\Users\Ahokas\Desktop\ZbThumbnail.info
[2012/04/05 19:46:48 | 000,016,432 | ---- | C] () -- C:\Windows\SysNative\lsdelete.exe
[2012/04/01 17:19:45 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/18 12:11:53 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/03/18 12:11:44 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/03/11 09:56:40 | 000,103,965 | ---- | C] () -- C:\Users\Ahokas\Documents\MA_Safety_Agreement_Registration_Form.pdf
[2012/03/05 13:40:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/03/04 09:13:00 | 000,001,024 | ---- | C] () -- C:\Windows\SysNative\AutoPartNt.let
[2012/02/28 19:42:48 | 000,001,365 | ---- | C] () -- C:\Users\Ahokas\Desktop\2012 Vacation - Shortcut.lnk
[2012/02/15 12:09:22 | 000,002,502 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Suite.lnk
[2012/02/12 13:47:15 | 000,370,906 | ---- | C] () -- C:\Users\Ahokas\Desktop\Cam tubing.jpg
[2012/02/12 13:44:57 | 000,360,586 | ---- | C] () -- C:\Users\Ahokas\Desktop\IMG_6147.JPG
[2012/02/12 13:41:14 | 001,049,059 | ---- | C] () -- C:\Users\Ahokas\Desktop\Troop photo2.jpg
[2012/02/12 13:40:38 | 001,011,552 | ---- | C] () -- C:\Users\Ahokas\Desktop\Cam and troop.jpg
[2012/02/12 13:36:34 | 000,455,811 | ---- | C] () -- C:\Users\Ahokas\Desktop\Cam Ben snow angels.jpg
[2012/02/12 13:06:47 | 000,001,338 | ---- | C] () -- C:\Users\Ahokas\Desktop\TUBING Gunstock- Shortcut.lnk
[2012/02/05 14:22:41 | 000,166,080 | ---- | C] () -- C:\Windows\Stable_7000.xml
[2012/02/05 14:22:41 | 000,024,097 | ---- | C] () -- C:\Windows\IA_STable_001.xml
[2012/02/05 14:22:41 | 000,012,045 | ---- | C] () -- C:\Windows\buzzer.wav
[2012/02/05 14:22:41 | 000,001,922 | ---- | C] () -- C:\Windows\PCDStable_8100.xml
[2011/12/30 11:35:11 | 000,001,818 | ---- | C] () -- C:\Users\Ahokas\Desktop\Spotify.lnk
[2011/12/30 11:35:11 | 000,001,804 | ---- | C] () -- C:\Users\Ahokas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2011/12/30 06:38:16 | 000,001,059 | ---- | C] () -- C:\Users\Ahokas\Desktop\USAPhotoMaps.lnk
[2011/12/26 20:08:44 | 000,442,694 | ---- | C] () -- C:\Users\Ahokas\Desktop\GGtable.jpg
[2011/12/20 17:59:01 | 000,004,019 | ---- | C] () -- C:\Users\Ahokas\Documents\classlist.wpd
[2011/11/20 12:46:46 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/11/15 04:11:35 | 000,002,216 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2011/05/18 16:54:28 | 000,001,940 | ---- | C] () -- C:\Users\Ahokas\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/09 08:15:50 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/05/09 08:15:50 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2010/11/22 21:44:56 | 000,001,571 | ---- | C] () -- C:\Windows\Faxcpp1.ini
[2010/11/22 21:44:56 | 000,000,422 | ---- | C] () -- C:\Windows\Faxcpp.ini
[2010/11/22 21:43:40 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\Image32.dll
[2010/11/22 21:43:40 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\Png32.dll
[2010/11/22 21:43:40 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\Jpeg32.dll
[2010/11/22 21:43:40 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\Tga32.dll
[2010/11/22 21:43:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\Pcx32.dll
[2010/11/22 21:43:40 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\Twscan32.dll
[2010/10/30 21:07:46 | 000,030,424 | ---- | C] () -- C:\Windows\SysWow64\wrLZMA.dll
[2010/10/28 07:05:41 | 000,007,604 | ---- | C] () -- C:\Users\Ahokas\AppData\Local\Resmon.ResmonCfg
[2010/08/25 20:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/08/25 20:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/07/10 07:50:18 | 000,061,678 | ---- | C] () -- C:\Users\Ahokas\AppData\Roaming\PFP120JPR.{PB
[2010/07/10 07:50:18 | 000,012,358 | ---- | C] () -- C:\Users\Ahokas\AppData\Roaming\PFP120JCM.{PB
[2010/07/03 21:19:26 | 000,012,288 | ---- | C] () -- C:\Windows\DCEBoot64.exe
[2010/06/19 08:22:11 | 000,052,224 | ---- | C] () -- C:\Users\Ahokas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/19 07:04:41 | 000,001,150 | ---- | C] () -- C:\Users\Ahokas\AppData\Roaming\wklnhst.dat
[2010/06/14 20:11:23 | 000,000,848 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2010/06/13 10:17:23 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\iduninst.dll
[2010/06/13 10:16:27 | 001,213,440 | ---- | C] () -- C:\Windows\SysWow64\opengl.dll
[2010/06/13 10:16:25 | 000,315,904 | ---- | C] () -- C:\Windows\SysWow64\glu.dll
[2010/06/13 10:16:25 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\glut.dll
[2010/06/13 10:11:31 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2010/06/13 10:02:14 | 001,294,336 | ---- | C] () -- C:\Windows\SysWow64\MGIIpl2A6.dll
[2010/06/13 10:01:56 | 000,000,002 | ---- | C] () -- C:\Windows\PhotoSuite.ini
[2010/06/13 10:01:49 | 001,093,632 | ---- | C] () -- C:\Windows\SysWow64\MGIIpl2PX.dll
[2010/06/13 10:01:49 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\JPEGLIB.DLL
[2010/06/13 10:01:49 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\EnrouteStitch.dll
[2010/06/13 10:01:49 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\MGIIpl2.dll
[2010/06/13 10:01:49 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\CPUINF32.DLL
[2010/06/13 10:01:48 | 000,332,800 | ---- | C] () -- C:\Windows\SysWow64\FPXLIB.DLL
[2010/06/02 20:58:48 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat

< End of report >
  • 0

Advertisements

#2
WhiteHat
Posted 10 May 2012 - 11:44 AM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hello ReaMea and welcome to GeeksToGo :)

My nickname is WhiteHat and I'm going to help you fix your problem.

Please note that I'm currently in training and my posts have to be approved by an expert before I reply.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • Please do not try to fix anything without being asked
  • I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread.
  • I am currently reviewing your logs.


  • 0

#3
WhiteHat
Posted 10 May 2012 - 06:57 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
# Step 1 #

Please reopen Posted Image on your desktop.
  • Under the Posted Image box at the bottom, paste in the following

    :Commands
[CREATERESTOREPOINT]

:OTL
IE - HKCU\..\SearchScopes\{2AB1040D-0D52-46BE-BA54-6E09CDE355F5}: "URL" = http://search.aol.co...ionType=msie70a
O4 - HKCU..\Run: [Update] rundll32.exe "C:\Users\Ahokas\AppData\Roaming\AOL\AOL\hmlxkn.dll",DllRegisterServer File not found
[2012/05/09 18:01:36 | 000,302,592 | ---- | C] () -- C:\Users\Ahokas\Desktop\idtzzg6n.exe

:Commands
[EMPTYTEMP]
[EMPTYFLASH]
  • Then click the Posted Image button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


# Step 2 #

  • Open OTL.exe
  • Click in the button Posted Image
  • Now on the Box Extra Registry, click in Use safe list
  • Next, click in the button Posted Image
  • It will be generated a log with a name Extras.txt. Post this log.



# Step 3 #

Download aswMBR.exe ( 4.8mb ) to your desktop.

Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#4
ReaMea
Posted 11 May 2012 - 05:56 AM

ReaMea

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
OK, Was able to get steps 1 and 2 completed. Will run step 3 (aswMBR) when I get back from work tonight.
Meanwhile here is the first requested log from OTL.

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2AB1040D-0D52-46BE-BA54-6E09CDE355F5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2AB1040D-0D52-46BE-BA54-6E09CDE355F5}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Update deleted successfully.
C:\Users\Ahokas\Desktop\idtzzg6n.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Ahokas
->Temp folder emptied: 479728 bytes
->Temporary Internet Files folder emptied: 279532399 bytes
->Java cache emptied: 44401032 bytes
->FireFox cache emptied: 1081326244 bytes
->Google Chrome cache emptied: 6343848 bytes
->Flash cache emptied: 8253789 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 113930375 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 84860 bytes
RecycleBin emptied: 3422115395 bytes

Total Files Cleaned = 4,727.00 mb


[EMPTYFLASH]

User: Ahokas
->Flash cache emptied: 0 bytes

User: All Users

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.42.3 log created on 05112012_065632

Files\Folders moved on Reboot...
C:\Users\Ahokas\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Ahokas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TLA69FT1\ads[1].htm moved successfully.
C:\Users\Ahokas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\TLA69FT1\monopop[1].mp3 moved successfully.
C:\Users\Ahokas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KK858XMA\317771-hmlxkndll-slow-internet-trojanagentgmagen[1].htm moved successfully.
C:\Users\Ahokas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KK858XMA\ads[2].htm moved successfully.
C:\Users\Ahokas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B12VE6D6\fastbutton[1].htm moved successfully.
C:\Users\Ahokas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\B12VE6D6\storage[1].htm moved successfully.
C:\Users\Ahokas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\49SA7556\ads[1].htm moved successfully.
C:\Users\Ahokas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Ahokas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.

Registry entries deleted on Reboot...
  • 0

#5
ReaMea
Posted 11 May 2012 - 05:59 AM

ReaMea

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Here is the log from step #2.
Extra.txt
OTL Extras logfile created on: 5/11/2012 7:31:08 AM - Run 2
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\Ahokas\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.89 Gb Total Physical Memory | 5.23 Gb Available Physical Memory | 66.32% Memory free
15.78 Gb Paging File | 13.42 Gb Available in Paging File | 85.04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 745.22 Gb Total Space | 558.26 Gb Free Space | 74.91% Space Free | Partition Type: NTFS
Drive D: | 1101.79 Gb Total Space | 788.93 Gb Free Space | 71.61% Space Free | Partition Type: NTFS
Drive L: | 149.01 Gb Total Space | 5.07 Gb Free Space | 3.40% Space Free | Partition Type: FAT32
Drive X: | 931.51 Gb Total Space | 317.94 Gb Free Space | 34.13% Space Free | Partition Type: NTFS

Computer Name: ASUS_DESKTOP | User Name: Ahokas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0031E739-7535-4F76-B7DF-0773E2531816}" = rport=139 | protocol=6 | dir=out | app=system |
"{0FEB6A8E-4025-4858-9792-5174289149D2}" = lport=139 | protocol=6 | dir=in | app=system |
"{1A7C7005-E3D9-4B98-907A-26BBD4B744D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1DFAAE4B-83DD-45D5-9D14-6CB41EDCDE19}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38B27DB5-90D7-4347-A977-ACEB76790ACF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3E018E8D-288E-4114-9B18-6077F012F1A9}" = lport=138 | protocol=17 | dir=in | app=system |
"{40ECC61A-905D-4581-BDF4-F5246A4F47A4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{51FDF689-7542-4AE4-A12C-84FE4FBBA78A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5F1E3154-689E-4C7D-8757-5853F2595249}" = rport=10243 | protocol=6 | dir=out | app=system |
"{605F98F0-A4BB-4E36-BB1D-F68A9DC6A9B5}" = rport=445 | protocol=6 | dir=out | app=system |
"{70456A9C-E4F3-4C2E-B9FA-693F788A8B03}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{72E4B745-8995-493E-9C2E-FD8F4886D21B}" = rport=137 | protocol=17 | dir=out | app=system |
"{7F4431D2-9DDC-4D87-B325-A53EAB5022D5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8644BDF5-D4DD-463C-8ABB-1F6FC02B95E5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9CF1E58F-913E-4108-86D4-0B24E39E6FBD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9DE84A01-0F00-4C68-BCAB-1890BEF7F884}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A0DC448D-9B4B-4D5B-8317-383379F92D0B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AC3DA486-B3DE-410A-B738-022BE5D6B83C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ACD5AB2A-DA42-48A2-92FD-BB21AD802993}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B34224EA-D45F-430B-8104-918BCD0CCC86}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B4A6C0E4-027C-4164-B4EC-D5C6CD873E6F}" = lport=137 | protocol=17 | dir=in | app=system |
"{B97D9E9E-AEA8-4A33-A799-7C6AC14D94C4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BAAEDF10-43B6-4F34-987A-71555B02BDFB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C0D76D35-4551-48CF-B9CF-90A2DD5AD605}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DF78A83E-B0CD-4FDB-812A-2BAD43BBB261}" = rport=138 | protocol=17 | dir=out | app=system |
"{FA210073-48EB-418B-8193-D3F8B9542D6B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{FA7D1FB7-61DD-4382-BFC3-1A6A4231F487}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01067349-8273-42B8-A924-B1A321B55EC6}" = dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe |
"{015D3278-63D2-4BE5-8E73-83C753C13EBA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{03F20FEB-9347-4149-8713-E4A5BA43A6C3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{04C73178-9241-4EAB-92E0-CE5BEFEA14BA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{0C3FA94C-0DA7-4F33-84AA-50BC38FF42DB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{0D39DBD2-CA85-4CFB-BD97-B9D781826E82}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{14D83749-EBA8-40B6-8DF3-6B0FEDDE392C}" = protocol=58 | dir=out | [email protected],-28546 |
"{1A587912-E3AA-4F63-9974-2370256B925D}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{1C64EBC1-DCDA-4FB9-96D1-BC97DFFB6925}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1E29A2CC-F49D-41F6-A252-1F2BB9A8780E}" = protocol=6 | dir=out | app=system |
"{1F67B8E1-2A48-4B50-99C2-3903F8746318}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{21498752-1171-4DF8-BA0A-DD8172FAFB13}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{21F4C3C9-2B37-4232-B624-1A1881FA6DB7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{2A9173E0-2D96-4750-BF6B-F2417C8EEC9A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{301D8FA0-10E8-4B2B-8C56-0BDB5F378200}" = protocol=1 | dir=in | [email protected],-28543 |
"{337C2E3A-C033-4262-B75F-2FF6506990C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{377D22D5-0276-4A51-B606-9D1D639AA662}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{3CF0DEDC-7DEA-4B0B-954A-6CFC4F9E17E1}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1275526946\ee\aolsoftware.exe |
"{3ECCC77E-4F03-4178-953A-DEEC98978557}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{46C99DA1-9E3D-40F9-B7FD-FBB1FF269F2F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{46D7F0F2-71F9-4310-BBDC-9461ABA17A5C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{474A682E-12F6-42BF-B3C0-977234D12134}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{490C915D-C714-4DF2-A3E3-762CEC5AE390}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{52461960-B056-45B0-9201-CCA5EAE49852}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{55A954D5-56F3-459C-96BA-5DB6695E8019}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{659B77F0-04A9-4962-962F-70B6880C0A67}" = protocol=1 | dir=out | [email protected],-28544 |
"{65E388AE-BDD7-4C75-8B5D-45958D80CE63}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{7AA4812E-BAED-417A-AF31-FDDEE5E11655}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{8E633E85-77A2-4C6A-8DF8-EBC124753EDE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A103B718-6927-4072-B46B-66FE5778043C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A23A9BF1-0122-4EC7-9062-2E05E4D42C13}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{A7B3BAEE-CA14-46D8-BC9E-AB3411B430A8}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{A8E1A748-24BD-4B92-B929-69663B1711C0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A98DE5E3-2505-4D69-AAE9-59588526E98B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AC61536B-9F45-48CB-8D55-F8CB495017C8}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B4365E4C-DCB4-4E69-9F16-4F6329DFEE8E}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{B6FDBC7A-C361-4F53-9B07-6D9C3D3B13AB}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{BC41145F-5E65-45ED-9596-40A93B765C64}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C1570AA2-A9D0-4901-94FF-472A97F3F878}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1275526946\ee\aolsoftware.exe |
"{C1DE1D7E-9F2E-4653-9C17-53CB4B1FE6A3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C3FA408B-83CD-46B6-B902-7BBD83443AAD}" = protocol=58 | dir=in | [email protected],-28545 |
"{CCEDE930-588C-40A6-B359-9F256F203E17}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{DAA26B07-FED1-4AD8-8D33-007916CEC789}" = dir=in | app=c:\program files (x86)\leapfrog\leapfrog connect\leapfrogconnect.exe |
"{DB1EE0FC-1274-4F47-98E6-68DF41426562}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E74921C5-28CB-428A-92B2-938286DC723D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E8B59F63-241A-4FCE-8451-E4F5FE1925A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F9786F8F-6B00-40B3-B520-D98E40B9B115}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FB1E0403-7DB3-488B-9564-0E93B1875100}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FBD4CAF2-5F59-46A2-BC9D-4A33AC7C57A3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{B576C83F-FA4B-4B3F-BD7E-6F4B3F73671F}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{E7D8C736-C554-4DAB-ABF2-059ABF78CA54}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{7A8AA43C-6914-4FBC-93F8-BB662B0BE715}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{BE5C222E-7F18-4A28-8047-B8B45FD44390}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series" = Canon iP4900 series Printer Driver
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807" = CanoScan LiDE 200 Scanner Driver
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}" = Windows Mobile Device Updater Component
"{41BC9E31-0D39-462E-8E4C-767B21A3B1C3}" = MobileMe Control Panel
"{563F041C-DFDB-437B-A1E8-E141E0906076}" = Microsoft IntelliPoint 8.0
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2007
"{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes
"{D1829BE5-F305-4576-9593-C66FC7E0B008}" = iCloud
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"52EA5D99DCEB8CB881BB2FEC99D398A50B4AA424" = Windows Driver Package - Escort, Inc. (usbser) Ports (10/27/2010 1.0.0.0)
"781745E87AFF80C0C1388CFF79D19ECAB2E9BB47" = Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)
"8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D" = Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Zune" = Zune

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00170409-78E1-11D2-B60F-006097C998E7}" = Microsoft Word 2000
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E13CAA3-B5FC-48C0-AA4A-26F5CD0C371C}" = Garmin Lifetime Updater
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A22A15D-E88A-427A-90E2-137245143239}" = Garmin Lifetime Updater
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 24
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{30673869-977C-45B1-9D00-D6C1F630C5C9}" = DetectorTools
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}" = AI Manager
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7148F0A8-6813-11D6-A77B-00B0D0142190}" = Java 2 Runtime Environment, SE v1.4.2_19
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{83664F96-BA4C-4F1D-BF13-A16E70F66F04}" = BC898T_SS
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = PhotoStudio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8E9976D2-E563-43DE-A51F-5AEBC38D1F08}" = Ad-Aware
"{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_HOMESTUDENTR_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_HOMESTUDENTR_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0413-1000-0000000FF1CE}_HOMESTUDENTR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0C0A-1000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0413-0000-0000000FF1CE}_HOMESTUDENTR_{1D12BC91-360E-424C-97C4-813651313660}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2007
"{90120000-00A1-0413-0000-0000000FF1CE}_HOMESTUDENTR_{26257879-B20D-4D30-A429-B387A4890929}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC30CF7C-2D62-4910-9147-3EC8EA5EB6D1}" = Angry Birds
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{BC4174D1-7970-40E6-AC57-F095F961FB08}" = HTC Sync
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard
"{C6359569-E03E-4CDC-98E8-CDD080C6EEB5}" = LeapFrog Connect
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E08EC542-BC5F-4F26-BBB9-E426BA007A31}" = OneTouch USB Driver
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E51FFEFB-68E2-4516-B293-35DC83B9767E}" = LeapFrog Tag Plugin
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2A056D9-54B2-4F2B-8DD8-A42A73D1E5E7}" = OneTouch Software
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"am-gamehousesudokuunlimited" = GameHouse Sudoku Unlimited
"AnswerWorks" = AnswerWorks Runtime
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
"CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
"Canon CanoScan LiDE 200 User Registration" = Canon CanoScan LiDE 200 User Registration
"Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
"Canon iP4900 series On-screen Manual" = Canon iP4900 series On-screen Manual
"Canon iP4900 series User Registration" = Canon iP4900 series User Registration
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CEIVA Sender_is1" = CEIVA Sender
"Corel Applications" = Corel Applications
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Digital Editions" = Adobe Digital Editions
"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX
"Free Audio Converter_is1" = Free Audio Converter version 2.2.16.324
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Intel AppUp(SM) center 19079" = Intel AppUp(SM) center
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 12.0 (x86 en-US)" = Mozilla Firefox 12.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"N360" = Norton Security Suite
"PhotoStitch" = Canon Utilities PhotoStitch
"Rapport_msi" = Rapport
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
"ST6UNST #1" = Golf League Recorder v2.96
"TagPlugin" = Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin)
"Uninstall_is1" = Uninstall 1.0.0.1
"UPCShell" = LeapFrog Connect
"USAPhotoMaps" = USAPhotoMaps (remove only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite" = Windows Live Essentials
"YTdetect" = Yahoo! Detect
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4E002314-9999-4402-9823-1CB9E6098849}_is1" = Shopping InContext
"Sansa Updater" = Sansa Updater
"Spotify" = Spotify
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/22/2012 8:32:14 PM | Computer Name = Asus_Desktop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: Flash11g.ocx, version: 11.1.102.63,
time stamp: 0x4f4c398c Exception code: 0xc0000005 Fault offset: 0x0016f528 Faulting
process id: 0x1284 Faulting application start time: 0x01cd20decc86e8a7 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\Macromed\Flash\Flash11g.ocx Report Id: c57139f8-8cdb-11e1-b8c5-00038a000015

Error - 4/23/2012 9:49:07 AM | Computer Name = Asus_Desktop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: jvm.dll, version: 19.1.0.2, time stamp:
0x4d4a3fae Exception code: 0xc0000005 Fault offset: 0x000c87b2 Faulting process id:
0x1100 Faulting application start time: 0x01cd215506902bb6 Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: C:\PROGRA~2\Java\jre6\bin\client\jvm.dll
Report
Id: 18287d46-8d4b-11e1-b8c5-00038a000015

Error - 4/24/2012 12:38:06 PM | Computer Name = Asus_Desktop | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2448 Start
Time: 01cd2238891512f2 Termination Time: 12 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 4/25/2012 12:34:47 AM | Computer Name = Asus_Desktop | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 4/28/2012 12:34:43 AM | Computer Name = Asus_Desktop | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 4/28/2012 9:43:40 PM | Computer Name = Asus_Desktop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: Flash11g.ocx, version: 11.1.102.63,
time stamp: 0x4f4c398c Exception code: 0xc0000005 Fault offset: 0x0016f528 Faulting
process id: 0x1d2c Faulting application start time: 0x01cd259eb6f03cae Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\Macromed\Flash\Flash11g.ocx Report Id: beba64ed-919c-11e1-b8c5-00038a000015

Error - 4/29/2012 9:25:55 AM | Computer Name = Asus_Desktop | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 2018 Start
Time: 01cd2602b9fb2fad Termination Time: 30 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id: d509f997-91fe-11e1-b8c5-00038a000015

Error - 5/1/2012 12:34:04 AM | Computer Name = Asus_Desktop | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 5/1/2012 9:17:48 AM | Computer Name = Asus_Desktop | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: jvm.dll, version: 19.1.0.2, time stamp:
0x4d4a3fae Exception code: 0xc0000005 Fault offset: 0x000c87b2 Faulting process id:
0x22f4 Faulting application start time: 0x01cd2796452d4277 Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: C:\PROGRA~2\Java\jre6\bin\client\jvm.dll
Report
Id: 0babac49-9390-11e1-b8c5-00038a000015

Error - 5/2/2012 12:34:14 AM | Computer Name = Asus_Desktop | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

[ System Events ]
Error - 5/9/2012 10:51:56 PM | Computer Name = Asus_Desktop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 5/9/2012 10:51:56 PM | Computer Name = Asus_Desktop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 5/9/2012 10:51:56 PM | Computer Name = Asus_Desktop | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1068

Error - 5/9/2012 10:51:57 PM | Computer Name = Asus_Desktop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 5/9/2012 10:51:57 PM | Computer Name = Asus_Desktop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 5/9/2012 10:51:57 PM | Computer Name = Asus_Desktop | Source = Service Control Manager | ID = 7001
Description = The Computer Browser service depends on the Server service which failed
to start because of the following error: %%1068

Error - 5/9/2012 11:03:04 PM | Computer Name = Asus_Desktop | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.

Error - 5/11/2012 6:56:32 AM | Computer Name = Asus_Desktop | Source = Service Control Manager | ID = 7034
Description = The Rapport Management Service service terminated unexpectedly. It
has done this 1 time(s).

Error - 5/11/2012 7:29:22 AM | Computer Name = Asus_Desktop | Source = Service Control Manager | ID = 7022
Description = The Windows Defender service hung on starting.

Error - 5/11/2012 7:31:54 AM | Computer Name = Asus_Desktop | Source = Service Control Manager | ID = 7022
Description = The Windows Update service hung on starting.


< End of report >
  • 0

#6
ReaMea
Posted 11 May 2012 - 04:40 PM

ReaMea

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Hi WhiteHat,

Here is the last log you requested: aswMBR.TXT

When aswMBR.exe started it popped up a box asking if I wanted to download and install avast! free antivirus.
I selected NO as you did not instruct me to do so. If I should have answered yes I can rerun it and do that. Let me know if that's what you want me to do.

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-11 18:08:34
-----------------------------
18:08:34.834 OS Version: Windows x64 6.1.7601 Service Pack 1
18:08:34.834 Number of processors: 4 586 0x2502
18:08:34.834 ComputerName: ASUS_DESKTOP UserName: Ahokas
18:08:41.994 Initialize success
18:10:02.795 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:10:02.795 Disk 0 Vendor: Hitachi_HDS5C3020ALA632 ML6OA5C0 Size: 1907729MB BusType: 3
18:10:02.826 Disk 0 MBR read successfully
18:10:02.826 Disk 0 MBR scan
18:10:02.826 Disk 0 unknown MBR code
18:10:02.826 Disk 0 Partition 1 00 1B Hidd FAT32 NTFS 16394 MB offset 63
18:10:02.842 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 763103 MB offset 33575850
18:10:02.857 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 1128228 MB offset 1596411180
18:10:02.920 Disk 0 scanning C:\Windows\system32\drivers
18:10:20.080 Service scanning
18:10:58.331 Modules scanning
18:10:58.331 Disk 0 trace - called modules:
18:10:58.347 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
18:10:58.347 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007dc7790]
18:10:58.362 3 CLASSPNP.SYS[fffff8800119f43f] -> nt!IofCallDriver -> [0xfffffa8007aba580]
18:10:58.362 5 ACPI.sys[fffff88000f137a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007ac0060]
18:10:58.362 Scan finished successfully
18:27:49.824 Disk 0 MBR has been saved successfully to "C:\Users\Ahokas\Desktop\MBR.dat"
18:27:49.824 The log file has been saved successfully to "C:\Users\Ahokas\Desktop\aswMBR.txt"


Thanks for working on this.
  • 0

#7
WhiteHat
Posted 12 May 2012 - 12:53 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Posted Image Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be
    prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.


Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2
prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#8
ReaMea
Posted 14 May 2012 - 06:27 AM

ReaMea

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Good morning Whitehat,

Sorry for the delay. At this point it is almost impossible to get an internet connection. When I do pages only half load, don't load, don't load but don't time out (weird), etc.

Had some problems with the malwarebytes. A couple download attempts resulted in execution errors "corrupt file" and "not a valid win32 app". I tried safe mode, run as administrater. No luck. Had to download at a friends house to get a good version. It installed okay.
Malwarebytes could not do the updates. I have run it without. The log is below. I have downloaded the manual update here at work and will install tonight when I get home.

I've become concerned that I may have a hardware issue with the modem at this point. Nothing connects anymore. I have rebooted the modem several times. I takes an awful long time to resync. Sometimes the "ready" light doesn't go steady (as it should) for over an hour. Sometimes after being on steady I will look over and it is off. May be a modem issue or it may be that Comcast is blocking my access now due to high volume from the IP. Will try and contact them today. They are hard to deal with if you are not sitting in front of the computer.

Bottom line is, please bear with me. I'm doing all I can to execute your instructions.

Thanks


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.04.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ahokas :: ASUS_DESKTOP [administrator]

5/13/2012 12:45:24 PM
mbam-log-2012-05-13 (21-04-50).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 1239272
Time elapsed: 7 hour(s), 57 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 6
C:\Old DELL Comp\c\Entire old drive\games\DOOM2WAD\NEW\FIRE3.EXE (Trojan.BHO) -> No action taken.
C:\Old DELL Comp\c\Entire old drive\New Folder\games\DOOM2WAD\NEW\FIRE3.EXE (Trojan.BHO) -> No action taken.
C:\Old DELL Comp\c\Entire old drive\New Folder\WINDOWS\SYSTEM\HLINK.DLL (Trojan.FakeMS) -> No action taken.
X:\Ahokas_Backup\2010-11-13_07-21-28\Memeo\2010-11-13_07-21-28\C_\Old DELL Comp\c\Entire old drive\games\DOOM2WAD\NEW\FIRE3.EXE (Trojan.BHO) -> No action taken.
X:\Ahokas_Backup\2010-11-13_07-21-28\Memeo\2010-11-13_07-21-28\C_\Old DELL Comp\c\Entire old drive\New Folder\games\DOOM2WAD\NEW\FIRE3.EXE (Trojan.BHO) -> No action taken.
X:\Ahokas_Backup\2010-11-13_07-21-28\Memeo\2010-11-13_07-21-28\C_\Old DELL Comp\c\Entire old drive\New Folder\WINDOWS\SYSTEM\HLINK.DLL (Trojan.FakeMS) -> No action taken.

(end)
  • 0

#9
ReaMea
Posted 15 May 2012 - 06:06 AM

ReaMea

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Hi Whitehat,

I got the manual update for malwarebytes done. I reran the scan last night. Here is the log.
I am no longer able to get an internet connection at all anymore.
Comcast is coming tonight to look at whether or not there is a modem issue.

thanks for helping.
Next suggestion?

ReaMea


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.07.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Ahokas :: ASUS_DESKTOP [administrator]

5/14/2012 7:11:16 PM
mbam-log-2012-05-14 (19-11-16).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 700689
Time elapsed: 4 hour(s), 6 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#10
WhiteHat
Posted 15 May 2012 - 02:16 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi ReaMea,

Your computer looks like clean and appears that the problem is with the modem. Let's wait until Comcast check the modem.
Please download Farbar Service Scanner and run it on the computer.
Posted Image
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

  • 0

#11
ReaMea
Posted 15 May 2012 - 05:22 PM

ReaMea

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Hi Whitehat,

Here is the log from FSS.exe

Comcast came tonight and replaced the modem. Connection is good right now.
I will see if there are any problems with slowness and redirects over the next day or two.

Glad to hear you don't see anything in the system. That DLL had me worried. Maybe just coincidence that it started as the modem was failing.

FSS.TXT
Farbar Service Scanner Version: 11-05-2012
Ran by Ahokas (administrator) on 15-05-2012 at 19:13:27
Running from "C:\Users\Ahokas\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
  • 0

#12
WhiteHat
Posted 16 May 2012 - 06:48 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean

The following will implement some cleanup procedures as well as reset System Restore points:

Remove OTL:

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • (If you use Windows 7/Vista)
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

  • (If you use Windows XP)
  • Go to Start > All Programs > Acessories > System Tools > System Restore.
  • Select the option Create a restore point and click in Next.
  • Type in a name i.e. Clean
  • Select Create



Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place??

Keep safe.
  • 0

#13
ReaMea
Posted 18 May 2012 - 06:59 AM

ReaMea

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Hi Whitehat,

Everything seems to be running fine now.
Thanks for all your help.

Have a wonderful day.

ReaMea

PS. I assume YOU close the thread, not me.
  • 0

#14
Essexboy
Posted 18 May 2012 - 12:37 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP