Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

lost disk space


  • Please log in to reply

#1
lasallian

lasallian

    New Member

  • Member
  • Pip
  • 1 posts
hi,

i'm not so sure when the problem started or how i got it but here's a background of what i've experienced and all that i know about it: before, i used to use up most of the space in my hard drive leaving up to as little as 500MB of free disk space from drive C: which has a total of 137GB (partitioned by Compaq). i had no problems then because whenever i needed more space for files i'd simply delete files i've burned or don't need anymore. the files that use the most amount of space are media files so they're harmless. however, i would notice from time to time that my free space jumps from lets say 1GB to 2-3GB. I'd notice that whenever my laptop runs out of battery or when it suddenly turns itself off because of the heat. most of the time, i do not shut down but instead i just put my laptop to sleep for faster opening since there's no need to boot up my system (is this okay or do i have to make a habit of shutting down?). anyway, i first noticed the problem saturday afternoon after installing the program Pinnacle VideoSpin as i needed to edit a video. I installed it since my windows movie maker has been crashing since friday afternoon, prior to friday, i've edited a lot of videos and it worked fine. i noticed that my free disk space was being eaten up at the rate of about 10MB per second. I saw it as i was about to render my video, the free space kept diminishing. i'd delete files and the virus would just end up eating it. i tried restarting my computer to no avail. i also tried turning it off without shutting down by pressing and holding the power button. there would be instances that i'd recover some GBs but never all that was lost. as last recourse, since i badly needed to finish my video, i'd restart my computer and open VideoSpin only. it would work at times although sometimes, after a few minutes, the virus activates for some reason and eats free space again; although sometimes it doesn't. when it does and i'm not rendering, i would turn off my laptop without shutting down since i was desperate to finish my video. it is only now that i had the chance to ask for help.

thanks in advance for the valuable assistance that you would so generously extend! Here is the log from OTL.txt and Extras.txt:

OTL.txt

OTL logfile created on: 11/01/2011 00:09:39 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Richard\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137.58 Gb Total Space | 0.76 Gb Free Space | 0.55% Space Free | Partition Type: NTFS
Drive D: | 11.47 Gb Total Space | 1.95 Gb Free Space | 16.97% Space Free | Partition Type: NTFS

Computer Name: RICHARD-PC | User Name: Richard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/11 00:04:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Richard\Downloads\OTL.exe
PRC - [2010/12/13 08:40:07 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010/12/13 08:39:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/12/13 08:39:54 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010/12/09 07:28:23 | 000,991,800 | ---- | M] (Google Inc.) -- C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010/10/16 02:18:45 | 000,134,808 | ---- | M] (Google Inc.) -- C:\Users\Richard\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
PRC - [2010/09/17 04:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/07/27 10:37:50 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files\PowerISO\PWRISOVM.EXE
PRC - [2009/05/26 21:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
PRC - [2008/10/29 14:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/08/22 13:33:08 | 001,691,648 | ---- | M] (Language Engineering Corporation, LLC) -- C:\Program Files\Power Translator 12\LogoMedia TranslateDotNet Server.exe
PRC - [2008/01/21 10:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/10/04 06:45:02 | 000,358,936 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/10/04 06:44:58 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe


========== Modules (SafeList) ==========

MOD - [2011/01/11 00:04:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Richard\Downloads\OTL.exe
MOD - [2010/08/31 23:39:57 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/12/13 08:40:07 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/12/13 08:39:54 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/08/22 13:33:08 | 001,691,648 | ---- | M] (Language Engineering Corporation, LLC) [Auto | Running] -- C:\Program Files\Power Translator 12\LogoMedia TranslateDotNet Server.exe -- (LEC TranslateDotNet Server)
SRV - [2008/01/21 10:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/04 06:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/03/06 00:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - [2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/07/27 10:43:18 | 000,058,908 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/06/22 19:38:24 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/06/22 19:26:06 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/07/22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/02/26 15:26:04 | 000,201,728 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/01/21 10:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 10:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 10:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 10:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 10:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 10:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 10:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 10:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 10:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 10:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/21 10:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 10:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 10:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 10:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 10:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 10:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 10:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 10:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 10:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 10:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 10:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 10:23:21 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/21 10:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 10:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/21 10:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 10:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 10:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 10:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/29 10:38:38 | 000,162,088 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/10/11 19:17:56 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/09/30 14:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/09/28 08:33:26 | 000,056,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2007/07/10 22:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 19:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 19:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 19:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/06/19 07:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/05/31 06:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2007/05/09 21:51:34 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/05/09 21:47:00 | 001,276,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2006/11/02 17:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 17:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 17:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 17:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 17:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 17:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 17:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 17:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 17:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 17:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 17:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 16:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 16:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 16:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 16:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 16:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 16:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 15:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 15:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 15:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/06/29 00:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\URLSearchHook: {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - C:\Program Files\BittorrentBar_ES\tbBitt.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.114116.info
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.114116.info
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook: {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - C:\Program Files\BittorrentBar_ES\tbBitt.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {91406bb3-8b2b-19eb-8609-9af6408ffb47}:4.6.6.8
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..keyword.URL: "http://search.yahoo....ch?fr=ffds1&p="


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/18 16:35:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/06 12:27:28 | 000,000,000 | ---D | M]

[2009/10/12 21:44:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Richard\AppData\Roaming\Mozilla\Extensions
[2009/10/12 21:44:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Richard\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/01/09 00:57:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions
[2010/03/20 00:12:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/09 01:00:31 | 000,000,000 | ---D | M] (BittorrentBar_ES Community Toolbar) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}
[2010/12/09 01:00:31 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions\[email protected]
[2010/12/12 11:04:19 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions\[email protected]
[2010/12/12 11:09:17 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions\[email protected]
[2009/10/09 14:34:35 | 000,002,255 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\searchplugins\askcom.xml
[2010/05/07 05:34:55 | 000,000,266 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\searchplugins\Search.xml
[2010/12/23 23:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/07 05:39:31 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{91406bb3-8b2b-19eb-8609-9af6408ffb47}
[2010/12/23 23:11:38 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/13 17:55:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/10/18 12:24:16 | 000,000,000 | ---D | M] (LEC Translation Toolbar) -- C:\PROGRAM FILES\POWER TRANSLATOR 12\ADDINS\LECTOOLBAR
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/08/25 03:10:36 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/08/25 03:10:36 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/08/25 03:10:36 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/08/25 03:10:36 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/19 05:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (BittorrentBar_ES Toolbar) - {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - C:\Program Files\BittorrentBar_ES\tbBitt.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (LEC) - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator 12\Applications\LEC IE Translation Extension.dll (Language Engineering Corporation, LLC)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BittorrentBar_ES Toolbar) - {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - C:\Program Files\BittorrentBar_ES\tbBitt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [cdloader] C:\Users\Richard\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Richard\Photos\Baler\Me\DSCN0265.JPG
O24 - Desktop BackupWallPaper: C:\Users\Richard\Photos\Baler\Me\DSCN0265.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/27 15:45:25 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 23:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{2448f4d4-3296-11df-854f-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\RESTORE\k-1-3542-4232123213-7676767-8888886\X0R.exe -- File not found
O33 - MountPoints2\{2448f4d4-3296-11df-854f-001eec6d1fa0}\Shell\open\command - "" = G:\RESTORE\k-1-3542-4232123213-7676767-8888886\X0R.exe -- File not found
O33 - MountPoints2\{7c3cdccc-9f55-11df-a587-fde3327dc6fc}\Shell\AutoRun\command - "" = G:\dupler\kromirani.exe -- File not found
O33 - MountPoints2\{7c3cdccc-9f55-11df-a587-fde3327dc6fc}\Shell\explore\command - "" = G:\dupler\\kromirani.exe -- File not found
O33 - MountPoints2\{7c3cdccc-9f55-11df-a587-fde3327dc6fc}\Shell\open\command - "" = G:\dupler\\kromirani.exe -- File not found
O33 - MountPoints2\{7cc0d5e0-f6f6-11df-a7c9-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{7cc0d5e0-f6f6-11df-a7c9-001eec6d1fa0}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{9328e565-9e16-11df-b8d5-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\opasna\veza.exe -- File not found
O33 - MountPoints2\{9328e565-9e16-11df-b8d5-001eec6d1fa0}\Shell\explore\command - "" = G:\opasna\\veza.exe -- File not found
O33 - MountPoints2\{9328e565-9e16-11df-b8d5-001eec6d1fa0}\Shell\open\command - "" = G:\opasna\\veza.exe -- File not found
O33 - MountPoints2\{9c065e0d-0877-11e0-b040-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{9c065e0d-0877-11e0-b040-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{a09ef8b9-cd33-11de-b777-001eec6d1fa0}\Shell\AUtoPLay\CommaND - "" = G:\ygwmqx.pif -- File not found
O33 - MountPoints2\{a09ef8b9-cd33-11de-b777-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\ygwmqx.pif -- File not found
O33 - MountPoints2\{a09ef8b9-cd33-11de-b777-001eec6d1fa0}\Shell\explOre\COmMand - "" = G:\ygwmqx.pif -- File not found
O33 - MountPoints2\{a09ef8b9-cd33-11de-b777-001eec6d1fa0}\Shell\open\cOmmanD - "" = G:\ygwmqx.pif -- File not found
O33 - MountPoints2\{c3f3e440-198b-11e0-902b-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{c3f3e440-198b-11e0-902b-001eec6d1fa0}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{d10ceac5-f04e-11df-a28a-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{d10ceac5-f04e-11df-a28a-001eec6d1fa0}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{e993b63f-f946-11de-851a-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{e993b63f-f946-11de-851a-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{e993b649-f946-11de-851a-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{e993b649-f946-11de-851a-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Launcher.exe -- File not found
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe -- File not found
O33 - MountPoints2\H\Shell\phone\command - "" = H:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/09 22:36:16 | 000,000,000 | ---D | C] -- C:\Users\Richard\Documents\My muvees
[2011/01/09 22:36:12 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Roaming\muvee Technologies
[2011/01/09 22:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/01/09 22:20:39 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Roaming\Avira
[2011/01/09 10:38:05 | 000,000,000 | ---D | C] -- C:\Users\Richard\Documents\Pinnacle VideoSpin
[2011/01/09 00:24:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle VideoSpin
[2011/01/09 00:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Yahoo!
[2011/01/09 00:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle VideoSpin
[2011/01/09 00:22:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2011/01/09 00:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2011/01/09 00:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2011/01/07 13:44:44 | 000,000,000 | ---D | C] -- C:\Users\Richard\Desktop\Sir Lito Video
[2011/01/06 22:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sun Broadband Wireless
[2011/01/06 22:01:18 | 000,112,128 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2011/01/06 22:01:18 | 000,102,912 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2011/01/06 22:01:18 | 000,100,736 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbdev.sys
[2011/01/06 22:01:18 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2011/01/06 22:00:17 | 000,000,000 | ---D | C] -- C:\Program Files\Sun Broadband Wireless
[2010/12/23 23:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2010/12/23 23:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/12/16 11:12:29 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Roaming\New Folder
[2010/12/12 11:04:24 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Local\TVU Networks
[2010/12/12 11:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2010/12/12 11:02:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\TVUAx
[1 C:\Users\Richard\Desktop\*.tmp files -> C:\Users\Richard\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/10 23:51:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/10 17:27:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/10 17:27:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/10 14:23:15 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1350581938-782372088-4264676105-1000UA.job
[2011/01/10 12:57:20 | 000,002,215 | ---- | M] () -- C:\Users\Richard\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/01/10 12:56:32 | 000,000,281 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011/01/10 12:30:17 | 000,120,320 | ---- | M] () -- C:\Users\Richard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/10 09:25:18 | 030,959,260 | ---- | M] () -- C:\Users\Richard\Desktop\MOV00278.AVI
[2011/01/10 09:24:16 | 010,708,640 | ---- | M] () -- C:\Users\Richard\Desktop\MOV00276.AVI
[2011/01/10 08:56:34 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011/01/10 08:56:18 | 000,005,972 | ---- | M] () -- C:\Users\Richard\AppData\Local\d3d9caps.dat
[2011/01/10 08:36:13 | 000,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/10 08:36:13 | 000,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/09 13:49:48 | 001,126,849 | ---- | M] () -- C:\Users\Richard\Desktop\Voltes V.mp3
[2011/01/09 08:01:08 | 078,499,042 | ---- | M] () -- C:\Users\Richard\Desktop\M4H01191.MP4
[2011/01/09 03:06:41 | 000,337,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/01/09 02:23:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1350581938-782372088-4264676105-1000Core.job
[2011/01/09 00:24:09 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle VideoSpin.lnk
[2011/01/06 22:01:36 | 000,000,932 | ---- | M] () -- C:\Users\Public\Desktop\Sun Broadband Wireless.lnk
[2010/12/25 09:59:49 | 000,002,361 | ---- | M] () -- C:\Users\Richard\Application Data\Microsoft\Internet Explorer\Quick Launch\Skype.lnk
[2010/12/16 11:33:20 | 001,669,176 | ---- | M] () -- C:\Users\Richard\Desktop\I Saw Mommy Kissing Santa Clause - Vilma Santos.mp3
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[1 C:\Users\Richard\Desktop\*.tmp files -> C:\Users\Richard\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/10 08:34:57 | 010,708,640 | ---- | C] () -- C:\Users\Richard\Desktop\MOV00276.AVI
[2011/01/10 08:34:39 | 030,959,260 | ---- | C] () -- C:\Users\Richard\Desktop\MOV00278.AVI
[2011/01/10 08:16:57 | 078,499,042 | ---- | C] () -- C:\Users\Richard\Desktop\M4H01191.MP4
[2011/01/09 13:49:48 | 001,126,849 | ---- | C] () -- C:\Users\Richard\Desktop\Voltes V.mp3
[2011/01/09 00:24:09 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle VideoSpin.lnk
[2011/01/09 00:18:45 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011/01/06 22:01:36 | 000,000,932 | ---- | C] () -- C:\Users\Public\Desktop\Sun Broadband Wireless.lnk
[2010/12/16 11:28:43 | 001,669,176 | ---- | C] () -- C:\Users\Richard\Desktop\I Saw Mommy Kissing Santa Clause - Vilma Santos.mp3
[2010/10/09 18:24:13 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/07/10 14:25:32 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\FnF4.txt
[2010/06/06 22:05:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/04/03 04:57:56 | 000,000,019 | ---- | C] () -- C:\Windows\D.ini
[2010/01/05 03:02:02 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/12/16 18:18:44 | 000,005,972 | ---- | C] () -- C:\Users\Richard\AppData\Local\d3d9caps.dat
[2009/10/13 13:57:43 | 000,000,138 | ---- | C] () -- C:\Users\Richard\AppData\Roaming\wklnhst.dat
[2009/10/07 08:32:17 | 000,120,320 | ---- | C] () -- C:\Users\Richard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/07 08:08:12 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\QSwitch.txt
[2009/10/07 08:08:12 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\DSwitch.txt
[2009/10/07 08:08:12 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\AtStart.txt
[2008/05/28 06:06:30 | 000,155,648 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2008/02/27 15:59:45 | 000,000,371 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007/08/20 20:34:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll
[2007/08/20 20:25:00 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/05/09 20:35:54 | 000,057,126 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2007/01/26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2006/11/02 20:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 15:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2011/01/09 21:48:20 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\BitTorrent
[2010/03/03 20:34:01 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Camfrog
[2011/01/09 16:11:35 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\FrostWire
[2009/10/11 20:54:07 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\funkitron
[2009/12/27 01:05:06 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Leadertech
[2010/06/11 01:51:57 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\mjusbsp
[2011/01/09 22:36:21 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\muvee Technologies
[2010/12/18 08:57:41 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\New Folder
[2010/11/27 14:35:26 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\OpenCandy
[2009/10/24 22:01:16 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\OpenOffice.org
[2009/10/13 13:57:47 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Template
[2011/01/10 00:10:10 | 000,032,570 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
SRV - [2010/12/13 08:40:07 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/12/13 08:39:54 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/08/22 13:33:08 | 001,691,648 | ---- | M] (Language Engineering Corporation, LLC) [Auto | Running] -- C:\Program Files\Power Translator 12\LogoMedia TranslateDotNet Server.exe -- (LEC TranslateDotNet Server)
SRV - [2008/01/21 10:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/04 06:45:02 | 000,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/03/06 00:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ewusbfake.sys -- (hwusbfake)
DRV - [2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/07/27 10:43:18 | 000,058,908 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/06/22 19:38:24 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/06/22 19:26:06 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/02/13 12:35:05 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/07/22 07:42:58 | 000,051,200 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/02/26 15:26:04 | 000,201,728 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/02/11 19:36:10 | 002,302,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/01/21 10:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 10:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 10:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 10:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 10:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 10:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 10:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 10:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 10:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 10:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/21 10:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 10:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 10:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 10:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 10:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 10:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 10:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 10:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 10:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 10:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 10:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 10:23:21 | 000,073,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/01/21 10:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 10:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/21 10:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 10:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 10:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 10:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/29 10:38:38 | 000,162,088 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/10/11 19:17:56 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/09/30 14:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007/09/28 08:33:26 | 000,056,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2007/07/10 22:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/20 19:29:56 | 000,984,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/06/20 19:28:34 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/06/20 19:28:22 | 000,660,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/06/19 07:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/05/31 06:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2007/05/09 21:51:34 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/05/09 21:47:00 | 001,276,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2006/11/02 17:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 17:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 17:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 17:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 17:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 17:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 17:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 17:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 17:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 17:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 17:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 16:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 16:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 16:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 16:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 16:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 16:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 15:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 15:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)
DRV - [2006/11/02 15:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)
DRV - [2006/06/29 00:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\URLSearchHook: {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - C:\Program Files\BittorrentBar_ES\tbBitt.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.114116.info
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.114116.info
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook: {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - C:\Program Files\BittorrentBar_ES\tbBitt.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo....ch?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: {91406bb3-8b2b-19eb-8609-9af6408ffb47}:4.6.6.8
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0
FF - prefs.js..keyword.URL: "http://search.yahoo....ch?fr=ffds1&p="


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/18 16:35:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/11/06 12:27:28 | 000,000,000 | ---D | M]

[2009/10/12 21:44:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Richard\AppData\Roaming\Mozilla\Extensions
[2009/10/12 21:44:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Richard\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/01/09 00:57:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions
[2010/03/20 00:12:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/09 01:00:31 | 000,000,000 | ---D | M] (BittorrentBar_ES Community Toolbar) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions\{ad06fb5f-fef7-4a84-8c58-dca34f8e3d36}
[2010/12/09 01:00:31 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions\[email protected]
[2010/12/12 11:04:19 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions\[email protected]
[2010/12/12 11:09:17 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\extensions\[email protected]
[2009/10/09 14:34:35 | 000,002,255 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\searchplugins\askcom.xml
[2010/05/07 05:34:55 | 000,000,266 | ---- | M] () -- C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pfvxql41.default\searchplugins\Search.xml
[2010/12/23 23:11:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/07 05:39:31 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files\Mozilla Firefox\extensions\{91406bb3-8b2b-19eb-8609-9af6408ffb47}
[2010/12/23 23:11:38 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/06/13 17:55:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/10/18 12:24:16 | 000,000,000 | ---D | M] (LEC Translation Toolbar) -- C:\PROGRAM FILES\POWER TRANSLATOR 12\ADDINS\LECTOOLBAR
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/08/25 03:10:36 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/08/25 03:10:36 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/08/25 03:10:36 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/08/25 03:10:36 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2006/09/19 05:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (BittorrentBar_ES Toolbar) - {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - C:\Program Files\BittorrentBar_ES\tbBitt.dll (Conduit Ltd.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (LEC) - {1DBAB667-A486-421e-AFE4-CF07DD0088E5} - C:\Program Files\Power Translator 12\Applications\LEC IE Translation Extension.dll (Language Engineering Corporation, LLC)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (BittorrentBar_ES Toolbar) - {ad06fb5f-fef7-4a84-8c58-dca34f8e3d36} - C:\Program Files\BittorrentBar_ES\tbBitt.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [cdloader] C:\Users\Richard\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Richard\Photos\Baler\Me\DSCN0265.JPG
O24 - Desktop BackupWallPaper: C:\Users\Richard\Photos\Baler\Me\DSCN0265.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/27 15:45:25 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 23:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{2448f4d4-3296-11df-854f-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\RESTORE\k-1-3542-4232123213-7676767-8888886\X0R.exe -- File not found
O33 - MountPoints2\{2448f4d4-3296-11df-854f-001eec6d1fa0}\Shell\open\command - "" = G:\RESTORE\k-1-3542-4232123213-7676767-8888886\X0R.exe -- File not found
O33 - MountPoints2\{7c3cdccc-9f55-11df-a587-fde3327dc6fc}\Shell\AutoRun\command - "" = G:\dupler\kromirani.exe -- File not found
O33 - MountPoints2\{7c3cdccc-9f55-11df-a587-fde3327dc6fc}\Shell\explore\command - "" = G:\dupler\\kromirani.exe -- File not found
O33 - MountPoints2\{7c3cdccc-9f55-11df-a587-fde3327dc6fc}\Shell\open\command - "" = G:\dupler\\kromirani.exe -- File not found
O33 - MountPoints2\{7cc0d5e0-f6f6-11df-a7c9-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{7cc0d5e0-f6f6-11df-a7c9-001eec6d1fa0}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{9328e565-9e16-11df-b8d5-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\opasna\veza.exe -- File not found
O33 - MountPoints2\{9328e565-9e16-11df-b8d5-001eec6d1fa0}\Shell\explore\command - "" = G:\opasna\\veza.exe -- File not found
O33 - MountPoints2\{9328e565-9e16-11df-b8d5-001eec6d1fa0}\Shell\open\command - "" = G:\opasna\\veza.exe -- File not found
O33 - MountPoints2\{9c065e0d-0877-11e0-b040-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{9c065e0d-0877-11e0-b040-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{a09ef8b9-cd33-11de-b777-001eec6d1fa0}\Shell\AUtoPLay\CommaND - "" = G:\ygwmqx.pif -- File not found
O33 - MountPoints2\{a09ef8b9-cd33-11de-b777-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\ygwmqx.pif -- File not found
O33 - MountPoints2\{a09ef8b9-cd33-11de-b777-001eec6d1fa0}\Shell\explOre\COmMand - "" = G:\ygwmqx.pif -- File not found
O33 - MountPoints2\{a09ef8b9-cd33-11de-b777-001eec6d1fa0}\Shell\open\cOmmanD - "" = G:\ygwmqx.pif -- File not found
O33 - MountPoints2\{c3f3e440-198b-11e0-902b-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{c3f3e440-198b-11e0-902b-001eec6d1fa0}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{d10ceac5-f04e-11df-a28a-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{d10ceac5-f04e-11df-a28a-001eec6d1fa0}\Shell\AutoRun\command - "" = H:\AutoRun.exe -- File not found
O33 - MountPoints2\{e993b63f-f946-11de-851a-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{e993b63f-f946-11de-851a-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\{e993b649-f946-11de-851a-001eec6d1fa0}\Shell - "" = AutoRun
O33 - MountPoints2\{e993b649-f946-11de-851a-001eec6d1fa0}\Shell\AutoRun\command - "" = G:\AutoRun.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Launcher.exe -- File not found
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\autorun.exe -- File not found
O33 - MountPoints2\H\Shell\phone\command - "" = H:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/09 22:36:16 | 000,000,000 | ---D | C] -- C:\Users\Richard\Documents\My muvees
[2011/01/09 22:36:12 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Roaming\muvee Technologies
[2011/01/09 22:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/01/09 22:20:39 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Roaming\Avira
[2011/01/09 10:38:05 | 000,000,000 | ---D | C] -- C:\Users\Richard\Documents\Pinnacle VideoSpin
[2011/01/09 00:24:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle VideoSpin
[2011/01/09 00:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Yahoo!
[2011/01/09 00:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle VideoSpin
[2011/01/09 00:22:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2011/01/09 00:22:42 | 000,000,000 | ---D | C] -- C:\Program Files\Pinnacle
[2011/01/09 00:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2011/01/08 22:41:57 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/01/08 22:41:57 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/01/08 22:41:52 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/01/08 22:41:51 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/01/08 22:41:51 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/01/08 22:37:19 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011/01/08 22:37:19 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011/01/08 22:37:19 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011/01/08 22:35:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011/01/08 22:33:25 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011/01/08 22:33:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011/01/08 22:32:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/01/08 22:32:20 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011/01/08 22:32:18 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011/01/08 22:32:16 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011/01/08 22:32:14 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011/01/08 22:30:59 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011/01/08 22:30:55 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011/01/08 22:30:55 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011/01/08 22:30:54 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011/01/08 22:30:49 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011/01/08 22:30:49 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011/01/08 22:30:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011/01/08 22:30:47 | 002,037,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/01/08 22:30:42 | 003,598,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/01/08 22:30:42 | 003,545,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/01/08 22:30:40 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011/01/08 22:30:29 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011/01/08 22:30:28 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011/01/08 22:30:24 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011/01/08 22:30:20 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011/01/08 22:30:11 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011/01/08 22:30:11 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011/01/08 22:30:09 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011/01/08 22:27:55 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011/01/07 13:44:44 | 000,000,000 | ---D | C] -- C:\Users\Richard\Desktop\Sir Lito Video
[2011/01/06 22:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sun Broadband Wireless
[2011/01/06 22:01:18 | 000,112,128 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2011/01/06 22:01:18 | 000,102,912 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2011/01/06 22:01:18 | 000,100,736 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbdev.sys
[2011/01/06 22:01:18 | 000,023,424 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
[2011/01/06 22:00:17 | 000,000,000 | ---D | C] -- C:\Program Files\Sun Broadband Wireless
[2010/12/23 23:08:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2010/12/23 23:08:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/12/16 11:12:29 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Roaming\New Folder
[2010/12/12 11:04:24 | 000,000,000 | ---D | C] -- C:\Users\Richard\AppData\Local\TVU Networks
[2010/12/12 11:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2010/12/12 11:02:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\TVUAx
[1 C:\Users\Richard\Desktop\*.tmp files -> C:\Users\Richard\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/10 23:51:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/10 17:27:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/10 17:27:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/10 14:23:15 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1350581938-782372088-4264676105-1000UA.job
[2011/01/10 12:57:20 | 000,002,215 | ---- | M] () -- C:\Users\Richard\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/01/10 12:56:32 | 000,000,281 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2011/01/10 12:30:17 | 000,120,320 | ---- | M] () -- C:\Users\Richard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/10 09:25:18 | 030,959,260 | ---- | M] () -- C:\Users\Richard\Desktop\MOV00278.AVI
[2011/01/10 09:24:16 | 010,708,640 | ---- | M] () -- C:\Users\Richard\Desktop\MOV00276.AVI
[2011/01/10 08:56:34 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011/01/10 08:56:18 | 000,005,972 | ---- | M] () -- C:\Users\Richard\AppData\Local\d3d9caps.dat
[2011/01/10 08:36:13 | 000,600,378 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/10 08:36:13 | 000,105,852 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/09 13:49:48 | 001,126,849 | ---- | M] () -- C:\Users\Richard\Desktop\Voltes V.mp3
[2011/01/09 08:01:08 | 078,499,042 | ---- | M] () -- C:\Users\Richard\Desktop\M4H01191.MP4
[2011/01/09 03:06:41 | 000,337,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/01/09 02:23:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1350581938-782372088-4264676105-1000Core.job
[2011/01/09 00:24:09 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\Pinnacle VideoSpin.lnk
[2011/01/06 22:01:36 | 000,000,932 | ---- | M] () -- C:\Users\Public\Desktop\Sun Broadband Wireless.lnk
[2010/12/25 09:59:49 | 000,002,361 | ---- | M] () -- C:\Users\Richard\Application Data\Microsoft\Internet Explorer\Quick Launch\Skype.lnk
[2010/12/16 11:33:20 | 001,669,176 | ---- | M] () -- C:\Users\Richard\Desktop\I Saw Mommy Kissing Santa Clause - Vilma Santos.mp3
[2010/12/13 08:40:21 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/12/13 08:40:21 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[1 C:\Users\Richard\Desktop\*.tmp files -> C:\Users\Richard\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/10 08:34:57 | 010,708,640 | ---- | C] () -- C:\Users\Richard\Desktop\MOV00276.AVI
[2011/01/10 08:34:39 | 030,959,260 | ---- | C] () -- C:\Users\Richard\Desktop\MOV00278.AVI
[2011/01/10 08:16:57 | 078,499,042 | ---- | C] () -- C:\Users\Richard\Desktop\M4H01191.MP4
[2011/01/09 13:49:48 | 001,126,849 | ---- | C] () -- C:\Users\Richard\Desktop\Voltes V.mp3
[2011/01/09 00:24:09 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\Pinnacle VideoSpin.lnk
[2011/01/09 00:18:45 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011/01/06 22:01:36 | 000,000,932 | ---- | C] () -- C:\Users\Public\Desktop\Sun Broadband Wireless.lnk
[2010/12/16 11:28:43 | 001,669,176 | ---- | C] () -- C:\Users\Richard\Desktop\I Saw Mommy Kissing Santa Clause - Vilma Santos.mp3
[2010/10/09 18:24:13 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/07/10 14:25:32 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\FnF4.txt
[2010/06/06 22:05:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/04/03 04:57:56 | 000,000,019 | ---- | C] () -- C:\Windows\D.ini
[2010/01/05 03:02:02 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/12/16 18:18:44 | 000,005,972 | ---- | C] () -- C:\Users\Richard\AppData\Local\d3d9caps.dat
[2009/10/13 13:57:43 | 000,000,138 | ---- | C] () -- C:\Users\Richard\AppData\Roaming\wklnhst.dat
[2009/10/07 08:32:17 | 000,120,320 | ---- | C] () -- C:\Users\Richard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/07 08:08:12 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\QSwitch.txt
[2009/10/07 08:08:12 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\DSwitch.txt
[2009/10/07 08:08:12 | 000,000,000 | ---- | C] () -- C:\Users\Richard\AppData\Local\AtStart.txt
[2008/05/28 06:06:30 | 000,155,648 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2008/02/27 15:59:45 | 000,000,371 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/02/11 19:55:18 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1437.dll
[2007/08/20 20:34:08 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1318.dll
[2007/08/20 20:25:00 | 000,910,720 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/05/09 20:35:54 | 000,057,126 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2007/01/26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\System32\mase32.dll
[2007/01/26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\System32\ma32.dll
[2006/11/02 20:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 15:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2011/01/09 21:48:20 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\BitTorrent
[2010/03/03 20:34:01 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Camfrog
[2011/01/09 16:11:35 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\FrostWire
[2009/10/11 20:54:07 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\funkitron
[2009/12/27 01:05:06 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Leadertech
[2010/06/11 01:51:57 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\mjusbsp
[2011/01/09 22:36:21 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\muvee Technologies
[2010/12/18 08:57:41 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\New Folder
[2010/11/27 14:35:26 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\OpenCandy
[2009/10/24 22:01:16 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\OpenOffice.org
[2009/10/13 13:57:47 | 000,000,000 | ---D | M] -- C:\Users\Richard\AppData\Roaming\Template
[2011/01/10 00:10:10 | 000,032,570 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Extras.txt

OTL Extras logfile created on: 11/01/2011 00:09:39 - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Richard\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 137.58 Gb Total Space | 0.76 Gb Free Space | 0.55% Space Free | Partition Type: NTFS
Drive D: | 11.47 Gb Total Space | 1.95 Gb Free Space | 16.97% Space Free | Partition Type: NTFS

Computer Name: RICHARD-PC | User Name: Richard | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Richard\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01CA4C70-B84A-412A-A500-A0FEE55BAFDA}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{07F0ED00-9FD9-4691-ACF1-14513B50A265}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{09EF94DC-ACB8-4E2D-B74E-8A2BD7C9154D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{0AAB0EEB-1A3E-4DD5-9E1C-5F5FAD548276}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{0BB13595-0C8E-4478-98B2-6369BA0075BD}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{152A25A7-DCB2-4DE9-8C34-5C9FCC4F3497}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{2A1A24FA-B14A-4329-987E-390D55A05FCC}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{334BAF4F-3B73-43FC-935E-EAD5967B3625}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{44EE0F8E-C0C0-415B-869D-20611EE14BC0}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{4FE4D9A3-39CD-4750-B8E7-786DEC4BF91E}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{55CD116B-EA0F-4362-8504-0AA152E3E208}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{5B535703-0B09-4DED-A613-3D9844E2E5F8}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{5C5AA271-E7A8-4DEA-A70F-35D9CE2CB120}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"{5E66FD85-E4DD-4282-A960-63A599574477}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{672AC032-C5E9-493D-BE16-2481831C30A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{70C37D40-BB13-4C3F-9637-F9C08D8EBAED}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{81FBA0B7-C4C1-4A00-87B7-191E02467DDB}" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{9354897F-8C3E-4632-8A49-449F2DCD1872}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{958C12FA-A07E-40EF-A505-262A46B5FA63}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\umi.exe |
"{996F017D-8C34-4359-A6DB-CEC12090C1D9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9D6B7519-1520-48FB-AF26-18D4E4DDEB8C}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{9F25A96E-EE9A-43F9-B7D7-647DC52B1E79}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{A3C10135-E470-4558-8DB6-A7127962A0AB}" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\rm.exe |
"{B3CF36D9-405C-4A85-A083-EAD92E2B16C1}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{CB8E5433-1536-41EA-9D39-63612E2C6842}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CDE283E3-5FBB-467F-8B7A-16055334E2F5}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{D7E43F3E-DC12-4ABA-AAF4-113C37F10B38}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DC8556BE-7202-420F-B169-40E21FAF90A1}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{E37A71E8-0068-4E00-8740-F064C7AC5D70}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{F9FB630B-C98E-450F-9BFB-01781D307F6A}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{07CB7BD9-57C2-4852-8653-6537A6BE6685}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{0E5CDFF0-7F0F-4594-B4F1-9FBCAB1AACAE}C:\users\richard\desktop\!call of duty 4 mw!\cod 4 mw\iw3mp.exe" = protocol=6 | dir=in | app=c:\users\richard\desktop\!call of duty 4 mw!\cod 4 mw\iw3mp.exe |
"TCP Query User{27EB7427-A927-4BC6-A3EE-108B9E5DFB49}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_85f4ebadf9e12f70\tva.exe" = protocol=6 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_85f4ebadf9e12f70\tva.exe |
"TCP Query User{2A934D26-EE3D-4D8C-88DA-866C9C990004}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"TCP Query User{2FB6D382-68C2-40FE-B4BC-720A015A7F75}C:\program files\pinnacle\videospin\programs\videospin.exe" = protocol=6 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"TCP Query User{396533D1-3C0D-4507-A914-F1A99A3E6A37}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{39AB1071-BA66-47D1-8323-D3243C9612FA}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"TCP Query User{445BB5A6-CEA6-439D-9D2E-BB7794E52BAF}C:\users\richard\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\richard\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{457E4507-9565-48BA-8366-BF3506E73026}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f3f75ed94d6e7124\tva.exe" = protocol=6 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f3f75ed94d6e7124\tva.exe |
"TCP Query User{4D482BE7-181B-4054-9FBC-49FB6DB2A267}C:\users\richard\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\richard\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{50C73EDA-EB74-4FEB-A057-729B9E237E76}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{56890D58-AA67-4459-BB62-454300A303F1}C:\users\richard\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\richard\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{56D108AA-E52F-4578-9E13-192A043437D0}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{5DBFDF72-767D-4210-991D-A6339143A422}C:\users\richard\documents\warcraft iii 1.24\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\users\richard\documents\warcraft iii 1.24\warcraft iii\war3.exe |
"TCP Query User{7D38D6C9-207E-43AE-B282-E8A24DD9A56C}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"TCP Query User{810AC6FC-3F8C-46F4-BDBC-E38817C98E47}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{8D26E61A-5AA0-4D8E-83D7-06E6DD1ACEAC}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{959DFACC-99AB-41A0-82BF-DDDAF8E0C0EE}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{A1793530-B297-49CB-A155-1A994D5DC278}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f3f75ed94d6e7124\tva.exe" = protocol=6 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f3f75ed94d6e7124\tva.exe |
"TCP Query User{A233BE74-FFC2-440B-8850-660DC5960192}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4b467b94a4\tva.exe" = protocol=6 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4b467b94a4\tva.exe |
"TCP Query User{A5FC78E8-3CC2-4433-87E6-7AF1AA1980A2}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4b467b94a4\tva.exe" = protocol=6 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4b467b94a4\tva.exe |
"TCP Query User{A84A4BB4-A173-4BD2-AF2A-6C93FD564B06}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{BE73BAA1-A426-47FB-BD8F-EDD8DC73D7DB}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4a45fc84e4\tva.exe" = protocol=6 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4a45fc84e4\tva.exe |
"TCP Query User{CC17BC03-A820-4037-BDA1-3A5D24B839C3}C:\program files\counter-strike 1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"TCP Query User{D3EAE0EC-08B4-4D42-8F54-13A788E574A3}C:\program files\heroes of newerth\hon.exe" = protocol=6 | dir=in | app=c:\program files\heroes of newerth\hon.exe |
"TCP Query User{D99642BF-7BC0-47CF-83DE-3BA625FA06EB}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{F21D34EB-A4BF-4854-9D1A-E5E1A04A810C}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{FB98FEBA-13D7-4136-AC73-813FEB4C769A}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=6 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"UDP Query User{0870067B-284D-4F54-83B7-2D2FA7513565}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"UDP Query User{1860696E-CF9C-4916-A64A-2F90DF5408A9}C:\program files\pinnacle\videospin\programs\videospin.exe" = protocol=17 | dir=in | app=c:\program files\pinnacle\videospin\programs\videospin.exe |
"UDP Query User{1B111C24-C0D2-42CA-9FF2-F2AD54E61A1D}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{1C4F8B3B-ABCF-432A-B4C1-3EDD961B1630}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{23C1C81B-D07C-4631-A41C-EE3020BE2AD5}C:\users\richard\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\richard\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{24FC4801-4F07-45A6-8164-765C421237D6}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{3B502674-A419-43E0-8848-6613B4945DE4}C:\users\richard\desktop\!call of duty 4 mw!\cod 4 mw\iw3mp.exe" = protocol=17 | dir=in | app=c:\users\richard\desktop\!call of duty 4 mw!\cod 4 mw\iw3mp.exe |
"UDP Query User{3C04E0EB-1015-4417-90CB-A18E6EB6FC22}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"UDP Query User{4C7651EA-4F41-4BFE-971F-254A7AC2A15E}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"UDP Query User{64572502-85C4-4708-8649-902117009E5F}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4b467b94a4\tva.exe" = protocol=17 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4b467b94a4\tva.exe |
"UDP Query User{75B718A0-CB3C-4238-9D8F-C0666A20166A}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{7BD854F2-F9C6-44FE-84E2-DC863B4F4087}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe" = protocol=17 | dir=in | app=c:\program files\camfrog\camfrog video chat\camfrog video chat.exe |
"UDP Query User{7D0AF222-23A1-4308-B620-E8BAC44624CD}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{7DA42E1E-E99D-46AB-BEF3-5AE31FDBB67C}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f3f75ed94d6e7124\tva.exe" = protocol=17 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f3f75ed94d6e7124\tva.exe |
"UDP Query User{7EB7AC9A-D621-44F0-AABD-DDECCF0CF62B}C:\users\richard\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\richard\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{7FD23F41-0E0B-4D21-A60C-F6DB96C2CF33}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f3f75ed94d6e7124\tva.exe" = protocol=17 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f3f75ed94d6e7124\tva.exe |
"UDP Query User{8026EEFE-5A59-414A-B763-28A8651BAF71}C:\program files\counter-strike 1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike 1.6\hl.exe |
"UDP Query User{8B59A504-8B8D-4BE6-92AD-D64540FBF72C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{A02CB904-9072-46D3-82D2-9B4430A860F3}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4b467b94a4\tva.exe" = protocol=17 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4b467b94a4\tva.exe |
"UDP Query User{A3228B92-111B-4E57-B342-18F06745C462}C:\users\richard\documents\warcraft iii 1.24\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\users\richard\documents\warcraft iii 1.24\warcraft iii\war3.exe |
"UDP Query User{B0A1AC56-00A4-4721-A82E-34FEA86B5E23}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{B6429600-DAC0-46FA-9D1F-0148F260A126}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_85f4ebadf9e12f70\tva.exe" = protocol=17 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_85f4ebadf9e12f70\tva.exe |
"UDP Query User{C1AA840F-537E-43EC-A602-49ACBE1CFDFD}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{D724554A-81E3-4B4D-BD0A-304CC49B43A1}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{D9393854-145A-4F1A-9686-420296FE0BFD}C:\program files\heroes of newerth\hon.exe" = protocol=17 | dir=in | app=c:\program files\heroes of newerth\hon.exe |
"UDP Query User{F35EE5A2-2831-4452-9754-AA6DB33D97A8}C:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4a45fc84e4\tva.exe" = protocol=17 | dir=in | app=c:\users\richard\appdata\local\apps\2.0\bbc6xoc7.vpn\8t7k5jy1.w03\pldt..tion_0169b297dc14e2e7_0001.0000_f4f57e4a45fc84e4\tva.exe |
"UDP Query User{F934E648-ECA6-4EA1-BD9A-E2A09BA261A2}C:\users\richard\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\richard\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{F9B66740-FA19-416B-BBC3-F6B13A2FA2F6}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{082F8ABA-84D5-4837-9DFC-F365D91A07D4}" = HP Smart Web Printing
"{0C123C63-84FD-4D13-96E7-EEB5C11893F2}" = LEC Translate
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 20
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 B2
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{3C79DC59-6099-323B-B27B-90B45542B270}" = Google Talk Plugin
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{AF2DE873-ECB3-4BF5-BA8D-6C61A0948DA5}" = SyQic Yoonic Engine - PLDT Watchpad
"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D7358B07-4F10-4014-9869-7999578BE8ED}" = HP User Guides 0093
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIM_6" = AIM 6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"BittorrentBar_ES Toolbar" = BittorrentBar_ES Toolbar
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"conduitEngine" = Conduit Engine
"Counter-Strike 1.6" = Counter-Strike 1.6
"DirectVobSub" = DirectVobSub (remove only)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"Fish Tycoon_is1" = Fish Tycoon
"FrostWire" = FrostWire 4.21.1
"Globe Broadband" = Globe Broadband
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"hon" = Heroes of Newerth
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"Patch SiteCS_is1" = Patch SiteCS
"PCDJ VJ" = PCDJ VJ
"PowerISO" = PowerISO
"Sun Broadband Wireless" = Sun Broadband Wireless
"sXe Injected" = sXe Injected
"TVWiz" = Intel® TV Wizard
"Veetle TV" = Veetle TV 0.9.17
"ViewpointMediaPlayer" = Viewpoint Media Player
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.0.2
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"b4257044c8ece2a5" = PLDT-WatchPad
"e9558ccd6b9790b9" = PLDT WatchPad
"Google Chrome" = Google Chrome
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 09/01/2011 19:37:26 | Computer Name = Richard-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 09/01/2011 19:46:23 | Computer Name = Richard-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 09/01/2011 19:46:23 | Computer Name = Richard-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 09/01/2011 19:46:30 | Computer Name = Richard-PC | Source = WinMgmt | ID = 10
Description =

Error - 09/01/2011 20:23:00 | Computer Name = Richard-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 09/01/2011 20:23:00 | Computer Name = Richard-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 09/01/2011 20:23:05 | Computer Name = Richard-PC | Source = WinMgmt | ID = 10
Description =

Error - 09/01/2011 20:56:17 | Computer Name = Richard-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 09/01/2011 20:56:17 | Computer Name = Richard-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 09/01/2011 20:56:25 | Computer Name = Richard-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 02/04/2010 00:35:43 | Computer Name = Richard-PC | Source = HTTP | ID = 15016
Description =

Error - 05/04/2010 09:35:59 | Computer Name = Richard-PC | Source = HTTP | ID = 15016
Description =

Error - 06/04/2010 19:51:53 | Computer Name = Richard-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.180 for the Network Card with network
address 001FE142CEC3 has been denied by the DHCP server 192.168.179.1 (The DHCP
Server sent a DHCPNACK message).

Error - 06/04/2010 19:54:40 | Computer Name = Richard-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.179.26 for the Network Card with network
address 001FE142CEC3 has been denied by the DHCP server 192.168.0.50 (The DHCP
Server sent a DHCPNACK message).

Error - 06/04/2010 19:56:10 | Computer Name = Richard-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001FE142CEC3. The following
error occurred: %%121. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.

Error - 08/04/2010 07:01:00 | Computer Name = Richard-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 11/04/2010 01:41:38 | Computer Name = Richard-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:13:09 PM on 4/10/2010 was unexpected.

Error - 11/04/2010 01:41:40 | Computer Name = Richard-PC | Source = HTTP | ID = 15016
Description =

Error - 12/04/2010 20:05:31 | Computer Name = Richard-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 10.5.52.104 for the Network Card with network
address 001FE142CEC3 has been denied by the DHCP server 192.168.179.1 (The DHCP
Server sent a DHCPNACK message).

Error - 12/04/2010 20:30:07 | Computer Name = Richard-PC | Source = Dhcp | ID = 1001
Description = Your computer was not assigned an address from the network (by the
DHCP Server) for the Network Card with network address 001FE142CEC3. The following
error occurred: %%1223. Your computer will continue to try and obtain an address
on its own from the network address (DHCP) server.


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP