Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

gHidPnp.Sys caused BSOD - possible malware


  • Please log in to reply

#1
pisa

pisa

    New Member

  • Member
  • Pip
  • 4 posts
I first posted about this in the Windows Vista and Windows7 forum and was redirected here.

Following is a copy of my original post
http://www.geekstogo..._gopid__2040144

I had the BSOD twice today on my laptop. I'm using Windows Vista 32-bit, SP2.

Here is the BSOD.txt file (created with Bluescreenview):

Dump File : Mini072211-02.dmp
Crash Time : 22/07/2011 12:35:19
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 0x90595fd8
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x9184b5b0
Caused By Driver : gHidPnp.Sys
Caused By Address : gHidPnp.Sys+25b0
File Description : Extended function Driver
Product Name : Upper Filter Driver
Company :
File Version : 1.2.0.0
Processor : 32-bit
Crash Address : ntkrnlpa.exe+4dfd9
Stack Address 1 : gHidPnp.Sys+25b0
Stack Address 2 : ntkrnlpa.exe+a721b
Stack Address 3 : USBPORT.SYS+8e0a
Computer Name :
Full Path : C:\Windows\Minidump\Mini072211-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 182,048
==================================================

==================================================
Dump File : Mini072211-01.dmp
Crash Time : 22/07/2011 06:42:10
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : 0xc7bc3250
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0x90ca15b0
Caused By Driver : gHidPnp.Sys
Caused By Address : gHidPnp.Sys+25b0
File Description : Extended function Driver
Product Name : Upper Filter Driver
Company :
File Version : 1.2.0.0
Processor : 32-bit
Crash Address : ntkrnlpa.exe+4dfd9
Stack Address 1 : gHidPnp.Sys+25b0
Stack Address 2 : ntkrnlpa.exe+a721b
Stack Address 3 : USBPORT.SYS+8e0a
Computer Name :
Full Path : C:\Windows\Minidump\Mini072211-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 6002
Dump File Size : 183,288
==================================================

Minidump.zip attached.

Also, each time I tried to use the search function today (from the Start Menu) Windows Explorer stopped working and restarted. I'm not sure if this problem is connected to the BSOD or not (I have Malwarebytes and DriverMax agent running).

Please advise.

Attached File(s)
Minidump.zip (56.41K)
Number of downloads: 2

End of original post.

I've been told that gHidPnp.Sys is probably malware. Malwarebytes couldn't detect it (I'm running the latest updated version). I have AVG but rarely run it, I don't trust it as it gives a lot of false positives.

OTL logs - there's only one user account on this computer:

OTL.txt
OTL logfile created on: 24/07/2011 09:19:59 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\VASY\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040D | Country: ישראל | Language: HEB | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.47 Gb Available Physical Memory | 23.38% Memory free
4.23 Gb Paging File | 2.33 Gb Available in Paging File | 55.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224.62 Gb Total Space | 100.18 Gb Free Space | 44.60% Space Free | Partition Type: NTFS
Drive D: | 8.27 Gb Total Space | 1.57 Gb Free Space | 18.96% Space Free | Partition Type: NTFS

Computer Name: VASY-PC | User Name: VASY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\VASY\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Windows\System32\Macromed\Flash\FlashUtil10t_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions)
PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\AVG\AVG10\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\DAP\DAP.exe (SpeedBit Ltd.)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
PRC - C:\Program Files\SMINST\BLService.exe ()
PRC - C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Genius\ioCentre\gKbdTask.exe ()
PRC - C:\Genius\ioCentre\gMouseTask.exe ()
PRC - C:\Genius\ioCentre\gDeskMgm.exe ()
PRC - C:\Genius\ioCentre\gTaskBar.exe ()
PRC - C:\Genius\ioCentre\gTaskSwitch.exe ()
PRC - C:\Genius\ioCentre\gZoom.exe ()
PRC - C:\Genius\ioCentre\gAutoPan.exe ()
PRC - C:\Genius\ioCentre\gMGlass.exe ()
PRC - C:\Genius\ioCentre\gIMMgm.exe ()
PRC - C:\Genius\ioCentre\gAutoScroll.exe ()


========== Modules (SafeList) ==========

MOD - C:\Users\VASY\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll ()
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Boonty Games) -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe (BOONTY)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (Recovery Service for Windows) -- C:\Program Files\SMINST\BLService.exe ()
SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (johci) -- C:\Windows\System32\drivers\johci.sys (JMicron Technology Corp.)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (NETwNv32) ___ Intel® -- C:\Windows\System32\drivers\NETwNv32.sys (Intel Corporation)
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (hpdskflt) -- C:\Windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Company)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.)
DRV - (NETw5v32) Intel® -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (NETw3v32) Intel® -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (gHidPnp) -- C:\Windows\System32\drivers\gHidPnp.sys ()
DRV - (gMouUsb) -- C:\Windows\System32\drivers\gMouUsb.sys ()
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.linkup.co.il/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.linkup.co.il/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.linkup.co.il/"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.5.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: c:\program files\real\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: c:\program files\real\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: c:\program files\real\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/06 06:00:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/07 21:42:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/01/01 19:44:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/07/12 09:08:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/14 19:42:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/17 13:00:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/01/01 19:44:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2010/11/23 15:42:46 | 000,000,000 | ---D | M]

[2010/09/11 10:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VASY\AppData\Roaming\Mozilla\Extensions
[2010/09/11 10:54:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VASY\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/06/08 22:40:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\VASY\AppData\Roaming\Mozilla\Firefox\Profiles\c5eymxp7.default\extensions
[2010/09/11 14:10:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\VASY\AppData\Roaming\Mozilla\Firefox\Profiles\c5eymxp7.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/13 22:31:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/14 19:42:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/10/14 00:05:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/14 00:03:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/14 00:06:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/13 22:31:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/07/12 09:08:29 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2010/11/23 15:42:46 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- C:\PROGRAM FILES\DAP\DAPFIREFOX
[2011/01/01 19:44:41 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010/07/07 21:42:22 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/12/14 19:42:28 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2010/12/14 19:42:28 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/12/14 19:42:32 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2011/06/07 12:35:34 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2010/12/13 12:27:22 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2010/12/13 12:27:22 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2010/12/13 12:27:22 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2010/12/13 12:27:23 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2010/12/13 12:27:23 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2010/12/13 12:27:23 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2010/12/13 12:27:23 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2010/08/25 02:19:19 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2010/08/25 02:19:19 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2010/08/25 02:19:19 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2010/08/25 02:19:19 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2010/08/25 02:19:19 | 000,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2010/08/25 02:19:19 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2010/08/25 02:19:19 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2006/09/19 00:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Download Accelerator Plus Integration) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\DAP\dapieloader.dll (SpeedBit Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DVDAgent] C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files\DAP\DAP.EXE (SpeedBit Ltd.)
O4 - HKCU..\Run: [DriverMax] C:\Program Files\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files\Innovative Solutions\DriverMax\devices.exe (Innovative Solutions)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/4%20Elements/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/4%20Elements/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\VASY\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\VASY\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 00:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a22d58cb-07e2-11df-b318-00247e57529d}\Shell - "" = AutoRun
O33 - MountPoints2\{a22d58cb-07e2-11df-b318-00247e57529d}\Shell\AutoRun\command - "" = F:\PopCDRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/23 20:04:35 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\Jetdogs Studios
[2011/07/22 14:18:14 | 000,000,000 | ---D | C] -- C:\Program Files\bluescreenview
[2011/07/22 12:32:37 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\GameInvest
[2011/07/22 06:32:29 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\Alawar Entertainment
[2011/07/20 14:18:59 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\Freeze Tag
[2011/07/17 21:09:10 | 000,000,000 | ---D | C] -- C:\Users\VASY\Documents\Egypt The Profecy Part 1
[2011/07/16 15:51:04 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\Boolat Games
[2011/07/16 14:31:03 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\Vogat Interactive
[2011/07/14 22:43:48 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\VampireSagaHL
[2011/07/13 09:58:27 | 002,043,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/07/13 09:58:21 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011/07/13 09:58:21 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/07/11 09:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/07/10 21:31:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ricochet Infinity
[2011/07/10 18:27:50 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\SulusGames
[2011/07/10 18:17:20 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Local\fd
[2011/07/09 09:47:18 | 000,000,000 | ---D | C] -- C:\Users\VASY\{25ddccd3-4cce-49b4-b576-4620276c6e84}
[2011/07/08 14:08:38 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\LestaStudio
[2011/07/08 13:36:35 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\Magic Match
[2011/07/08 13:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
[2011/07/07 20:18:39 | 000,000,000 | ---D | C] -- C:\Users\VASY\Documents\Lesta Studio
[2011/07/06 21:56:23 | 006,923,264 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\NETwNv32.sys
[2011/07/06 21:56:22 | 002,760,704 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETwNr32.dll
[2011/07/06 21:56:21 | 000,684,032 | ---- | C] (Intel Corporation) -- C:\Windows\System32\NETwNc32.dll
[2011/07/05 20:28:46 | 000,203,352 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\System32\jmcricon.dll
[2011/07/05 20:28:46 | 000,144,472 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\System32\drivers\jmcr.sys
[2011/07/04 19:23:50 | 000,023,640 | ---- | C] (JMicron Technology Corp.) -- C:\Windows\System32\drivers\johci.sys
[2011/07/03 19:18:06 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Difxapi.dll
[2011/07/03 19:18:06 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2011/07/03 19:18:06 | 000,052,736 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2011/07/03 19:18:06 | 000,031,232 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2011/07/03 19:18:04 | 001,912,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdmv.dll
[2011/07/03 19:18:03 | 000,029,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2011/07/03 19:18:00 | 017,469,952 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2011/07/03 19:17:57 | 000,294,912 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODE.exe
[2011/07/03 19:17:57 | 000,242,176 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2011/07/03 19:17:57 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2011/07/03 19:17:57 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2011/07/03 19:17:57 | 000,045,056 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIODCLI.exe
[2011/07/03 19:17:57 | 000,015,872 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2011/07/03 19:17:56 | 007,774,208 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2011/07/03 19:17:55 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2011/07/03 19:17:55 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2011/07/03 19:17:54 | 004,307,968 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2011/07/03 19:17:54 | 000,393,216 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2011/07/03 19:17:54 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2011/07/03 19:17:53 | 000,671,744 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2011/07/03 19:17:53 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2011/07/03 19:17:52 | 006,098,432 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2011/07/03 19:17:51 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atibtmon.exe
[2011/07/03 19:17:51 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2011/07/03 19:17:50 | 000,147,456 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2011/07/03 19:17:49 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2011/07/03 18:42:36 | 000,000,000 | ---D | C] -- C:\Users\VASY\Documents\My Drivers
[2011/07/03 18:42:36 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Local\Innovative Solutions
[2011/07/03 18:42:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions
[2011/07/03 18:42:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2011/07/03 18:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions
[2011/07/02 21:46:45 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Local\{7991C76A-5164-4867-B425-618DB5656495}
[2011/07/02 20:20:38 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\ERS Game Studios
[2011/07/02 11:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/07/02 11:31:44 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies(0)
[2011/07/02 11:25:49 | 000,000,000 | ---D | C] -- C:\Users\VASY\{1cd8e6ff-b33a-48f5-b808-5f5f12c2bef8}
[2011/07/02 11:23:48 | 000,000,000 | ---D | C] -- C:\ATI
[2011/07/02 11:17:49 | 000,000,000 | ---D | C] -- C:\AMD
[2011/07/02 09:51:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ioCentre
[2011/07/02 09:49:05 | 000,000,000 | ---D | C] -- C:\Genius
[2011/07/02 09:48:29 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\InstallShield
[2011/07/01 20:17:30 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\Skunk Studios
[2011/06/30 19:04:47 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\GameMill Entertainment
[2011/06/28 15:07:51 | 000,000,000 | ---D | C] -- C:\Users\VASY\Documents\Green Gamer
[2011/06/28 15:05:19 | 000,000,000 | ---D | C] -- C:\Users\VASY\Documents\Chronicles of Mystery - Secret of the Lost Kingdom
[2011/06/27 14:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Cateia Games
[2011/06/26 19:30:37 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\GarageGames
[2011/06/26 19:22:35 | 000,000,000 | ---D | C] -- C:\Users\VASY\AppData\Roaming\Monkey Barrel Games
[2009/08/28 19:52:36 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\VASY\AppData\Roaming\pcouffin.sys
[2006/06/26 08:33:46 | 000,163,840 | ---- | C] (アリスソフト) -- C:\Users\VASY\AppData\Local\Tempals_inst.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/07/24 09:09:05 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/24 09:09:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/24 09:01:38 | 000,001,202 | ---- | M] () -- C:\Users\VASY\Desktop\My DAP Downloads.lnk
[2011/07/24 08:50:52 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\Free File Viewer Update Checker.job
[2011/07/24 08:47:44 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2011/07/24 08:47:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/24 08:47:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/24 08:47:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/24 08:46:55 | 2144,542,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/23 23:38:39 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/07/23 18:44:50 | 125,125,551 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/07/23 12:57:13 | 000,000,082 | ---- | M] () -- C:\Users\VASY\Documents\cc_20110723_125710.reg
[2011/07/23 12:55:53 | 000,000,863 | ---- | M] () -- C:\Users\VASY\Desktop\Glary Utilities.lnk
[2011/07/22 14:18:34 | 000,000,876 | ---- | M] () -- C:\Users\VASY\Desktop\BlueScreenView.exe - Shortcut.lnk
[2011/07/22 12:46:32 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/22 12:35:01 | 282,670,991 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/07/14 10:45:56 | 003,659,768 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/07/12 09:08:29 | 000,000,830 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/07/07 15:23:19 | 000,002,551 | ---- | M] () -- C:\Users\VASY\Application Data\Microsoft\Internet Explorer\Quick Launch\HP MediaSmart.lnk
[2011/07/06 22:04:22 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/07/06 22:04:22 | 000,365,800 | ---- | M] () -- C:\Windows\System32\perfh00D.dat
[2011/07/06 22:04:22 | 000,107,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/07/06 22:04:22 | 000,074,804 | ---- | M] () -- C:\Windows\System32\perfc00D.dat
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/07/03 18:42:31 | 000,000,919 | ---- | M] () -- C:\Users\VASY\Desktop\DriverMax.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/07/23 12:57:13 | 000,000,082 | ---- | C] () -- C:\Users\VASY\Documents\cc_20110723_125710.reg
[2011/07/22 14:18:34 | 000,000,876 | ---- | C] () -- C:\Users\VASY\Desktop\BlueScreenView.exe - Shortcut.lnk
[2011/07/22 06:41:48 | 282,670,991 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/07/03 19:18:05 | 000,916,704 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2011/07/03 19:18:03 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011/07/03 19:18:02 | 000,003,949 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/07/03 19:17:57 | 000,031,249 | ---- | C] () -- C:\Windows\atiogl.xml
[2011/07/03 19:17:55 | 000,233,012 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/07/03 19:17:50 | 000,156,408 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2011/07/03 18:42:31 | 000,000,919 | ---- | C] () -- C:\Users\VASY\Desktop\DriverMax.lnk
[2011/07/02 21:27:23 | 2144,542,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/07/02 09:51:46 | 000,009,856 | ---- | C] () -- C:\Windows\System32\drivers\gMouUsb.sys
[2011/07/02 09:51:44 | 000,016,384 | ---- | C] () -- C:\Windows\System32\drivers\gHidPnp.sys
[2011/05/29 20:01:31 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/05/25 20:59:33 | 000,000,552 | ---- | C] () -- C:\Users\VASY\AppData\Local\d3d8caps.dat
[2011/05/22 11:32:23 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011/05/22 11:32:21 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011/05/17 21:47:54 | 000,495,616 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011/04/16 08:57:33 | 000,000,680 | ---- | C] () -- C:\Users\VASY\AppData\Local\d3d9caps.dat
[2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/03/23 19:58:12 | 000,000,000 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011/01/22 00:22:25 | 000,403,240 | ---- | C] () -- C:\Users\VASY\AppData\Local\tmpBS_MANUAL_PAGE1.0
[2011/01/22 00:22:25 | 000,209,311 | ---- | C] () -- C:\Users\VASY\AppData\Local\tmpBS_MANUAL_PAGE1.JPG
[2010/12/01 11:41:49 | 000,000,000 | ---- | C] () -- C:\Windows\ACTIVEJP.INI
[2010/11/27 17:33:03 | 000,149,504 | ---- | C] () -- C:\Windows\System32\CETNUASM.DLL
[2010/08/25 22:48:44 | 000,000,092 | ---- | C] () -- C:\Windows\BITMPC.INI
[2010/08/24 16:22:53 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010/08/16 17:21:47 | 000,000,004 | ---- | C] () -- C:\Users\VASY\AppData\Roaming\8ifbr6i06d2uk5cpaelanhxloqn
[2010/08/06 23:04:02 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/05/21 20:32:52 | 000,001,189 | ---- | C] () -- C:\Users\VASY\AppData\Roaming\vso_ts_preview.xml
[2010/04/09 20:15:37 | 000,024,227 | ---- | C] () -- C:\Users\VASY\AppData\Roaming\UserTile.png
[2010/04/04 23:26:28 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010/04/04 23:26:28 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010/03/10 07:21:07 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/12/05 13:42:28 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/10/14 23:30:21 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009/09/24 15:32:31 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 15:32:31 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/14 20:32:58 | 000,000,168 | ---- | C] () -- C:\Windows\usdthank.ini
[2009/09/14 20:32:58 | 000,000,031 | ---- | C] () -- C:\Windows\idc.ini
[2009/09/05 14:06:39 | 000,000,038 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/08/28 19:52:37 | 000,087,608 | ---- | C] () -- C:\Users\VASY\AppData\Roaming\inst.exe
[2009/08/28 19:52:36 | 000,007,887 | ---- | C] () -- C:\Users\VASY\AppData\Roaming\pcouffin.cat
[2009/08/28 19:52:36 | 000,001,144 | ---- | C] () -- C:\Users\VASY\AppData\Roaming\pcouffin.inf
[2009/08/06 11:47:55 | 000,134,144 | ---- | C] () -- C:\Users\VASY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/17 07:12:24 | 000,188,416 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/06/17 05:30:14 | 000,647,168 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/04/17 03:58:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/04/17 03:21:04 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2009/04/15 08:26:04 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009/03/02 13:43:47 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009/03/02 13:41:07 | 000,365,800 | ---- | C] () -- C:\Windows\System32\perfh00D.dat
[2009/03/02 13:41:07 | 000,225,844 | ---- | C] () -- C:\Windows\System32\perfi00D.dat
[2009/03/02 13:41:07 | 000,074,804 | ---- | C] () -- C:\Windows\System32\perfc00D.dat
[2009/03/02 13:41:07 | 000,031,198 | ---- | C] () -- C:\Windows\System32\perfd00D.dat
[2009/03/02 05:47:41 | 000,000,428 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat
[2008/12/31 14:55:34 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2006/11/02 15:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 15:47:37 | 003,659,768 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 15:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 13:33:01 | 000,604,322 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 13:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 13:33:01 | 000,107,460 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 13:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 13:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 11:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 11:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 10:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 10:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2002/07/01 17:13:30 | 000,000,229 | -HS- | C] () -- C:\Users\VASY\AppData\Roaming\matrox_drv16.dat
[2002/07/01 17:13:30 | 000,000,224 | -HS- | C] () -- C:\Users\VASY\AppData\Roaming\bun_beta.dat
[2002/07/01 17:13:30 | 000,000,224 | -HS- | C] () -- C:\Users\VASY\AppData\Roaming\brun_nbeta12.dat
[2001/11/14 13:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2011/07/22 06:32:29 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Alawar Entertainment
[2010/07/03 19:40:12 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\AnvSoft
[2010/07/03 19:38:47 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Any Video Converter
[2009/11/15 22:16:03 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Ashampoo
[2010/07/04 19:18:36 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Audacity
[2010/10/02 19:11:08 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\AVG10
[2011/05/19 17:56:37 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Big Finish
[2011/04/10 06:53:11 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Big Fish Games
[2011/04/10 06:53:25 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Blue Tea Games
[2011/07/16 15:51:04 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Boolat Games
[2011/05/04 22:34:33 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Camel101
[2010/04/18 23:39:12 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\CrystalSpace
[2009/09/19 18:27:18 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\DAEMON Tools Lite
[2011/05/19 17:41:05 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\DailyMagic
[2010/03/28 23:11:50 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\DMCache
[2011/07/02 20:20:38 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\ERS Game Studios
[2011/04/13 15:12:34 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\FairyTale
[2010/05/11 22:20:36 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\FALCOM
[2011/05/17 21:24:49 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Free MP3 WMA OGG Converter
[2011/05/17 21:39:41 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\FreeAudioPack
[2011/07/10 15:31:26 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\FreeFileViewer
[2011/07/20 14:18:59 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Freeze Tag
[2011/07/22 12:32:37 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\GameInvest
[2011/06/30 19:04:47 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\GameMill Entertainment
[2011/06/26 19:30:37 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\GarageGames
[2011/02/26 13:35:36 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\GlarySoft
[2011/05/19 18:09:24 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Gogii
[2010/08/10 22:51:36 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Goodsol
[2009/11/27 22:51:01 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\GrabPro
[2009/08/29 12:43:51 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\ImgBurn
[2011/07/23 20:04:35 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Jetdogs Studios
[2011/06/23 20:20:44 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Lazy Turtle Games
[2011/05/29 20:02:52 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Leawo
[2011/05/29 20:02:54 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Leawo Video2MP4 v2
[2011/07/08 14:08:38 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\LestaStudio
[2011/07/08 13:36:47 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Magic Match
[2011/06/17 22:26:05 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\MoMB_Full_Eng
[2011/06/26 19:22:35 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Monkey Barrel Games
[2011/05/29 20:02:54 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Moyea
[2011/04/16 16:14:30 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\My Games
[2011/06/04 01:28:05 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Nitroplus
[2011/01/01 20:00:27 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Nokia
[2009/10/01 18:58:10 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Notepad++
[2011/06/20 09:45:59 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Orneon
[2011/01/01 19:47:42 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\PC Suite
[2010/08/25 20:42:35 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Ponscripter
[2010/01/30 09:42:47 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\PopCapv1005
[2010/11/22 00:13:20 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\ProtectDisc
[2011/03/03 00:03:29 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\savedata
[2011/04/01 23:44:45 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Silverback Productions
[2011/07/01 20:17:30 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Skunk Studios
[2011/07/10 18:27:50 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\SulusGames
[2010/11/07 22:11:13 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Thinstall
[2011/06/17 14:02:36 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\TrickySoftware
[2011/07/14 22:43:48 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\VampireSagaHL
[2011/07/16 14:31:03 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Vogat Interactive
[2011/02/26 11:01:45 | 000,000,000 | ---D | M] -- C:\Users\VASY\AppData\Roaming\Vso
[2011/07/24 08:50:52 | 000,000,376 | ---- | M] () -- C:\Windows\Tasks\Free File Viewer Update Checker.job
[2011/07/24 08:47:44 | 000,000,310 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job
[2011/07/23 23:38:41 | 000,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2009/08/02 13:40:53 | 000,000,000 | -HSD | M](C:\ProgramData\????? ??????) -- C:\ProgramData\שולחן העבודה
[2009/08/02 13:40:53 | 000,000,000 | -HSD | M](C:\ProgramData\????? ?????) -- C:\ProgramData\תפריט התחלה
[2009/08/02 13:40:53 | 000,000,000 | -HSD | M](C:\ProgramData\????? ??????) -- C:\ProgramData\שולחן העבודה
[2009/08/02 13:40:53 | 000,000,000 | -HSD | M](C:\ProgramData\????? ?????) -- C:\ProgramData\תפריט התחלה
[2009/03/02 05:08:22 | 000,001,965 | ---- | M] ()(C:\Users\Public\Desktop\HP ???? ??????.lnk) -- C:\Users\Public\Desktop\HP עזרה ותמיכה.lnk
[2009/03/02 05:08:22 | 000,001,965 | ---- | C] ()(C:\Users\Public\Desktop\HP ???? ??????.lnk) -- C:\Users\Public\Desktop\HP עזרה ותמיכה.lnk
(C:\ProgramData\????? ??????) -- C:\ProgramData\שולחן העבודה
(C:\ProgramData\????? ?????) -- C:\ProgramData\תפריט התחלה

========== Alternate Data Streams ==========

@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:7B125E06
@Alternate Data Stream - 24 bytes -> C:\Windows:47F96AB568CBA15F
@Alternate Data Stream - 215 bytes -> C:\ProgramData\Temp:378824DE
@Alternate Data Stream - 209 bytes -> C:\ProgramData\Temp:E2CFA9CD
@Alternate Data Stream - 209 bytes -> C:\ProgramData\Temp:19474103
@Alternate Data Stream - 206 bytes -> C:\ProgramData\Temp:697DDE2B
@Alternate Data Stream - 202 bytes -> C:\ProgramData\Temp:397D67BA
@Alternate Data Stream - 196 bytes -> C:\ProgramData\Temp:943971F5
@Alternate Data Stream - 190 bytes -> C:\ProgramData\Temp:8E5EA40F
@Alternate Data Stream - 189 bytes -> C:\ProgramData\Temp:EE198B1F
@Alternate Data Stream - 185 bytes -> C:\ProgramData\Temp:A4E7D25F
@Alternate Data Stream - 178 bytes -> C:\ProgramData\Temp:18DEBC51
@Alternate Data Stream - 174 bytes -> C:\ProgramData\Temp:ECF3C50F
@Alternate Data Stream - 174 bytes -> C:\ProgramData\Temp:71612023
@Alternate Data Stream - 170 bytes -> C:\ProgramData\Temp:FB1B13D8
@Alternate Data Stream - 169 bytes -> C:\ProgramData\Temp:587F3582
@Alternate Data Stream - 166 bytes -> C:\ProgramData\Temp:DA5888A7
@Alternate Data Stream - 157 bytes -> C:\ProgramData\Temp:98DFF516
@Alternate Data Stream - 156 bytes -> C:\ProgramData\Temp:0AC32449
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:C22674B6
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:97C4F81F
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:561B1D2B
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:C49A5AD1
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:C2F24DB5
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:65B8AF94
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:0D864221
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:BD34FFC5
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:AA0017FD
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:700B9342
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:CFA9536D
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:FB65A4AA
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:5520ED93
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:8855A119
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:6D816C77
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:A752D3DB
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:4DDE401B
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:E894A3ED
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:CF61CE5A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:689AB7E9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:EEB25EAE
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:ED2D63E4
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:2AF322BF
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:DB2748F7
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:23834E1E
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:C62640AC
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:C30487EE
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:F64FC07C
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E11EAB84
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:D4558A0B
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:BEACE4C8
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:B0456F0C
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:4EC7F009
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:E7DFCE48
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:E5B07840
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:9C3AAD57
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:6E2D80C8
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:6A0A47E7
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:2D2461E7
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:FD000392
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:57B2B96C
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:33B04540
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:0785072C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:BD8C785E
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:A866F8A3
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:2B9555D8
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:B30D9A49
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:40D8F125
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:A9819473
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:F3D65F99
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:260575F1
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:E8C44CB4
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:9F139265
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:7424F794
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:E6BEADB7
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:6C99C213
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:2B11E0DF
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:2652902F
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:F663BB74
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:34EFF1F2
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:BE340C9B
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:870649A4
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:1CB4A530
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:1B7E2022
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:1B389835
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:774A0E14
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:75798D9A
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:4FE42FFC
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:E690114B
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D48500F8
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:51E02732
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:ADF211B1

< End of report >

Extras.txt
OTL Extras logfile created on: 24/07/2011 09:19:59 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\VASY\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000040D | Country: ישראל | Language: HEB | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.47 Gb Available Physical Memory | 23.38% Memory free
4.23 Gb Paging File | 2.33 Gb Available in Paging File | 55.21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224.62 Gb Total Space | 100.18 Gb Free Space | 44.60% Space Free | Partition Type: NTFS
Drive D: | 8.27 Gb Total Space | 1.57 Gb Free Space | 18.96% Space Free | Partition Type: NTFS

Computer Name: VASY-PC | User Name: VASY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1116E52B-28E7-4E97-BF7C-12585FAB430F}" = lport=4662 | protocol=6 | dir=in | name=e-mule |
"{1CC4A094-16F0-40EA-BC5A-0355A3BC814B}" = lport=49164 | protocol=6 | dir=in | name=akamai netsession interface |
"{3656EE80-B900-4F7B-9372-6B7B0EA05350}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5D442A29-E2DD-45B9-9CEE-E7902F0AB5AF}" = lport=4672 | protocol=17 | dir=in | name=e-mule |
"{76E20FE4-7210-41C2-B51F-5141B40181C3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8C4C879D-FDB3-48E1-B32D-3415BB725711}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D39E6D8E-BC81-479C-B120-6331F350C593}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D989AC74-E3C7-4EF9-8F40-FCCCF983DAAB}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
"{DA0FCD7D-71EA-4155-96CD-D1B42E84CF94}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0099BF74-5133-429B-889B-0B015CAB5D16}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{0368AE05-9AF1-4F8C-A201-AB30182F9D3F}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{12FAEE76-BA8C-44F7-B808-017DA92B708C}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{1810D074-0ECB-4F99-ADC5-A344CC7AE834}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{24C60E67-4FC5-4957-9F47-3BE947FFCCA9}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{2C0E3785-B5B7-44E0-BEB5-E7AD30F253A1}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{3B900192-F4E5-45C0-B0DF-FB11EBBA0AB6}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{3D4444F7-4C0A-4D1E-9055-C5522FE469EC}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{480D4E9E-D7E8-41B7-8C0B-DCE92882C12C}" = dir=in | app=c:\program files\hewlett-packard\media\live tv\qp.exe |
"{48CFF4C6-CADD-4097-9D6B-075DBB3310EB}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{4A417228-282D-42E6-9209-F8EC6C112486}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe |
"{4CC64285-9449-4F32-9138-8D16ECF8089E}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{53B7D6C7-323A-41C0-A14D-9A1D285E2723}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe |
"{5C533DCB-D709-4386-853A-41AFA24D0CD3}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{5EB7D237-A6FC-4BCB-B748-FF2241BC6884}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qp.exe |
"{7067319D-101C-4E9C-9BF0-655911155098}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{71F9CB24-B698-4442-BB0E-B485C9C81F3C}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{84463D86-2EE1-43FA-BA69-B522E807A48F}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qpservice.exe |
"{870F51D2-57DD-4A3E-8B12-B90C150D039E}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{8784E146-ABAA-445A-83EF-FFED70156193}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{9960AADE-75DC-4BC8-BE88-113D1E713D2D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{B300103F-C913-4E92-9B21-757AE671EFB3}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{B3699086-86A5-4034-8BFE-2EBF97B4E034}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{E3FFDEEB-D433-45F0-89C3-5BBC1EDC46D4}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{EDFAA0AE-E201-4C86-B75F-3D377B246D99}" = dir=in | app=c:\program files\freefileviewer\ffvcheckforupdates.exe |
"{F20C6FA9-CE60-4534-BDA7-A417EA4823B0}" = dir=in | app=c:\program files\hewlett-packard\media\live tv\qpservice.exe |
"{F29C1233-2C99-497F-A451-06A3CEAABC70}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F3552BAD-8E19-4409-BDAC-7788303CAE40}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{F51ADC01-410A-49B1-ADEC-3B699C7D57CE}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{F80D4DBA-2A1A-49A0-8325-65902EE7D04F}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{FB3C755F-63F6-44EE-810C-E385A2CC8746}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"TCP Query User{19746D0E-6A85-46E5-9F3E-28F76333D13B}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{2144E1BA-2DC2-4EC6-A6A7-0AC80B400D4E}C:\users\vasy\appdata\roaming\thinstall\{e9f81423-211e-46b6-9ae0-38568bc5cf6f}\skel\27b3fd671cb277ea9c2f48308c7d4839f58bcc5b.console.exe" = protocol=6 | dir=in | app=c:\users\vasy\appdata\roaming\thinstall\{e9f81423-211e-46b6-9ae0-38568bc5cf6f}\skel\27b3fd671cb277ea9c2f48308c7d4839f58bcc5b.console.exe |
"TCP Query User{5DC58B33-4FA5-4ACC-A854-6EB35C8550F1}C:\program files\super internet tv\super internet tv.exe" = protocol=6 | dir=in | app=c:\program files\super internet tv\super internet tv.exe |
"TCP Query User{6A1B542F-DE33-48DF-BBC5-5FB009F6F8C4}C:\games\downfall\data\nfsw.exe" = protocol=6 | dir=in | app=c:\games\downfall\data\nfsw.exe |
"TCP Query User{80E95E73-E01B-4B46-ACBE-090ACB224C4E}C:\program files\tvpc\tvplayerclassic.exe" = protocol=6 | dir=in | app=c:\program files\tvpc\tvplayerclassic.exe |
"TCP Query User{934F1121-796A-46B1-BFC5-F52D5A8F7BA9}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{A18B0D70-A167-4B16-9479-C5B73EECE9BD}C:\program files\real\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplay.exe |
"TCP Query User{ADC074E7-E622-42BA-A223-990756D3B830}C:\program files\worldweaver\dx studio player\v3.2.68\dxstudioserver.exe" = protocol=6 | dir=in | app=c:\program files\worldweaver\dx studio player\v3.2.68\dxstudioserver.exe |
"TCP Query User{BC88FD47-6DE9-4FB9-8C59-B1D15E026257}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{BDE6BEBF-C0DF-4F16-8EF4-783B796C0C15}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{C316B3B6-4873-49EF-9372-30874594CA04}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{CE1C471E-9AD5-42F2-90AC-C5843A9A5665}C:\users\vasy\appdata\local\temp\lmi28b.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\vasy\appdata\local\temp\lmi28b.tmp\lmi_rescue.exe |
"TCP Query User{D0C39E8D-5B23-4DD2-9909-636447F1B92D}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{E267684C-96F0-4506-831B-75F647871C33}C:\program files\steam\steamapps\common\lost planet extreme condition\lostplanetdx9.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\lost planet extreme condition\lostplanetdx9.exe |
"UDP Query User{06B0AB2D-091D-4972-B85C-8F7FA2BCBC1F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0785B67A-1C30-46F2-A5B3-15BD9089510B}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{1D11FDF6-182F-40D5-A86B-5BB43E255B72}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{27C6CC7F-E72C-4BD6-9BAB-ACD785EBF69B}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{396A51E3-BA8C-42B0-8E6E-1AEFBCC4E349}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{51232FF3-0541-49A1-94E5-497001FE36CD}C:\program files\steam\steamapps\common\lost planet extreme condition\lostplanetdx9.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\lost planet extreme condition\lostplanetdx9.exe |
"UDP Query User{58BE695D-D958-4848-8F7E-1C36FA0591EE}C:\users\vasy\appdata\roaming\thinstall\{e9f81423-211e-46b6-9ae0-38568bc5cf6f}\skel\27b3fd671cb277ea9c2f48308c7d4839f58bcc5b.console.exe" = protocol=17 | dir=in | app=c:\users\vasy\appdata\roaming\thinstall\{e9f81423-211e-46b6-9ae0-38568bc5cf6f}\skel\27b3fd671cb277ea9c2f48308c7d4839f58bcc5b.console.exe |
"UDP Query User{5E20DD5A-1D2B-4519-8F32-7F54BD43E3E2}C:\users\vasy\appdata\local\temp\lmi28b.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\vasy\appdata\local\temp\lmi28b.tmp\lmi_rescue.exe |
"UDP Query User{A333696A-51B8-4405-AC25-78CCAEE1157F}C:\program files\worldweaver\dx studio player\v3.2.68\dxstudioserver.exe" = protocol=17 | dir=in | app=c:\program files\worldweaver\dx studio player\v3.2.68\dxstudioserver.exe |
"UDP Query User{BC4FD2F3-FA45-45F5-9901-E515888C8309}C:\program files\real\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplay.exe |
"UDP Query User{C39D7975-B9AB-475C-A795-EC7ABC4FCC52}C:\games\downfall\data\nfsw.exe" = protocol=17 | dir=in | app=c:\games\downfall\data\nfsw.exe |
"UDP Query User{C9259F18-914F-4387-BEC2-75BDDF7AB1C2}C:\program files\tvpc\tvplayerclassic.exe" = protocol=17 | dir=in | app=c:\program files\tvpc\tvplayerclassic.exe |
"UDP Query User{DC47291D-A14A-4D5A-80DA-1C60F64E238F}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{F50B03B3-CCAF-42DB-A6C8-096128A583C4}C:\program files\super internet tv\super internet tv.exe" = protocol=17 | dir=in | app=c:\program files\super internet tv\super internet tv.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6204
"{08600005-5228-4BF6-845E-E9A957AFDCB4}" = OviMPlatform
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C7F8FBE-435C-34D2-6813-2A632AAC0C92}" = Catalyst Control Center Localization Greek
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E1F58B6-39BF-23FC-B4E5-3A2B4A0FADEB}" = CCC Help Turkish
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{0EEF3E07-3971-5080-2A3F-910691DA1135}" = Catalyst Control Center Graphics Previews Vista
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{114C14EE-652A-5EF6-59B8-3E5B33D6A4DF}" = Catalyst Control Center Graphics Full New
"{116C3B09-ADE0-1B8B-2F9F-C8B09A89F9AA}" = CCC Help Thai
"{12C11B2C-00F3-AF06-94D4-1AAF70616507}" = Catalyst Control Center Graphics Light
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E1300BC-6DBA-476B-8CCF-4AA81ED4DF6A}" = AVG 2011
"{1EC09CDB-0674-B3D6-FCB1-7B3CE2BFF3E8}" = Catalyst Control Center Localization Danish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{255C206B-4776-1D14-9EDD-2F9458847739}" = ccc-core-static
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 26
"{278ABC06-C7AF-F987-FC4A-789582993D2D}" = ATI Catalyst Install Manager
"{2D406FFD-7603-49C1-A16C-D3296E8E20F7}" = Zumas Revenge
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34CFF761-7AD1-7C1A-4513-79B3E2F54290}" = CCC Help Greek
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 L1
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3553E875-F00E-4031-BDEC-75FB1DFEB093}" = Nokia Ovi Suite Software Updater
"{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}" = Nokia Ovi Suite
"{36E90C09-EB23-4EAC-8B47-12C0CA5DBD3A}" = HP User Guides 0126
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3A6F3C3C-A83C-34D5-F80A-4FDA2FBBFE2F}" = Catalyst Control Center Localization Chinese Standard
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3DFA31F1-4747-60E4-6CA9-0060CFB99E30}" = CCC Help Spanish
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4198AAE5-A938-B0A0-9AD2-95C2F23ED677}" = Catalyst Control Center Localization Italian
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{46345EA6-1608-2E99-B47F-D83725A5C4D9}" = CCC Help Hungarian
"{46ACB9C1-6109-088B-931F-B7A5CE735504}" = CCC Help Italian
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4F0C7CCF-5666-474B-B02E-AC514A95EC93}" = NVIDIA GAME System Software 2.8.1
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{51B8CA01-3E68-9993-E6F3-7F8982A0F600}" = CCC Help Finnish
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{650A275F-75B8-B71E-4C9D-04E952A63E5F}" = Catalyst Control Center Graphics Previews Common
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6756A967-2904-DE46-3265-4BB80B934904}" = Catalyst Control Center Localization Chinese Traditional
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69916AD2-3710-4C86-895E-8F475290AA64}" = Ovi Desktop Sync Engine
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{735DAC68-3FF4-2895-83A2-DBF135AB9F44}" = CCC Help German
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{80490945-CE48-45CF-9CCA-CA0EF44D9FE4}" = AVG 2011
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DAD42E6-BBE7-C12B-C78D-8AC8C87F4055}" = Catalyst Control Center Localization German
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90EF242A-A2ED-FBBD-2F1F-A159DB0DDAC3}" = CCC Help Chinese Traditional
"{9198CC8F-8B08-6F7B-BF7D-A6594526B5DF}" = Catalyst Control Center Localization Hungarian
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93DD8BC9-ADD5-D20B-22B5-1526E45CB6C8}" = CCC Help French
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{99AF6670-F557-F4D3-3069-AE62DA675A70}" = Catalyst Control Center Localization French
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B88930B-A7E7-03E5-1313-BED90FCCF72C}" = CCC Help Swedish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F19486B-B187-5A51-189F-FCCEBBB70E2E}" = Catalyst Control Center Localization Dutch
"{A019B329-BFA8-3F59-6F80-6A3714104CE9}" = CCC Help English
"{A107F928-EED3-28FC-857F-ED33FEDBA02A}" = Catalyst Control Center Localization Korean
"{A15B2786-6F7E-0B96-A222-141202F9CECC}" = CCC Help Japanese
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5D5CC36-6A42-6FB6-882F-90C6262C8DCA}" = CCC Help Korean
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7AC8E69-01FF-494E-9A2C-423B82CEA604}" = HP MediaSmart SmartMenu
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9359BA2-B496-8E14-EDA9-923DBE8913CB}" = Catalyst Control Center Localization Thai
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAD72731-807A-4B79-AE05-9190B7002B7B}" = ProtectSmart Hard Drive Protection
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B3D11644-94AB-17E7-D9CF-52EF943D9F52}" = Catalyst Control Center Localization Spanish
"{B4B199E3-4D33-4F08-688A-9BCE5920AAF6}" = Catalyst Control Center Localization Japanese
"{B696F28D-F4AA-407E-899E-0CFE5410831B}" = Agatha Christie - And Then There Were None
"{B6D58F80-C8BE-5E7F-8F1C-1AEB4A5EACE6}" = Catalyst Control Center InstallProxy
"{BDDB0932-2C7F-ABB3-ED54-6F045EEF14F7}" = Catalyst Control Center Localization Swedish
"{C2E52B6F-E4F1-B9D6-D671-D7E2FC60C7C0}" = CCC Help Chinese Standard
"{C58AED82-0DD9-DF4B-1CE7-F7EE9B1BBB83}" = CCC Help Danish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C61D8EF2-D9BF-B36F-4887-ADE39C924F3F}" = Catalyst Control Center Localization Polish
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7D02E19-07F2-8EE5-7C18-1617A656AF74}" = Catalyst Control Center Localization Turkish
"{C91CC841-7B39-9454-4A16-91C7FF300EC8}" = CCC Help Portuguese
"{CAAAB039-95E4-6F1C-36CC-2E6005E2540D}" = ccc-utility
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE60D4C0-86A7-52C8-7C8A-AFD2E99A1790}" = Catalyst Control Center Graphics Full Existing
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D6EA6018-0F5B-E4CC-C930-990412BED306}" = Catalyst Control Center Localization Czech
"{D80D6A7D-A6AA-019A-12D8-CA58F76FA313}" = Skins
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DB7DE91F-AC23-7A23-B1A7-6FD3A05534E2}" = CCC Help Czech
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFC21203-E063-A351-8027-F5D43162539D}" = CCC Help Norwegian
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0FE7850-04F8-D01A-971F-C7B00F8D003A}" = Catalyst Control Center Localization Russian
"{E18407AE-614D-5B0B-9C38-5A1853E8AB5D}" = Catalyst Control Center Core Implementation
"{E1B2BA63-4023-B582-0D88-ABB528E281D9}" = Catalyst Control Center InstallProxy
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5E29403-3D25-40C6-892B-F9FEE2A95585}" = HP Wireless Assistant
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype 5.0
"{E651B083-2904-8342-5C27-39800B39E03B}" = CCC Help Polish
"{E6695454-03CD-146E-4A10-75FCB5AFE3FB}" = Catalyst Control Center Localization Finnish
"{E9D045D8-E31E-E3D6-004D-9AD4EE6C2747}" = CCC Help Russian
"{E9EEB277-B66C-9A72-9CF0-90AC7BFC2095}" = Catalyst Control Center Localization Norwegian
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F3B97E18-0895-4250-BA71-C4235D055F80}" = OpenOffice.org 3.1
"{F4770313-7391-411F-B484-43394A785B97}" = HP Customer Experience Enhancements
"{F4C96E82-14D2-485F-93A9-6B246C40130A}" = HP Easy Setup - Frontend
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F98DF01D-F1C3-3878-FCE6-F749729A8949}" = CCC Help Dutch
"{FDBA2850-0054-7733-527B-A6286D639345}" = Catalyst Control Center Localization Portuguese
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"4 Elements_is1" = 4 Elements 1.0
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7DE39862CC26DCE2446838AAF7CD5C163F835A57" = חבילת התקני Windows. - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.0.6
"AOL Toolbar" = AOL Toolbar 5.0
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"AVG" = AVG 2011
"BFGC" = Big Fish Games: Game Manager
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Digital Editions" = Adobe Digital Editions
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DivXLand Media Subtitler" = DivXLand Media Subtitler
"DMX5_is1" = DriverMax 5
"Download Accelerator Plus (DAP)" = Download Accelerator Plus (DAP)
"DX Studio Player v3.2.68_is1" = DX Studio Player v3.2.68
"eMule" = eMule
"ů ě ńĺă ŕđ ĺřŕ - ě" = ů ě ńĺă ŕđ ĺřŕ - ě
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.95
"FreeFileViewer_is1" = Free File Viewer 2011
"Glary Utilities_is1" = Glary Utilities 2.35.0.1216
"G-Senjou_no_Maou_Aegis" = G-Senjou no Maou English
"ImgBurn" = ImgBurn
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart Live TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"JDownloader" = JDownloader
"Magic Match_is1" = Magic Match
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Notepad++" = Notepad++
"OpenAL" = OpenAL
"Pixelfusion WMP Plugin_is1" = Pixelfusion WMP Plugin 1.60
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RealPlayer 12.0" = RealPlayer
"Ricochet Infinity_is1" = Ricochet Infinity
"SopCast" = SopCast 3.2.9
"StarCodec" = StarCodec
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Trusted Software Assistant_is1" = File Type Assistant
"Unlocker" = Unlocker 1.8.7
"VLC media player" = VLC media player 1.1.9
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21/07/2011 23:43:25 | Computer Name = VASY-PC | Source = WinMgmt | ID = 10
Description =

Error - 22/07/2011 05:36:34 | Computer Name = VASY-PC | Source = WinMgmt | ID = 10
Description =

Error - 22/07/2011 06:48:33 | Computer Name = VASY-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436,
exception code 0xc0000005, fault offset 0x00066579, process id 0x6b8, application
start time 0x01cc4852b135ee15.

Error - 22/07/2011 06:59:35 | Computer Name = VASY-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436,
exception code 0xc0000005, fault offset 0x00066579, process id 0x152c, application
start time 0x01cc485cebfd5ec5.

Error - 22/07/2011 07:51:53 | Computer Name = VASY-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 17a0 Start Time: 01cc485dadd23845 Termination Time: 140

Error - 22/07/2011 18:29:25 | Computer Name = VASY-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1f74 Start Time: 01cc48b28f0eb2d5 Termination Time: 88

Error - 23/07/2011 00:59:32 | Computer Name = VASY-PC | Source = WinMgmt | ID = 10
Description =

Error - 23/07/2011 06:00:06 | Computer Name = VASY-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module comctl32.dll, version 6.10.6002.18305, time stamp 0x4c7d2463,
exception code 0xc0000005, fault offset 0x000931b7, process id 0x5c4, application
start time 0x01cc48f53b05f010.

Error - 23/07/2011 06:00:54 | Computer Name = VASY-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 9.0.8112.16421, time stamp
0x4d76255d, faulting module avgxpl.dll, version 10.0.0.1385, time stamp 0x4df82b7b,
exception code 0xc0000005, fault offset 0x0012b306, process id 0xe58, application
start time 0x01cc491f5aa7add0.

Error - 24/07/2011 01:48:16 | Computer Name = VASY-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 22/07/2011 05:37:54 | Computer Name = VASY-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 22/07/2011 06:07:42 | Computer Name = VASY-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =

Error - 22/07/2011 20:08:05 | Computer Name = VASY-PC | Source = DCOM | ID = 10010
Description =

Error - 22/07/2011 20:08:23 | Computer Name = VASY-PC | Source = DCOM | ID = 10010
Description =

Error - 23/07/2011 00:59:32 | Computer Name = VASY-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 23/07/2011 01:15:10 | Computer Name = VASY-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =

Error - 23/07/2011 16:38:16 | Computer Name = VASY-PC | Source = DCOM | ID = 10010
Description =

Error - 23/07/2011 16:38:33 | Computer Name = VASY-PC | Source = DCOM | ID = 10010
Description =

Error - 24/07/2011 01:48:25 | Computer Name = VASY-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 24/07/2011 02:03:55 | Computer Name = VASY-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1003
Description =


< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP