AV Security Suite removed but hard drive is decreasing everyday?

View previous topic View next topic Go down

AV Security Suite removed but hard drive is decreasing everyday?

Post by austinyorks on Tue Jun 22, 2010 1:33 pm

Hello,

About 3 days ago, AV Security Suite infected my computer. I used another computer to watch a video that seem to have a solution to at least allow me access to the internet. Video: [You must be registered and logged in to see this link.]

After the video, I tried to follow the AV Security Suite Removal Guide from this forum and was able to follow the procedures ending with removing the extra infected files using Malwarebytes.

Last night I just noticed that my hard drive is about 10gb lower then it was before I was infected. So far, it's looking at decreasing at about 5-6gb a day (2gb decrease in the last 7 hours). Any solution to my problem?


Any and all help is appreciated!

austinyorks
Novice
Novice

Posts Posts : 9
Joined Joined : 2010-06-22
OS OS : Vista Home Premium (64-bit)
Points Points : 23693
# Likes # Likes : 0

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by Belahzur on Tue Jun 22, 2010 2:46 pm

Hello.

Download [You must be registered and logged in to see this link.] by OldTimer to your Desktop.

  • Close all windows and double click OTL.exe
  • Click Run Scan and let the program run uninterrupted
  • It will produce two logs for you, one will pop up - OTL.txt, the other will be saved on your Desktop - Extras.txt. Post both logs in this thread.
  • You may need to use two posts to get it all.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by austinyorks on Tue Jun 22, 2010 3:09 pm

OTL.txt

OTL logfile created on: 6/22/2010 9:52:33 AM - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\Lanell\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 45.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.27 Gb Total Space | 195.58 Gb Free Space | 43.05% Space Free | Partition Type: NTFS
Drive D: | 11.49 Gb Total Space | 1.54 Gb Free Space | 13.40% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 23.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LANELL-PC
Current User Name: Lanell
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/06/22 09:49:01 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Lanell\Desktop\OTL.exe
PRC - [2010/06/21 05:02:38 | 000,115,560 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe
PRC - [2010/06/02 19:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/05/24 22:32:07 | 000,095,232 | ---- | M] () -- C:\Program Files (x86)\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe
PRC - [2010/03/24 13:58:22 | 000,309,760 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/10/20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
PRC - [2009/06/19 23:20:11 | 000,068,592 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2009/04/11 01:27:51 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\reg.exe
PRC - [2009/02/23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
PRC - [2009/01/20 18:09:58 | 000,101,888 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.EXE
PRC - [2009/01/20 18:09:58 | 000,066,048 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnProxy.exe
PRC - [2008/12/12 12:06:30 | 000,026,928 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
PRC - [2008/12/12 12:06:30 | 000,021,296 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
PRC - [2008/10/31 14:23:06 | 000,045,056 | ---- | M] (The Nielsen Company) -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
PRC - [2008/09/29 05:09:20 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008/09/03 23:05:38 | 000,210,216 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/09/03 23:05:28 | 001,144,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/08/28 19:34:14 | 013,145,448 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe
PRC - [2008/07/25 21:19:44 | 001,310,720 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
PRC - [2008/07/16 11:59:34 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/05/24 13:40:24 | 000,463,360 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE
PRC - [2008/04/18 18:32:22 | 002,199,552 | ---- | M] () -- C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe
PRC - [2008/04/09 19:01:46 | 000,102,400 | ---- | M] () -- C:\Windows\SysWOW64\OSDForm.exe
PRC - [2008/01/18 10:04:56 | 003,641,344 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
PRC - [2007/10/30 13:45:00 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2007/04/18 10:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2006/11/20 09:30:54 | 000,250,368 | ---- | M] (The Privoxy team - [You must be registered and logged in to see this link.] -- C:\Program Files (x86)\Vidalia Bundle\Privoxy\privoxy.exe
PRC - [2006/11/02 10:04:16 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
PRC - [2002/08/02 12:33:20 | 000,368,720 | ---- | M] () -- C:\Program Files (x86)\BroadJump\Client Foundation\CFD.exe


========== Modules (SafeList) ==========

MOD - [2010/06/22 09:49:01 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Lanell\Desktop\OTL.exe
MOD - [2010/06/21 13:21:57 | 000,109,072 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll
MOD - [2009/04/11 01:28:24 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009/04/11 01:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2008/01/20 21:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008/07/15 16:09:48 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/06/21 05:02:38 | 000,115,560 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\16.2.0.7\ccSvcHst.exe -- (Norton AntiVirus)
SRV - [2010/05/06 16:22:21 | 002,478,640 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Common Files\Akamai\rswin_3697.dll -- (Akamai)
SRV - [2010/03/19 10:49:20 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/10/20 20:39:28 | 000,340,456 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe -- (AVP)
SRV - [2009/01/20 18:09:58 | 000,101,888 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Touch Screen Enhance Service\HPTSEnSrv.EXE -- (HP Touch Screen Enhance)
SRV - [2008/12/12 12:06:30 | 000,021,296 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe -- (CalendarSynchService)
SRV - [2008/09/29 05:09:20 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/09/27 10:12:25 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/06/21 00:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\mqsv32.exe -- (MSMQSVC)
SRV - [2007/04/13 10:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006/11/02 08:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 01:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 01:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2005/11/17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/06/21 13:21:57 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\klif.sys -- (KLIF)
DRV:64bit: - [2010/06/21 05:02:46 | 000,172,080 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010/06/21 05:02:39 | 000,476,208 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2010/06/21 05:02:39 | 000,428,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2010/06/21 05:02:39 | 000,402,480 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2010/06/21 05:02:39 | 000,283,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SYMTDI.SYS -- (SYMTDI)
DRV:64bit: - [2010/06/21 05:02:39 | 000,138,800 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SYMFW.SYS -- (SYMFW)
DRV:64bit: - [2010/06/21 05:02:39 | 000,046,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SYMNDISV.SYS -- (SYMNDISV)
DRV:64bit: - [2010/06/21 05:02:39 | 000,033,328 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SYMREDRV.SYS -- (SYMREDRV)
DRV:64bit: - [2010/06/21 05:02:39 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/06/21 05:02:39 | 000,016,432 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SYMDNS.SYS -- (SYMDNS)
DRV:64bit: - [2010/06/19 13:09:23 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/10/27 12:22:57 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/10/14 21:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\klbg.sys -- (KLBG)
DRV:64bit: - [2009/10/02 19:39:32 | 000,021,008 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/14 14:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\klim6.sys -- (KLIM6)
DRV:64bit: - [2009/09/01 15:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\kl1.sys -- (kl1)
DRV:64bit: - [2009/08/25 18:44:31 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/02 09:04:32 | 001,353,728 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVerBDA716x_x64.sys -- (AVerBDA6x_x64)
DRV:64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008/12/23 04:47:52 | 000,188,416 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/10/01 13:01:28 | 000,040,448 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2008/07/08 19:44:36 | 000,492,544 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/06/11 02:51:32 | 000,395,800 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/05/05 16:23:36 | 000,448,000 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr28x.sys -- (netr28x)
DRV:64bit: - [2008/05/05 08:05:02 | 000,015,928 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OSDACPI.SYS -- (ACPIService)
DRV:64bit: - [2007/12/05 15:53:42 | 000,146,944 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\uts_mdm.sys -- (uts_mdm)
DRV:64bit: - [2007/12/05 15:53:42 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\uts_mdfl.sys -- (uts_mdfl)
DRV:64bit: - [2007/12/05 14:53:42 | 000,118,784 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\uts_serd.sys -- (uts_serd) UTStarcom USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2007/12/05 14:53:42 | 000,109,568 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\uts_bus.sys -- (uts_bus) UTStarcom USB Composite Device driver (WDM)
DRV:64bit: - [2007/10/15 08:53:18 | 000,090,152 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2007/10/15 08:53:18 | 000,019,496 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2007/10/15 08:53:16 | 000,117,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2007/05/17 13:38:06 | 000,033,584 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2007/05/11 18:31:02 | 003,612,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\lvuvc64.sys -- (LVUVC64) Logitech QuickCam Pro 5000(UVC)
DRV:64bit: - [2007/05/11 18:30:50 | 000,050,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV - [2010/06/22 07:06:53 | 000,000,120 | -HS- | M] () [File_System | System | Running] -- C:\Windows\KLIF.spi -- (KLIF)
DRV - [2010/06/21 11:10:30 | 001,773,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100621.038\ex64.sys -- (NAVEX15)
DRV - [2010/06/21 11:10:30 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/06/21 11:10:30 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2010/06/21 11:10:30 | 000,117,808 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100621.038\eng64.sys -- (NAVENG)
DRV - [2010/06/04 23:49:16 | 000,463,408 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100617.005\IDSviA64.sys -- (IDSVia64)
DRV - [2009/12/29 15:13:10 | 000,023,120 | ---- | M] (The Nielsen Company) [Kernel | System | Running] -- C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter5\nnfwdk64.sys -- (nnfwdk)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/08/22 15:37:14 | 000,014,336 | ---- | M] (The Nielsen Company) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\nnrnstdi.sys -- (nnrnstdi)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\adfs.sys -- (adfs)
DRV - [2008/07/16 11:59:30 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2006/10/26 11:01:04 | 000,044,224 | ---- | M] (BVRP Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2006/09/18 16:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 16:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2005/03/09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
DRV - [2002/04/29 18:16:28 | 000,024,576 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\http.ssm -- (HTTP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = [You must be registered and logged in to see this link.]
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Web Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://us.ard.yahoo.com/SIG=15os8j5bn/M=650008.12754586.13809198.9860696/D=mail/S=398301041:HEAD/_ylt=Aqw2Bg3eVMNfZbw57D_jeYlxl70X/Y=YAHOO/EXP=1270288133/L=9ZUOy0PDCUvHtT_jS7bC8gYgTOklLEu28uUACRdz/B=1ItZCGKJiUA-/J=1270280933764176/K=dHpGzrDBlfSDNMnT7e7Vuw/A=5851009/R=10/SIG=13dc5rh3k/*https://login.yahoo.com/config/login?logout=1&.direct=2&.done=http://www.yahoo.com&.src=ym&.intl=us"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: {5384767E-00D9-40E9-B72F-9CC39D655D6F}:1.2.8.2
FF - prefs.js..extensions.enabledItems: {ad55c869-668e-457c-b270-0cfb2f61116f}:1.5.43.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:7
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100119091315
FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {D908A1CC-54B4-4af9-9BB4-964F5BD3CDB7}:5.2.4.10
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.5.2
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.8
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:3.7.0.231
FF - prefs.js..extensions.enabledItems: {962C3C72-41BC-456B-9015-3B1BC165CABE}:1.9.1
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:9.0.0.736
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="
FF - prefs.js..network.proxy.backup.ftp: "206.224.254.0 "
FF - prefs.js..network.proxy.backup.ftp_port: 80
FF - prefs.js..network.proxy.backup.gopher: "206.224.254.0 "
FF - prefs.js..network.proxy.backup.gopher_port: 80
FF - prefs.js..network.proxy.backup.socks: "206.224.254.0 "
FF - prefs.js..network.proxy.backup.socks_port: 80
FF - prefs.js..network.proxy.backup.ssl: "206.224.254.0 "
FF - prefs.js..network.proxy.backup.ssl_port: 80
FF - prefs.js..network.proxy.ftp: "206.224.254.0 "
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.gopher: "206.224.254.0 "
FF - prefs.js..network.proxy.gopher_port: 80
FF - prefs.js..network.proxy.http: "206.224.254.0 "
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "206.224.254.0 "
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "206.224.254.0 "
FF - prefs.js..network.proxy.ssl_port: 80


FF - HKLM\software\mozilla\Firefox\Extensions\\{D908A1CC-54B4-4af9-9BB4-964F5BD3CDB7}: C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter5\FFAddon\ [2010/04/27 07:04:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/05/23 20:55:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/06/21 05:18:12 | 000,000,000 | ---D | M]

[2009/04/08 20:00:50 | 000,000,000 | ---D | M] -- C:\Users\Lanell\AppData\Roaming\Mozilla\Extensions
[2009/04/08 20:00:50 | 000,000,000 | ---D | M] -- C:\Users\Lanell\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2010/06/22 09:43:10 | 000,000,000 | ---D | M] -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions
[2009/07/20 21:11:58 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010/04/27 07:10:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/02 03:00:38 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2010/02/18 23:24:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/06/02 08:30:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/04/16 20:05:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/06/17 23:26:20 | 000,000,000 | ---D | M] (Web Developer) -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}
[2010/04/21 03:23:30 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2010/03/28 23:52:10 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2009/12/11 18:08:16 | 000,000,000 | ---D | M] -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\DivXWebPlayer@divx.com-trash
[2009/11/26 09:50:01 | 000,000,000 | ---D | M] -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\firefox@tvunetworks.com
[2010/05/02 11:15:31 | 000,000,000 | ---D | M] -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\searchrecs@veoh.com
[2010/05/10 22:39:52 | 000,000,000 | ---D | M] -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\support@auto-hide-ip.com
[2010/06/18 03:49:42 | 000,000,000 | ---D | M] -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\extensions\toolbar@ask.com
[2008/10/28 03:58:45 | 000,000,681 | ---- | M] () -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\searchplugins\ask.xml
[2009/07/20 21:12:03 | 000,001,196 | ---- | M] () -- C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Profiles\6kvqmza1.default\searchplugins\winamp-search.xml
[2010/06/22 06:25:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/09 21:29:30 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/01/24 07:16:25 | 000,000,000 | ---D | M] (livetvbar Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{ad55c869-668e-457c-b270-0cfb2f61116f}
[2010/06/20 13:08:50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Mozilla Firefox\components\coFFPlgn.dll
[2008/07/08 16:07:06 | 000,040,960 | ---- | M] (BYOND) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npbyond.dll
[2009/11/20 15:05:31 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
[2009/11/20 15:05:32 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2010/02/15 18:02:13 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npPandoWebInst.dll

O1 HOSTS File: ([2008/10/09 15:46:21 | 000,001,243 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\ievkbd.dll (Kaspersky Lab)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\16.2.0.7\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (no name) - {ad55c869-668e-457c-b270-0cfb2f61116f} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Veoh Video Compass) - {52836EB0-631A-47B1-94A6-61F9D9112DAE} - C:\Program Files (x86)\Veoh Networks\Veoh Video Compass\SearchRecsPlugin.dll (Veoh Networks)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [BJCFD] C:\Program Files (x86)\BroadJump\Client Foundation\CFD.exe ()
O4 - HKLM..\Run: [Buttons & OSDs control application gen2] C:\Program Files (x86)\HP\Buttons & OSDs control application gen2\MediaButtons.exe ()
O4 - HKLM..\Run: [ClientGW] File not found
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [eSnips] C:\Program Files (x86)\eSnips\ClientGW.exe File not found
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [HP KEYBOARD] C:\Program Files (x86)\Hewlett-Packard\HP KEYBOARD\HPKEYBOARD.EXE (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [NielsenOnline] C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe (The Nielsen Company)
O4 - HKLM..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (OsdMaestro)
O4 - HKLM..\Run: [Performance Center] C:\Program Files (x86)\Ascentive\Performance Center\APCMain.exe File not found
O4 - HKLM..\Run: [RecoverFromReboo] C:\Windows\Temp\RECOVE~1.EXETIME\QTTASK.EX File not found
O4 - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [tgcmdprovidersbc] C:\Program Files (x86)\Support.com\bin\tgcmd.exe File not found
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Movie_Edit_Pro_12_e-version\TrayServer.exe (MAGIX AG)
O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe File not found
O4 - HKCU..\Run: [AdobeBridge] C:\Program Files (x86)\Adobe\Adobe Bridge CS4\Bridge.exe (Adobe Systems, Inc.)
O4 - HKCU..\Run: [EPSON WorkForce 500 Series] C:\Windows\SysWow64\spool\DRIVERS\x64\3\E_IATIEQA.EXE File not found
O4 - HKCU..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4 - HKCU..\Run: [HPSmartCenterBoot] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\SmartCenter 2.0\SmartCenter.exe (Hewlett-Packard)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [TrackerChecker2] File not found
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - Startup: C:\Users\Lanell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\Lanell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ViiKiiDesktopPlugin.lnk = C:\Program Files (x86)\ViiKiiDesktopPlugin\ViiKiiDesktopPlugin.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O8:64bit: - Extra context menu item: Download all by Rapidown... - C:\Program Files (x86)\Rapidown\RapidownGetAll.htm ()
O8:64bit: - Extra context menu item: Download by Rapidown... - C:\Program Files (x86)\Rapidown\RapidownGet.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Lanell\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: Download all by Rapidown... - C:\Program Files (x86)\Rapidown\RapidownGetAll.htm ()
O8 - Extra context menu item: Download by Rapidown... - C:\Program Files (x86)\Rapidown\RapidownGet.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Lanell\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9:64bit: - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files (x86)\Yahoo!\Common\ylogin.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Login - {2499216C-4BA5-11D5-BD9C-000103C116D5} - C:\Program Files (x86)\Yahoo!\Common\ylogin.dll (Yahoo! Inc.)
O9 - Extra Button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files (x86)\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Program Files (x86)\Yahoo!\Messenger\yhexbmes.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: netzero.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: netzero.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sbcglobal.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sbcglobal.net ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: sbcglobal.net ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: yahoo.com ([]https in Trusted sites)
O16 - DPF: {00000130-9980-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} [You must be registered and logged in to see this link.] (Microsoft Office Template and Media Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} [You must be registered and logged in to see this link.] (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (YInstStarter Class)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} [You must be registered and logged in to see this link.] (MySpace Uploader Control)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} [You must be registered and logged in to see this link.] (DivXBrowserPlugin Object)
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} [You must be registered and logged in to see this link.] (GameHouse Games Player)
O16 - DPF: {87BE3784-6977-4E84-AA08-55A96B9CEAC5} [You must be registered and logged in to see this link.] (Bl_camera Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.4.2_18)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll (Kaspersky Lab)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
O24 - Desktop BackupWallPaper: C:\Users\Lanell\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Users\Lanell\AppData\Local\Vwokexaqakoyu.dat
File not found -- C:\Users\Lanell\AppData\Local\exofuqosejefi.dll
File not found -- C:\Users\Lanell\AppData\Local\43004859.exe
File not found -- C:\Users\Lanell\AppData\Local\43004858.exe
[2010/06/22 09:49:01 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Lanell\Desktop\OTL.exe
[2010/06/22 05:38:00 | 000,000,000 | ---D | C] -- C:\Users\Lanell\Desktop\Trend Micro
[2010/06/22 04:57:12 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/06/22 02:29:12 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Roaming\Malwarebytes
[2010/06/22 02:28:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/06/22 02:28:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/22 02:28:47 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/06/22 02:28:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/06/22 02:27:55 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Lanell\Desktop\mbam-setup.exe
[2010/06/22 02:23:03 | 000,000,000 | ---D | C] -- C:\Users\Lanell\Desktop\tdsskiller
[2010/06/21 05:02:46 | 000,172,080 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/06/21 05:02:46 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010/06/21 05:02:39 | 000,476,208 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtsp64.sys
[2010/06/21 05:02:39 | 000,428,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\cchpx64.sys
[2010/06/21 05:02:39 | 000,402,480 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SymEFA64.sys
[2010/06/21 05:02:39 | 000,283,696 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symtdi.sys
[2010/06/21 05:02:39 | 000,138,800 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symfw.sys
[2010/06/21 05:02:39 | 000,046,640 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symndisv.sys
[2010/06/21 05:02:39 | 000,044,592 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symids.sys
[2010/06/21 05:02:39 | 000,043,568 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symndis.sys
[2010/06/21 05:02:39 | 000,033,328 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symredrv.sys
[2010/06/21 05:02:39 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtspx64.sys
[2010/06/21 05:02:39 | 000,016,432 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symdns.sys
[2010/06/21 05:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
[2010/06/21 05:02:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64
[2010/06/21 05:02:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1002000.007
[2010/06/20 13:07:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010/06/20 13:07:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2010/06/20 13:06:26 | 000,353,296 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010/06/20 13:01:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2010/06/20 04:10:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010/06/20 04:10:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010/06/20 03:07:35 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Lanell\Desktop\iexplore.exe.exe
[2010/06/20 01:37:25 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Local\{962C3C72-41BC-456B-9015-3B1BC165CABE}
[2010/06/20 01:35:54 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Local\gxnknynan
[2010/06/19 13:49:47 | 000,000,000 | ---D | C] -- C:\Users\Lanell\Documents\Adobe
[2010/06/19 13:12:55 | 000,118,520 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxinsi64.exe
[2010/06/19 13:12:55 | 000,116,472 | ---- | C] (Sonic Solutions) -- C:\Windows\SysWow64\pxcpyi64.exe
[2010/06/19 13:12:55 | 000,052,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2010/06/19 13:12:55 | 000,010,488 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2010/06/19 13:12:55 | 000,010,488 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2010/06/18 04:03:36 | 000,000,000 | ---D | C] -- C:\Users\Lanell\.gimp-2.6
[2010/06/18 04:03:35 | 000,000,000 | ---D | C] -- C:\Users\Lanell\Documents\gegl-0.0
[2010/06/18 03:59:30 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Roaming\GRETECH
[2010/06/18 03:59:30 | 000,000,000 | ---D | C] -- C:\Users\Lanell\Documents\GomPlayer
[2010/06/18 03:16:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0
[2010/06/18 03:16:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2010/06/18 03:15:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2010/06/18 03:13:57 | 006,876,560 | ---- | C] (Gretech Corporation) -- C:\Users\Lanell\Desktop\GOMPLAYERENSETUP.EXE
[2010/06/14 05:09:11 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Roaming\FileZilla
[2010/06/14 05:09:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2010/06/09 04:24:14 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010/06/09 04:24:14 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010/06/09 04:24:13 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010/06/09 04:24:13 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010/06/09 04:24:06 | 002,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/06/09 04:24:05 | 000,706,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/06/09 04:24:05 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/06/09 04:24:05 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2010/06/09 04:24:05 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010/06/09 04:24:04 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2010/06/09 04:24:04 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010/06/09 04:24:04 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/06/09 04:24:04 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/06/09 04:24:04 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2010/06/09 04:24:04 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010/06/09 04:24:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010/06/09 04:24:04 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2010/06/09 04:24:03 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/06/09 04:24:03 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/06/09 04:24:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010/06/09 04:24:03 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2010/06/09 04:24:03 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2010/06/09 04:24:03 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2010/06/09 04:24:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010/06/09 04:24:03 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010/06/09 04:24:03 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/06/09 04:24:03 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/06/03 02:14:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetData
[2010/06/03 02:02:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2BrightSparks
[2010/06/02 08:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoftTB
[2010/06/02 08:30:07 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/05/29 00:38:50 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Roaming\Facebook
[2010/05/24 22:32:15 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Roaming\ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1
[2010/05/24 22:32:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ViiKiiDesktopPlugin
[2010/05/24 22:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010/05/24 19:09:28 | 000,000,000 | ---D | C] -- C:\Users\Lanell\Documents\MAGIX downloads
[2010/05/24 19:08:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2010/05/24 18:50:53 | 000,430,080 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\MXRestore.exe
[2010/05/24 18:50:53 | 000,188,416 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRES32.dll
[2010/05/24 18:50:53 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPTL32.dll
[2010/05/24 18:50:53 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLTPO32.dll
[2010/05/24 18:50:53 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRJ32.dll
[2010/05/24 18:50:53 | 000,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRF32.dll
[2010/05/24 18:50:53 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRD32.dll
[2010/05/24 18:50:53 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPNT32.dll
[2010/05/24 18:50:53 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\STRING32.dll
[2010/05/24 18:50:53 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLMSC32.dll
[2010/05/24 18:50:53 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTIC32.dll
[2010/05/24 18:50:53 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTI32.dll
[2010/05/24 18:50:52 | 000,487,424 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLAV32.dll
[2010/05/24 18:50:52 | 000,163,840 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDEV32.dll
[2010/05/24 18:50:52 | 000,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDRV32.dll
[2010/05/24 18:50:52 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDA32.dll
[2010/05/24 18:50:52 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCPY32.dll
[2010/05/24 18:50:52 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDF32.dll
[2010/05/24 18:50:52 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIO32.dll
[2010/05/24 18:50:52 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIMG32.dll
[2010/05/24 18:50:52 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLISO32.dll
[2010/05/24 18:50:52 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDIR32.dll
[2010/05/24 18:50:52 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIX.dll
[2010/05/24 18:50:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared
[2010/05/24 18:49:26 | 000,085,504 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\SysWow64\HtmlWH.dll
[2010/05/24 18:49:26 | 000,049,152 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\SysWow64\INETWH32.dll
[2010/05/24 18:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2010/05/24 18:49:07 | 000,663,552 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\mgxoschk.dll
[2010/05/24 18:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MAGIX
[2010/05/24 16:14:51 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Local\Windows Server
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\Users\Lanell\AppData\Local\*.tmp files -> C:\Users\Lanell\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

austinyorks
Novice
Novice

Posts Posts : 9
Joined Joined : 2010-06-22
OS OS : Vista Home Premium (64-bit)
Points Points : 23693
# Likes # Likes : 0

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by austinyorks on Tue Jun 22, 2010 3:09 pm

[2010/06/22 10:01:28 | 005,505,024 | -HS- | M] () -- C:\Users\Lanell\ntuser.dat
[2010/06/22 09:50:02 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/06/22 09:49:01 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Lanell\Desktop\OTL.exe
[2010/06/22 09:21:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/22 08:42:39 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{130CCEB1-65C9-4B11-9DDE-932F954B0DF9}.job
[2010/06/22 08:25:04 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/22 08:25:04 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/22 08:20:25 | 000,002,671 | ---- | M] () -- C:\Users\Lanell\Desktop\HiJackThis.lnk
[2010/06/22 07:06:53 | 000,000,120 | -HS- | M] () -- C:\Windows\KLIF.spi
[2010/06/22 07:05:55 | 000,002,499 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010/06/22 07:05:20 | 000,002,413 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/06/22 06:29:07 | 000,000,930 | ---- | M] () -- C:\Users\Lanell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ViiKiiDesktopPlugin.lnk
[2010/06/22 06:25:59 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/22 06:25:12 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2010/06/22 06:25:06 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/22 06:25:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/22 06:24:01 | 000,524,288 | -HS- | M] () -- C:\Users\Lanell\ntuser.dat{cb948ec6-90b0-11de-9102-0021867c2430}.TMContainer00000000000000000001.regtrans-ms
[2010/06/22 06:24:01 | 000,065,536 | -HS- | M] () -- C:\Users\Lanell\ntuser.dat{cb948ec6-90b0-11de-9102-0021867c2430}.TM.blf
[2010/06/22 05:58:42 | 000,000,732 | ---- | M] () -- C:\Users\Lanell\AppData\Local\d3d9caps64.dat
[2010/06/22 05:44:28 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/06/22 05:37:55 | 002,533,712 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\Cat.DB
[2010/06/22 04:47:16 | 003,717,720 | ---- | M] () -- C:\Users\Lanell\Desktop\ComboFix.exe
[2010/06/22 04:35:00 | 001,402,880 | ---- | M] () -- C:\Users\Lanell\Desktop\HiJackThis.msi
[2010/06/22 03:23:32 | 000,293,376 | ---- | M] () -- C:\Users\Lanell\Desktop\v8ik1k55.exe
[2010/06/22 02:28:52 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/22 02:27:42 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Lanell\Desktop\mbam-setup.exe
[2010/06/22 02:22:11 | 000,966,213 | ---- | M] () -- C:\Users\Lanell\Desktop\tdsskiller.zip
[2010/06/21 21:46:42 | 000,000,500 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Lanell.job
[2010/06/21 20:00:00 | 000,000,662 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Lanell.job
[2010/06/21 18:00:01 | 000,000,468 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2010/06/21 13:21:57 | 000,353,296 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010/06/21 13:21:55 | 000,149,773 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/06/21 13:21:55 | 000,106,765 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/06/21 05:02:46 | 000,172,080 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010/06/21 05:02:46 | 000,010,655 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/06/21 05:02:46 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/06/21 05:02:44 | 000,002,180 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010/06/21 05:02:39 | 000,476,208 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtsp64.sys
[2010/06/21 05:02:39 | 000,428,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\cchpx64.sys
[2010/06/21 05:02:39 | 000,402,480 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SymEFA64.sys
[2010/06/21 05:02:39 | 000,283,696 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symtdi.sys
[2010/06/21 05:02:39 | 000,138,800 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symfw.sys
[2010/06/21 05:02:39 | 000,046,640 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symndisv.sys
[2010/06/21 05:02:39 | 000,044,592 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symids.sys
[2010/06/21 05:02:39 | 000,043,568 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symndis.sys
[2010/06/21 05:02:39 | 000,033,328 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symredrv.sys
[2010/06/21 05:02:39 | 000,032,304 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtspx64.sys
[2010/06/21 05:02:39 | 000,016,432 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\symdns.sys
[2010/06/21 05:02:33 | 000,003,373 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SymEFA.inf
[2010/06/21 05:02:33 | 000,001,838 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\ccHPx64.inf
[2010/06/21 05:02:33 | 000,001,638 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SymNet.inf
[2010/06/21 05:02:33 | 000,001,437 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtsp64.inf
[2010/06/21 05:02:33 | 000,001,421 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtspx64.inf
[2010/06/21 05:02:33 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\isolate.ini
[2010/06/21 05:02:27 | 000,010,858 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SymNet.cat
[2010/06/21 05:02:27 | 000,010,573 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\ccHPx64.cat
[2010/06/21 05:02:27 | 000,008,805 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SymEFA64.cat
[2010/06/21 05:02:27 | 000,008,398 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtspx64.cat
[2010/06/21 05:02:27 | 000,008,394 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtsp64.cat
[2010/06/20 12:40:01 | 000,023,040 | ---- | M] () -- C:\Users\Lanell\Documents\short health guarantee.wps
[2010/06/20 12:40:01 | 000,018,542 | ---- | M] () -- C:\Users\Lanell\AppData\Roaming\wklnhst.dat
[2010/06/20 12:09:09 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/06/20 12:09:09 | 000,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/06/20 12:09:09 | 000,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/06/20 03:07:35 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Lanell\Desktop\iexplore.exe.exe
[2010/06/20 01:37:26 | 000,000,000 | ---- | M] () -- C:\Users\Lanell\AppData\Local\Xzagucejala.bin
[2010/06/19 14:22:54 | 000,084,480 | ---- | M] () -- C:\Users\Lanell\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/19 13:42:33 | 000,129,672 | ---- | M] () -- C:\Users\Lanell\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/06/19 13:39:21 | 000,489,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/06/19 13:16:30 | 000,002,054 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Premiere Elements 7.0.lnk
[2010/06/19 13:09:23 | 000,118,520 | ---- | M] (Sonic Solutions) -- C:\Windows\SysWow64\pxinsi64.exe
[2010/06/19 13:09:23 | 000,116,472 | ---- | M] (Sonic Solutions) -- C:\Windows\SysWow64\pxcpyi64.exe
[2010/06/19 13:09:23 | 000,052,856 | ---- | M] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2010/06/19 13:09:22 | 000,010,488 | ---- | M] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2010/06/19 13:09:22 | 000,010,488 | ---- | M] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2010/06/18 04:11:43 | 000,055,386 | ---- | M] () -- C:\Users\Lanell\.recently-used.xbel
[2010/06/18 03:16:56 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010/06/18 03:15:25 | 000,000,970 | ---- | M] () -- C:\Users\Lanell\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2010/06/18 03:15:25 | 000,000,946 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2010/06/18 03:14:24 | 006,876,560 | ---- | M] (Gretech Corporation) -- C:\Users\Lanell\Desktop\GOMPLAYERENSETUP.EXE
[2010/06/17 08:09:11 | 000,006,522 | ---- | M] () -- C:\Users\Lanell\AppData\Roaming\PrimoPDFSet.xml
[2010/06/17 08:09:10 | 001,609,780 | ---- | M] () -- C:\Users\Lanell\Documents\Carole N Douglas - Delilah Street 1 - Dancing with Werewolves..pdf
[2010/06/16 11:37:21 | 001,195,098 | ---- | M] () -- C:\Users\Lanell\Documents\Eileen Wilks - [World of the Lupi 01] - Tempting Danger v1.5 .pdf
[2010/06/16 11:01:43 | 000,124,744 | ---- | M] () -- C:\Users\Lanell\Documents\Gorgeous AKC Tiny Teddy Bea...pdf
[2010/06/15 10:22:33 | 000,116,904 | ---- | M] () -- C:\Users\Lanell\Documents\Order Confirmation Page - Greensheet..pdf
[2010/06/15 01:04:43 | 000,126,671 | ---- | M] () -- C:\Users\Lanell\Documents\alleBay Classifieds_ Ad Preview.pdf
[2010/06/14 05:51:45 | 001,267,728 | ---- | M] () -- C:\Users\Lanell\Documents\Victoria Laurie - Psychic E...pdf
[2010/06/14 05:09:07 | 000,001,841 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2010/06/14 04:02:38 | 001,239,889 | ---- | M] () -- C:\Users\Lanell\Documents\Rachel Vincent 02 - Rogue.pdf
[2010/06/11 02:02:59 | 000,068,775 | ---- | M] () -- C:\Users\Lanell\Documents\Facebook _ redbox.pdf
[2010/06/09 11:49:01 | 000,001,804 | ---- | M] () -- C:\Users\Lanell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/09 07:31:34 | 000,104,331 | ---- | M] () -- C:\Users\Lanell\Documents\eBay Classifieds_ Ad Preview.pdf
[2010/06/09 04:16:00 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/06/08 07:19:59 | 000,001,886 | ---- | M] () -- C:\Users\Public\Desktop\Java Web Start.lnk
[2010/06/08 02:47:21 | 000,119,655 | ---- | M] () -- C:\Users\Lanell\Documents\Order Confirmation Page - T...pdf
[2010/06/07 17:43:05 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLanell.job
[2010/06/07 00:38:52 | 000,729,312 | ---- | M] () -- C:\Users\Lanell\Documents\WhatMattersMost.pdf
[2010/06/05 23:50:53 | 001,193,303 | ---- | M] () -- C:\Users\Lanell\Documents\Lisa Shearin - [Raine Benares 02] - Armed & Magical.pdf
[2010/06/05 01:12:27 | 000,001,421 | ---- | M] () -- C:\Users\Lanell\Desktop\DivX Movies.lnk
[2010/06/05 01:11:57 | 000,000,949 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010/06/05 01:11:47 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2010/06/04 11:11:57 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2010/06/03 03:06:01 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/06/03 02:14:09 | 000,001,052 | ---- | M] () -- C:\Users\Lanell\Desktop\Recover My Files.lnk
[2010/06/03 02:02:51 | 000,000,922 | ---- | M] () -- C:\Users\Lanell\Desktop\UndeleteOnClick.lnk
[2010/06/02 08:29:58 | 000,001,076 | ---- | M] () -- C:\Users\Lanell\Desktop\DVDVideoSoft Free Studio.lnk
[2010/06/02 08:16:35 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Buy DivX for Windows.lnk
[2010/06/01 11:16:50 | 000,001,088 | ---- | M] () -- C:\Users\Lanell\Application Data\Microsoft\Internet Explorer\Quick Launch\MAGIX Movie Edit Pro 12 demo.lnk
[2010/05/30 04:10:49 | 000,067,909 | ---- | M] () -- C:\Users\Lanell\Documents\newhealthguarantee.pdf
[2010/05/30 04:10:32 | 000,031,232 | ---- | M] () -- C:\Users\Lanell\Documents\newhealthguarantee.wps
[2010/05/27 17:01:19 | 000,054,877 | ---- | M] () -- C:\Users\Lanell\Documents\Ivy and Pistol Online Litter Registration ...pdf
[2010/05/27 05:01:03 | 000,005,817 | ---- | M] () -- C:\Windows\mgxoschk.ini
[2010/05/27 05:00:43 | 000,001,088 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Movie Edit Pro 12 demo.lnk
[2010/05/27 01:26:15 | 000,832,405 | ---- | M] () -- C:\Users\Lanell\Documents\PersonalDemons[MeganChaseBo...pdf
[2010/05/27 00:58:30 | 001,064,972 | ---- | M] () -- C:\Users\Lanell\Documents\Anne Stuart - Black Ice.pdf
[2010/05/27 00:56:24 | 001,075,581 | ---- | M] () -- C:\Users\Lanell\Documents\Mark of the Demon - Kara illian.pdf
[2010/05/26 12:23:46 | 000,048,128 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010/05/26 12:06:41 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010/05/26 10:10:41 | 000,366,080 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010/05/26 09:47:41 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010/05/26 08:54:38 | 025,134,847 | ---- | M] () -- C:\Users\Lanell\Desktop\New Folder.rar
[2010/05/25 22:56:57 | 001,215,240 | ---- | M] () -- C:\Users\Lanell\Documents\Magin Bleeds - Ilona Andres..pdf
[2010/05/24 22:32:10 | 000,000,894 | ---- | M] () -- C:\Users\Public\Desktop\ViiKiiDesktopPlugin.lnk
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\Users\Lanell\AppData\Local\*.tmp files -> C:\Users\Lanell\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/22 07:06:53 | 000,000,120 | -HS- | C] () -- C:\Windows\KLIF.spi
[2010/06/22 05:58:42 | 000,000,732 | ---- | C] () -- C:\Users\Lanell\AppData\Local\d3d9caps64.dat
[2010/06/22 05:38:00 | 000,002,671 | ---- | C] () -- C:\Users\Lanell\Desktop\HiJackThis.lnk
[2010/06/22 04:47:06 | 003,717,720 | ---- | C] () -- C:\Users\Lanell\Desktop\ComboFix.exe
[2010/06/22 04:34:57 | 001,402,880 | ---- | C] () -- C:\Users\Lanell\Desktop\HiJackThis.msi
[2010/06/22 03:21:33 | 000,293,376 | ---- | C] () -- C:\Users\Lanell\Desktop\v8ik1k55.exe
[2010/06/22 02:28:52 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/22 02:22:50 | 000,966,213 | ---- | C] () -- C:\Users\Lanell\Desktop\tdsskiller.zip
[2010/06/21 05:03:04 | 002,533,712 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\Cat.DB
[2010/06/21 05:02:46 | 000,010,655 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010/06/21 05:02:46 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010/06/21 05:02:43 | 000,002,180 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
[2010/06/21 05:02:33 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SymEFA.inf
[2010/06/21 05:02:33 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\ccHPx64.inf
[2010/06/21 05:02:33 | 000,001,638 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SymNet.inf
[2010/06/21 05:02:33 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtsp64.inf
[2010/06/21 05:02:33 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtspx64.inf
[2010/06/21 05:02:33 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\isolate.ini
[2010/06/21 05:02:27 | 000,010,858 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SymNet.cat
[2010/06/21 05:02:27 | 000,010,573 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\ccHPx64.cat
[2010/06/21 05:02:27 | 000,008,805 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\SymEFA64.cat
[2010/06/21 05:02:27 | 000,008,398 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtspx64.cat
[2010/06/21 05:02:27 | 000,008,394 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1002000.007\srtsp64.cat
[2010/06/20 13:08:19 | 000,149,773 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2010/06/20 13:08:19 | 000,106,765 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2010/06/20 12:06:20 | 000,023,040 | ---- | C] () -- C:\Users\Lanell\Documents\short health guarantee.wps
[2010/06/20 01:37:26 | 000,000,000 | ---- | C] () -- C:\Users\Lanell\AppData\Local\Xzagucejala.bin
[2010/06/19 13:16:30 | 000,002,054 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Premiere Elements 7.0.lnk
[2010/06/18 04:11:43 | 000,055,386 | ---- | C] () -- C:\Users\Lanell\.recently-used.xbel
[2010/06/18 03:16:56 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010/06/18 03:15:25 | 000,000,970 | ---- | C] () -- C:\Users\Lanell\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
[2010/06/18 03:15:25 | 000,000,946 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2010/06/17 08:09:07 | 001,609,780 | ---- | C] () -- C:\Users\Lanell\Documents\Carole N Douglas - Delilah Street 1 - Dancing with Werewolves..pdf
[2010/06/16 11:37:18 | 001,195,098 | ---- | C] () -- C:\Users\Lanell\Documents\Eileen Wilks - [World of the Lupi 01] - Tempting Danger v1.5 .pdf
[2010/06/16 11:01:43 | 000,124,744 | ---- | C] () -- C:\Users\Lanell\Documents\Gorgeous AKC Tiny Teddy Bea...pdf
[2010/06/15 10:22:33 | 000,116,904 | ---- | C] () -- C:\Users\Lanell\Documents\Order Confirmation Page - Greensheet..pdf
[2010/06/15 01:04:43 | 000,126,671 | ---- | C] () -- C:\Users\Lanell\Documents\alleBay Classifieds_ Ad Preview.pdf
[2010/06/14 05:51:42 | 001,267,728 | ---- | C] () -- C:\Users\Lanell\Documents\Victoria Laurie - Psychic E...pdf
[2010/06/14 05:09:07 | 000,001,841 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2010/06/14 04:02:34 | 001,239,889 | ---- | C] () -- C:\Users\Lanell\Documents\Rachel Vincent 02 - Rogue.pdf
[2010/06/11 02:02:59 | 000,068,775 | ---- | C] () -- C:\Users\Lanell\Documents\Facebook _ redbox.pdf
[2010/06/09 11:49:01 | 000,001,804 | ---- | C] () -- C:\Users\Lanell\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/09 07:31:34 | 000,104,331 | ---- | C] () -- C:\Users\Lanell\Documents\eBay Classifieds_ Ad Preview.pdf
[2010/06/08 07:19:59 | 000,001,886 | ---- | C] () -- C:\Users\Public\Desktop\Java Web Start.lnk
[2010/06/08 02:47:21 | 000,119,655 | ---- | C] () -- C:\Users\Lanell\Documents\Order Confirmation Page - T...pdf
[2010/06/05 23:50:50 | 001,193,303 | ---- | C] () -- C:\Users\Lanell\Documents\Lisa Shearin - [Raine Benares 02] - Armed & Magical.pdf
[2010/06/03 02:14:09 | 000,001,052 | ---- | C] () -- C:\Users\Lanell\Desktop\Recover My Files.lnk
[2010/06/03 02:02:51 | 000,000,922 | ---- | C] () -- C:\Users\Lanell\Desktop\UndeleteOnClick.lnk
[2010/06/02 08:29:58 | 000,001,076 | ---- | C] () -- C:\Users\Lanell\Desktop\DVDVideoSoft Free Studio.lnk
[2010/06/02 08:16:35 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\Buy DivX for Windows.lnk
[2010/06/01 11:16:50 | 000,001,088 | ---- | C] () -- C:\Users\Lanell\Application Data\Microsoft\Internet Explorer\Quick Launch\MAGIX Movie Edit Pro 12 demo.lnk
[2010/05/27 17:01:19 | 000,054,877 | ---- | C] () -- C:\Users\Lanell\Documents\Ivy and Pistol Online Litter Registration ...pdf
[2010/05/27 05:00:43 | 000,001,088 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Movie Edit Pro 12 demo.lnk
[2010/05/27 01:26:13 | 000,832,405 | ---- | C] () -- C:\Users\Lanell\Documents\PersonalDemons[MeganChaseBo...pdf
[2010/05/27 00:58:27 | 001,064,972 | ---- | C] () -- C:\Users\Lanell\Documents\Anne Stuart - Black Ice.pdf
[2010/05/27 00:56:21 | 001,075,581 | ---- | C] () -- C:\Users\Lanell\Documents\Mark of the Demon - Kara illian.pdf
[2010/05/25 22:56:55 | 001,215,240 | ---- | C] () -- C:\Users\Lanell\Documents\Magin Bleeds - Ilona Andres..pdf
[2010/05/24 22:32:15 | 000,000,930 | ---- | C] () -- C:\Users\Lanell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ViiKiiDesktopPlugin.lnk
[2010/05/24 22:32:10 | 000,000,894 | ---- | C] () -- C:\Users\Public\Desktop\ViiKiiDesktopPlugin.lnk
[2010/05/24 18:50:52 | 000,014,182 | ---- | C] () -- C:\Windows\SysWow64\DLLAV32.lib
[2010/05/24 18:49:07 | 000,005,817 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/10/18 07:49:49 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2009/08/04 16:46:22 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/04 16:45:26 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/21 13:00:17 | 000,000,216 | ---- | C] () -- C:\Windows\Ulead32.ini
[2009/07/08 15:57:20 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\YCRWin32.dll
[2009/06/22 02:39:51 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\AscSQLite.dll
[2009/06/17 17:40:55 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2009/06/12 17:44:32 | 000,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/06/12 17:44:32 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/21 17:09:57 | 000,000,018 | ---- | C] () -- C:\Windows\gfact.ini
[2009/05/20 12:45:10 | 003,049,984 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2009/05/20 12:45:10 | 000,404,480 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2009/05/20 12:45:10 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2009/05/20 12:45:10 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2009/05/20 12:45:09 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\cdga.dll
[2008/12/12 12:06:30 | 000,058,672 | ---- | C] () -- C:\Windows\SysWow64\ASUSACPIDLL.dll
[2008/12/03 22:16:03 | 000,124,432 | ---- | C] () -- C:\Windows\SysWow64\PanInstaller.dll
[2008/12/03 22:15:54 | 000,083,480 | ---- | C] () -- C:\Windows\SysWow64\FirstLoad.dll
[2008/10/09 12:23:45 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2008/10/09 12:20:49 | 000,000,025 | ---- | C] () -- C:\Windows\EPWF500.ini
[2008/07/17 05:38:15 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/07/17 05:38:15 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/04/28 11:13:33 | 000,000,310 | ---- | C] () -- C:\Windows\primopdf.ini
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/01/26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll
[2007/01/26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll

========== Files - Unicode (All) ==========
[2010/04/22 02:17:49 | 000,029,530 | ---- | M] ()(C:\Users\Lanell\Documents\?????AKC Extremely Babydoll Yorkie (X-TINY TEACUP) _ Houston _ eBay Classifieds (Kijiji) _ 3051737.htm) -- C:\Users\Lanell\Documents\►☺►☺►AKC Extremely Babydoll Yorkie (X-TINY TEACUP) _ Houston _ eBay Classifieds (Kijiji) _ 3051737.htm
[2010/04/22 02:17:48 | 000,000,000 | ---D | M](C:\Users\Lanell\Documents\?????AKC Extremely Babydoll Yorkie (X-TINY TEACUP) _ Houston _ eBay Classifieds (Kijiji) _ 3051737_files) -- C:\Users\Lanell\Documents\►☺►☺►AKC Extremely Babydoll Yorkie (X-TINY TEACUP) _ Houston _ eBay Classifieds (Kijiji) _ 3051737_files
[2010/04/22 02:17:48 | 000,000,000 | ---D | C](C:\Users\Lanell\Documents\?????AKC Extremely Babydoll Yorkie (X-TINY TEACUP) _ Houston _ eBay Classifieds (Kijiji) _ 3051737_files) -- C:\Users\Lanell\Documents\►☺►☺►AKC Extremely Babydoll Yorkie (X-TINY TEACUP) _ Houston _ eBay Classifieds (Kijiji) _ 3051737_files
[2010/04/22 02:17:47 | 000,029,530 | ---- | C] ()(C:\Users\Lanell\Documents\?????AKC Extremely Babydoll Yorkie (X-TINY TEACUP) _ Houston _ eBay Classifieds (Kijiji) _ 3051737.htm) -- C:\Users\Lanell\Documents\►☺►☺►AKC Extremely Babydoll Yorkie (X-TINY TEACUP) _ Houston _ eBay Classifieds (Kijiji) _ 3051737.htm

========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\ProgramData\TEMP:0CE7F3C9
@Alternate Data Stream - 177 bytes -> C:\ProgramData\TEMP:0295CBF7
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:C6B34D36
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:A988B257
< End of report >

austinyorks
Novice
Novice

Posts Posts : 9
Joined Joined : 2010-06-22
OS OS : Vista Home Premium (64-bit)
Points Points : 23693
# Likes # Likes : 0

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by austinyorks on Tue Jun 22, 2010 3:12 pm

Extras.txt


OTL Extras logfile created on: 6/22/2010 9:52:33 AM - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\Lanell\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 45.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 72.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.27 Gb Total Space | 195.58 Gb Free Space | 43.05% Space Free | Partition Type: NTFS
Drive D: | 11.49 Gb Total Space | 1.54 Gb Free Space | 13.40% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive M: | 23.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: LANELL-PC
Current User Name: Lanell
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = CD 9A E0 B4 01 1E CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05D8484B-D8D5-4D68-9307-B0B4DFAE5D68}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0616ED70-B0F4-4F46-916B-98EF1122F022}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0B506C31-3BFE-4E6A-8083-B5A332C440ED}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2CB42058-DEFB-42E4-83DF-2832ADDFB19A}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
"{4CCB6420-0249-43F5-AFF5-095603CE2021}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{5A63BBC5-625C-467E-B6B6-20728B735B71}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{5F7097A0-275B-427B-A2E3-30581897CAAA}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface |
"{646181EE-E742-4B0B-BF55-61F27683C318}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6BC6F361-D099-463F-865E-E91580A5E327}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{82AB0EA2-3B4A-4BCF-B8BB-995A6C8A41FD}" = lport=443 | protocol=17 | dir=in | name=oovoo udp port 443 |
"{8DA985A3-673D-40DA-80D8-C0660EA1F7C7}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
"{B02CADF2-1D52-4D08-A432-7DCE844D57A0}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B87D7A18-EA97-4E47-BA21-BEE344B7E1AA}" = lport=443 | protocol=6 | dir=in | name=oovoo tcp port 443 |
"{C245E2D2-9481-41DE-B17D-9ABC17FD562A}" = lport=37674 | protocol=17 | dir=in | name=oovoo udp port 37674 |
"{DCA01B2D-44E1-440B-B449-6271EF30C2C4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DF662A8A-F849-4BAD-AD23-D817DC50BA2E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EC99BF02-EDED-4D17-BE82-E621A2A30F0D}" = lport=37674 | protocol=6 | dir=in | name=oovoo tcp port 37674 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{091388B7-9931-4D2A-8A8F-9365CCAD3B19}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0985B9AD-02B7-4851-AAEF-2BA398E3FD25}" = protocol=6 | dir=in | app=c:\users\lanell\appdata\local\temp\wzse1.tmp\symnrt.exe |
"{0A30804F-5188-47CE-845B-ED54D7DE9E4F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{0AD74672-0BBA-4676-8AC0-0D2BD239A1DB}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orb.exe |
"{0B910CC9-CDDB-44A9-998B-BC2693F7FD2A}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{0E72B530-29C7-4A72-AA2F-32E06FC66B93}" = protocol=17 | dir=in | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe |
"{125B2B46-17DD-4105-B115-6C53D2B1D9EF}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{133C7BD6-5E76-469B-8411-03D6107BD46D}" = protocol=17 | dir=in | app=c:\users\lanell\appdata\local\temp\7zsa525.tmp\symnrt.exe |
"{16F600A9-2ED1-4988-9555-BB11CF397F67}" = protocol=6 | dir=in | app=c:\users\lanell\appdata\local\temp\7zs14f8.tmp\symnrt.exe |
"{18361919-DDC6-49A3-B5EC-37469FF6C4CE}" = protocol=17 | dir=in | app=c:\users\lanell\appdata\local\temp\wzse0.tmp\symnrt.exe |
"{1B232F71-C5E5-4118-9050-B3C6BE27E38F}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbir.exe |
"{23268A06-555C-44E1-9052-9B73ED7B1288}" = protocol=6 | dir=in | app=c:\program files (x86)\kontiki\kservice.exe |
"{24F8B338-1DBD-4434-A17A-3E31CF0CB2E5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{2B877562-B154-46DB-807C-8C04905099EB}" = protocol=6 | dir=in | app=c:\users\lanell\appdata\local\temp\7zsa525.tmp\symnrt.exe |
"{3194A0BD-3B46-4D9F-909B-A5ED2D92CAF2}" = protocol=17 | dir=in | app=c:\users\lanell\appdata\local\temp\7zs14f8.tmp\symnrt.exe |
"{326DBCDD-82E4-4CFB-91BB-6D91F977B0B3}" = protocol=17 | dir=in | app=c:\program files (x86)\divx\divx player\divx player.exe |
"{332C650E-1B41-4AB2-861F-AE5E61D55F13}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{3C5FBDEE-AA83-4E35-96B5-E8B1D04BA7A2}" = protocol=17 | dir=in | app=c:\users\lanell\appdata\local\temp\7zs2e32.tmp\symnrt.exe |
"{3DF05C88-45D4-474A-AD4E-4D8CE2BA7F0B}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4D80E593-DB7F-48FE-9DD7-041C87F990D4}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbstreamerclient.exe |
"{4F007F2C-B785-4D49-A823-1B356C7B35FF}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{50B7892D-0C2C-4455-B007-DD2D9A28DF8A}" = protocol=6 | dir=in | app=c:\program files (x86)\relevantknowledge\rlvknlg.exe |
"{5411C862-FF37-4E18-9143-195A830488E5}" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{54763321-0B71-43E8-A778-769CE6738049}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{54EF73D5-F155-44B3-A125-4A8A1B29ACAA}" = protocol=6 | dir=in | app=c:\users\lanell\appdata\local\temp\7zs567a.tmp\symnrt.exe |
"{559C98B0-0A4D-4467-B830-5541E78DE9C9}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{559F76F8-51D7-4DB7-A501-66AF960CECDD}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{5A1BEF05-B916-4D30-B704-AABA37228ED7}" = protocol=17 | dir=in | app=c:\users\lanell\appdata\local\temp\wzse1.tmp\symnrt.exe |
"{5A3CEE7F-9693-4EDB-831E-58E182B32FD2}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5C3151A8-490B-4BCE-9AF2-E2C9C2ADECF9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{61420D35-18C0-48C8-BC75-07C462BC2997}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{671CCFF9-9779-4D6E-8B74-FDDF24E8DE02}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{759EC64C-FB21-4CE7-BDCA-EE5283AE873B}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{77D58A57-0F25-42A1-969A-FE1264B2FA60}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{83979F44-6FC0-4E2A-953C-B7226B2765A7}" = protocol=17 | dir=in | app=c:\users\lanell\appdata\local\temp\7zs9ebf.tmp\symnrt.exe |
"{8543BA72-2C72-4087-9627-CC26C1C1E30F}" = protocol=6 | dir=in | app=c:\program files (x86)\divx\divx player\divx player.exe |
"{89D6C6C3-AAA5-42F9-9567-2557B24AEE79}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{8A3E1C79-22E2-4B02-BCB2-8D1BF9384844}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbtray.exe |
"{8AB370AC-610C-46E5-924D-DC9B21DF4101}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{8B0B9444-FDB9-480D-9885-BC882A139617}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{8E428E9D-3C9D-4468-B7AB-50A9358C9A93}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{936F78A6-09FF-4984-AC73-6404FC291E5C}" = protocol=17 | dir=in | app=c:\users\lanell\appdata\local\temp\7zsdbcf.tmp\symnrt.exe |
"{95F0CD6A-AE0E-47CA-8B2C-588FA6688BDA}" = protocol=6 | dir=in | app=c:\users\lanell\appdata\local\temp\7zsdbcf.tmp\symnrt.exe |
"{99FAF1C8-3BAF-48E6-BCBD-75E30C94A482}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AEAB27A6-9BD7-4E14-93BB-D0F6659DF94B}" = protocol=6 | dir=in | app=c:\users\lanell\appdata\local\temp\wzse0.tmp\symnrt.exe |
"{AF4E4C9A-C936-4ED7-A6CC-B27EAD918A33}" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"{B2894298-B7DA-4DDA-BAD3-101A9E20C9A0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B32C6C5D-CC7A-40FE-9F74-0BB882C83696}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{B47D6E97-476B-4953-BFC3-D276131C4522}" = protocol=6 | dir=in | app=c:\windows\temp\~osea20.tmp\ossproxy.exe |
"{BB3C06FD-7A9C-4416-8E4F-4AA5CE948A8D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{BCC2F436-402B-4976-9EAD-71DB5E503818}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{BE01CA25-4187-49EC-AAE8-13BFBC02B20D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{BEA18F20-FEEF-40E7-A8C4-6697FA8DAC91}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{C1604C99-037D-4552-AFDC-F85E9CCD2911}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{C3D6200D-59CD-4110-B4A5-0B4B3A087430}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{C7DE4A57-99F3-4642-8F9F-17417B1D14C3}" = protocol=6 | dir=in | app=c:\users\lanell\appdata\local\temp\7zs2e32.tmp\symnrt.exe |
"{C7F66D51-D63B-4255-8FC2-444CDA0FC8EC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C8340F33-4DCA-4ABC-B1EA-9F6D3EEFAC71}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{CC40AEF4-648C-4B29-90FA-360F7809871B}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{CC6C660B-DC4A-46B0-B859-9766FD0F3DAF}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{D41AED5C-78F2-4D14-B334-03BA70ECE3F8}" = protocol=17 | dir=in | app=c:\users\lanell\appdata\local\temp\7zs567a.tmp\symnrt.exe |
"{D55E781E-1A55-4B8B-A7B3-415C41ED2CFF}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbir.exe |
"{D7CD3FF3-F3A0-4CE7-A162-66EFA5CDD3C6}" = protocol=17 | dir=in | app=c:\program files (x86)\kontiki\kservice.exe |
"{DB77AE3A-9CB0-4067-A9E2-DA1FAD68BE89}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{E65E91A1-F924-4BEC-B937-95E1B6D483F6}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbstreamerclient.exe |
"{EDD0EEF0-1963-48AB-82CE-AC25D78320AC}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orb.exe |
"{EE197795-C86B-4551-BCD2-8ED7E7F11FB3}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F754FBD4-7504-4DE3-A362-AF1A372CB7E1}" = protocol=6 | dir=in | app=c:\users\lanell\appdata\local\temp\7zs9ebf.tmp\symnrt.exe |
"{FAB863ED-9F41-4CC9-83FF-01E4ABF8E0FD}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{FB0DA304-0DDF-4C32-9DFF-2AC7C9C8DE20}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{FCC503C1-B819-4C1B-887E-1BDD84015BD0}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbtray.exe |
"TCP Query User{0837CDD8-390C-448E-9EC8-7A95B0935711}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{1014A980-1D4B-47FA-B45B-840BCFA6D460}C:\users\lanell\desktop\new folder\oid(3).exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\oid(3).exe |
"TCP Query User{22F72DCA-435A-47C1-A2BD-2D74717FBB62}C:\users\lanell\downloads\gh_complete_series.exe" = protocol=6 | dir=in | app=c:\users\lanell\downloads\gh_complete_series.exe |
"TCP Query User{3113EB85-0926-4C46-AEB6-6BF29211F39B}C:\users\lanell\desktop\new folder\overy_v.exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\overy_v.exe |
"TCP Query User{360D3B3B-926A-425D-BB56-52F528C3BFEE}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{3DAAF5B8-1DD9-42B3-812C-DA9CFB011137}C:\program files (x86)\proxyway\proxyway.exe" = protocol=6 | dir=in | app=c:\program files (x86)\proxyway\proxyway.exe |
"TCP Query User{51AAA9CD-F18D-4258-B084-5B96C7A08915}C:\users\lanell\desktop\new folder\mile_high_complete_series2.exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\mile_high_complete_series2.exe |
"TCP Query User{5C40D48E-1C70-4EA0-80A2-35ABCF83D926}C:\users\lanell\desktop\new folder\ky_antivirus_2010_with_keys_(clean).exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\ky_antivirus_2010_with_keys_(clean).exe |
"TCP Query User{64FC08F3-946E-40BC-8927-6C69E1B55A66}C:\users\lanell\desktop\new folder\e_plus(recover_anything_even_after_u_delete_them_from_rec.exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\e_plus(recover_anything_even_after_u_delete_them_from_rec.exe |
"TCP Query User{68E146F7-9488-4F49-9D73-794FEBF3EA9C}C:\users\lanell\desktop\new folder\lies_(2010)_(elemental_assassin)_jennifer_estep((demonoid.exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\lies_(2010)_(elemental_assassin)_jennifer_estep((demonoid.exe |
"TCP Query User{83C87E03-11C5-4F94-B880-B3F0181F2F18}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{84FBCD5C-9F4D-4A51-B55F-308106341FF8}C:\users\lanell\desktop\new folder\oid.exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\oid.exe |
"TCP Query User{935DAC1E-517B-4467-96CE-C48DF927AB6F}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"TCP Query User{ADF050CF-948A-450F-80EF-D5D7E1D8EEAA}C:\users\lanell\desktop\new folder\ky_blacklist_crack_2010__2009__7__kis__kav__pure.exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\ky_blacklist_crack_2010__2009__7__kis__kav__pure.exe |
"TCP Query User{BA6597DF-278A-4B96-8FC5-F642BD7A4B00}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"TCP Query User{C3994DE5-07FB-43C0-8F32-DE049BDCAB01}C:\users\lanell\desktop\new folder\remiere_elements_7_0((demonoid.exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\remiere_elements_7_0((demonoid.exe |
"TCP Query User{CA044D13-7177-4F72-AFE6-C10CA0E058EE}C:\users\lanell\desktop\new folder\oid(2).exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\oid(2).exe |
"TCP Query User{DF2ADE61-3112-4EB8-9FBE-F1D0DAB82974}C:\users\lanell\desktop\new folder\id.exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\id.exe |
"TCP Query User{E1518A65-A06A-4EE4-A270-3C20F19DA984}C:\users\lanell\desktop\new folder\antivirus.exe" = protocol=6 | dir=in | app=c:\users\lanell\desktop\new folder\antivirus.exe |
"TCP Query User{F4112F26-6A94-4802-A3D3-36AA94C74841}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"TCP Query User{F6E74A12-BE74-49E6-A805-CA49D093594B}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{06A02054-07B6-4982-820B-773E0D817ECE}C:\users\lanell\desktop\new folder\oid(2).exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\oid(2).exe |
"UDP Query User{1067C77E-6982-4CE4-BDE5-45434CE00D9A}C:\users\lanell\desktop\new folder\id.exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\id.exe |
"UDP Query User{20F2E992-02C7-4CB6-B464-34845CCEAAC2}C:\users\lanell\downloads\gh_complete_series.exe" = protocol=17 | dir=in | app=c:\users\lanell\downloads\gh_complete_series.exe |
"UDP Query User{3563714E-805D-472F-99F6-0C167E984184}C:\users\lanell\desktop\new folder\remiere_elements_7_0((demonoid.exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\remiere_elements_7_0((demonoid.exe |
"UDP Query User{3FF23C8D-2681-4A3F-B3B7-3C673B824681}C:\users\lanell\desktop\new folder\oid(3).exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\oid(3).exe |
"UDP Query User{4FFC5BA2-2A27-410D-AEC2-1428E2DCD170}C:\program files (x86)\tvuplayer\tvuplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tvuplayer\tvuplayer.exe |
"UDP Query User{828EBDF3-A7D4-4DA2-AF1F-63E149A1907D}C:\users\lanell\desktop\new folder\lies_(2010)_(elemental_assassin)_jennifer_estep((demonoid.exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\lies_(2010)_(elemental_assassin)_jennifer_estep((demonoid.exe |
"UDP Query User{8A46884E-DE42-468A-84C1-85E9DC627D6E}C:\users\lanell\desktop\new folder\e_plus(recover_anything_even_after_u_delete_them_from_rec.exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\e_plus(recover_anything_even_after_u_delete_them_from_rec.exe |
"UDP Query User{8D9F2227-005B-4261-B7D0-EA1BABBA2FCD}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{9C1496EE-44E4-48F6-837B-FCDC510B3241}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{A676125B-8BFD-46CF-9857-3632AB04ED9C}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"UDP Query User{A8425D15-6018-4B77-8E8E-9388A4CA49D1}C:\users\lanell\desktop\new folder\mile_high_complete_series2.exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\mile_high_complete_series2.exe |
"UDP Query User{AC6D2F52-66A4-4F55-B6CE-4A672EB89A69}C:\program files (x86)\proxyway\proxyway.exe" = protocol=17 | dir=in | app=c:\program files (x86)\proxyway\proxyway.exe |
"UDP Query User{AEBACACE-AD0F-44E1-9078-9C2E555907D9}C:\users\lanell\desktop\new folder\ky_blacklist_crack_2010__2009__7__kis__kav__pure.exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\ky_blacklist_crack_2010__2009__7__kis__kav__pure.exe |
"UDP Query User{C2B0F88F-A3F5-4670-9877-0A97683AF84E}C:\users\lanell\desktop\new folder\antivirus.exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\antivirus.exe |
"UDP Query User{D08DF6EF-F452-4B65-B020-BD62C795AE54}C:\users\lanell\desktop\new folder\oid.exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\oid.exe |
"UDP Query User{D7DBCAFD-19D7-4F8F-8A66-6F2B7A34158D}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"UDP Query User{E0633B10-7D07-4A28-88A4-6B85C157104C}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{E43BE37D-A9F0-4523-BC8B-F05523B82FFA}C:\users\lanell\desktop\new folder\ky_antivirus_2010_with_keys_(clean).exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\ky_antivirus_2010_with_keys_(clean).exe |
"UDP Query User{E57DD822-96CC-4492-8628-2DD6310059B1}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{FD7E9FE7-5F41-4F5C-AA62-226E2952CFB9}C:\users\lanell\desktop\new folder\overy_v.exe" = protocol=17 | dir=in | app=c:\users\lanell\desktop\new folder\overy_v.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = Bluetooth by hp 6.1.0.2200
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series" = Canon iP2600 series
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{18A5D9CF-61DD-4BB6-A9C3-E90602E6E7E1}" = HP Touch Screen Configuration
"{4CE36E6A-300B-427C-BEC7-B261CC13814E}" = iTunes
"{591362D4-590B-457E-9BA3-F4D9508B88BA}" = MobileMe Control Panel
"{877924AA-E044-4266-B37D-E974CD799934}" = Bonjour
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CA4AF936-3312-4AF4-A191-527531490DCD}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser
"CanonMyPrinter" = Canon My Printer
"EPSON WorkForce 500 Series" = EPSON WorkForce 500 Series Printer Uninstall
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"UTStarcom USB Modem" = UTStarcom USB Modem Software

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochure
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}" = Adobe Flash Player 10 Plugin
"{0510E9B6-C4C9-4C1D-8FE9-89EDDAA54958}" = Microsoft Reader
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F6391A2-2C26-4DCD-B066-8CAFBE9B3702}" = HP Touch Screen Enhance Service
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{13086F8B-2AA9-4488-BC9C-BB6B912A5524}" = muvee autoProducer 6.1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15C77FC3-8137-4A5E-8F81-F559045DD6B0}" = Shipping Assistant 3.6
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1f5ceb6c-b805-4ac1-ad27-ecdce7c5445a}" = Nero 9
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2E7983D0-7727-4B04-9817-EC29FA39A2E1}_is1" = Flash Dating
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{475CEB7F-F373-743A-AC19-7CE00D01A74A}" = ViiKii Desktop Plug-in
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A627DFB-EA4C-4FFA-B711-69E849FB40D8}" = Buttons & OSDs control application gen2
"{5A667F33-9D14-496D-BE82-DD2B099FF630}" = ArcSoft MediaConverter 2.5
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7148F0A8-6813-11D6-A77B-00B0D0142180}" = Java 2 Runtime Environment, SE v1.4.2_18
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7A3735D0-2119-40D5-971C-4FFC1E2C7695}" = HP TouchSmart Calendar
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{86D6A20D-3910-4441-A3E5-EB6977251C86}" = Samsung USB Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A9212616-FCA2-4173-BD99-5C741EB3A068}" = Ulead DVD PictureShow 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1C2398C-6FAB-46D1-806C-5942F0829994}" = ParetoLogic Data Recovery
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP TouchSmart Music/Photo/Video
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BAEB9A15-011A-4C75-A2BA-06C3EE6C2F27}" = HP Touch Optimizer
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1" = Sothink SWF Decompiler
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C55BE272-49FA-4353-9EB9-4E694AFA94C0}" = HP TouchSmart
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0
"{D7BA6898-F0D0-4F23-898B-928530DAF061}" = HP Touch Screen Enhance Service
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D90AFDE3-3E67-407A-ACA8-F0BAAD012F08}" = Safari
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E0810CC2-4B5B-4439-B1D0-452306AF2D64}" = HP Active Support Library
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E5FCED12-3E77-4C0E-A305-5AEB38A52A70}" = AdobeColorCommonSetCMYK
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EED50C97-C79E-4149-BD82-7C5A22437708}" = Adobe Setup
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F31E534B-4199-4552-8154-5C130710D68E}" = HP Total Care Advisor
"{F41E9A47-0119-4DB7-849C-6BE6DA948B74}" = HP TouchSmart Notes
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F626E006-C06C-466A-B133-92C1991385CA}" = ArcSoft Print Creations
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe Extendscript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"ABC Amber LIT Converter" = ABC Amber LIT Converter
"AC3Filter" = AC3Filter (remove only)
"Active@ File Recovery 7.1" = Active@ File Recovery 7.1
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player
"Adobe_a68eec966ce913ddaa63251dc82ed31" = Adobe Flash CS4 Professional
"Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
"Akamai" = Akamai NetSession Interface
"AVerMedia MiniCard Hybrid TV" = AVerMedia MiniCard Hybrid TV 1.3.64.53
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor 4_is1" = AVS Video Editor 4 4.2.1.166
"AVS Video Recorder_is1" = AVS Video Recorder 2.4 (Service Version)
"AVS YouTube Uploader 2.1_is1" = AVS YouTube Uploader version 2.1
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.3
"BroadJump Client Foundation" = BroadJump Client Foundation
"Build Your Own Net Dream" = Build Your Own Net Dream (remove only)
"Canon iP2600 series User Registration" = Canon iP2600 series User Registration
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner (remove only)
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"CommView for WiFi" = CommView for WiFi
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Cucusoft Ultimate DVD + Video Converter Suite_is1" = Cucusoft Ultimate DVD + Video Converter Suite 7.13.7.7
"Digital Image Recovery_is1" = Digital Image Recovery 1.47
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DVDVideoSoft Toolbar" = DVDVideoSoft Toolbar
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"EPSON Scanner" = EPSON Scan
"Eraser" = Eraser
"FileZilla Client" = FileZilla Client 3.3.3
"Firebird SQL Server US" = Firebird SQL Server - MAGIX Edition 2.0.0.1 (US)
"Flash Intro and Banner Maker_is1" = Flash Intro and Banner Maker 2.0.89
"FormatFactory" = FormatFactory 1.80
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.5
"Free YouTube Download_is1" = Free YouTube Download 2.6
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Glary Undelete_is1" = Glary Undelete 1.5.0.232
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"HP KEYBOARD V1.5.2_is1" = HP KEYBOARD V1.5.2
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP TouchSmart Music/Photo/Video
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallWIX_{943B6738-4801-4982-90EC-0442EF7AEB16}" = Kaspersky Anti-Virus 2010
"MAGIX Movie Edit Pro 12 demo US" = MAGIX Movie Edit Pro 12 demo 6.5.4.2 (US)
"MainConcept Encoder x64 for AVerMedia" = MainConcept Encoder x64 for AVerMedia 1.2.3374.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"NAV" = Norton AntiVirus
"NetSight" = Nielsen//NetRatings
"NSS" = Norton Security Scan
"Nvu_is1" = Nvu 1.0PR
"PANDORATV VIDEO STREAMER_is1" = PANDORATV VIDEO STREAMER
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Photo Frame Studio_is1" = Photo Frame Studio 2.1
"PhotoScape" = PhotoScape
"PremElem70" = Adobe Premiere Elements 7.0
"PrimoPDF4.1.0.9" = PrimoPDF
"Privoxy" = Privoxy 3.0.6
"QuickLink Mobile" = QuickLink Mobile
"Recover Files_is1" = Recover Files 2.1
"Recover My Files_is1" = Recover My Files
"SBC Yahoo! Parental Controls" = SBC Yahoo! Parental Controls
"Shockwave" = Shockwave
"Sonic the Hedgehog" = Sonic the Hedgehog
"sp37521" = sp37521
"sp40348" = sp40348
"sp41098" = sp41098
"sp41119" = sp41119
"sp43205" = sp43205
"SpeedPlexer" = SpeedPlexer - Broadband Speedtest
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Tor" = Tor 0.2.1.19
"TVUPlayer" = TVUPlayer 2.4.9.1
"UltraSlideshow Flash Creator" = UltraSlideshow Flash Creator 1.12
"UndeleteOnClick_is1" = UndeleteOnClick
"Uninstall_is1" = Uninstall 1.0.0.1
"Veoh Video Compass" = Veoh Video Compass
"Veoh Web Player Beta" = Veoh Web Player
"Vidalia" = Vidalia 0.1.15
"ViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1" = ViiKii Desktop Plug-in
"VLC media player" = VLC media player 0.9.4
"Web Page Maker_is1" = Web Page Maker V3.2
"WildTangent hp Master Uninstall" = My HP Games
"Winamp Toolbar" = Winamp Toolbar for Internet Explorer
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR archiver
"WinUndelete" = WinUndelete
"Xvid_is1" = Xvid 1.2.2 final uninstall
"Yahoo! Login" = Yahoo! Login
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Messenger Explorer Bar" = Yahoo! Messenger Explorer Bar
"YInstHelper" = Yahoo! Install Manager
"zipitfree1.95" = ZipItFree 1.95

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Move Media Player" = Move Media Player
"Pix2Fone Extension for Internet Explorer" = Pix2Fone Extension for Internet Explorer
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.7.1

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 6/22/2010 6:56:47 AM | Computer Name = Lanell-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest".Error in manifest or policy file
"" on line . A component version required by the application conflicts with another
component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 6/22/2010 6:56:47 AM | Computer Name = Lanell-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero Recode\Recode.exe.Manifest".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 6/22/2010 6:56:48 AM | Computer Name = Lanell-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero Recode\Recode.exe.Manifest".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 6/22/2010 7:26:29 AM | Computer Name = Lanell-PC | Source = WinMgmt | ID = 10
Description =

Error - 6/22/2010 7:30:56 AM | Computer Name = Lanell-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest".Error in manifest or policy file
"" on line . A component version required by the application conflicts with another
component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 6/22/2010 7:30:56 AM | Computer Name = Lanell-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest".Error in manifest or policy file
"" on line . A component version required by the application conflicts with another
component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 6/22/2010 7:30:57 AM | Computer Name = Lanell-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero Recode\Recode.exe.Manifest".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 6/22/2010 7:30:58 AM | Computer Name = Lanell-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero Recode\Recode.exe.Manifest".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 6/22/2010 10:02:22 AM | Computer Name = Lanell-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.2.3743 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: c2c Start Time: 01cb11fe5c9aa358 Termination Time: 51

Error - 6/22/2010 10:32:58 AM | Computer Name = Lanell-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.2.3743 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 4ec Start Time: 01cb12166a188a28 Termination Time: 29

[ Media Center Events ]
Error - 2/18/2009 1:31:18 AM | Computer Name = Lanell-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 02/17/2009 23:31:18. You may need to reschedule your recordings.

Error - 3/11/2009 6:41:24 PM | Computer Name = Lanell-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 03/11/2009 17:41:22. You may need to reschedule your recordings.

Error - 4/3/2009 5:04:03 PM | Computer Name = Lanell-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 04/03/2009 16:04:03. You may need to reschedule your recordings.

Error - 4/9/2009 1:25:41 AM | Computer Name = Lanell-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 04/09/2009 00:25:41. You may need to reschedule your recordings.

Error - 4/9/2009 1:47:46 AM | Computer Name = Lanell-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 04/09/2009 00:47:46. You may need to reschedule your recordings.

Error - 4/19/2009 3:07:23 PM | Computer Name = Lanell-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 04/19/2009 14:07:22. You may need to reschedule your recordings.

Error - 5/7/2009 11:56:11 AM | Computer Name = Lanell-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 05/07/2009 10:56:10. You may need to reschedule your recordings.

Error - 6/28/2009 1:06:13 PM | Computer Name = Lanell-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 06/28/2009 12:06:13. You may need to reschedule your recordings.

Error - 3/17/2010 2:56:57 PM | Computer Name = Lanell-PC | Source = Recording | ID = 19
Description = The recording schedule has been corrupted and was automatically deleted
on 03/17/2010 13:56:57. You may need to reschedule your recordings.

[ System Events ]
Error - 6/22/2010 6:56:42 AM | Computer Name = Lanell-PC | Source = DCOM | ID = 10005
Description =

Error - 6/22/2010 6:59:13 AM | Computer Name = Lanell-PC | Source = DCOM | ID = 10005
Description =

Error - 6/22/2010 6:59:13 AM | Computer Name = Lanell-PC | Source = DCOM | ID = 10005
Description =

Error - 6/22/2010 7:24:54 AM | Computer Name = Lanell-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\nnrnstdi.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 6/22/2010 7:26:31 AM | Computer Name = Lanell-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/22/2010 7:28:21 AM | Computer Name = Lanell-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 6/22/2010 7:28:21 AM | Computer Name = Lanell-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/22/2010 7:29:22 AM | Computer Name = Lanell-PC | Source = DCOM | ID = 10010
Description =

Error - 6/22/2010 7:31:02 AM | Computer Name = Lanell-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 6/22/2010 7:32:44 AM | Computer Name = Lanell-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >

austinyorks
Novice
Novice

Posts Posts : 9
Joined Joined : 2010-06-22
OS OS : Vista Home Premium (64-bit)
Points Points : 23693
# Likes # Likes : 0

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by Belahzur on Tue Jun 22, 2010 5:42 pm

Hello.

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :OTL
    O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - No CLSID value found.
    O4 - HKLM..\Run: [] File not found
    File not found -- C:\Users\Lanell\AppData\Local\Vwokexaqakoyu.dat
    File not found -- C:\Users\Lanell\AppData\Local\exofuqosejefi.dll
    File not found -- C:\Users\Lanell\AppData\Local\43004859.exe
    File not found -- C:\Users\Lanell\AppData\Local\43004858.exe
    [2010/06/20 01:37:25 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Local\{962C3C72-41BC-456B-9015-3B1BC165CABE}
    [2010/06/20 01:35:54 | 000,000,000 | ---D | C] -- C:\Users\Lanell\AppData\Local\gxnknynan



  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by austinyorks on Tue Jun 22, 2010 7:51 pm

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{140BD8E3-C167-11D4-B4A3-080000180323}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{140BD8E3-C167-11D4-B4A3-080000180323}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
C:\Users\Lanell\AppData\Local\{962C3C72-41BC-456B-9015-3B1BC165CABE}\chrome\content folder moved successfully.
C:\Users\Lanell\AppData\Local\{962C3C72-41BC-456B-9015-3B1BC165CABE}\chrome folder moved successfully.
C:\Users\Lanell\AppData\Local\{962C3C72-41BC-456B-9015-3B1BC165CABE} folder moved successfully.
C:\Users\Lanell\AppData\Local\gxnknynan folder moved successfully.

OTL by OldTimer - Version 3.2.6.1 log created on 06222010_144944

austinyorks
Novice
Novice

Posts Posts : 9
Joined Joined : 2010-06-22
OS OS : Vista Home Premium (64-bit)
Points Points : 23693
# Likes # Likes : 0

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by Belahzur on Tue Jun 22, 2010 11:44 pm

Please download and run this tool.

Download Malwarebytes' Anti-Malware from [You must be registered and logged in to see this link.]

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by austinyorks on Wed Jun 23, 2010 1:04 am

Malwarebytes' Anti-Malware 1.46
[You must be registered and logged in to see this link.]

Database version: 4226

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928

6/22/2010 8:00:08 PM
mbam-log-2010-06-22 (20-00-08).txt

Scan type: Quick scan
Objects scanned: 156654
Time elapsed: 19 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

austinyorks
Novice
Novice

Posts Posts : 9
Joined Joined : 2010-06-22
OS OS : Vista Home Premium (64-bit)
Points Points : 23693
# Likes # Likes : 0

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by austinyorks on Wed Jun 23, 2010 1:16 am

I just checked and the hard drive doesn't seem to be decreasing at the moment. After the 2gigs that disappeared this morning, there hasn't been another one. I'm not sure if it's a permanent fix or what, but so far so good.

austinyorks
Novice
Novice

Posts Posts : 9
Joined Joined : 2010-06-22
OS OS : Vista Home Premium (64-bit)
Points Points : 23693
# Likes # Likes : 0

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by Belahzur on Wed Jun 23, 2010 1:19 pm

Hello.

Run ESET Online Scan
Please do an online scan with [You must be registered and logged in to see this link.]. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by austinyorks on Thu Jun 24, 2010 12:20 pm

LOG:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK


__
Edited to add: I ran the program and left home with it still running. When I returned, my computer was shut down. I believe someone in my home saw my computer on and turned it off. I re-ran the program. The 1st time I ran the program, it did find at least 20 threats. The 2nd time didn't find any.

austinyorks
Novice
Novice

Posts Posts : 9
Joined Joined : 2010-06-22
OS OS : Vista Home Premium (64-bit)
Points Points : 23693
# Likes # Likes : 0

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by Belahzur on Thu Jun 24, 2010 9:07 pm

Okay, how is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245049
# Likes # Likes : 1

View user profile

Back to top Go down

Re: AV Security Suite removed but hard drive is decreasing everyday?

Post by austinyorks on Thu Jun 24, 2010 9:18 pm

Today has been great. Yesterday I lost a gb then it came back before I ran the scan (ESET). But today, none has been lost and everything is looking great.

austinyorks
Novice
Novice

Posts Posts : 9
Joined Joined : 2010-06-22
OS OS : Vista Home Premium (64-bit)
Points Points : 23693
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum